Security: Difference between revisions

Line 64:

[https://en.wikipedia.org/wiki/Virtual_machine Virtual machines] are generally one of the most robust tools available for process isolation. They come with [https://www.brendangregg.com/blog/2017-11-29/aws-ec2-virtualization-2017.html performance penalties] and resource overheads.

NixOS includes support for hosting virtual machines. ~~One~~ of the ~~most accessible~~ is ~~the integrated~~ [https://~~nixos~~.~~org~~/~~manual~~/nixos/~~unstable~~/~~index~~.~~html#sec~~-~~profile~~-~~qemu-guest~~ QEMU ~~guest system profile~~].

NixOS includes support for hosting virtual machines. The Nix store of the host machine is shared read-only with guest machines, making them lighter-weight in terms of storage use than typical VMs. Guest VMs are easily built from Nix configurations.

[https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/virtualisation/qemu-vm.nix qemu-vm.nix - Implementation of QEMU builds of NixOS machine configurations]

====== Test machines ======

NixOS integrates support for building [[NixOS:nixos-rebuild_build-vm|test VMs]] to test configuration changes to your system.

NixOS also uses VMs to continuously validate functionality of the system. [https://nixos.org/manual/nixos/unstable/index.html#sec-writing-nixos-tests NixOS Manual - Writing Tests Chapter] covers this.

== Nix official references ==

@@ Line 64: / Line 64: @@
 [https://en.wikipedia.org/wiki/Virtual_machine Virtual machines] are generally one of the most robust tools available for process isolation. They come with [https://www.brendangregg.com/blog/2017-11-29/aws-ec2-virtualization-2017.html performance penalties] and resource overheads.
-NixOS includes support for hosting virtual machines. One of the most accessible is the integrated [https://nixos.org/manual/nixos/unstable/index.html#sec-profile-qemu-guest QEMU guest system profile].
+NixOS includes support for hosting virtual machines. The Nix store of the host machine is shared read-only with guest machines, making them lighter-weight in terms of storage use than typical VMs. Guest VMs are easily built from Nix configurations.
+[https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/virtualisation/qemu-vm.nix qemu-vm.nix - Implementation of QEMU builds of NixOS machine configurations]
 ====== Test machines ======
 NixOS integrates support for building [[NixOS:nixos-rebuild_build-vm|test VMs]] to test configuration changes to your system.
+NixOS also uses VMs to continuously validate functionality of the system. [https://nixos.org/manual/nixos/unstable/index.html#sec-writing-nixos-tests NixOS Manual - Writing Tests Chapter] covers this.
 == Nix official references ==