Using Guix inside a Guix container

all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed

From: Konrad Hinsen <konrad.hinsen@fastmail.net>
To: Guix Devel <guix-devel@gnu.org>
Subject: Using Guix inside a Guix container
Date: Fri, 03 Feb 2023 17:52:22 +0100	[thread overview]
Message-ID: <m1mt5uk7y1.fsf@fastmail.net> (raw)

Hi Guix,

I have been playing with nested Guix containers recently, with some
suprising findings, and I am wondering if what I am doing is considered
officially supported or not.

First: why? My use case is scientific workflows, for example using
snakemake. I want to run my workflows in Guix containers, for
reproducibility plus other reasons. But my workflows run other programs
in their tasks (basically just "shelling out"), and those tasks may use
their own Guix containers.

Superficially, this works fine if I add the "guix" package to my "outer"
container and expose the store plus the daemon's socket:

    guix shell -C guix \
      --expose=/var/guix/daemon-socket/socket \
      --expose=/gnu/store \
      -- \
      guix shell -C coreutils -- ls /

But now for the first surprise:

   $ guix describe
   Generation 35	janv. 19 2023 12:34:57	(current)
     guix 8221cb6
       repository URL: https://git.savannah.gnu.org/git/guix.git
       branch: master
       commit: 8221cb6d2ae5624829bf514d25ae234c073e35d5

   $ guix shell -C guix -- guix describe
     guix 9fe5b49
       repository URL: https://git.savannah.gnu.org/git/guix.git
       branch: master
       commit: 9fe5b490df83ff32e2e0a604bf636eca48b9e240

The Guix in my container is an older one, apparently the 1.4.0 release.
Why? Can I change this?

My first attempt was time-machine:

    guix shell -C -N guix nss-certs \
      --expose=/var/guix/daemon-socket/socket \
      --expose=/gnu/store \
      -- \
      guix time-machine -C channels.scm -- describe

   Updating channel 'guix' from Git repository at 'https://git.savannah.gnu.org/git/guix.git'...
   Authenticating channel 'guix', commits 9edb3f6 to 8221cb6 (331 new commits)...
   Computing Guix derivation for 'x86_64-linux'... |
     guix 8221cb6
       repository URL: https://git.savannah.gnu.org/git/guix.git
       branch: master
       commit: 8221cb6d2ae5624829bf514d25ae234c073e35d5

Great! Except that every time I run this command, it does the channel
update from scratch, so it's prohibitively slow. Sharing
${HOME}/.cache/guix seems to fix that. So... finally...

    guix shell -C -N guix nss-certs \
      --expose=/var/guix/daemon-socket/socket \
      --expose=/gnu/store \
      --share=${HOME}/.cache/guix \
      -- \
      guix time-machine -C channels.scm \
      -- \
      shell -C coreutils \
      -- \
      ls /

     guix shell: error: mount: mount "none" on
     "/tmp/guix-directory.vpOEDC/sys": Operation not permitted

Now I am lost. It doesn't matter which command I put on the last line,
it's creating a container via time-machine running in another container
that leads to the error.

Any ideas?

Cheers,
  Konrad.

next             reply	other threads:[~2023-02-03 16:52 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-02-03 16:52 Konrad Hinsen [this message]
2023-02-03 17:35 ` Using Guix inside a Guix container Wojtek Kosior via Development of GNU Guix and the GNU System distribution.
2023-02-13 11:21 ` James Thomas
2023-02-13 12:35   ` Jim
2023-02-15  9:49   ` Konrad Hinsen
2023-02-17 15:41     ` Simon Tournier
2023-02-18  9:21       ` Konrad Hinsen
2023-03-13 12:50         ` Containerized workflow in containerized processes Simon Tournier
2023-03-21  8:13           ` Konrad Hinsen
2023-03-13 12:52         ` Using Guix inside a Guix container Simon Tournier
2023-02-21 22:50 ` Ludovic Courtès
2023-02-27 14:27   ` Konrad Hinsen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=m1mt5uk7y1.fsf@fastmail.net \
    --to=konrad.hinsen@fastmail.net \
    --cc=guix-devel@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.