OCI-backed Guix System Services

OCI-backed Guix System Services

[paul]

[-- Attachment #1: Type: text/plain, Size: 1822 bytes --]

Dear Guixers,

I was recently inspired from Nix's oci-container feature and wrote a 
thin wrapper around the docker CLI to enable the management of docker 
containers through Shepherd [0]. This enables handling of non packaged 
services through guix system reconfigure and herd start/stop/status .


|(define(grafana-configuration config) | (oci-container-configuration
(image"|grafana/grafana:10.0.1"|)
(network"host")
(ports
`((,port."3000")))
(volumes
`(("/var/lib/grafana"."/var/lib/grafana")
;; Neededbecausegrafana.iniisasymlinktoaniteminthestore.
("/gnu/store"."/gnu/store")
("/etc/grafana/grafana.ini"."/etc/grafana/grafana.ini")))))

(definegrafana-service-type
(service-type(name'grafana)
(extensions(list(service-extensionoci-container-service-type
grafana-configuration)
(service-extensionaccount-service-type
(const%grafana-accounts))
(service-extensionnginx-service-type
grafana-nginx-locations)
(service-extensionactivation-service-type
%grafana-activation)))))


This is somewhat made up code, for a real world example you can have a 
look here [1].

In the future it probably makes sense to be able to switch the "OCI 
backend" to podman, for now I just wanted to figure out if it's 
something that would be useful to the Guix community and if the 
implementation looks right.

To conclude, I'm not advocating for adding OCI-backed services to Guix 
mainstream: in my opinion they should be bootstrapped and built from 
source, but I believe the actual "backend" implementation for such 
services could be useful to have in Guix. What do you think?


Thank you for the wonderful community that Guix still proves to be,

giacomo


[0]: 
https://gitlab.com/orang3/small-guix/-/blob/master/small-guix/services/docker.scm

[1]: 
https://gitlab.com/orang3/guix-nas/-/blob/main/modules/nas/services/grafana.scm

[-- Attachment #2: Type: text/html, Size: 8389 bytes --]

Re: OCI-backed Guix System Services

[Ricardo Wurmus]

Hi,

> I was recently inspired from Nix's oci-container feature and wrote a thin wrapper around the docker CLI to enable the management of
> docker containers through Shepherd [0]. This enables handling of non packaged services through guix system reconfigure and herd
> start/stop/status . 

Neat!

> To conclude, I'm not advocating for adding OCI-backed services to Guix mainstream: in my opinion they should be bootstrapped and
> built from source, but I believe the actual "backend" implementation for such services could be useful to have in Guix. What do you
> think?

I think this could still be a valuable addition to Guix, because it
integrates with Shepherd and thus unifies management of system services
independent of whether they came from Guix or from elsewhere.

Because integration with Shepherd is nice I wrote the Swineherd which
serves a related need: https://github.com/BIMSBbioinfo/swineherd

-- 
Ricardo

Re: OCI-backed Guix System Services

[Katherine Cox-Buday]

On 9/20/23 4:12 PM, Ricardo Wurmus wrote:

>> To conclude, I'm not advocating for adding OCI-backed services to Guix mainstream: in my opinion they should be bootstrapped and
>> built from source, but I believe the actual "backend" implementation for such services could be useful to have in Guix. What do you
>> think?
> 
> I think this could still be a valuable addition to Guix, because it
> integrates with Shepherd and thus unifies management of system services
> independent of whether they came from Guix or from elsewhere.

I completely agree. It would be so nice to have a unified interface to 
manage everything!

Re: OCI-backed Guix System Services

[paul]

Hi Ricardo,

On 9/21/23 00:12, Ricardo Wurmus wrote:
> Because integration with Shepherd is nice I wrote the Swineherd which
> serves a related need: https://github.com/BIMSBbioinfo/swineherd

I saw that but I still haven't managed to find the time to play with it, 
it looks quite cool :) I'd love to be able to drop docker compose for 
local development environment in favor of something like the Swineherd.

giacomo

Re: OCI-backed Guix System Services

[Ludovic Courtès]

Hi,

Ricardo Wurmus <rekado@elephly.net> skribis:

>> I was recently inspired from Nix's oci-container feature and wrote a thin wrapper around the docker CLI to enable the management of
>> docker containers through Shepherd [0]. This enables handling of non packaged services through guix system reconfigure and herd
>> start/stop/status . 
>
> Neat!
>
>> To conclude, I'm not advocating for adding OCI-backed services to Guix mainstream: in my opinion they should be bootstrapped and
>> built from source, but I believe the actual "backend" implementation for such services could be useful to have in Guix. What do you
>> think?
>
> I think this could still be a valuable addition to Guix, because it
> integrates with Shepherd and thus unifies management of system services
> independent of whether they came from Guix or from elsewhere.

I agree, this would be useful to many people I’m sure, in particular to
anyone who doesn’t dare switch to Guix System out of fear of not finding
a specific service.

If there’s a way this could be generalized so others can use it for
daemons other than Grafana, that’d be great.

Ludo’.

Re: OCI-backed Guix System Services

[Alexey Abramov]

I am playing with Talos right now, which is a Kubernetes Linux 
distribution. It doesn't provide any ssh access. You can configure it using 
api only.

I am wondering if anyone wants to work (or working) on similar thing using 
Guix, Shepherd and Goblins.

It would be great to just boot guix with shepherd and program the system 
using scheme.

I haven't tested swineherd yet though.

On October 2, 2023 4:52:57 PM Ludovic Courtès <ludo@gnu.org> wrote:

> Hi,
>
> Ricardo Wurmus <rekado@elephly.net> skribis:
>
>>> I was recently inspired from Nix's oci-container feature and wrote a thin 
>>> wrapper around the docker CLI to enable the management of
>>> docker containers through Shepherd [0]. This enables handling of non 
>>> packaged services through guix system reconfigure and herd
>>> start/stop/status .
>>
>> Neat!
>>
>>> To conclude, I'm not advocating for adding OCI-backed services to Guix 
>>> mainstream: in my opinion they should be bootstrapped and
>>> built from source, but I believe the actual "backend" implementation for 
>>> such services could be useful to have in Guix. What do you
>>> think?
>>
>> I think this could still be a valuable addition to Guix, because it
>> integrates with Shepherd and thus unifies management of system services
>> independent of whether they came from Guix or from elsewhere.
>
> I agree, this would be useful to many people I’m sure, in particular to
> anyone who doesn’t dare switch to Guix System out of fear of not finding
> a specific service.
>
> If there’s a way this could be generalized so others can use it for
> daemons other than Grafana, that’d be great.
>
> Ludo’.