Thanks a ton! I think we've arrived at the limit of how I understand the daemon to work, and GUIX_DAEMON_SOCKET. I think I understand that you are using a single node (hpc of sort I imagine), where users create sessions, and within which you provide the guix command, having set up GUIX_DAEMON_SOCKET to a unix-domain socket (to that same node / itself). That makes total sense in the context of the single node. Did I get that right?
I think what we are aiming for, in our case (where users each have their own nodes as it were, only sharing network drives), is providing the guix command on each node, set up with GUIX_DAEMON_SOCKET connecting with ssh to a master node with a daemon, that itself would have access to the same network drives. The issue with profiles you are mentioning is interesting; I haven't quite thought it through yet. I think I would personally want users to be able to create profiles (for reproducibility reasons) but I guess it would work the same way with guix shells built from manifests, maybe slightly less easy to interact with, I don't know. Etienne On Thu, Dec 14, 2023 at 2:48 PM Ricardo Wurmus <ricardo.wur...@mdc-berlin.de> wrote: > > "Etienne B. Roesch" <etienne.roe...@gmail.com> writes: > > > Hiccups: we provide home dirs as nfs drives through the network. Using > guix, we are thinking of creating one nfs drive, shared by all > > users, to contain /var/guix and /gnu/store, symlinked from /. > > As I understand, that should work, until a user decides to run "guix gc" > (which would clear wrongly assumed unused profiles) or maybe > > until a user decides to launch several vms (which is theoretically > possible, but doesn't happen often). > > I would strongly discourage the use of profiles in users’ home > directories. When introducing Guix we now only demo “guix shell”, which > is preferrable in most cases. “guix gc” is problematic when profile > links are in locations that the daemon cannot read. > > > Efraim suggested using a shared daemon ssh-ing GUIX_DAEMON_SOCKET. We > > would probably run this on a separate vm. We are however unsure how it > > would behave when /var/guix/daemon-socket/socket is itself on an nfs. > > We only export /var/guix/profiles, not anything else in /var/guix. > Using GUIX_DAEMON_SOCKET with a network port (make “guix-daemon” listen > on that port) is all we ever needed. > > -- > Ricardo Wurmus > > System administrator > BIMSB - Scientific Bioinformatics Platform > Max Delbrueck Center for Molecular Medicine > > email: ricardo.wur...@mdc-berlin.de > tel: +49 30 9406 1796 >
