elpdt852
commented
2 months ago Run the nix binary produced by an expression like ${redis.copyToRegistry {}}/bin/copy-to-registry:
https://github.com/pdtpartners/nix-snapshotter/blob/7b251c9356bc7bb383ebeedcd0045b3ae431bff7/README.md?plain=1#L346-L348
See the function signature: https://github.com/pdtpartners/nix-snapshotter/blob/b4cd2629f09bd0b42c34f7c5af9385c6d7fbb37a/package.nix#L98-L103
You don't need a docker daemon or containerd to push images to registries. This binary will copy the image directly to a registry given the imageName = "my.registry.com/name.
Some clarifications:
nix:0${image}is the image name used when nix-snapshotter is configured as a Kubelet Image Service for use with Kubernetes when you want to move image resolution also to the nix store (removing the need for a Docker Registry). If you want to push to a regular registry, build your image withresolvedByNix = false.- Nix store paths aren't uploaded to the target registry, it assumes your Nix store paths are uploaded to a Nix binary cache and the Nix daemon sitting next to containerd is configured to use it as a substituter.
the-sun-will-rise-tomorrow
Hi, thank you for this cool project! Sorry, I have some dumb questions:
If the goal is to define an image with Nix and then push it to a registry, am I correct that we need to:
containerdwithnix-snapshotterintegration is set up and runningpkgs.nix-snapshotter.buildImagedocker tag nix:0${image} my.registry.com/name:tagdocker push my.registry.com/name:tagand if it's not feasible to have
containerdrunning in the current environment (e.g. it is a CI environment without any services or user namespace support), then build a VM to do all of the above and run it.Is this accurate?
Would this allow skipping local instantiation of the Nix store paths for layers that are already on the target registry?
I tried to do the above with nix2container but ran into some trouble due to what I think is compression. Do you know if using nix-snapshotter +
docker pushwould fare better?Thanks!