nixpkgs-suyu/nixos
Eelco Dolstra 9ee30cd9b5 Add support for lightweight NixOS containers
You can now say:

  systemd.containers.foo.config =
    { services.openssh.enable = true;
      services.openssh.ports = [ 2022 ];
      users.extraUsers.root.openssh.authorizedKeys.keys = [ "ssh-dss ..." ];
    };

which defines a NixOS instance with the given configuration running
inside a lightweight container.

You can also manage the configuration of the container independently
from the host:

  systemd.containers.foo.path = "/nix/var/nix/profiles/containers/foo";

where "path" is a NixOS system profile.  It can be created/updated by
doing:

  $ nix-env --set -p /nix/var/nix/profiles/containers/foo \
      -f '<nixos>' -A system -I nixos-config=foo.nix

The container configuration (foo.nix) should define

  boot.isContainer = true;

to optimise away the building of a kernel and initrd.  This is done
automatically when using the "config" route.

On the host, a lightweight container appears as the service
"container-<name>.service".  The container is like a regular NixOS
(virtual) machine, except that it doesn't have its own kernel.  It has
its own root file system (by default /var/lib/containers/<name>), but
shares the Nix store of the host (as a read-only bind mount).  It also
has access to the network devices of the host.

Currently, if the configuration of the container changes, running
"nixos-rebuild switch" on the host will cause the container to be
rebooted.  In the future we may want to send some message to the
container so that it can activate the new container configuration
without rebooting.

Containers are not perfectly isolated yet.  In particular, the host's
/sys/fs/cgroup is mounted (writable!) in the guest.
2013-11-27 17:14:10 +01:00
..
doc Allow building/testing individual systemd units 2013-11-18 18:04:16 +01:00
gui Move all of NixOS to nixos/ in preparation of the repository merge 2013-10-10 13:28:20 +02:00
lib Add support for lightweight NixOS containers 2013-11-27 17:14:10 +01:00
maintainers Don't include the code name in the EBS AMI name 2013-11-19 19:09:48 +01:00
modules Add support for lightweight NixOS containers 2013-11-27 17:14:10 +01:00
tests Add a regression test for hostname / nss_myhostname 2013-11-26 18:52:34 +01:00
.topmsg experimental/vsftpd 2013-10-12 01:05:13 +02:00
COPYING Move all of NixOS to nixos/ in preparation of the repository merge 2013-10-10 13:28:20 +02:00
default.nix Fix nixos-option 2013-10-28 22:45:58 +01:00
README Move all of NixOS to nixos/ in preparation of the repository merge 2013-10-10 13:28:20 +02:00
release-combined.nix Propagate the stableBranch argument 2013-10-31 22:04:26 +01:00
release.nix Drop the new-kernel ISOs 2013-11-07 16:38:57 +01:00

*** NixOS ***

NixOS is a Linux distribution based on the purely functional package
management system Nix.  More information can be found at
http://nixos.org/nixos and in the manual in doc/manual.