mirror of
https://codeberg.org/guix/guix.git
synced 2026-01-25 20:15:25 -06:00
60f4d72590
This patch implements a generalization of the oci-container-service-type, which consequently is made deprecated. The oci-service-type, in addition to all the features from the oci-container-service-type, can now provision OCI networks and volumes. It only handles OCI objects creation, the user is supposed to handle state once the objects are provsioned. It currently supports two different OCI runtimes: Docker and rootless Podman. Both runtimes are tested to make sure provisioned containers can connect to each other through provisioned networks and can read/write data with provisioned volumes. At last the Scheme API is thought to facilitate the implementation of a Guix Home service in the future. * gnu/build/oci-containers.scm: New file containg OCI runtime business logic used in OCI backed Shepherd services. oci-read-lines (oci-system*,oci-object-exists?,oci-object-service-available? oci-image-load,oci-log-verbose,oci-container-execlp,oci-object-create): New procedures. * gnu/local.mk: Add it. * gnu/services/containers.scm (list-of-oci-containers?, list-of-oci-networks?,list-of-oci-volumes?,%oci-supported-runtimes, oci-runtime?,oci-runtime-system-environment,oci-runtime-system-extra-arguments, oci-runtime-system-requirement,oci-runtime-cli,oci-runtime-system-cli, oci-runtime-home-cli,oci-runtime-name,oci-runtime-group, oci-container-shepherd-name,oci-networks-shepherd-name, oci-networks-home-shepherd-name,oci-volumes-shepherd-name, oci-volumes-home-shepherd-name,oci-container-configuration->options, oci-network-configuration->options,oci-volume-configuration->options, oci-container-shepherd-service,oci-objects-merge-lst,oci-extension-merge, oci-service-accounts,oci-service-profile,oci-service-subids, oci-configuration->shepherd-services,oci-configuration-extend): New procedures. (image-reference): Implement unambiguous naming convention, that paired with the new implementation for listing caches images with docker ls or podman ls, allows for more efficient image caching. (oci-container-configuration)[user,group]: Change default-type to maybe-string, since by default containers will run under the user and group declared in oci-configuration records. When unset the oci-service-type will derive their value from the OCI runtime state. [runtime,host-environment,environment,shepherd-actions,ports,extra-arguments]: define a predicate and use it as a type in the configuration. This way errors are reported with source location information. (lower-manifest): Defer to caller the logic of setting up an image tag. (lower-oci-image): Rename to load-oci-image-state. (oci-runtime-state): Intermediate representation of the OCI runtime details. It is supposed to be an internal API. (oci-state): Intermediate representation of the OCI provisioning state, such as containers and networks. It is supposed to be an internal API. (oci-container-invocation): Intermediate representation of the OCI runtime run command to start a container. It is supposed to be an internal API. (%oci-image-loader): Rename to oci-image-loader and use oci-runtime-state and (gnu build oci-containers). (oci-container-shepherd-service): Use oci-state and oci-runtime-state, add command-line action. (oci-network-configuration,oci-volume-configuration,oci-configuration, oci-extension): New record types. (oci-service-type): New service-type. * doc/guix.texi: Document it. * gnu/tests/containers.scm: Test it. * gnu/services/docker.scm: Deprecate the oci-container-service-type. Change-Id: I656b3db85832e42d53072fcbfb91d1226f39ef38 Modified-by: Maxim Cournoyer <maxim@guixotic.coop> Signed-off-by: Maxim Cournoyer <maxim@guixotic.coop> |
||
|---|---|---|
| .. | ||
| admin.scm | ||
| audio.scm | ||
| auditd.scm | ||
| authentication.scm | ||
| avahi.scm | ||
| backup.scm | ||
| base.scm | ||
| certbot.scm | ||
| cgit.scm | ||
| ci.scm | ||
| configuration.scm | ||
| containers.scm | ||
| cuirass.scm | ||
| cups.scm | ||
| databases.scm | ||
| dbus.scm | ||
| desktop.scm | ||
| dict.scm | ||
| dns.scm | ||
| docker.scm | ||
| file-sharing.scm | ||
| games.scm | ||
| ganeti.scm | ||
| getmail.scm | ||
| guix.scm | ||
| herd.scm | ||
| high-availability.scm | ||
| hurd.scm | ||
| kerberos.scm | ||
| ldap.scm | ||
| lightdm.scm | ||
| linux.scm | ||
| lirc.scm | ||
| mail.scm | ||
| mcron.scm | ||
| messaging.scm | ||
| monitoring.scm | ||
| networking.scm | ||
| nfs.scm | ||
| nix.scm | ||
| pam-mount.scm | ||
| pm.scm | ||
| power.scm | ||
| rsync.scm | ||
| samba.scm | ||
| science.scm | ||
| sddm.scm | ||
| security-token.scm | ||
| security.scm | ||
| shepherd.scm | ||
| sound.scm | ||
| spice.scm | ||
| ssh.scm | ||
| syncthing.scm | ||
| sysctl.scm | ||
| telephony.scm | ||
| upnp.scm | ||
| version-control.scm | ||
| virtualization.scm | ||
| vnc.scm | ||
| vpn.scm | ||
| web.scm | ||
| xorg.scm | ||