[Nix-dev] More fine-grained kernel configs?

Christian Theune ct at flyingcircus.io
Sun Oct 23 15:24:46 CEST 2016 

Hi,

Ah, great, thanks. I didn’t notice that. Seems like we’re not the only ones. :)

I’ll go through what’s there when I have a little time and try to add input from our experience there.

Christian

> On 23 Oct 2016, at 13:38, Domen Kožar <domen at dev.si> wrote:
> 
> CoCoPumpkin has an PR open for an attempt here: https://github.com/NixOS/nixpkgs/pull/12158/files <https://github.com/NixOS/nixpkgs/pull/12158/files>
> 
> I think it's worthwhile to have kernel config defined in Nix so we can use the overriding machinery.
> 
> It would be good to comment on that issue with your observations to advance on that front :)
> 
> On Sun, Oct 23, 2016 at 1:06 PM, Christian Theune <ct at flyingcircus.io <mailto:ct at flyingcircus.io>> wrote:
> Hi,
> 
> I’ve been doing a bit of kernel upgrade/configuration tuning for our platform and I noticed that currently kernel configs in NixOS are very simple string concatenations that are passed to the kernel package.
> 
> At the Flying Circus we’ve been using a more structured approach of modularising kernel configs (based on our previous platform using Puppet) that allow us to create overrides. For example, we like to keep our kernels small as we want the option of building them on a target machine (in addition to using the ones provided by our Hydra) for experimentation, etc. For example, we like to disable all X support, sound, wifi, etc. This currently isn’t possible in a nice fashion as we can’t counter the settings provided by the base line: as this a simple textual concatenation, you can only add options, but not override, and more specifically you can’t easily disable whole subsystems.
> 
> If you guys are interested, then I’d propose to adopt something like our system. Here are the parts that it’s currently made up of on our old platform:
> 
> https://bitbucket.org/flyingcircus/fc.platform/src/3ee91524525da03f603d6a4f15b32c5231440855/puppet/modules/sys_kernel/files/build-kernel.sh?at=default&fileviewer=file-view-default <https://bitbucket.org/flyingcircus/fc.platform/src/3ee91524525da03f603d6a4f15b32c5231440855/puppet/modules/sys_kernel/files/build-kernel.sh?at=default&fileviewer=file-view-default>
> https://bitbucket.org/flyingcircus/fc.platform/src/3ee91524525da03f603d6a4f15b32c5231440855/puppet/modules/sys_kernel/files/kernelconfig.py?at=default&fileviewer=file-view-default <https://bitbucket.org/flyingcircus/fc.platform/src/3ee91524525da03f603d6a4f15b32c5231440855/puppet/modules/sys_kernel/files/kernelconfig.py?at=default&fileviewer=file-view-default>
> https://bitbucket.org/flyingcircus/fc.platform/src/3ee91524525da03f603d6a4f15b32c5231440855/puppet/modules/sys_kernel/files/immediate-config-activation.py?at=default&fileviewer=file-view-default <https://bitbucket.org/flyingcircus/fc.platform/src/3ee91524525da03f603d6a4f15b32c5231440855/puppet/modules/sys_kernel/files/immediate-config-activation.py?at=default&fileviewer=file-view-default>
> https://bitbucket.org/flyingcircus/fc.platform/src/3ee91524525da03f603d6a4f15b32c5231440855/puppet/manifests/classes/machine.pp?at=default&fileviewer=file-view-default#machine.pp-10 <https://bitbucket.org/flyingcircus/fc.platform/src/3ee91524525da03f603d6a4f15b32c5231440855/puppet/manifests/classes/machine.pp?at=default&fileviewer=file-view-default#machine.pp-10>
> https://bitbucket.org/flyingcircus/fc.platform/src/3ee91524525da03f603d6a4f15b32c5231440855/puppet/manifests/classes/machine.pp?at=default&fileviewer=file-view-default#machine.pp-123 <https://bitbucket.org/flyingcircus/fc.platform/src/3ee91524525da03f603d6a4f15b32c5231440855/puppet/manifests/classes/machine.pp?at=default&fileviewer=file-view-default#machine.pp-123>
> https://bitbucket.org/flyingcircus/fc.platform/src/3ee91524525da03f603d6a4f15b32c5231440855/puppet/manifests/classes/machine.pp?at=default&fileviewer=file-view-default#machine.pp-325 <https://bitbucket.org/flyingcircus/fc.platform/src/3ee91524525da03f603d6a4f15b32c5231440855/puppet/manifests/classes/machine.pp?at=default&fileviewer=file-view-default#machine.pp-325>
> 
> I’d be happy to make a more detailed proposal if this is generally welcome and of course: discussion is also more than welcome.
> 
> We also have some code for deciding whether reboots are needed (and wanted) and on a different note, we also have some tools to schedule and perform automatic maintenance windows (which would be a separate project from which some parts might be interesting to include in upstream NixOS at some point).
> 
> Cheers,
> Christian
> 
> --
> Christian Theune · ct at flyingcircus.io <mailto:ct at flyingcircus.io> · +49 345 219401 0
> Flying Circus Internet Operations GmbH · http://flyingcircus.io <http://flyingcircus.io/>
> Forsterstraße 29 · 06112 Halle (Saale) · Deutschland
> HR Stendal HRB 21169 · Geschäftsführer: Christian. Theune, Christian. Zagrodnick
> 
> 
> _______________________________________________
> nix-dev mailing list
> nix-dev at lists.science.uu.nl <mailto:nix-dev at lists.science.uu.nl>
> http://lists.science.uu.nl/mailman/listinfo/nix-dev <http://lists.science.uu.nl/mailman/listinfo/nix-dev>
> 
> 

--
Christian Theune · ct at flyingcircus.io · +49 345 219401 0
Flying Circus Internet Operations GmbH · http://flyingcircus.io
Forsterstraße 29 · 06112 Halle (Saale) · Deutschland
HR Stendal HRB 21169 · Geschäftsführer: Christian. Theune, Christian. Zagrodnick

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.science.uu.nl/pipermail/nix-dev/attachments/20161023/fb98ff03/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 496 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.science.uu.nl/pipermail/nix-dev/attachments/20161023/fb98ff03/attachment-0001.sig>

More information about the nix-dev mailing list