Hi Rutherther, thank you for your reply.
On 5/10/25 13:52, Rutherther wrote:
> Naranden <naran...@mailbox.org> writes:
>> If not, is there a way to deploy a real operating system (for example
>> with guix system vm) that runs a defined container as a service?
>
> Definitely, see the virtual-build-machine-service-type and
> hurd-vm-service-type, you basically need to make a new system service
> that will make a shepherd service and the command to start is to use
> linux-image-startup-command with appropriate image, where you give it
> the operating-system definition you want.
It looks like these are for running virtual machines, but I need
something lightweight like containers.
> I think similar thing should be achievable with containers, with
> container-script procedure. But I don't think there are examples for
> that in Guix.
Okay, I looked at container-script; I need something like that, but it
just builds a script rather than configuring a service managed by Shepherd.
> Depending on why you want this
I should have given more information to begin with... see below.
> also note that there is least authority wrapper for security.
Okay, thanks, I'll look at that.
Here are some more details. I am experimenting with using guix to
provide a multi-container (or similar) reproducible environment from
local development (with something like guix system vm or container) to
deployment (with guix deploy). I am wondering about writing various
container operating-system definitions, adding those as services to a
host operating-system definition, and then using guix deploy to deploy
the host operating-system.
```
;; A container that runs a database service
(define db-container-os
(operating-system
(host-name "db-container")
(services
(cons* (service postgresql-service-type) %base-services))))
;; A container than runs a worker service
(define worker-container-os
(operating-system
(host-name "worker-container")
(services
(cons* (service worker-service-type) %base-services))))
;; An operating-system definition for deployment that runs the
;; above defined containers with Shepherd--this can be started
;; as a local vm (guix system vm) for development.
(define host-os
(operating-system
(host-name "deployed-host")
(services
(cons*
(service container-service-type (os db-container-os))
(service container-service-type (os worker-container-os))))))
;; This can be used to deploy to a server (guix deploy).
(define all-machines
(list (machine (operating-system host-os))))
```
For local development, run `guix system vm {host-os}` and run a single
VM with all services running on it.
For deployment, run `guix deploy {all-machines}` and it would deploy a
server with the specified containers. (In reality the containers might
be distributed across multiple hosts.)
At this example/overview level the result is similar to simply defining
services, but the containers allow for much greater control over the
service environment as well as better isolation.
I hope that makes it more clear what prompted the question. Most of the
discussion/examples I've found use Guix to build/pack something that
then gets deployed on some other host system, whether a foreign Linux or
container system, etc.
Surely someone has tried to set up a deployment system that uses guix
deploy like this... but I just haven't found it? Or maybe guix deploy is
too new...?
Thanks,
Naranden
