qbit/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/incus: add incus-only vm and container images

Browse Source
This commit is contained in:
Adam Stephens 2024-08-10 12:40:16 -04:00
parent 293c17926d
commit 094f2b6c9d
No known key found for this signature in database
11 changed files with 343 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
nixos/maintainers/scripts/incus/incus-container-image-inner.nix Normal file
View File

@ -0,0 +1,34 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ modulesPath, ... }:
{
imports = [
# Include the default incus configuration.
"${modulesPath}/virtualisation/lxc-container.nix"
# Include the container-specific autogenerated configuration.
./incus.nix
];
networking = {
dhcpcd.enable = false;
useDHCP = false;
useHostResolvConf = false;
};
systemd.network = {
enable = true;
networks."50-eth0" = {
matchConfig.Name = "eth0";
networkConfig = {
DHCP = "ipv4";
IPv6AcceptRA = true;
};
linkConfig.RequiredForOnline = "routable";
};
};
system.stateVersion = "@stateVersion@"; # Did you read the comment?
}

47
nixos/maintainers/scripts/incus/incus-container-image.nix Normal file
View File

@ -0,0 +1,47 @@
{ lib, pkgs, ... }:
{
imports = [ ../../../modules/virtualisation/lxc-container.nix ];
virtualisation.lxc.templates.nix = {
enable = true;
target = "/etc/nixos/incus.nix";
template = ./nix.tpl;
when = [
"create"
"copy"
];
};
# copy the config for nixos-rebuild
system.activationScripts.config =
let
config = pkgs.substituteAll {
src = ./incus-container-image-inner.nix;
stateVersion = lib.trivial.release;
};
in
''
if [ ! -e /etc/nixos/configuration.nix ]; then
install -m 0644 -D ${config} /etc/nixos/configuration.nix
fi
'';
networking = {
dhcpcd.enable = false;
useDHCP = false;
useHostResolvConf = false;
};
systemd.network = {
enable = true;
networks."50-eth0" = {
matchConfig.Name = "eth0";
networkConfig = {
DHCP = "ipv4";
IPv6AcceptRA = true;
};
linkConfig.RequiredForOnline = "routable";
};
};
}

34
nixos/maintainers/scripts/incus/incus-virtual-machine-image-inner.nix Normal file
View File

@ -0,0 +1,34 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ modulesPath, ... }:
{
imports = [
# Include the default incus configuration.
"${modulesPath}/virtualisation/incus-virtual-machine.nix"
# Include the container-specific autogenerated configuration.
./incus.nix
];
networking = {
dhcpcd.enable = false;
useDHCP = false;
useHostResolvConf = false;
};
systemd.network = {
enable = true;
networks."50-enp5s0" = {
matchConfig.Name = "enp5s0";
networkConfig = {
DHCP = "ipv4";
IPv6AcceptRA = true;
};
linkConfig.RequiredForOnline = "routable";
};
};
system.stateVersion = "@stateVersion@"; # Did you read the comment?
}

48
nixos/maintainers/scripts/incus/incus-virtual-machine-image.nix Normal file
View File

@ -0,0 +1,48 @@
{ lib, pkgs, ... }:
{
imports = [ ../../../modules/virtualisation/incus-virtual-machine.nix ];
virtualisation.lxc.templates.nix = {
enable = true;
target = "/etc/nixos/incus.nix";
template = ./nix.tpl;
when = [
"create"
"copy"
];
};
# copy the config for nixos-rebuild
system.activationScripts.config =
let
config = pkgs.substituteAll {
src = ./incus-virtual-machine-image-inner.nix;
stateVersion = lib.trivial.release;
};
in
''
if [ ! -e /etc/nixos/configuration.nix ]; then
install -m 0644 -D ${config} /etc/nixos/configuration.nix
fi
'';
# Network
networking = {
dhcpcd.enable = false;
useDHCP = false;
useHostResolvConf = false;
};
systemd.network = {
enable = true;
networks."50-enp5s0" = {
matchConfig.Name = "enp5s0";
networkConfig = {
DHCP = "ipv4";
IPv6AcceptRA = true;
};
linkConfig.RequiredForOnline = "routable";
};
};
}

12
nixos/maintainers/scripts/incus/nix.tpl Normal file
View File

@ -0,0 +1,12 @@
{
lib,
config,
pkgs,
...
}:
# WARNING: THIS CONFIGURATION IS AUTOGENERATED AND WILL BE OVERWRITTEN AUTOMATICALLY
{
networking.hostName = "{{ container.name }}";
}

61
nixos/modules/virtualisation/incus-virtual-machine.nix Normal file
View File

@ -0,0 +1,61 @@
{
config,
lib,
pkgs,
...
}:
let
serialDevice = if pkgs.stdenv.hostPlatform.isx86 then "ttyS0" else "ttyAMA0";
in
{
meta = {
maintainers = lib.teams.lxc.members;
};
imports = [
./lxc-instance-common.nix
../profiles/qemu-guest.nix
];
config = {
system.build.qemuImage = import ../../lib/make-disk-image.nix {
inherit pkgs lib config;
partitionTableType = "efi";
format = "qcow2-compressed";
copyChannel = true;
};
fileSystems = {
"/" = {
device = "/dev/disk/by-label/nixos";
autoResize = true;
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-label/ESP";
fsType = "vfat";
};
};
boot.growPartition = true;
boot.loader.systemd-boot.enable = true;
# image building needs to know what device to install bootloader on
boot.loader.grub.device = "/dev/vda";
boot.kernelParams = [
"console=tty1"
"console=${serialDevice}"
];
# CPU hotplug
services.udev.extraRules = ''
SUBSYSTEM=="cpu", CONST{arch}=="x86-64", TEST=="online", ATTR{online}=="0", ATTR{online}="1"
'';
virtualisation.incus.agent.enable = lib.mkDefault true;
};
}

2
nixos/modules/virtualisation/lxc-container.nix
View File

@ -74,7 +74,7 @@
]; ];
}; };
system.build.installBootLoader = pkgs.writeScript "install-lxd-sbin-init.sh" '' system.build.installBootLoader = pkgs.writeScript "install-lxc-sbin-init.sh" ''
#!${pkgs.runtimeShell} #!${pkgs.runtimeShell}
${pkgs.coreutils}/bin/ln -fs "$1/${initScript}" /sbin/init ${pkgs.coreutils}/bin/ln -fs "$1/${initScript}" /sbin/init
''; '';

95
nixos/release.nix
View File

@ -318,6 +318,101 @@ in rec {
); );
# An image that can be imported into incus and used for container creation
incusContainerImage =
forMatchingSystems
[
"x86_64-linux"
"aarch64-linux"
]
(
system:
with import ./.. { inherit system; };
hydraJob (
(import lib/eval-config.nix {
inherit system;
modules = [
configuration
versionModule
./maintainers/scripts/incus/incus-container-image.nix
];
}).config.system.build.squashfs
)
);
# Metadata for the incus image
incusContainerMeta =
forMatchingSystems
[
"x86_64-linux"
"aarch64-linux"
]
(
system:
with import ./.. { inherit system; };
hydraJob (
(import lib/eval-config.nix {
inherit system;
modules = [
configuration
versionModule
./maintainers/scripts/incus/incus-container-image.nix
];
}).config.system.build.metadata
)
);
# An image that can be imported into incus and used for container creation
incusVirtualMachineImage =
forMatchingSystems
[
"x86_64-linux"
"aarch64-linux"
]
(
system:
with import ./.. { inherit system; };
hydraJob (
(import lib/eval-config.nix {
inherit system;
modules = [
configuration
versionModule
./maintainers/scripts/incus/incus-virtual-machine-image.nix
];
}).config.system.build.qemuImage
)
);
# Metadata for the incus image
incusVirtualMachineImageMeta =
forMatchingSystems
[
"x86_64-linux"
"aarch64-linux"
]
(
system:
with import ./.. { inherit system; };
hydraJob (
(import lib/eval-config.nix {
inherit system;
modules = [
configuration
versionModule
./maintainers/scripts/incus/incus-virtual-machine-image.nix
];
}).config.system.build.metadata
)
);
# An image that can be imported into lxd and used for container creation # An image that can be imported into lxd and used for container creation
lxdContainerImage = forMatchingSystems [ "x86_64-linux" "aarch64-linux" ] (system: lxdContainerImage = forMatchingSystems [ "x86_64-linux" "aarch64-linux" ] (system:

6
nixos/tests/incus/container.nix
View File

@ -11,8 +11,8 @@ let
extra; extra;
}; };
container-image-metadata = releases.lxdContainerMeta.${pkgs.stdenv.hostPlatform.system}; container-image-metadata = releases.incusContainerMeta.${pkgs.stdenv.hostPlatform.system};
container-image-rootfs = releases.lxdContainerImage.${pkgs.stdenv.hostPlatform.system}; container-image-rootfs = releases.incusContainerImage.${pkgs.stdenv.hostPlatform.system};
in in
{ {
inherit name; inherit name;
@ -61,7 +61,7 @@ in
machine.succeed("incus admin init --minimal") machine.succeed("incus admin init --minimal")
with subtest("Container image can be imported"): with subtest("Container image can be imported"):
machine.succeed("incus image import ${container-image-metadata}/*/*.tar.xz ${container-image-rootfs}/*/*.tar.xz --alias nixos") machine.succeed("incus image import ${container-image-metadata}/*/*.tar.xz ${container-image-rootfs} --alias nixos")
with subtest("Container can be launched and managed"): with subtest("Container can be launched and managed"):
machine.succeed("incus launch nixos container") machine.succeed("incus launch nixos container")

6
nixos/tests/incus/incusd-options.nix
View File

@ -16,8 +16,8 @@ import ../make-test-python.nix (
}; };
}; };
container-image-metadata = releases.lxdContainerMeta.${pkgs.stdenv.hostPlatform.system}; container-image-metadata = releases.incusContainerMeta.${pkgs.stdenv.hostPlatform.system};
container-image-rootfs = releases.lxdContainerImage.${pkgs.stdenv.hostPlatform.system}; container-image-rootfs = releases.incusContainerImage.${pkgs.stdenv.hostPlatform.system};
in in
{ {
name = "incusd-options"; name = "incusd-options";
@ -87,7 +87,7 @@ import ../make-test-python.nix (
machine.wait_for_unit("incus-preseed.service") machine.wait_for_unit("incus-preseed.service")
with subtest("Container image can be imported"): with subtest("Container image can be imported"):
machine.succeed("incus image import ${container-image-metadata}/*/*.tar.xz ${container-image-rootfs}/*/*.tar.xz --alias nixos") machine.succeed("incus image import ${container-image-metadata}/*/*.tar.xz ${container-image-rootfs} --alias nixos")
with subtest("Container can be launched and managed"): with subtest("Container can be launched and managed"):
machine.succeed("incus launch nixos container") machine.succeed("incus launch nixos container")

10
nixos/tests/incus/virtual-machine.nix
View File

@ -11,8 +11,8 @@ let
}; };
}; };
vm-image-metadata = releases.lxdVirtualMachineImageMeta.${pkgs.stdenv.hostPlatform.system}; vm-image-metadata = releases.incusVirtualMachineImageMeta.${pkgs.stdenv.hostPlatform.system};
vm-image-disk = releases.lxdVirtualMachineImage.${pkgs.stdenv.hostPlatform.system}; vm-image-disk = releases.incusVirtualMachineImage.${pkgs.stdenv.hostPlatform.system};
instance-name = "instance1"; instance-name = "instance1";
in in
@ -64,10 +64,10 @@ in
with machine.nested("Waiting for instance to start and be usable"): with machine.nested("Waiting for instance to start and be usable"):
retry(instance_is_up) retry(instance_is_up)
with subtest("lxd-agent is started"): with subtest("incus-agent is started"):
machine.succeed("incus exec ${instance-name} systemctl is-active lxd-agent") machine.succeed("incus exec ${instance-name} systemctl is-active incus-agent")
with subtest("lxd-agent has a valid path"): with subtest("incus-agent has a valid path"):
machine.succeed("incus exec ${instance-name} -- bash -c 'true'") machine.succeed("incus exec ${instance-name} -- bash -c 'true'")
with subtest("guest supports cpu hotplug"): with subtest("guest supports cpu hotplug"):