pyrox.dev / nixpkgs
lol
fork atom

Merge pull request #260595 from adamcstephens/lxc/squashfs

lxc-container: add squashfs image support and release output

authored by

Maciej Krüger and committed by
GitHub 1ecbbb6e 5fb48709

+54 -5
unified split
+10 -3
nixos/lib/make-squashfs.nix
··· 1 { lib, stdenv, squashfsTools, closureInfo 2 3 , # The root directory of the squashfs filesystem is filled with the 4 # closures of the Nix store paths listed here. 5 storeContents ? [] 6 , # Compression parameters. 7 # For zstd compression you can use "zstd -Xcompression-level 6". 8 comp ? "xz -Xdict-size 100%" 9 }: 10 11 stdenv.mkDerivation { 12 - name = "squashfs.img"; 13 __structuredAttrs = true; 14 15 nativeBuildInputs = [ squashfsTools ]; ··· 31 '' + '' 32 33 # Generate the squashfs image. 34 - mksquashfs nix-path-registration $(cat $closureInfo/store-paths) $out \ 35 - -no-hardlinks -keep-as-directory -all-root -b 1048576 -comp ${comp} \ 36 -processors $NIX_BUILD_CORES 37 ''; 38 }
··· 1 { lib, stdenv, squashfsTools, closureInfo 2 3 + , fileName ? "squashfs" 4 , # The root directory of the squashfs filesystem is filled with the 5 # closures of the Nix store paths listed here. 6 storeContents ? [] 7 + # Pseudo files to be added to squashfs image 8 + , pseudoFiles ? [] 9 + , noStrip ? false 10 , # Compression parameters. 11 # For zstd compression you can use "zstd -Xcompression-level 6". 12 comp ? "xz -Xdict-size 100%" 13 }: 14 15 + let 16 + pseudoFilesArgs = lib.concatMapStrings (f: ''-p "${f}" '') pseudoFiles; 17 + in 18 stdenv.mkDerivation { 19 + name = "${fileName}.img"; 20 __structuredAttrs = true; 21 22 nativeBuildInputs = [ squashfsTools ]; ··· 38 '' + '' 39 40 # Generate the squashfs image. 41 + mksquashfs nix-path-registration $(cat $closureInfo/store-paths) $out ${pseudoFilesArgs} \ 42 + -no-hardlinks ${lib.optionalString noStrip "-no-strip"} -keep-as-directory -all-root -b 1048576 -comp ${comp} \ 43 -processors $NIX_BUILD_CORES 44 ''; 45 }
+17 -1
nixos/modules/virtualisation/lxc-container.nix
··· 37 ${config.nix.package.out}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system 38 ''; 39 40 - # TODO: build rootfs as squashfs for faster unpack 41 system.build.tarball = pkgs.callPackage ../../lib/make-system-tarball.nix { 42 extraArgs = "--owner=0"; 43 ··· 62 ]; 63 64 extraCommands = "mkdir -p proc sys dev"; 65 }; 66 67 system.build.installBootLoader = pkgs.writeScript "install-lxd-sbin-init.sh" ''
··· 37 ${config.nix.package.out}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system 38 ''; 39 40 system.build.tarball = pkgs.callPackage ../../lib/make-system-tarball.nix { 41 extraArgs = "--owner=0"; 42 ··· 61 ]; 62 63 extraCommands = "mkdir -p proc sys dev"; 64 + }; 65 + 66 + system.build.squashfs = pkgs.callPackage ../../lib/make-squashfs.nix { 67 + fileName = "nixos-lxc-image-${pkgs.stdenv.hostPlatform.system}"; 68 + 69 + noStrip = true; # keep directory structure 70 + comp = "zstd -Xcompression-level 6"; 71 + 72 + storeContents = [config.system.build.toplevel]; 73 + 74 + pseudoFiles = [ 75 + "/sbin d 0755 0 0" 76 + "/sbin/init s 0555 0 0 ${config.system.build.toplevel}/init" 77 + "/dev d 0755 0 0" 78 + "/proc d 0555 0 0" 79 + "/sys d 0555 0 0" 80 + ]; 81 }; 82 83 system.build.installBootLoader = pkgs.writeScript "install-lxd-sbin-init.sh" ''
+15
nixos/release.nix
··· 328 329 ); 330 331 # Metadata for the lxd image 332 lxdContainerMeta = forMatchingSystems [ "x86_64-linux" "aarch64-linux" ] (system: 333
··· 328 329 ); 330 331 + lxdContainerImageSquashfs = forMatchingSystems [ "x86_64-linux" "aarch64-linux" ] (system: 332 + 333 + with import ./.. { inherit system; }; 334 + 335 + hydraJob ((import lib/eval-config.nix { 336 + inherit system; 337 + modules = 338 + [ configuration 339 + versionModule 340 + ./maintainers/scripts/lxd/lxd-container-image.nix 341 + ]; 342 + }).config.system.build.squashfs) 343 + 344 + ); 345 + 346 # Metadata for the lxd image 347 lxdContainerMeta = forMatchingSystems [ "x86_64-linux" "aarch64-linux" ] (system: 348
+12 -1
nixos/tests/lxd/container.nix
··· 13 14 lxd-image-metadata = releases.lxdContainerMeta.${pkgs.stdenv.hostPlatform.system}; 15 lxd-image-rootfs = releases.lxdContainerImage.${pkgs.stdenv.hostPlatform.system}; 16 17 in { 18 name = "lxd-container"; ··· 23 24 nodes.machine = { lib, ... }: { 25 virtualisation = { 26 - diskSize = 4096; 27 28 # Since we're testing `limits.cpu`, we've gotta have a known number of 29 # cores to lean on ··· 60 61 with subtest("Container can be managed"): 62 machine.succeed("lxc launch nixos container") 63 with machine.nested("Waiting for instance to start and be usable"): 64 retry(instance_is_up) 65 machine.succeed("echo true | lxc exec container /run/current-system/sw/bin/bash -")
··· 13 14 lxd-image-metadata = releases.lxdContainerMeta.${pkgs.stdenv.hostPlatform.system}; 15 lxd-image-rootfs = releases.lxdContainerImage.${pkgs.stdenv.hostPlatform.system}; 16 + lxd-image-rootfs-squashfs = releases.lxdContainerImageSquashfs.${pkgs.stdenv.hostPlatform.system}; 17 18 in { 19 name = "lxd-container"; ··· 24 25 nodes.machine = { lib, ... }: { 26 virtualisation = { 27 + diskSize = 6144; 28 29 # Since we're testing `limits.cpu`, we've gotta have a known number of 30 # cores to lean on ··· 61 62 with subtest("Container can be managed"): 63 machine.succeed("lxc launch nixos container") 64 + with machine.nested("Waiting for instance to start and be usable"): 65 + retry(instance_is_up) 66 + machine.succeed("echo true | lxc exec container /run/current-system/sw/bin/bash -") 67 + machine.succeed("lxc delete -f container") 68 + 69 + with subtest("Squashfs image is functional"): 70 + machine.succeed( 71 + "lxc image import ${lxd-image-metadata}/*/*.tar.xz ${lxd-image-rootfs-squashfs} --alias nixos-squashfs" 72 + ) 73 + machine.succeed("lxc launch nixos-squashfs container") 74 with machine.nested("Waiting for instance to start and be usable"): 75 retry(instance_is_up) 76 machine.succeed("echo true | lxc exec container /run/current-system/sw/bin/bash -")