[Nix-dev] [Bachelors Thesis] Studi-Cloud VMs managing with Nix?

Matthias Beyer mail at beyermatthias.de
Tue Dec 8 15:31:42 CET 2015 

Hi,

some of you already know: I'm going to write my bachelors thesis next year, from
march until June or July.

I had another idea and one of my protential supervisors is really interested in
a solution to the following problem:

We have a cloud for students here, each student is able to start one or several
VMs on an OpenStack installation. There are some prepared images already
available: Debian, Ubuntu, CentOS.

Managing updates for packages on the VMs is done by the VM users. From time to
time, some users want customized images (sometimes a Professor wants VMs for a
course with Apache, MySQL, etc availabe). These custom images vary a lot, so
each time a custom image is requested by a professor, a new image is generated,
started on the VMs and thrown away afterwards. If a student wants a custom
image, she or he gets told to do it on their own.

Several ideas came up:

    1)
        Generating custom images for the cloud. Basically a web interface where
        a user can select
            1.1) I want apache
            1.2) I want postgresql / mysql
            1.3) I want owncloud
            1.4) I want that on debian/centos/ubuntu
        and build a new .iso image from it.

        A solution to this problem may or may not involve nix.

        The problem is that this would result in a _lot_ of new .iso images
        floating around:

            user 1: I want apache, mysql
            user 2: I want apache, mysql, php
            user 3: I want apache, mysql, php, python

            -> 3 images.

        My idea here: All these "custom" packages are installed into a
        cloud-global store and they are "mounted" into the VMs on startup. Not
        thought about this in-depth yet, though I guess a solution like this
        would be possible.

    2)
        Managed VMs where a user gets (via the web interface from 1) some tools
        installed, for example owncloud, but doesn't get root access to the VM.
        Updates and Upgrades could be rolled out by the admins of the cloud.

        Problem is: One machine has not that much disc space available, so it we
        would need to share one global /nix/store.

        This VMs could run NixOS, as the user has no ability to get access to
        the actual VM.

    3)
        Unmanaged VMs where a User is able to install custom packages (even
        modified ones) via the nix package manager.

        This one is actually a bit critical, as we cannot expect users to
        understand that there is actually a second package manager besides
        apt-get available. We would wrap apt-get (for example) to warn the user
        when she/he wants to do an update on a package which is already
        installed via nix.

        Running NixOS is no option, sadly.

        Two sub-options exist:

            3.1) A user is able to install to the (cloud-) global store. After
                 one VM dies (or gets removed) a nix-gc call would need to be
                 ran on the global store, of course.

            3.2) A user gets the /nix/store via an AUFS, where the global store
                 is RO mounted into the image, so the global store provides some
                 basic packages each user can use. If a user wants to install a
                 custom package, it gets installed locally in the VM and if the
                 VM gets removed, the package is removed as well. The global
                 store is not affected at all.

    4)
        Related to 1-3 -> Ability to install packages into the VM(s) via an
        openstack webinterface.

        I did not put much brain-power in this yet.

We are speaking of about 300 VMs and 10TB storage which would be available,
though I was told that 1TB of package storage is no problem, but we should keep
it around this number if possible.


What I want from you:
---------------------

    Maybe you guys have some more ideas on what we can do and how we could do
    it. Feel free to post your crazy ideas, I want _everything_ I could possible
    do in my bachelors thesis.

    Is the stuff I just mentioned even doable? What would it need to do this
    stuff? Do you think one can do this in a _bachelors_ thesis?

TL;DR:
------

    - 300 VMs in a studycloud (openstack)

    - debian/ubuntu/centos .iso images

    - customizeable images via openstack webinterface -> nix build
      infrastructure (?)

    - "Managed" VMs, updates rolled out by admins -> cloud-global /nix/store

    - AUFS-/nix/store to get basic package set from cloud-global store, ability
      to install local packages into local store

    - We cannot assume the user to know nix

    - Maybe even webinterface-based package installation for VMs

    -> Tell me your thoughts on these notes/ideas!

-- 
Mit freundlichen Grüßen,
Kind regards,
Matthias Beyer

Proudly sent with mutt.
Happily signed with gnupg.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
Url : http://lists.science.uu.nl/pipermail/nix-dev/attachments/20151208/77b2e431/attachment.bin

More information about the nix-dev mailing list