-
-
Notifications
You must be signed in to change notification settings - Fork 13.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove cloud-init from the Openstack image configuration #54800
Conversation
The Openstack metadata service exposes the EC2 API. We use the existing `ec2.nix` module to configure the hostname and ssh keys of an Openstack Instance. A test checks the ssh server is well configured. This is mainly to reduce the size of the image (700MB). Also, declarative features provided by cloud-init are not really useful since we would prefer to use our `configuration.nix` file instead.
This allows the VM to provide a `configuration.nix` file to the VM. The test doesn't work in sandbox because it needs Internet (however it works interactively).
@GrahamcOfBorg test openstack-image-metadata |
@GrahamcOfBorg test ec2-nixops |
The ec2 tests failure is not related to these patch (same error without my patches). ping @flokli :) |
wget --retry-connrefused -O "$metaDir/user-data" http://169.254.169.254/1.0/user-data && chmod 600 "$metaDir/user-data" | ||
fi | ||
|
||
if ! [ -e "$metaDir/hostname" ]; then |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this should be optional, like in nixos/modules/virtualisation/ec2-data.nix
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would prefer to avoid changes on the ec2 image. I can't test the change (no ec2 account and the test is broken). Moreover this could also impact users relying on this hostname
file.
I think this could be addressed in another PR.
wants = [ "network-online.target" ]; | ||
after = [ "network-online.target" ]; | ||
script = | ||
'' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The following script looks pretty similar to what's in nixos/modules/virtualisation/amazon-image.nix at boot.initrd.postMountCommands
.
This duplicates the script in nixos/modules/virtualisation/amazon-image.nix, and probably should be merged.
Other suggestion, what about using https://github.com/coreos/coreos-metadata, which already handles changing hostname and ssh keys, and where it should be fairly trivial to make it expose user-data?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As discussed, I've moved the script in a shared file.
@edolstra from your reaction on the PR, is there a way you can test this? |
]; | ||
|
||
system.build.novaImage = import ../../../lib/make-disk-image.nix { | ||
system.build.openstackImage = import ../../../lib/make-disk-image.nix { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Lassulus this might need a fix in https://github.com/nix-community/nixos-generators too
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I could do it.
I also plan to send a post on discourse to ask for some help to publish this image on the NixOS download page.
People don't necessary know `nova` is related to Openstack (it is a component of Openstack). So, it is more explicit to call it `openstackImage`.
This is to let the `ec2-data.nix` module sets the hostname from the metadata API value.
To share the metadata fetcher script between ec2 and Openstack images.
cloud-init
is replaced by modules used by our EC2 image (Openstack metadata service provides an EC2 API).ssh
keys andconfiguration.nix
are appliednovaImage
is renamed toopenstackImage
This is mainly to reduce the size of the image (from 2.2GB to 1.3GB). Also, I think we generally don't care about
cloud-init
features since we have aconfiguration.nix
file.Unfortunately, one of the two tests doesn't work in the sandbox because it needs Internet. This is also the case of EC2 tests... I hope to fix them later (help is welcome on that).
I also test this image on an Openstack cloud. It is working as expected.
Note this also fixes the current Nova image which is currently broken.
Things done
sandbox
innix.conf
on non-NixOS)nix-shell -p nox --run "nox-review wip"
./result/bin/
)nix path-info -S
before and after)