Incus: Difference between revisions
show more restrictive firewall config |
I clarified the distinction between VM and Container imports. I also added a single command to generate and import the image/metadata all at once. This single command follows the individual steps. |
||
| Line 128: | Line 128: | ||
CI: https://jenkins.linuxcontainers.org/job/image-nixos/ | CI: https://jenkins.linuxcontainers.org/job/image-nixos/ | ||
== Custom Images == | |||
All the necessary build infrastructure exists in nixpkgs to build custom images. | |||
=== VMs === | |||
All the necessary build infrastructure exists in nixpkgs to build custom images. | |||
Define some NixOS systems.<syntaxhighlight lang="nix"> | Define some NixOS systems.<syntaxhighlight lang="nix"> | ||
| Line 161: | Line 165: | ||
</syntaxhighlight>Then you can build the image and associated metadata.<syntaxhighlight lang="shell-session"> | </syntaxhighlight>Then you can build the image and associated metadata.<syntaxhighlight lang="shell-session"> | ||
$ nix build .#nixosConfigurations.vm.config.system.build.qemuImage --print-out-paths | |||
/nix/store/ | /nix/store/znk28bp34bycb3h5k0byb61bwda23q5l-nixos-disk-image | ||
$ nix build .#nixosConfigurations.vm.config.system.build.metadata --print-out-paths | |||
/nix/store/2snjw9y8brfh5gia44jv6bhdhmmdydva-tarball | /nix/store/2snjw9y8brfh5gia44jv6bhdhmmdydva-tarball | ||
# nix build .#nixosConfigurations.vm.config.system.build.qemuImage --print-out-paths | </syntaxhighlight>Finally, you can manually import into an Incus storage pool and used to launch instances.<syntaxhighlight lang="bash"> | ||
/nix/store/ | $ incus image import --alias nixos-gen/custom/jellyfin /nix/store/znk28bp34bycb3h5k0byb61bwda23q5l-nixos-disk-image/tarball/nixos-system-x86_64-linux.tar.xz /nix/store/2snjw9y8brfh5gia44jv6bhdhmmdydva-tarball/nixos.qcow2 | ||
</syntaxhighlight>To build and import the VM in one command, follow the steps below.<syntaxhighlight lang="bash"> | |||
$ incus image import --alias nixos-gen/custom/jellyfin $(nix build .#nixosConfigurations.vm.config.system.build.metadata --print-out-paths)/tarball/nixos-system-x86_64-linux.tar.xz $(nix build .#nixosConfigurations.vm.config.system.build.qemuImage --print-out-paths)/nixos.qcow2 | |||
# Image imported with fingerprint: *** | |||
</syntaxhighlight>You can verify the import with the commands below. <syntaxhighlight lang="bash"> | |||
$ incus image list nixos/custom/vm | |||
+------------------------+--------------+--------+--------------------------------------------------+--------------+-----------+-----------+----------------------+ | |||
| ALIAS | FINGERPRINT | PUBLIC | DESCRIPTION | ARCHITECTURE | TYPE | SIZE | UPLOAD DATE | | |||
+------------------------+--------------+--------+--------------------------------------------------+--------------+-----------+-----------+----------------------+ | |||
| nixos/custom/vm | 9d0d6f3df0cc | no | NixOS Uakari 24.05.20240513.a39a12a x86_64-linux | x86_64 | CONTAINER | 170.31MiB | 2024/05/21 09:21 EDT | | |||
+------------------------+--------------+--------+--------------------------------------------------+--------------+-----------+-----------+----------------------+ | |||
$ incus launch nixos/custom/vm | |||
Launching the instance | |||
Instance name is: square-heron | |||
$ incus shell square-heron | |||
[root@nixos:~]# which vim | |||
/run/current-system/sw/bin/vim | |||
</syntaxhighlight> | |||
=== Containers === | |||
<syntaxhighlight lang="bash"> | |||
$ nix build .#nixosConfigurations.container.config.system.build.squashfs --print-out-paths | |||
/nix/store/24djf2qlpkyh29va8z6pxrqp8x5z6xyv-nixos-lxc-image-x86_64-linux.img | |||
$ nix build .#nixosConfigurations.container.config.system.build.metadata --print-out-paths | |||
/nix/store/2snjw9y8brfh5gia44jv6bhdhmmdydva-tarball | /nix/store/2snjw9y8brfh5gia44jv6bhdhmmdydva-tarball | ||
</syntaxhighlight><syntaxhighlight lang="shell-session"> | |||
</syntaxhighlight> | $ incus image import --alias nixos/custom/container /nix/store/2snjw9y8brfh5gia44jv6bhdhmmdydva-tarball/tarball/nixos-system-x86_64-linux.tar.xz /nix/store/24djf2qlpkyh29va8z6pxrqp8x5z6xyv-nixos-lxc-image-x86_64-linux.img | ||
Image imported with fingerprint: 9d0d6f3df0cccec4da7ce4f69952bd389b6dd655fd9070e498f591aaffbb2cda | Image imported with fingerprint: 9d0d6f3df0cccec4da7ce4f69952bd389b6dd655fd9070e498f591aaffbb2cda | ||
$ incus image list nixos/custom/container | |||
+------------------------+--------------+--------+--------------------------------------------------+--------------+-----------+-----------+----------------------+ | +------------------------+--------------+--------+--------------------------------------------------+--------------+-----------+-----------+----------------------+ | ||
| ALIAS | FINGERPRINT | PUBLIC | DESCRIPTION | ARCHITECTURE | TYPE | SIZE | UPLOAD DATE | | | ALIAS | FINGERPRINT | PUBLIC | DESCRIPTION | ARCHITECTURE | TYPE | SIZE | UPLOAD DATE | | ||
| Line 184: | Line 218: | ||
+------------------------+--------------+--------+--------------------------------------------------+--------------+-----------+-----------+----------------------+ | +------------------------+--------------+--------+--------------------------------------------------+--------------+-----------+-----------+----------------------+ | ||
$ incus launch nixos/custom/container -c security.nesting=true | |||
Launching the instance | Launching the instance | ||
Instance name is: square-heron | Instance name is: square-heron | ||
$ incus shell square-heron | |||
[root@nixos:~] | [root@nixos:~] which vim | ||
/run/current-system/sw/bin/vim | /run/current-system/sw/bin/vim | ||
</syntaxhighlight>Or, the all in one command:<syntaxhighlight lang="bash"> | |||
incus image import --alias nixos/custom/vm $(nix build .#nixosConfigurations.vm.config.system.build.metadata --print-out-paths)/tarball/nixos-system-x86_64-linux.tar.xz $(nix build .#nixosConfigurations.vm.config.system.build.qemuImage --print-out-paths)/nixos.qcow2 | |||
</syntaxhighlight> | </syntaxhighlight> | ||
[[Category:Server]] | [[Category:Server]] | ||
[[Category:Container]] | [[Category:Container]] | ||