GNU bug report logs -
#68677
[PATCH 0/6] Service for "virtual build machines"
Previous Next
Reported by: Ludovic Courtès <ludo <at> gnu.org>
Date: Tue, 23 Jan 2024 16:47:02 UTC
Severity: normal
Tags: patch
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Your message dated Sat, 10 Feb 2024 23:35:40 +0100
with message-id <87plx4gd6r.fsf <at> gnu.org>
and subject line Re: [bug#68677] [PATCH 0/6] Service for "virtual build machines"
has caused the debbugs.gnu.org bug report #68677,
regarding [PATCH 0/6] Service for "virtual build machines"
to be marked as done.
(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)
--
68677: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=68677
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems
[Message part 2 (message/rfc822, inline)]
Hello Guix!
Lots of talk about reproducibility and how wonderful Guix is, but
as soon as you try to build packages from v1.0.0, released less
than 5 years ago, you hit a “time trap” in Python, in OpenSSL, or
some other ugly build failure—assuming you managed to fetch source
code in the first place¹.
This patch series defines a long-overdue
‘virtual-build-machine-service-type’: a service to run a virtual
machine available for offloading. My main goal here is to
allow users to build stuff at a past date without having to
change their system clock. It can also be used to control other
aspects usually not under control: the CPU model, the Linux kernel.
The series includes changes to <virtual-machine> that are not
actually used but can be useful; they come from a previous iteration
that didn’t pan out.
One limitation I’d like to address is the fact that the SSH and
secrets ports are exposed locally, as is already the case with
childhurds (any local user could inject secrets into the VM if
they connect at the right moment when it boots). Future work
includes switching to AF_VSOCK sockets—see vsock(7).
Some of the code is shared with childhurds. I don’t know if
we could factorize things further.
Thoughts?
Ludo’.
¹ This blog post by Simon explains the kind of problem one hits
when traveling to the not-so-distant past:
https://simon.tournier.info/posts/2023-12-21-repro-paper.html
Ludovic Courtès (6):
services: secret-service: Make the endpoint configurable.
vm: Add ‘date’ field to <virtual-machine>.
vm: Export <virtual-machine> accessors.
vm: Add ‘cpu-count’ field to <virtual-machine>.
marionette: Add #:peek? to ‘wait-for-tcp-port?’.
services: Add ‘virtual-build-machine’ service.
doc/guix.texi | 139 ++++++-
gnu/build/marionette.scm | 32 +-
gnu/build/secret-service.scm | 62 ++--
gnu/services/virtualization.scm | 640 ++++++++++++++++++++++++--------
gnu/system/image.scm | 1 +
gnu/system/vm.scm | 115 +++++-
gnu/tests/virtualization.scm | 176 +++++++--
7 files changed, 933 insertions(+), 232 deletions(-)
base-commit: 299ce524c9f725549ab5548197cc88b085bba2f4
--
2.41.0
[Message part 3 (message/rfc822, inline)]
Ludovic Courtès <ludo <at> gnu.org> skribis:
> services: secret-service: Make the endpoint configurable.
> vm: Add ‘date’ field to <virtual-machine>.
> vm: Export <virtual-machine> accessors.
> vm: Add ‘cpu-count’ field to <virtual-machine>.
> marionette: Add #:peek? to ‘wait-for-tcp-port?’.
> services: Add ‘virtual-build-machine’ service.
Pushed as 9edbb2d7a40c9da7583a1046e39b87633459f656 with an extra comment
explaining how the default date was chosen.
Ludo’.
This bug report was last modified 1 year and 153 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.