search

NixOS / nixops

NixOps is a tool for deploying to NixOS machines in a network or cloud.
https://nixos.org/nixops
GNU Lesser General Public License v3.0
1.84k stars 363 forks source link

Use custom images for DigitalOcean instead of nixos-infect #1017

Open 3noch opened 6 years ago

3noch commented 6 years ago

DO finally supports custom images: https://blog.digitalocean.com/custom-images/

This should let us stop infecting Ubuntu and use DO normally.

ghost commented 6 years ago

Going to attempt to build an image using a variation of the Azure scripts

paperdigits commented 5 years ago

@mhsjlw any results you can share using a variant of the azure scripts?

infinisil commented 5 years ago

https://github.com/NixOS/nixpkgs/pull/58464 :o

eamsden commented 5 years ago

I'm working on the above but I've given up on the cloud-init route. My current approach is to try to generate a NixOS module from the digital ocean metadata (sort of like hardware-configuration.nix on a PC install) and then rebuild.

The biggest reason to need configuration from the Digital Ocean side is to get an initial SSH key into the image that NixOps could then use to push the closure for the system. But it would also be nice to make sure all of the Digital Ocean networking features (floating IPs, IPv6, &c) worked properly.

eamsden commented 5 years ago

One other thing to note is that the Digital Ocean API (as opposed to the web GUI) only supports getting a custom image from an HTTP server. It does not support directly uploading a custom image.

To create a new custom image, send a POST request to /v2/images. The body must contain a url attribute pointing to a Linux virtual machine image to be imported into DigitalOcean.

https://developers.digitalocean.com/documentation/v2/#create-a-custom-image

Hopefully we can have builds of the DO image (which I'm hoping to have complete soon) hosted at nixos.org, so that this won't be an issue. We should probably also tag the uploaded image somehow so we don't have to upload another image for each new machine or deployment.

Also, NixOps closures for Digital Ocean should implicitly import the DO configuration, as that configuration sets up kernel settings for the console as well as RNG initialization using DO-provided seeds*.

:* Not yet, but it will before I take the draft tag off.

zeratax commented 3 years ago

what's the current status of this?

yash-ahir commented 3 years ago

Any updates on this?

eamsden commented 3 years ago

NixOS has digital ocean image builds in master, so I think it is a matter of a PR to get NixOps using them for DO.

Unfortunately that's not a PR I have time to make :\