From: "Ludovic Courtès" <ludo@gnu.org>
To: 68677@debbugs.gnu.org
Cc: "Ludovic Courtès" <ludo@gnu.org>
Subject: [bug#68677] [PATCH 0/6] Service for "virtual build machines"
Date: Tue, 23 Jan 2024 17:46:17 +0100 [thread overview]
Message-ID: <cover.1706027375.git.ludo@gnu.org> (raw)
Hello Guix!
Lots of talk about reproducibility and how wonderful Guix is, but
as soon as you try to build packages from v1.0.0, released less
than 5 years ago, you hit a “time trap” in Python, in OpenSSL, or
some other ugly build failure—assuming you managed to fetch source
code in the first place¹.
This patch series defines a long-overdue
‘virtual-build-machine-service-type’: a service to run a virtual
machine available for offloading. My main goal here is to
allow users to build stuff at a past date without having to
change their system clock. It can also be used to control other
aspects usually not under control: the CPU model, the Linux kernel.
The series includes changes to <virtual-machine> that are not
actually used but can be useful; they come from a previous iteration
that didn’t pan out.
One limitation I’d like to address is the fact that the SSH and
secrets ports are exposed locally, as is already the case with
childhurds (any local user could inject secrets into the VM if
they connect at the right moment when it boots). Future work
includes switching to AF_VSOCK sockets—see vsock(7).
Some of the code is shared with childhurds. I don’t know if
we could factorize things further.
Thoughts?
Ludo’.
¹ This blog post by Simon explains the kind of problem one hits
when traveling to the not-so-distant past:
https://simon.tournier.info/posts/2023-12-21-repro-paper.html
Ludovic Courtès (6):
services: secret-service: Make the endpoint configurable.
vm: Add ‘date’ field to <virtual-machine>.
vm: Export <virtual-machine> accessors.
vm: Add ‘cpu-count’ field to <virtual-machine>.
marionette: Add #:peek? to ‘wait-for-tcp-port?’.
services: Add ‘virtual-build-machine’ service.
doc/guix.texi | 139 ++++++-
gnu/build/marionette.scm | 32 +-
gnu/build/secret-service.scm | 62 ++--
gnu/services/virtualization.scm | 640 ++++++++++++++++++++++++--------
gnu/system/image.scm | 1 +
gnu/system/vm.scm | 115 +++++-
gnu/tests/virtualization.scm | 176 +++++++--
7 files changed, 933 insertions(+), 232 deletions(-)
base-commit: 299ce524c9f725549ab5548197cc88b085bba2f4
--
2.41.0
next reply other threads:[~2024-01-23 16:47 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-23 16:46 Ludovic Courtès [this message]
2024-01-23 16:48 ` [bug#68677] [PATCH 1/6] services: secret-service: Make the endpoint configurable Ludovic Courtès
2024-01-23 16:48 ` [bug#68677] [PATCH 2/6] vm: Add ‘date’ field to <virtual-machine> Ludovic Courtès
2024-01-23 16:48 ` [bug#68677] [PATCH 3/6] vm: Export <virtual-machine> accessors Ludovic Courtès
2024-01-23 16:48 ` [bug#68677] [PATCH 4/6] vm: Add ‘cpu-count’ field to <virtual-machine> Ludovic Courtès
2024-01-23 16:48 ` [bug#68677] [PATCH 5/6] marionette: Add #:peek? to ‘wait-for-tcp-port?’ Ludovic Courtès
2024-01-23 16:48 ` [bug#68677] [PATCH 6/6] services: Add ‘virtual-build-machine’ service Ludovic Courtès
2024-01-25 14:18 ` [bug#68677] [PATCH 0/6] Service for "virtual build machines" Simon Tournier
2024-01-29 11:25 ` Ludovic Courtès
2024-02-05 13:37 ` Ludovic Courtès
2024-02-05 15:45 ` Suhail via Guix-patches via
2024-02-07 17:33 ` Ludovic Courtès
2024-02-14 15:15 ` Simon Tournier
2024-02-10 22:35 ` bug#68677: " Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1706027375.git.ludo@gnu.org \
--to=ludo@gnu.org \
--cc=68677@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).