From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id EElMIw9VOGLqAQAAgWs5BA (envelope-from ) for ; Mon, 21 Mar 2022 11:35:59 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id mPH1Gw9VOGKwKAEAG6o9tA (envelope-from ) for ; Mon, 21 Mar 2022 11:35:59 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id D38F99697 for ; Mon, 21 Mar 2022 11:35:58 +0100 (CET) Received: from localhost ([::1]:50728 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1nWFOH-0004Td-WE for larch@yhetil.org; Mon, 21 Mar 2022 06:35:58 -0400 Received: from eggs.gnu.org ([209.51.188.92]:43044) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nWFNK-0004TQ-Px for guix-devel@gnu.org; Mon, 21 Mar 2022 06:34:58 -0400 Received: from [2a00:1450:4864:20::42f] (port=33417 helo=mail-wr1-x42f.google.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1nWFNJ-0003tk-2K for guix-devel@gnu.org; Mon, 21 Mar 2022 06:34:58 -0400 Received: by mail-wr1-x42f.google.com with SMTP id q8so8670038wrc.0 for ; Mon, 21 Mar 2022 03:34:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:in-reply-to:references:date:message-id :mime-version:content-transfer-encoding; bh=VgAZpvTDV8LyDUb+KmEvJMBp0gqQfcFroXs+Llq9a6E=; b=XKAT8/cAkykcV4nVWqKwWArGvLer2XKjt+Jcw+aagI0farII8QQWCvojf10BLDSvu8 ys10sm8ilQUpNGwHMfawKcyNwMnyTIFH+W3Ctxl7MW+Y4te+fI6kcn7BdOJjgXv8JuP3 UEArkGHkcbHiSKj4oOmuIDo8rnIbQB4vMZQl6RO2I6eBgriZo293Ql+OWxtxOvcs0F9U JvzZDlVezUaf2G7qj945dcML8LyagDBW8CA7eM6QX23kQKexz6D9DVBufhOuWxl9Xtov DSGfAtN0X8U89OgOgG1YV1FbSLtnnOEEp65+IWs/rM2E9FP+Fe6Z9t5dAHnyZO69F1XK vaXQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:in-reply-to:references:date :message-id:mime-version:content-transfer-encoding; bh=VgAZpvTDV8LyDUb+KmEvJMBp0gqQfcFroXs+Llq9a6E=; b=YrkM6orTtrDUmmREAXS2BaHd8FJuNy1ubg+k2v3BALEOtcpPvxRqxA0nUryhbKFCH/ E9tKvaPb6QZJFD4CQAA738G9EdIPolxkLh/Nu6gCHCYl7mBpVY22GKxIjPJuhfgY3fen 95PaEqddraXTtMTcRxzpiBIiPLmF34zHJb2v2Olh2IBStdvbt+Bmzxle4wmBBcJWs/uh +cTz5DSdpostnYN4a1OPYmayUng4Xo2sQjZvY42+lUmr38vW1nDsI28GtK+jUe6tp/J+ HPij4ZlIKuxWnWqeUubomXOO80CJMEOX9ffbPH4/CLsRrpqvzf5fEeIlzTCyitRx9m7e Fuhg== X-Gm-Message-State: AOAM531SqN3Hi1KOZzwexFBQK43Pm2Fej30ObaijW39TF3uW0w+j/Se/ m0raDrxSRJWR8jmpwEbRZmh/BXUxsGM= X-Google-Smtp-Source: ABdhPJydzGQhs3FcIb/jwZgXuEkiRwVKOBxyiY/6hnxSdTXivcZyl6Q16RkbwGwBAll9p+dRkDBAoQ== X-Received: by 2002:a05:6000:156e:b0:203:d6e6:bcd0 with SMTP id 14-20020a056000156e00b00203d6e6bcd0mr17357706wrz.135.1647858894698; Mon, 21 Mar 2022 03:34:54 -0700 (PDT) Received: from lili ([2a01:e0a:59b:9120:65d2:2476:f637:db1e]) by smtp.gmail.com with ESMTPSA id z13-20020a5d440d000000b00203f2b010b1sm8744016wrq.44.2022.03.21.03.34.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 21 Mar 2022 03:34:54 -0700 (PDT) From: zimoun To: Ryan Prior , Liliana Marie Prikler Subject: Re: Guix as a system vs as an end-user dev tool (re: Building a software toolchain that works) In-Reply-To: References: <86cziidqnw.fsf@gmail.com> Date: Mon, 21 Mar 2022 11:26:11 +0100 Message-ID: <861qyveh4s.fsf@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Host-Lookup-Failed: Reverse DNS lookup failed for 2a00:1450:4864:20::42f (failed) Received-SPF: pass client-ip=2a00:1450:4864:20::42f; envelope-from=zimon.toutoune@gmail.com; helo=mail-wr1-x42f.google.com X-Spam_score_int: -6 X-Spam_score: -0.7 X-Spam_bar: / X-Spam_report: (-0.7 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, PDS_HP_HELO_NORDNS=0.659, RCVD_IN_DNSWL_NONE=-0.0001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Guix Devel Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1647858959; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=VgAZpvTDV8LyDUb+KmEvJMBp0gqQfcFroXs+Llq9a6E=; b=kwntIW0ACHcbHRf2qgYK6IOsE7Z3rEPGuj1wKKg9gD/c3BP+Yq3U614UOpVwwYmaz2E6X7 fogJibs4URio5m5xImfh0S6zfkEiaWkzEBh9I//qgYnFS3XxWHtpWREa81Clce8KP7n6ps L+18lFgwW0wE2U3pkhW9uqo2nlh+v6drvfSyQpyf4oUvAsqdveqBX0ILWaQqr6xPtiDBri H5ruT01pMSHkALm4lfkuggesy7PcTu5D6UVBscUiwvpS95TJZVbklOnhzvrLv3+Cnd2X/I j0Nhbke8VTxfIAsBpzsmXROcCjcBUPgWtnKbWvekj4U1Qg9Z7+2RINdsKOo8KQ== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1647858959; a=rsa-sha256; cv=none; b=GDWYB1EZQtMwQ5lqTbmu5PL8w/aUUf98NRLOuSoZkrYEAkTg3WeQc7LlzKXmmikKb3TS/p d1CCwh+tNFOvztpOBK9PE3+vhos2sm/pj/dU8FRe01scROHZ5p/3T42HjrPCJZfX0OnsQ5 wysJ2nYAH4m3Kgmbml4VgZqDbVaRO3WTmqyKks1IJREOOvfb6VxjMPUrRgb5HdJa79bEzS 3lgwnuQwbIuX2VF7MWBcXvRQrIdjUEk4WfPJolIJPaVMH3KjN6LfAlrT0S8WEyLN/gpbHy EW+4NlZaurFz0ahROO7CibmEGDjWrUgbtxnm1iQCcAyuwh/k3Gw5yNz8omYZVg== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20210112 header.b="XKAT8/cA"; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -4.12 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20210112 header.b="XKAT8/cA"; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: D38F99697 X-Spam-Score: -4.12 X-Migadu-Scanner: scn1.migadu.com X-TUID: Jb+q10mNAX24 Hi Ryan, Thank you for your detailed explanations. Here I try to connect the dots between the current blocks and the picture you are drawing. On Sat, 19 Mar 2022 at 18:18, Ryan Prior wrote: > When I install Docker for Desktop on macOS or Windows, I do not have > to first install a VM manager dependency like QEMU or VirtualBox. The > installer for Docker creates and manages a VM automatically, which is > treated as de-facto immutable and never exposed to the user at all. It > is locked down, automatically updated, and doesn't provide the user > any way to install new software or make changes to it. It's not like a > distro: it provides only what's necessary to run containers, with no > desktop, no coreutils, no SSH, no VNC, practically no userland at > all. >From my experience about Docker, Guix on foreign Linux distro via the install script provides the same experience as Docker for Desktop. For sure, the learning curve is not the same. Because Guix is less polished and many less tutorials are around. About MacOs and Windows, well Docker is powered by a company so their product is targeting a market. Instead, Guix is powered by volunteers working on their personal interest; well if a company is ready to invest in Guix, I am sure it would also =E2=80=9Cwork=E2=80=9D on these platforms.= ;-) > The only point of interaction with the VM is through the Docker > daemon. On Windows or Mac when you run `docker build` the client > software is connecting to the daemon in the VM, sending it the build > context, etc - but the user doesn't have to configure or manage any of > this. And thus with each Docker command. Well, the user manages the Dockerfile build, no? Guix on foreign distro works the same way, no? Instead of a Dockerfile, it is a config.scm file. Somehow, the workflow of Docker and Guix-on-foreign-distro is the same from my point of view. The main difference is robustness and documentation, again IMHO. > The target demographic is developers who, whether out of preference or > for corporate compliance or some other reason, use macOS or Windows on > their dev machine but are deploying to GNU/Linux boxen. By > standardizing on Docker for Desktop, organizations are able to provide > a consistent GNU toolchain to all their developers and operators, > smoothing out the differences between platforms and decreasing > complexity. I agree. About Windows, Guix should be available via WSL2, IIURC. About MacOS=E2=80=A6 long story. ;-) > But for a variety of reasons organizations commonly have a > heterogeneous environment, with GNU/Linux on the server and a mix of > free and non-free OSes on the client. They would face a much lower > barrier to adopt if we were to offer a "Guix for Desktop" installer > that enables uniform developer workflows, such that "guix build -f > my-app.scm" works the same on any client, and so on for each Guix > command. What I miss is that your description maps one to one my use of Guix on foreign distro with =E2=80=9Ccollaborators=E2=80=9D (mainly biologists, so = similar to the end-users described above, I guess). Whatever their Linux distro and their host versions are (usually Ubuntu though), we are running the same computational stack; mainly: guix time-machine -C channels.scm -- shell -m manifest.scm where channels.scm and manifest.scm live in a shared Git repo with the other stuff. In this case, manifest.scm provides the tools for building, say manually. It is similar with guix time-machine -C channels.scm -- build -f my-app.scm using the Guix daemon for building. And channels.scm can contain private collections not yet in Guix. > This would necessarily exclude some commands, like and "guix system > reconfigure," which are expected to mutate the user's base > system. Installed this way, every interaction with Guix would be in a > Guix container, with files from the host system mounted into it. If I > ran "guix install coreutils" then the installed "ls" would be a shell > script that runs ls inside a Guix shell in the VM, with the current > directory mounted into it. For instance, I have never used =E2=80=9Cguix system reconfigure=E2=80=9D f= or my daily job. :-) On any Linux distribution, guix shell -C coreutils does what you are describing. No VM, only Linux namespace. For sure, it leads to issues for MacOS. Well, long story. :-) > > This would not be an ideal system for installing and managing software > on a non-free OS and I wouldn't recommend using it for such: it's > limited, carries the performance penalty of a VM, adds complexity, > &c. But for the specific case where the end-user is a software > engineer on a non-free OS who is building, testing, and deploying > software using Guix, it could be excellent. You'd check out your repo, > "guix build my-app.scm," then "guix deploy prod.scm" and off you > go. These things happen principally in the domain where we aren't > interacting with the host system much anyway, so the limitations > matter little, while the benefits to people working in heterogeneous > tech organizations are great. I agree. Well, Guix via Gnome boxes seems a step in that direction. I also agree that the story of Guix for Windows and MacOS is not so nice. Currently, it is a strong limitation for adoption in my lab; most if not all people run the main computer with MacOS or Windows and another dedicated computer for =E2=80=9Ccomputational analysis=E2=80=9D. About Windows, it could be worth to maybe document what already works. :-) Cheers, simon