Re: Guix and sel4

[Paul Boddie]

On Sunday 14. January 2018 22.16.39 rados...@chmielarz.xyz wrote:
> 
> In 2016 David Craven has sent an email about his attempt in using sel4
> (genode with sel4 to be exact) with guix
> (https://lists.gnu.org/archive/html/help-guix/2016-12/msg00058.html). Do
> You know if he succeeded or not? And if not where there any substantial
> blockers or just lack of time?

He referenced some work done to use Nix with Genode, since abandoned, but the 
Genode documentation provides more details about this:

"The design of Genode's package-management concept is largely influenced by 
Git as well as the Nix package manager. In particular the latter opened our 
eyes to discover the potential that lies beyond the package management 
employed in state-of-the art commodity systems. Even though we considered 
adapting Nix for Genode and actually conducted intensive experiments in this 
direction (thanks to Emery Hemingway who pushed forward this line of work), we 
settled on a custom solution that leverages Genode's holistic view on all 
levels of the operating system including the build system and tooling, source 
structure, ABI design, framework API, system configuration, inter-component 
interaction, and the components itself. Whereby Nix is designed for being used 
on top of Linux, Genode's whole-systems view led us to simplifications that 
eliminated the needs for Nix' powerful features like its custom description 
language."

http://genode.org/documentation/developer-resources/package_management

(This is actually quite typical of Genode's online documentation, which seems 
to have a "white paper" feel at times (and a "manifest" feel, just summarising 
details, at others), so digesting it all can be time-consuming work.)

Personally, I have spent some time looking at L4Re rather than Genode, mostly 
because I have been wanting to deploy Fiasco.OC and it would appear that these 
two things (L4Re and Fiasco.OC) are developed more closely together. Genode 
seems to bundle specific versions of Fiasco.OC, but I have been needing to get 
updates and make fixes in a more convenient relationship with Fiasco.OC's 
upstream.

There was a remark about the Hurd in the previous thread. The one difference I 
tend to perceive between the Hurd and systems like L4Re and Genode is that the 
latter things tend to be demonstrated almost like embedded solutions - you 
build a specific payload and that is your system - whereas the Hurd behaves 
like the open-ended system we are familiar with from our desktop computers.

That said, Genode is supposed to be usable as a desktop operating system, and 
will apparently introduce "a minimalistic generic live system that can be 
interactively shaped into a desktop scenario by the user without any reboot":

https://genode.org/documentation/release-notes/17.11

Another difference, this time between Genode and L4Re, is the way the 
components seem to be wired up. Genode appears to use some kind of XML syntax 
for this:

http://genode.org/documentation/developer-resources/init

Whereas L4Re employs Lua for the same job. I cannot comment on Genode, but the 
L4Re framework seems to be something of a work in progress.

A vague goal of mine is to try and bring Fiasco.OC or something similar within 
the realm of the Hurd again. There was once a project to port the Hurd to a L4 
microkernel, but that stalled in various ways and also didn't involve the more 
modern L4 variants that are around today and are supported by Genode.

Sorry if this was something of a digression from the topic!

Paul

Guix and sel4

[radoslaw]

Hi,

In 2016 David Craven has sent an email about his attempt in using sel4 
(genode with sel4 to be exact) with guix 
(https://lists.gnu.org/archive/html/help-guix/2016-12/msg00058.html). Do 
You know if he succeeded or not? And if not where there any substantial 
blockers or just lack of time?


Also while I'm asking would it be possible to use only the microkernel 
without the genode ecosystem in the guixsd? And on that topic is guixsd 
able to cross-compile? It already has the sandboxing for the packages so 
I would imagine it couldn't be that difficult but maybe it wasn't tried 
out before. I should probably RTFM but this is just a side-note 
question.


Cheers,
Radek

Re: Seeking best-practice for managing guix-defined VMs

[myglc2]

On 01/14/2018 at 19:51 Hartmut Goebel writes:

> I wonder about the best-practice for managing VMs built using `guix
> system vm`.

I doubt this is best practice, but I have been using a bash script to
build, commission, and route VMs on a GuixSD server.  Because I want
self-contained, portable, stateful VMs that can also run elsewhere, I
use 'guix system vm-image'. I keep track of the VM config by caching the
config file and 'guix --version' w/the image, which must be copied out
of the store in order to run (and is therefore not affected by 'guix
gc'). I keep track of what's running and avoid colisions by forcing a
1-to-1 mapping between the image file name, VM name, TUN/TAP device
name, and MAC address.

HTH - George

Re: Seeking best-practice for managing guix-defined VMs

[Marius Bakke]

Hartmut Goebel  writes:

> I wonder about the best-practice for managing VMs built using `guix
> system vm`.

This is fairly tangential and probably overkill, but I use Ganeti[0]
with "ganeti-instance-guix"[1].  That will copy each `guix system vm` to
the configured storage backend, so store items can be garbage collected.
Updating can be done with `gnt-instance reinstall vm-name`.

Ganeti is a distributed virtual machine management system à la Openstack
(though much simpler, and less buggy), but works great on a single host.

[0] http://www.ganeti.org/
[1] https://github.com/mbakke/ganeti-instance-guix


signature.asc
Description: PGP signature

Seeking best-practice for managing guix-defined VMs

[Hartmut Goebel]

Hi,

I wonder about the best-practice for managing VMs built using `guix
system vm`.

My idea is to have the system-configuration on the (foreign distro) host
and build and run VMs using `guix system vm`. Background is that for
some reasons I can not use GuixSD on the host, but wont to use guix for
managing the actual work-horses.

* For specifying the parameters of the host-side of the VM-emulation,
and for starting the VM with the appropriate parameters, I can add a
wrapper shell-script. Is there a better way than a shell-script?

* When updating the config, the currently running VM needs to be shut
down. What are good ways to handle this? How to notice, which is the
correct VM to shut down (this one's "predecissor")?

* Over time, the store will fill up with `xxx-run-vm.sh` scripts. Will
these be garbage-collected? (I assume not.) What are good ways to keep
track of scripts and discard those no longer needed (and garbage-collect)?

* How to handle "secrets", which need to go into the machine? Obviously
it's not a good idea to have them in a system-declaration. OTO the VM's
disk gets discarded with the next system generation.

* Is using `guix system vm` the wrong approach at all? Should I better
use `vm-image` or `container`?

-- 
Regards
Hartmut Goebel

| Hartmut Goebel  | h.goe...@crazy-compilers.com   |
| www.crazy-compilers.com | compilers which you thought are impossible |

Samba user mounts

[Mathieu Lirzin]

Hello,

I want to connect to my NAS using the Samba protocol.  While I can use ‘gvfs’
for that it is not convenient for me to access it from the command line via
the “/run/user/1000/gvfs/smb-share:server=nas,share=home/” filename.  On my
previous system I was able to add the following line in my “/etc/fstab” file:

   //nas/home /mnt/mthl/nas-home  cifs  
credentials=/home/mthl/.smbfile,rw,noauto,user 0 0

which allowed me to execute the following command as a regular user:

   $ mount /mnt/mthl/nas-home

Does anybody know how to achieve similar thing on GuixSD?

Thanks.

-- 
Mathieu Lirzin
GPG: F2A3 8D7E EB2B 6640 5761  070D 0ADE E100 9460 4D37

How can I use ()

[Alex ter Weele]

(Following this conversion on #guix:
https://gnunet.org/bot/log/guix/2018-01-10#T1600427)

I am trying to use the mcron service to run backups. I have written:

(define (backup-home user)
  #~(begin
  (execl
   (string-append #$borg "/bin/borg")
   "create"
   "--stats" "--list" "--verbose"
   "/mnt/borg::{hostname}-{utcnow}"
   (format "/home/%s" #$user))
  ;; TODO: borg prune.
  ))

(define (backup-home-job user)
  #~(job '(next-hour '(18))
 #$(backup-home user)
 #:user #$user))

I would like to run the gexp (backup-home "alex") from the REPL so that
I can verify it works properly. I looked into what the mcron service
itself does with the gexp in order to run it and found that (gnu
shepherd)'s shepherd-configuration-file uses gexp->file.

Based on this, what I think I want to do is something like:

,enter-store-monad
(build (list (gexp->script "test" (backup-home "alex"

And then run the resulting script file. However, doing such gives the
error:

ERROR: In procedure string->utf8:
ERROR: In procedure string->utf8: Wrong type argument in position 1 (expecting 
string): #

At this point I tried putting a string in what I think is the right
place, once again running in the store monad REPL:

(build "foo" (list (gexp->script "test" (backup-home "alex"

But this gives:

ERROR: In procedure length:
ERROR: In procedure length: Wrong type argument in position 1: "foo"

At which point I'm stumped. I'd love to know what I'm doing wrong!

Thanks,
Alex