SlideShare a Scribd company logo
1 of 42
Download to read offline
The Nix project
Sander van der Burg
Delft University of Technology, EEMCS,
Department of Software Technology
August 16, 2012
Sander van der Burg The Nix project
Software deployment
Software deployment
All of the activities that make a software system available for use
Carzaninga et al.
Activities
Building software components
Installing systems
Activating software components
Upgrading software components
Sander van der Burg The Nix project
Modern applications
Sander van der Burg The Nix project
Modern applications
Modern systems are rarely self-contained:
Systems are composed of many software components
Dependencies must be present and correct, both at build-time
and run-time
Non-functional requirements must be met:
Reliability
Privacy
Component licenses
Sander van der Burg The Nix project
Software deployment
Sander van der Burg The Nix project
Software deployment
Sander van der Burg The Nix project
Challenges
Systems are becoming bigger, more distributed and
more complicated
Deployment takes a lot of effort and time
Difficult to reproduce a configuration elsewhere
Upgrading may break a system and may introduce
significant downtimes
Deployment failures
Sander van der Burg The Nix project
Challenges
Complexity. Many steps must be performed, in the right
order.
Reliability. Dependencies may break, files get overwritten,
modified or removed. Upgrades may yield different results as
fresh installations.
Agility. In order to quickly deliver value, systems must be
deployed faster and on-demand.
Genericity. Most existing deployment solutions only support
specific component-types and environments.
Sander van der Burg The Nix project
NixOS
A GNU/Linux distribution using the Nix package manager
Sander van der Burg The Nix project
Nix store
Main idea: store all packages
in isolation from each other:
/nix/store/rpdqxnilb0cg...
-firefox-3.5.4
Paths contain a 160-bit
cryptographic hash of all
inputs used to build the
package:
Sources
Libraries
Compilers
Build scripts
. . .
/nix/store
l9w6773m1msy...-openssh-4.6p1
bin
ssh
sbin
sshd
smkabrbibqv7...-openssl-0.9.8e
lib
libssl.so.0.9.8
c6jbqm2mc0a7...-zlib-1.2.3
lib
libz.so.1.2.3
im276akmsrhv...-glibc-2.5
lib
libc.so.6
Sander van der Burg The Nix project
Nix expressions
openssh.nix
{ stdenv, fetchurl, openssl, zlib }:
stdenv.mkDerivation {
name = "openssh-4.6p1";
src = fetchurl {
url = http://.../openssh-4.6p1.tar.gz;
sha256 = "0fpjlr3bfind0y94bk442x2p...";
};
buildCommand = ’’
tar xjf $src
./configure --prefix=$out --with-openssl=${openssl}
make; make install
’’;
}
Sander van der Burg The Nix project
Nix expressions
all-packages.nix
openssh = import ../tools/networking/openssh {
inherit fetchurl stdenv openssl zlib;
};
openssl = import ../development/libraries/openssl {
inherit fetchurl stdenv perl;
};
stdenv = ...;
openssl = ...;
zlib = ...;
perl = ...;
nix-env -f all-packages.nix -iA openssh
Produces a /nix/store/l9w6773m1msy...-openssh-4.6p1
package in the Nix store.
Sander van der Burg The Nix project
NixOS
In NixOS, all packages including the Linux kernel and
configuration files are managed by Nix.
NixOS does not have directories such as: /lib and /usr
NixOS has a minimal /bin and /etc
But NixOS is more then just a distribution managed by Nix
Sander van der Burg The Nix project
NixOS configuration
/etc/nixos/configuration.nix
{pkgs, ...}:
{
boot.loader.grub.device = "/dev/sda";
fileSystems = [ { mountPoint = "/"; device = "/dev/sda2"; } ];
swapDevices = [ { device = "/dev/sda1"; } ];
services = {
openssh.enable = true;
xserver = {
enable = true;
desktopManager.kde4.enable = true;
};
};
environment.systemPackages = [ pkgs.mc pkgs.firefox ];
}
Sander van der Burg The Nix project
NixOS configuration
nixos-rebuild switch
Nix package manager builds a complete system configuration
Includes all packages and generates all configuration files, e.g.
OpenSSH configuration
Upgrades are (almost) atomic
Components are stored safely next to each other, due to hashes
No files are automatically removed or overwritten
Users can switch to older generations of system configurations
not garbage collected yet
Sander van der Burg The Nix project
NixOS bootloader
Sander van der Burg The Nix project
Nix/NixOS advantages
Reliability. Dependencies are always complete, present and
correct. No files overwritten, modified or removed.
Reproducibility. Because side-effects are removed, build
functions always yield same result, regardless on what
machine they are executed.
Generic. We can invoke arbitrary build processes in Nix
functions. Nix is supported on many operating systems:
Linux, FreeBSD, Mac OS X, Windows (Cygwin)
Efficient. Only components that must be built are build. Nix
store serves as a cache.
Scope is limited to packages on local machines.
Sander van der Burg The Nix project
Modern systems
How to extend these concepts to the latest generation of systems?
Sander van der Burg The Nix project
Service Development Support System (SDS2)
Sander van der Burg The Nix project
Service Development Support System (SDS2)
Sander van der Burg The Nix project
Purpose
A hospital contains a wide range of medical devices
Each produce status and event logs in their own format
Difficult to perform analysis on data
How can we transform these implicit datasets into
something useful?
SDS2: Distribution
Sander van der Burg The Nix project
SDS2: Utilisation Service
Sander van der Burg The Nix project
Disnix
$ disnix-env -s services.nix -i infrastructure.nix -d distribution.nix
Sander van der Burg The Nix project
Service model
{distribution, system}:
let pkgs = import ../top-level/all-packages.nix {
inherit distribution system;
}; in
{ mobileeventlogs = {
name = "mobileeventlogs";
pkg = pkgs.mobileeventlogs;
type = "mysql-database";
};
MELogService = {
name = "MELogService";
pkg = pkgs.MELogService;
dependsOn = { inherit mobileeventlogs; };
type = "tomcat-webapplication";
};
SDS2AssetTracker = {
name = "SDS2AssetTracker";
pkg = pkgs.SDS2AssetTracker;
dependsOn = { inherit MELogService ...; };
type = "tomcat-webapplication";
};
...
}
Sander van der Burg The Nix project
Infrastructure model
{
test1 = {
hostname = "test1.net";
tomcatPort = 8080;
mysqlUser = "user";
mysqlPassword = "secret";
mysqlPort = 3306;
targetEPR = http://test1.net/.../DisnixService;
system = "i686-linux";
};
test2 = {
hostname = "test2.net";
tomcatPort = 8080;
...
targetEPR = http://test2.net/.../DisnixService;
system = "x86_64-linux";
};
}
Captures machines in the network and their relevant properties and
capabilities.
Sander van der Burg The Nix project
Distribution model
{infrastructure}:
{
mobileeventlogs = [ infrastructure.test1 ];
MELogService = [ infrastructure.test2 ];
SDS2AssetTracker = [ infrastructure.test1 infrastructure.test2 ];
...
}
Maps services to machines
Sander van der Burg The Nix project
Deployment process
Specifications are used to derive deployment process:
Building services from source code
Transferring services to target machines
Deactivating obsolete services and activating new services
Sander van der Burg The Nix project
Distributed infrastructure deployment
Disnix deploys services, but does not manage the underlying
infrastructure
NixOS has good properties for deployment of a single machine
configurations
Can we extend these properties to distributed systems?
Sander van der Burg The Nix project
Motivating example: Trac
Sander van der Burg The Nix project
Motivating example: Trac
Trac can be deployed in a distributed environment:
Subversion server
Database server
Web server
Sander van der Burg The Nix project
Distributed NixOS configuration
network.nix
{ storage = {pkgs, ...}:
{
services.nfsKernel.server.enable = true; ...
};
postgresql = {pkgs, ...}:
{
services.postgresql.enable = true; ...
};
webserver = {pkgs, ...}:
{
fileSystems = [
{ mountPoint = "/repos"; device = "storage:/repos"; } ];
services.httpd.enable = true;
services.httpd.extraSubservices = [ { serviceType = "trac"; } ]; ...
};
...
}
Sander van der Burg The Nix project
Distributed deployment
charon create network.nix
charon deploy
Build system configurations by the Nix package manager
Transfer complete system and all dependencies to target
machines in the network
Efficient: only missing store paths must be transferred
Safe: Existing configuration is not affected, because no files
are overwritten or removed
Activate new system configuration
In case of a failure, roll back all configurations
Relatively cheap operation, because old configuration is stored
next to new configuration
Sander van der Burg The Nix project
Virtualization
nixos-build-vms network.nix; ./result/bin/nixos-run-vms
Builds a network of QEMU-KVM virtual machines closely
resembling the network of NixOS configurations
We don’t create disk images
The VM mounts the Nix store of the host system using
SMB/CIFS
Sander van der Burg The Nix project
Virtualization
Sander van der Burg The Nix project
Testing
trac.nix
testScript = ’’
$postgresql→waitForJob("postgresql");
$postgresql→mustSucceed("createdb trac");
$webserver→mustSucceed("mkdir -p /repos/trac");
$webserver→mustSucceed("svnadmin create /repos/trac");
$webserver→waitForFile("/var/trac");
$webserver→mustSucceed("mkdir -p /var/trac/projects/test");
$webserver→mustSucceed("trac-admin /var/trac/projects/test initenv ".
"Test postgres://root@postgresql/trac svn /repos/trac");
$client→waitForX;
$client→execute("konqueror http://webserver/projects/test &");
$client→waitForWindow(qr/Test.*Konqueror/);
$client→screenshot("screen");
’’;
Sander van der Burg The Nix project
Testing
nix-build tests.nix -A trac
Sander van der Burg The Nix project
Experience
Distributed deployment of a Hydra build environment
Continuous integration and testing of NixOS
NixOS installer
OpenSSH
Trac
NFS server
Continuous integration and testing of various GNU projects
Install NixOS system with bleeding edge glibc
Other free software projects
Sander van der Burg The Nix project
Dynamic Disnix
Various events may occur in a network of machines:
Crashing machines
Adding a new machine
Change of a capability (e.g. increase of RAM)
Dynamic Disnix generates infrastructure and distribution
models and redeploys a system
Sander van der Burg The Nix project
License analysis
We can also trace all files and processes involved in a build
process
And we can determine the licenses of the original source files
to say something about the result
/usr/bin/patchelfpatchelf.cc g++ patchelf.o g++ patchelf install
Sander van der Burg The Nix project
Hydra: Nix based continuous integration and testing
Sander van der Burg The Nix project
Conclusion
We have shown a number of Nix applications
They provide fully automatic, reliable, reproducible, and
efficient deployment for the latest generation of systems
Sander van der Burg The Nix project
References
NixOS website: http://nixos.org
Nix. A purely functional package manager
Nixpkgs. Nix packages collection
NixOS. Nix based GNU/Linux distribution
Hydra. Nix based continuous build and integration server
Disnix. Nix based distributed service deployment
Charon. NixOS-based multi cloud deployment tool
Software available under free and open-source licenses
(LGPL/X11)
Sander van der Burg The Nix project

More Related Content

What's hot

Continuous Security in DevOps
Continuous Security in DevOpsContinuous Security in DevOps
Continuous Security in DevOpsMaciej Lasyk
 
Docker and kernel security
Docker and kernel securityDocker and kernel security
Docker and kernel securitysmart_bit
 
IPexpo - What is DevOps, and why should infrastructure operations care?
IPexpo - What is DevOps, and why should infrastructure operations care?IPexpo - What is DevOps, and why should infrastructure operations care?
IPexpo - What is DevOps, and why should infrastructure operations care?Chris Swan
 
Introduction to Docker and all things containers, Docker Meetup at RelateIQ
Introduction to Docker and all things containers, Docker Meetup at RelateIQIntroduction to Docker and all things containers, Docker Meetup at RelateIQ
Introduction to Docker and all things containers, Docker Meetup at RelateIQdotCloud
 
Docker Security - Secure Container Deployment on Linux
Docker Security - Secure Container Deployment on LinuxDocker Security - Secure Container Deployment on Linux
Docker Security - Secure Container Deployment on LinuxMichael Boelen
 
Securing Applications and Pipelines on a Container Platform
Securing Applications and Pipelines on a Container PlatformSecuring Applications and Pipelines on a Container Platform
Securing Applications and Pipelines on a Container PlatformAll Things Open
 
Ryan Koop's Docker Chicago Meetup Demo March 12 2014
Ryan Koop's Docker Chicago Meetup Demo March 12 2014Ryan Koop's Docker Chicago Meetup Demo March 12 2014
Ryan Koop's Docker Chicago Meetup Demo March 12 2014Cohesive Networks
 
LlinuxKit security, Security Scanning and Notary
LlinuxKit security, Security Scanning and NotaryLlinuxKit security, Security Scanning and Notary
LlinuxKit security, Security Scanning and NotaryDocker, Inc.
 
Swimming upstream
Swimming upstreamSwimming upstream
Swimming upstreamDave Neary
 
Using Docker Containers to Improve Reproducibility in Software and Web Engine...
Using Docker Containers to Improve Reproducibility in Software and Web Engine...Using Docker Containers to Improve Reproducibility in Software and Web Engine...
Using Docker Containers to Improve Reproducibility in Software and Web Engine...Vincenzo Ferme
 
Security in a containerized world - Jessie Frazelle
Security in a containerized world - Jessie FrazelleSecurity in a containerized world - Jessie Frazelle
Security in a containerized world - Jessie FrazelleParis Container Day
 
There is no container - Ori Pekelman
There is no container - Ori PekelmanThere is no container - Ori Pekelman
There is no container - Ori PekelmanParis Container Day
 
Securing your Cloud Environment
Securing your Cloud EnvironmentSecuring your Cloud Environment
Securing your Cloud EnvironmentShapeBlue
 
Deployment with Ruby on Rails
Deployment with Ruby on RailsDeployment with Ruby on Rails
Deployment with Ruby on RailsJonathan Weiss
 
Kubernetes and container security
Kubernetes and container securityKubernetes and container security
Kubernetes and container securityVolodymyr Shynkar
 
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...Ambassador Labs
 
Integrating Linux Systems with Active Directory Using Open Source Tools
Integrating Linux Systems with Active Directory Using Open Source ToolsIntegrating Linux Systems with Active Directory Using Open Source Tools
Integrating Linux Systems with Active Directory Using Open Source ToolsAll Things Open
 
SANS Purple Team Summit 2021: Active Directory Purple Team Playbooks
SANS Purple Team Summit 2021: Active Directory Purple Team PlaybooksSANS Purple Team Summit 2021: Active Directory Purple Team Playbooks
SANS Purple Team Summit 2021: Active Directory Purple Team PlaybooksMauricio Velazco
 

What's hot (20)

Continuous Security in DevOps
Continuous Security in DevOpsContinuous Security in DevOps
Continuous Security in DevOps
 
Docker and kernel security
Docker and kernel securityDocker and kernel security
Docker and kernel security
 
Docker & Daily DevOps
Docker & Daily DevOpsDocker & Daily DevOps
Docker & Daily DevOps
 
IPexpo - What is DevOps, and why should infrastructure operations care?
IPexpo - What is DevOps, and why should infrastructure operations care?IPexpo - What is DevOps, and why should infrastructure operations care?
IPexpo - What is DevOps, and why should infrastructure operations care?
 
Introduction to Docker and all things containers, Docker Meetup at RelateIQ
Introduction to Docker and all things containers, Docker Meetup at RelateIQIntroduction to Docker and all things containers, Docker Meetup at RelateIQ
Introduction to Docker and all things containers, Docker Meetup at RelateIQ
 
Docker Security - Secure Container Deployment on Linux
Docker Security - Secure Container Deployment on LinuxDocker Security - Secure Container Deployment on Linux
Docker Security - Secure Container Deployment on Linux
 
Containers 101
Containers 101Containers 101
Containers 101
 
Securing Applications and Pipelines on a Container Platform
Securing Applications and Pipelines on a Container PlatformSecuring Applications and Pipelines on a Container Platform
Securing Applications and Pipelines on a Container Platform
 
Ryan Koop's Docker Chicago Meetup Demo March 12 2014
Ryan Koop's Docker Chicago Meetup Demo March 12 2014Ryan Koop's Docker Chicago Meetup Demo March 12 2014
Ryan Koop's Docker Chicago Meetup Demo March 12 2014
 
LlinuxKit security, Security Scanning and Notary
LlinuxKit security, Security Scanning and NotaryLlinuxKit security, Security Scanning and Notary
LlinuxKit security, Security Scanning and Notary
 
Swimming upstream
Swimming upstreamSwimming upstream
Swimming upstream
 
Using Docker Containers to Improve Reproducibility in Software and Web Engine...
Using Docker Containers to Improve Reproducibility in Software and Web Engine...Using Docker Containers to Improve Reproducibility in Software and Web Engine...
Using Docker Containers to Improve Reproducibility in Software and Web Engine...
 
Security in a containerized world - Jessie Frazelle
Security in a containerized world - Jessie FrazelleSecurity in a containerized world - Jessie Frazelle
Security in a containerized world - Jessie Frazelle
 
There is no container - Ori Pekelman
There is no container - Ori PekelmanThere is no container - Ori Pekelman
There is no container - Ori Pekelman
 
Securing your Cloud Environment
Securing your Cloud EnvironmentSecuring your Cloud Environment
Securing your Cloud Environment
 
Deployment with Ruby on Rails
Deployment with Ruby on RailsDeployment with Ruby on Rails
Deployment with Ruby on Rails
 
Kubernetes and container security
Kubernetes and container securityKubernetes and container security
Kubernetes and container security
 
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
 
Integrating Linux Systems with Active Directory Using Open Source Tools
Integrating Linux Systems with Active Directory Using Open Source ToolsIntegrating Linux Systems with Active Directory Using Open Source Tools
Integrating Linux Systems with Active Directory Using Open Source Tools
 
SANS Purple Team Summit 2021: Active Directory Purple Team Playbooks
SANS Purple Team Summit 2021: Active Directory Purple Team PlaybooksSANS Purple Team Summit 2021: Active Directory Purple Team Playbooks
SANS Purple Team Summit 2021: Active Directory Purple Team Playbooks
 

Similar to The Nix project

A Reference Architecture for Distributed Software Deployment
A Reference Architecture for Distributed Software DeploymentA Reference Architecture for Distributed Software Deployment
A Reference Architecture for Distributed Software DeploymentSander van der Burg
 
Deploying .NET applications with the Nix package manager
Deploying .NET applications with the Nix package managerDeploying .NET applications with the Nix package manager
Deploying .NET applications with the Nix package managerSander van der Burg
 
nix-processmgmt: An experimental Nix-based process manager-agnostic framework
nix-processmgmt: An experimental Nix-based process manager-agnostic frameworknix-processmgmt: An experimental Nix-based process manager-agnostic framework
nix-processmgmt: An experimental Nix-based process manager-agnostic frameworkSander van der Burg
 
Automating Mendix application deployments with Nix
Automating Mendix application deployments with NixAutomating Mendix application deployments with Nix
Automating Mendix application deployments with NixSander van der Burg
 
Deploying .NET services with Disnix
Deploying .NET services with DisnixDeploying .NET services with Disnix
Deploying .NET services with DisnixSander van der Burg
 
Techniques and lessons for improvement of deployment processes
Techniques and lessons for improvement of deployment processesTechniques and lessons for improvement of deployment processes
Techniques and lessons for improvement of deployment processesSander van der Burg
 
Dysnomia: complementing Nix deployments with state deployment
Dysnomia: complementing Nix deployments with state deploymentDysnomia: complementing Nix deployments with state deployment
Dysnomia: complementing Nix deployments with state deploymentSander van der Burg
 
Model-driven Distributed Software Deployment
Model-driven Distributed Software DeploymentModel-driven Distributed Software Deployment
Model-driven Distributed Software DeploymentSander van der Burg
 
Automated Deployment of Hetergeneous Service-Oriented System
Automated Deployment of Hetergeneous Service-Oriented SystemAutomated Deployment of Hetergeneous Service-Oriented System
Automated Deployment of Hetergeneous Service-Oriented SystemSander van der Burg
 
A Generic Approach for Deploying and Upgrading Mutable Software Components
A Generic Approach for Deploying and Upgrading Mutable Software ComponentsA Generic Approach for Deploying and Upgrading Mutable Software Components
A Generic Approach for Deploying and Upgrading Mutable Software ComponentsSander van der Burg
 
Open source integrated infra structure using ansible configuration management
Open source integrated infra structure using ansible configuration managementOpen source integrated infra structure using ansible configuration management
Open source integrated infra structure using ansible configuration managementDyaa El-din Ahmed
 
Build your first DApp using Substrate Framework - Part I
Build your first DApp using Substrate Framework - Part IBuild your first DApp using Substrate Framework - Part I
Build your first DApp using Substrate Framework - Part IKnoldus Inc.
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapPatrick Chanezon
 
A Self-Adaptive Deployment Framework for Service-Oriented Systems
A Self-Adaptive Deployment Framework for Service-Oriented SystemsA Self-Adaptive Deployment Framework for Service-Oriented Systems
A Self-Adaptive Deployment Framework for Service-Oriented SystemsSander van der Burg
 
Cloud-native .NET Microservices mit Kubernetes
Cloud-native .NET Microservices mit KubernetesCloud-native .NET Microservices mit Kubernetes
Cloud-native .NET Microservices mit KubernetesQAware GmbH
 
Software Deployment in a Dynamic Cloud
Software Deployment in a Dynamic CloudSoftware Deployment in a Dynamic Cloud
Software Deployment in a Dynamic CloudSander van der Burg
 
ThoughtWorks Technology Radar Roadshow - Brisbane
ThoughtWorks Technology Radar Roadshow - BrisbaneThoughtWorks Technology Radar Roadshow - Brisbane
ThoughtWorks Technology Radar Roadshow - BrisbaneThoughtworks
 
NCS: NEtwork Control System Hands-on Labs
NCS:  NEtwork Control System Hands-on Labs NCS:  NEtwork Control System Hands-on Labs
NCS: NEtwork Control System Hands-on Labs Cisco Canada
 
Atomic Upgrading of Distributed Systems
Atomic Upgrading of Distributed SystemsAtomic Upgrading of Distributed Systems
Atomic Upgrading of Distributed SystemsSander van der Burg
 
SDN in CloudStack
SDN in CloudStackSDN in CloudStack
SDN in CloudStackbuildacloud
 

Similar to The Nix project (20)

A Reference Architecture for Distributed Software Deployment
A Reference Architecture for Distributed Software DeploymentA Reference Architecture for Distributed Software Deployment
A Reference Architecture for Distributed Software Deployment
 
Deploying .NET applications with the Nix package manager
Deploying .NET applications with the Nix package managerDeploying .NET applications with the Nix package manager
Deploying .NET applications with the Nix package manager
 
nix-processmgmt: An experimental Nix-based process manager-agnostic framework
nix-processmgmt: An experimental Nix-based process manager-agnostic frameworknix-processmgmt: An experimental Nix-based process manager-agnostic framework
nix-processmgmt: An experimental Nix-based process manager-agnostic framework
 
Automating Mendix application deployments with Nix
Automating Mendix application deployments with NixAutomating Mendix application deployments with Nix
Automating Mendix application deployments with Nix
 
Deploying .NET services with Disnix
Deploying .NET services with DisnixDeploying .NET services with Disnix
Deploying .NET services with Disnix
 
Techniques and lessons for improvement of deployment processes
Techniques and lessons for improvement of deployment processesTechniques and lessons for improvement of deployment processes
Techniques and lessons for improvement of deployment processes
 
Dysnomia: complementing Nix deployments with state deployment
Dysnomia: complementing Nix deployments with state deploymentDysnomia: complementing Nix deployments with state deployment
Dysnomia: complementing Nix deployments with state deployment
 
Model-driven Distributed Software Deployment
Model-driven Distributed Software DeploymentModel-driven Distributed Software Deployment
Model-driven Distributed Software Deployment
 
Automated Deployment of Hetergeneous Service-Oriented System
Automated Deployment of Hetergeneous Service-Oriented SystemAutomated Deployment of Hetergeneous Service-Oriented System
Automated Deployment of Hetergeneous Service-Oriented System
 
A Generic Approach for Deploying and Upgrading Mutable Software Components
A Generic Approach for Deploying and Upgrading Mutable Software ComponentsA Generic Approach for Deploying and Upgrading Mutable Software Components
A Generic Approach for Deploying and Upgrading Mutable Software Components
 
Open source integrated infra structure using ansible configuration management
Open source integrated infra structure using ansible configuration managementOpen source integrated infra structure using ansible configuration management
Open source integrated infra structure using ansible configuration management
 
Build your first DApp using Substrate Framework - Part I
Build your first DApp using Substrate Framework - Part IBuild your first DApp using Substrate Framework - Part I
Build your first DApp using Substrate Framework - Part I
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 Recap
 
A Self-Adaptive Deployment Framework for Service-Oriented Systems
A Self-Adaptive Deployment Framework for Service-Oriented SystemsA Self-Adaptive Deployment Framework for Service-Oriented Systems
A Self-Adaptive Deployment Framework for Service-Oriented Systems
 
Cloud-native .NET Microservices mit Kubernetes
Cloud-native .NET Microservices mit KubernetesCloud-native .NET Microservices mit Kubernetes
Cloud-native .NET Microservices mit Kubernetes
 
Software Deployment in a Dynamic Cloud
Software Deployment in a Dynamic CloudSoftware Deployment in a Dynamic Cloud
Software Deployment in a Dynamic Cloud
 
ThoughtWorks Technology Radar Roadshow - Brisbane
ThoughtWorks Technology Radar Roadshow - BrisbaneThoughtWorks Technology Radar Roadshow - Brisbane
ThoughtWorks Technology Radar Roadshow - Brisbane
 
NCS: NEtwork Control System Hands-on Labs
NCS:  NEtwork Control System Hands-on Labs NCS:  NEtwork Control System Hands-on Labs
NCS: NEtwork Control System Hands-on Labs
 
Atomic Upgrading of Distributed Systems
Atomic Upgrading of Distributed SystemsAtomic Upgrading of Distributed Systems
Atomic Upgrading of Distributed Systems
 
SDN in CloudStack
SDN in CloudStackSDN in CloudStack
SDN in CloudStack
 

More from Sander van der Burg

Using Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutionsUsing Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutionsSander van der Burg
 
A Reference Architecture for Distributed Software Deployment
A Reference Architecture for Distributed Software DeploymentA Reference Architecture for Distributed Software Deployment
A Reference Architecture for Distributed Software DeploymentSander van der Burg
 
Disnix: A toolset for distributed deployment
Disnix: A toolset for distributed deploymentDisnix: A toolset for distributed deployment
Disnix: A toolset for distributed deploymentSander van der Burg
 
Pull Deployment of Services: Introduction, Progress and Challenges
Pull Deployment of Services: Introduction, Progress and ChallengesPull Deployment of Services: Introduction, Progress and Challenges
Pull Deployment of Services: Introduction, Progress and ChallengesSander van der Burg
 
Model-driven Distributed Software Deployment
Model-driven Distributed Software DeploymentModel-driven Distributed Software Deployment
Model-driven Distributed Software DeploymentSander van der Burg
 
Model-driven Distributed Software Deployment laymen's talk
Model-driven Distributed Software Deployment laymen's talkModel-driven Distributed Software Deployment laymen's talk
Model-driven Distributed Software Deployment laymen's talkSander van der Burg
 

More from Sander van der Burg (8)

The Monitoring Playground
The Monitoring PlaygroundThe Monitoring Playground
The Monitoring Playground
 
Using Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutionsUsing Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutions
 
A Reference Architecture for Distributed Software Deployment
A Reference Architecture for Distributed Software DeploymentA Reference Architecture for Distributed Software Deployment
A Reference Architecture for Distributed Software Deployment
 
Pull Deployment of Services
Pull Deployment of ServicesPull Deployment of Services
Pull Deployment of Services
 
Disnix: A toolset for distributed deployment
Disnix: A toolset for distributed deploymentDisnix: A toolset for distributed deployment
Disnix: A toolset for distributed deployment
 
Pull Deployment of Services: Introduction, Progress and Challenges
Pull Deployment of Services: Introduction, Progress and ChallengesPull Deployment of Services: Introduction, Progress and Challenges
Pull Deployment of Services: Introduction, Progress and Challenges
 
Model-driven Distributed Software Deployment
Model-driven Distributed Software DeploymentModel-driven Distributed Software Deployment
Model-driven Distributed Software Deployment
 
Model-driven Distributed Software Deployment laymen's talk
Model-driven Distributed Software Deployment laymen's talkModel-driven Distributed Software Deployment laymen's talk
Model-driven Distributed Software Deployment laymen's talk
 

Recently uploaded

Genome Projects : Human, Rice,Wheat,E coli and Arabidopsis.
Genome Projects : Human, Rice,Wheat,E coli and Arabidopsis.Genome Projects : Human, Rice,Wheat,E coli and Arabidopsis.
Genome Projects : Human, Rice,Wheat,E coli and Arabidopsis.Cherry
 
Cot curve, melting temperature, unique and repetitive DNA
Cot curve, melting temperature, unique and repetitive DNACot curve, melting temperature, unique and repetitive DNA
Cot curve, melting temperature, unique and repetitive DNACherry
 
TransientOffsetin14CAftertheCarringtonEventRecordedbyPolarTreeRings
TransientOffsetin14CAftertheCarringtonEventRecordedbyPolarTreeRingsTransientOffsetin14CAftertheCarringtonEventRecordedbyPolarTreeRings
TransientOffsetin14CAftertheCarringtonEventRecordedbyPolarTreeRingsSérgio Sacani
 
FAIRSpectra - Enabling the FAIRification of Analytical Science
FAIRSpectra - Enabling the FAIRification of Analytical ScienceFAIRSpectra - Enabling the FAIRification of Analytical Science
FAIRSpectra - Enabling the FAIRification of Analytical ScienceAlex Henderson
 
Thyroid Physiology_Dr.E. Muralinath_ Associate Professor
Thyroid Physiology_Dr.E. Muralinath_ Associate ProfessorThyroid Physiology_Dr.E. Muralinath_ Associate Professor
Thyroid Physiology_Dr.E. Muralinath_ Associate Professormuralinath2
 
Plasmid: types, structure and functions.
Plasmid: types, structure and functions.Plasmid: types, structure and functions.
Plasmid: types, structure and functions.Cherry
 
Concept of gene and Complementation test.pdf
Concept of gene and Complementation test.pdfConcept of gene and Complementation test.pdf
Concept of gene and Complementation test.pdfCherry
 
Role of AI in seed science Predictive modelling and Beyond.pptx
Role of AI in seed science  Predictive modelling and  Beyond.pptxRole of AI in seed science  Predictive modelling and  Beyond.pptx
Role of AI in seed science Predictive modelling and Beyond.pptxArvind Kumar
 
X-rays from a Central “Exhaust Vent” of the Galactic Center Chimney
X-rays from a Central “Exhaust Vent” of the Galactic Center ChimneyX-rays from a Central “Exhaust Vent” of the Galactic Center Chimney
X-rays from a Central “Exhaust Vent” of the Galactic Center ChimneySérgio Sacani
 
Method of Quantifying interactions and its types
Method of Quantifying interactions and its typesMethod of Quantifying interactions and its types
Method of Quantifying interactions and its typesNISHIKANTKRISHAN
 
Dr. E. Muralinath_ Blood indices_clinical aspects
Dr. E. Muralinath_ Blood indices_clinical  aspectsDr. E. Muralinath_ Blood indices_clinical  aspects
Dr. E. Muralinath_ Blood indices_clinical aspectsmuralinath2
 
ONLINE VOTING SYSTEM SE Project for vote
ONLINE VOTING SYSTEM SE Project for voteONLINE VOTING SYSTEM SE Project for vote
ONLINE VOTING SYSTEM SE Project for voteRaunakRastogi4
 
development of diagnostic enzyme assay to detect leuser virus
development of diagnostic enzyme assay to detect leuser virusdevelopment of diagnostic enzyme assay to detect leuser virus
development of diagnostic enzyme assay to detect leuser virusNazaninKarimi6
 
Daily Lesson Log in Science 9 Fourth Quarter Physics
Daily Lesson Log in Science 9 Fourth Quarter PhysicsDaily Lesson Log in Science 9 Fourth Quarter Physics
Daily Lesson Log in Science 9 Fourth Quarter PhysicsWILSONROMA4
 
Fourth quarter science 9-Kinetic-and-Potential-Energy.pptx
Fourth quarter science 9-Kinetic-and-Potential-Energy.pptxFourth quarter science 9-Kinetic-and-Potential-Energy.pptx
Fourth quarter science 9-Kinetic-and-Potential-Energy.pptxrosenapiri1
 
POGONATUM : morphology, anatomy, reproduction etc.
POGONATUM : morphology, anatomy, reproduction etc.POGONATUM : morphology, anatomy, reproduction etc.
POGONATUM : morphology, anatomy, reproduction etc.Cherry
 
GBSN - Biochemistry (Unit 2) Basic concept of organic chemistry
GBSN - Biochemistry (Unit 2) Basic concept of organic chemistry GBSN - Biochemistry (Unit 2) Basic concept of organic chemistry
GBSN - Biochemistry (Unit 2) Basic concept of organic chemistry Areesha Ahmad
 
The Mariana Trench remarkable geological features on Earth.pptx
The Mariana Trench remarkable geological features on Earth.pptxThe Mariana Trench remarkable geological features on Earth.pptx
The Mariana Trench remarkable geological features on Earth.pptxseri bangash
 
(May 9, 2024) Enhanced Ultrafast Vector Flow Imaging (VFI) Using Multi-Angle ...
(May 9, 2024) Enhanced Ultrafast Vector Flow Imaging (VFI) Using Multi-Angle ...(May 9, 2024) Enhanced Ultrafast Vector Flow Imaging (VFI) Using Multi-Angle ...
(May 9, 2024) Enhanced Ultrafast Vector Flow Imaging (VFI) Using Multi-Angle ...Scintica Instrumentation
 

Recently uploaded (20)

Genome Projects : Human, Rice,Wheat,E coli and Arabidopsis.
Genome Projects : Human, Rice,Wheat,E coli and Arabidopsis.Genome Projects : Human, Rice,Wheat,E coli and Arabidopsis.
Genome Projects : Human, Rice,Wheat,E coli and Arabidopsis.
 
Cot curve, melting temperature, unique and repetitive DNA
Cot curve, melting temperature, unique and repetitive DNACot curve, melting temperature, unique and repetitive DNA
Cot curve, melting temperature, unique and repetitive DNA
 
TransientOffsetin14CAftertheCarringtonEventRecordedbyPolarTreeRings
TransientOffsetin14CAftertheCarringtonEventRecordedbyPolarTreeRingsTransientOffsetin14CAftertheCarringtonEventRecordedbyPolarTreeRings
TransientOffsetin14CAftertheCarringtonEventRecordedbyPolarTreeRings
 
FAIRSpectra - Enabling the FAIRification of Analytical Science
FAIRSpectra - Enabling the FAIRification of Analytical ScienceFAIRSpectra - Enabling the FAIRification of Analytical Science
FAIRSpectra - Enabling the FAIRification of Analytical Science
 
Thyroid Physiology_Dr.E. Muralinath_ Associate Professor
Thyroid Physiology_Dr.E. Muralinath_ Associate ProfessorThyroid Physiology_Dr.E. Muralinath_ Associate Professor
Thyroid Physiology_Dr.E. Muralinath_ Associate Professor
 
ABHISHEK ANTIBIOTICS PPT MICROBIOLOGY // USES OF ANTIOBIOTICS TYPES OF ANTIB...
ABHISHEK ANTIBIOTICS PPT MICROBIOLOGY  // USES OF ANTIOBIOTICS TYPES OF ANTIB...ABHISHEK ANTIBIOTICS PPT MICROBIOLOGY  // USES OF ANTIOBIOTICS TYPES OF ANTIB...
ABHISHEK ANTIBIOTICS PPT MICROBIOLOGY // USES OF ANTIOBIOTICS TYPES OF ANTIB...
 
Plasmid: types, structure and functions.
Plasmid: types, structure and functions.Plasmid: types, structure and functions.
Plasmid: types, structure and functions.
 
Concept of gene and Complementation test.pdf
Concept of gene and Complementation test.pdfConcept of gene and Complementation test.pdf
Concept of gene and Complementation test.pdf
 
Role of AI in seed science Predictive modelling and Beyond.pptx
Role of AI in seed science  Predictive modelling and  Beyond.pptxRole of AI in seed science  Predictive modelling and  Beyond.pptx
Role of AI in seed science Predictive modelling and Beyond.pptx
 
X-rays from a Central “Exhaust Vent” of the Galactic Center Chimney
X-rays from a Central “Exhaust Vent” of the Galactic Center ChimneyX-rays from a Central “Exhaust Vent” of the Galactic Center Chimney
X-rays from a Central “Exhaust Vent” of the Galactic Center Chimney
 
Method of Quantifying interactions and its types
Method of Quantifying interactions and its typesMethod of Quantifying interactions and its types
Method of Quantifying interactions and its types
 
Dr. E. Muralinath_ Blood indices_clinical aspects
Dr. E. Muralinath_ Blood indices_clinical  aspectsDr. E. Muralinath_ Blood indices_clinical  aspects
Dr. E. Muralinath_ Blood indices_clinical aspects
 
ONLINE VOTING SYSTEM SE Project for vote
ONLINE VOTING SYSTEM SE Project for voteONLINE VOTING SYSTEM SE Project for vote
ONLINE VOTING SYSTEM SE Project for vote
 
development of diagnostic enzyme assay to detect leuser virus
development of diagnostic enzyme assay to detect leuser virusdevelopment of diagnostic enzyme assay to detect leuser virus
development of diagnostic enzyme assay to detect leuser virus
 
Daily Lesson Log in Science 9 Fourth Quarter Physics
Daily Lesson Log in Science 9 Fourth Quarter PhysicsDaily Lesson Log in Science 9 Fourth Quarter Physics
Daily Lesson Log in Science 9 Fourth Quarter Physics
 
Fourth quarter science 9-Kinetic-and-Potential-Energy.pptx
Fourth quarter science 9-Kinetic-and-Potential-Energy.pptxFourth quarter science 9-Kinetic-and-Potential-Energy.pptx
Fourth quarter science 9-Kinetic-and-Potential-Energy.pptx
 
POGONATUM : morphology, anatomy, reproduction etc.
POGONATUM : morphology, anatomy, reproduction etc.POGONATUM : morphology, anatomy, reproduction etc.
POGONATUM : morphology, anatomy, reproduction etc.
 
GBSN - Biochemistry (Unit 2) Basic concept of organic chemistry
GBSN - Biochemistry (Unit 2) Basic concept of organic chemistry GBSN - Biochemistry (Unit 2) Basic concept of organic chemistry
GBSN - Biochemistry (Unit 2) Basic concept of organic chemistry
 
The Mariana Trench remarkable geological features on Earth.pptx
The Mariana Trench remarkable geological features on Earth.pptxThe Mariana Trench remarkable geological features on Earth.pptx
The Mariana Trench remarkable geological features on Earth.pptx
 
(May 9, 2024) Enhanced Ultrafast Vector Flow Imaging (VFI) Using Multi-Angle ...
(May 9, 2024) Enhanced Ultrafast Vector Flow Imaging (VFI) Using Multi-Angle ...(May 9, 2024) Enhanced Ultrafast Vector Flow Imaging (VFI) Using Multi-Angle ...
(May 9, 2024) Enhanced Ultrafast Vector Flow Imaging (VFI) Using Multi-Angle ...
 

The Nix project

  • 1. The Nix project Sander van der Burg Delft University of Technology, EEMCS, Department of Software Technology August 16, 2012 Sander van der Burg The Nix project
  • 2. Software deployment Software deployment All of the activities that make a software system available for use Carzaninga et al. Activities Building software components Installing systems Activating software components Upgrading software components Sander van der Burg The Nix project
  • 3. Modern applications Sander van der Burg The Nix project
  • 4. Modern applications Modern systems are rarely self-contained: Systems are composed of many software components Dependencies must be present and correct, both at build-time and run-time Non-functional requirements must be met: Reliability Privacy Component licenses Sander van der Burg The Nix project
  • 5. Software deployment Sander van der Burg The Nix project
  • 6. Software deployment Sander van der Burg The Nix project Challenges Systems are becoming bigger, more distributed and more complicated Deployment takes a lot of effort and time Difficult to reproduce a configuration elsewhere Upgrading may break a system and may introduce significant downtimes
  • 7. Deployment failures Sander van der Burg The Nix project
  • 8. Challenges Complexity. Many steps must be performed, in the right order. Reliability. Dependencies may break, files get overwritten, modified or removed. Upgrades may yield different results as fresh installations. Agility. In order to quickly deliver value, systems must be deployed faster and on-demand. Genericity. Most existing deployment solutions only support specific component-types and environments. Sander van der Burg The Nix project
  • 9. NixOS A GNU/Linux distribution using the Nix package manager Sander van der Burg The Nix project
  • 10. Nix store Main idea: store all packages in isolation from each other: /nix/store/rpdqxnilb0cg... -firefox-3.5.4 Paths contain a 160-bit cryptographic hash of all inputs used to build the package: Sources Libraries Compilers Build scripts . . . /nix/store l9w6773m1msy...-openssh-4.6p1 bin ssh sbin sshd smkabrbibqv7...-openssl-0.9.8e lib libssl.so.0.9.8 c6jbqm2mc0a7...-zlib-1.2.3 lib libz.so.1.2.3 im276akmsrhv...-glibc-2.5 lib libc.so.6 Sander van der Burg The Nix project
  • 11. Nix expressions openssh.nix { stdenv, fetchurl, openssl, zlib }: stdenv.mkDerivation { name = "openssh-4.6p1"; src = fetchurl { url = http://.../openssh-4.6p1.tar.gz; sha256 = "0fpjlr3bfind0y94bk442x2p..."; }; buildCommand = ’’ tar xjf $src ./configure --prefix=$out --with-openssl=${openssl} make; make install ’’; } Sander van der Burg The Nix project
  • 12. Nix expressions all-packages.nix openssh = import ../tools/networking/openssh { inherit fetchurl stdenv openssl zlib; }; openssl = import ../development/libraries/openssl { inherit fetchurl stdenv perl; }; stdenv = ...; openssl = ...; zlib = ...; perl = ...; nix-env -f all-packages.nix -iA openssh Produces a /nix/store/l9w6773m1msy...-openssh-4.6p1 package in the Nix store. Sander van der Burg The Nix project
  • 13. NixOS In NixOS, all packages including the Linux kernel and configuration files are managed by Nix. NixOS does not have directories such as: /lib and /usr NixOS has a minimal /bin and /etc But NixOS is more then just a distribution managed by Nix Sander van der Burg The Nix project
  • 14. NixOS configuration /etc/nixos/configuration.nix {pkgs, ...}: { boot.loader.grub.device = "/dev/sda"; fileSystems = [ { mountPoint = "/"; device = "/dev/sda2"; } ]; swapDevices = [ { device = "/dev/sda1"; } ]; services = { openssh.enable = true; xserver = { enable = true; desktopManager.kde4.enable = true; }; }; environment.systemPackages = [ pkgs.mc pkgs.firefox ]; } Sander van der Burg The Nix project
  • 15. NixOS configuration nixos-rebuild switch Nix package manager builds a complete system configuration Includes all packages and generates all configuration files, e.g. OpenSSH configuration Upgrades are (almost) atomic Components are stored safely next to each other, due to hashes No files are automatically removed or overwritten Users can switch to older generations of system configurations not garbage collected yet Sander van der Burg The Nix project
  • 16. NixOS bootloader Sander van der Burg The Nix project
  • 17. Nix/NixOS advantages Reliability. Dependencies are always complete, present and correct. No files overwritten, modified or removed. Reproducibility. Because side-effects are removed, build functions always yield same result, regardless on what machine they are executed. Generic. We can invoke arbitrary build processes in Nix functions. Nix is supported on many operating systems: Linux, FreeBSD, Mac OS X, Windows (Cygwin) Efficient. Only components that must be built are build. Nix store serves as a cache. Scope is limited to packages on local machines. Sander van der Burg The Nix project
  • 18. Modern systems How to extend these concepts to the latest generation of systems? Sander van der Burg The Nix project
  • 19. Service Development Support System (SDS2) Sander van der Burg The Nix project
  • 20. Service Development Support System (SDS2) Sander van der Burg The Nix project Purpose A hospital contains a wide range of medical devices Each produce status and event logs in their own format Difficult to perform analysis on data How can we transform these implicit datasets into something useful?
  • 21. SDS2: Distribution Sander van der Burg The Nix project
  • 22. SDS2: Utilisation Service Sander van der Burg The Nix project
  • 23. Disnix $ disnix-env -s services.nix -i infrastructure.nix -d distribution.nix Sander van der Burg The Nix project
  • 24. Service model {distribution, system}: let pkgs = import ../top-level/all-packages.nix { inherit distribution system; }; in { mobileeventlogs = { name = "mobileeventlogs"; pkg = pkgs.mobileeventlogs; type = "mysql-database"; }; MELogService = { name = "MELogService"; pkg = pkgs.MELogService; dependsOn = { inherit mobileeventlogs; }; type = "tomcat-webapplication"; }; SDS2AssetTracker = { name = "SDS2AssetTracker"; pkg = pkgs.SDS2AssetTracker; dependsOn = { inherit MELogService ...; }; type = "tomcat-webapplication"; }; ... } Sander van der Burg The Nix project
  • 25. Infrastructure model { test1 = { hostname = "test1.net"; tomcatPort = 8080; mysqlUser = "user"; mysqlPassword = "secret"; mysqlPort = 3306; targetEPR = http://test1.net/.../DisnixService; system = "i686-linux"; }; test2 = { hostname = "test2.net"; tomcatPort = 8080; ... targetEPR = http://test2.net/.../DisnixService; system = "x86_64-linux"; }; } Captures machines in the network and their relevant properties and capabilities. Sander van der Burg The Nix project
  • 26. Distribution model {infrastructure}: { mobileeventlogs = [ infrastructure.test1 ]; MELogService = [ infrastructure.test2 ]; SDS2AssetTracker = [ infrastructure.test1 infrastructure.test2 ]; ... } Maps services to machines Sander van der Burg The Nix project
  • 27. Deployment process Specifications are used to derive deployment process: Building services from source code Transferring services to target machines Deactivating obsolete services and activating new services Sander van der Burg The Nix project
  • 28. Distributed infrastructure deployment Disnix deploys services, but does not manage the underlying infrastructure NixOS has good properties for deployment of a single machine configurations Can we extend these properties to distributed systems? Sander van der Burg The Nix project
  • 29. Motivating example: Trac Sander van der Burg The Nix project
  • 30. Motivating example: Trac Trac can be deployed in a distributed environment: Subversion server Database server Web server Sander van der Burg The Nix project
  • 31. Distributed NixOS configuration network.nix { storage = {pkgs, ...}: { services.nfsKernel.server.enable = true; ... }; postgresql = {pkgs, ...}: { services.postgresql.enable = true; ... }; webserver = {pkgs, ...}: { fileSystems = [ { mountPoint = "/repos"; device = "storage:/repos"; } ]; services.httpd.enable = true; services.httpd.extraSubservices = [ { serviceType = "trac"; } ]; ... }; ... } Sander van der Burg The Nix project
  • 32. Distributed deployment charon create network.nix charon deploy Build system configurations by the Nix package manager Transfer complete system and all dependencies to target machines in the network Efficient: only missing store paths must be transferred Safe: Existing configuration is not affected, because no files are overwritten or removed Activate new system configuration In case of a failure, roll back all configurations Relatively cheap operation, because old configuration is stored next to new configuration Sander van der Burg The Nix project
  • 33. Virtualization nixos-build-vms network.nix; ./result/bin/nixos-run-vms Builds a network of QEMU-KVM virtual machines closely resembling the network of NixOS configurations We don’t create disk images The VM mounts the Nix store of the host system using SMB/CIFS Sander van der Burg The Nix project
  • 34. Virtualization Sander van der Burg The Nix project
  • 35. Testing trac.nix testScript = ’’ $postgresql→waitForJob("postgresql"); $postgresql→mustSucceed("createdb trac"); $webserver→mustSucceed("mkdir -p /repos/trac"); $webserver→mustSucceed("svnadmin create /repos/trac"); $webserver→waitForFile("/var/trac"); $webserver→mustSucceed("mkdir -p /var/trac/projects/test"); $webserver→mustSucceed("trac-admin /var/trac/projects/test initenv ". "Test postgres://root@postgresql/trac svn /repos/trac"); $client→waitForX; $client→execute("konqueror http://webserver/projects/test &"); $client→waitForWindow(qr/Test.*Konqueror/); $client→screenshot("screen"); ’’; Sander van der Burg The Nix project
  • 36. Testing nix-build tests.nix -A trac Sander van der Burg The Nix project
  • 37. Experience Distributed deployment of a Hydra build environment Continuous integration and testing of NixOS NixOS installer OpenSSH Trac NFS server Continuous integration and testing of various GNU projects Install NixOS system with bleeding edge glibc Other free software projects Sander van der Burg The Nix project
  • 38. Dynamic Disnix Various events may occur in a network of machines: Crashing machines Adding a new machine Change of a capability (e.g. increase of RAM) Dynamic Disnix generates infrastructure and distribution models and redeploys a system Sander van der Burg The Nix project
  • 39. License analysis We can also trace all files and processes involved in a build process And we can determine the licenses of the original source files to say something about the result /usr/bin/patchelfpatchelf.cc g++ patchelf.o g++ patchelf install Sander van der Burg The Nix project
  • 40. Hydra: Nix based continuous integration and testing Sander van der Burg The Nix project
  • 41. Conclusion We have shown a number of Nix applications They provide fully automatic, reliable, reproducible, and efficient deployment for the latest generation of systems Sander van der Burg The Nix project
  • 42. References NixOS website: http://nixos.org Nix. A purely functional package manager Nixpkgs. Nix packages collection NixOS. Nix based GNU/Linux distribution Hydra. Nix based continuous build and integration server Disnix. Nix based distributed service deployment Charon. NixOS-based multi cloud deployment tool Software available under free and open-source licenses (LGPL/X11) Sander van der Burg The Nix project