the-distro/infra
8
1
Fork 8
Code Issues 42 Pull requests 12 Projects Releases Packages Wiki Activity Actions

hypervisors: init #269

Merged
raito merged 7 commits from hypervisors into main 2025-08-22 01:50:27 +00:00
Conversation 7 Commits 7 Files changed 14 +352 -42
raito commented 2025-08-22 00:02:10 +00:00
Owner
Copy link

This initialize the code for hypervisors, this doesn't contain VM workloads on purpose because they still contain stuff to redo. Another stacked PR will be open to that end.

3 hypervisors gets introduced.

2 in EU (France & Germany), 1 in the US (SEA01 location).

Planned usecases:

  • Migration of fragile Lix services to the hypervisor.
  • Migration of Digital Ocean (expensive) services to the hypervisor (lix.systems being the last one to move).
  • Increased redundancy.
  • Services that can afford to be high latency to EU and are lacking capacity in the EU continent.
  • Services that need to be low latency on the American continent (e.g. Lix's Gerrit or Lix's S3).
This initialize the code for hypervisors, this doesn't contain VM workloads on purpose because they still contain stuff to redo. Another stacked PR will be open to that end. --- 3 hypervisors gets introduced. 2 in EU (France & Germany), 1 in the US (SEA01 location). Planned usecases: - Migration of fragile Lix services to the hypervisor. - Migration of Digital Ocean (expensive) services to the hypervisor (lix.systems being the last one to move). - Increased redundancy. - Services that can afford to be high latency to EU and are lacking capacity in the EU continent. - Services that need to be low latency on the American continent (e.g. Lix's Gerrit or Lix's S3).
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
Now we have more than one host platform, let's generalize the hardware
logic to support the split and factorize things.

The networking configuration could be improved but that's a work for
later.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
This is in preparation to receive the R440.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
We are starting to have too many regions.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
A very simple support for OVH Limburg and OVH Strasbourg.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
Co-authored-by: emilylange <git@emilylange.de>
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
raito reviewed 2025-08-22 00:03:03 +00:00
services/baremetal/hardware/ovh/default.nix Outdated
@ -0,0 +17,4 @@
};
};
mkAdditionalRoutes = int: dsts: {
raito commented 2025-08-22 00:03:03 +00:00
Author
Owner
Copy link

this should probably go away

this should probably go away
raito marked this conversation as resolved
raito reviewed 2025-08-22 00:03:10 +00:00
services/baremetal/hardware/ovh/default.nix Outdated
@ -0,0 +31,4 @@
{
options.bagel.baremetal.ovh = {
publicNetwork = mkNetworkOption "public";
additionalRoutes = mkOption {
raito commented 2025-08-22 00:03:10 +00:00
Author
Owner
Copy link

deadcode

deadcode
raito marked this conversation as resolved
raito reviewed 2025-08-22 00:03:20 +00:00
services/baremetal/hardware/ovh/default.nix Outdated
@ -0,0 +72,4 @@
address = cfg.publicNetwork.address;
routes = cfg.publicNetwork.routes;
};
} // mapAttrs' mkAdditionalRoutes cfg.additionalRoutes;
raito commented 2025-08-22 00:03:20 +00:00
Author
Owner
Copy link

deadcode

deadcode
raito marked this conversation as resolved
raito reviewed 2025-08-22 00:03:30 +00:00
services/baremetal/hardware/ovh/default.nix Outdated
@ -0,0 +3,4 @@
inherit (lib) mkOption types hasPrefix mkIf mapAttrs';
cfgParent = config.bagel.baremetal;
cfg = config.bagel.baremetal.ovh;
mkNetworkOption = typology: {
raito commented 2025-08-22 00:03:30 +00:00
Author
Owner
Copy link

docs would be relevant here

docs would be relevant here
raito marked this conversation as resolved
raito force-pushed hypervisors from c6aa4414a1 to 557e80076d 2025-08-22 00:08:05 +00:00 Compare
raito force-pushed hypervisors from 557e80076d to b3e8420c23 2025-08-22 00:10:38 +00:00 Compare
delroth requested changes 2025-08-22 00:39:54 +00:00
common/hardware/oracle-vm.nix Outdated
@ -21,2 +17,2 @@
config = mkIf cfg.enable {
config = mkIf cfg.enable (mkMerge [
(import "${modulesPath}/profiles/qemu-guest.nix" args)
delroth commented 2025-08-22 00:39:46 +00:00
Owner
Copy link

This seems very prone to breaking. Can we just vendor the (probably tiny) parts of the profile that we need? Profiles are kind of a bad and unmaintained abstraction in nixos anyway.

This seems very prone to breaking. Can we just vendor the (probably tiny) parts of the profile that we need? Profiles are kind of a bad and unmaintained abstraction in nixos anyway.
raito commented 2025-08-22 00:40:31 +00:00
Author
Owner
Copy link

yes we can

yes we can
raito marked this conversation as resolved
hosts/lix/hv01-lix/default.nix Outdated
@ -0,0 +4,4 @@
bagel.baremetal.num = 14;
networking.hostName = "hv01-lix";
networking.hostId = "4df8f1b4";
networking.domain = "infra.forkos.org";
delroth commented 2025-08-22 00:36:20 +00:00
Owner
Copy link

Can we avoid deploying new stuff as forkos.org?

Can we avoid deploying new stuff as forkos.org?
raito commented 2025-08-22 00:40:25 +00:00
Author
Owner
Copy link

indeed

indeed
raito commented 2025-08-22 01:17:02 +00:00
Author
Owner
Copy link

this is now fixed as much as reasonably I can for now

this is now fixed as much as reasonably I can for now
raito marked this conversation as resolved
hosts/lix/hv01-lix/default.nix Outdated
@ -0,0 +32,4 @@
};
};
bagel.baremetal.ovh = {
delroth commented 2025-08-22 00:37:06 +00:00
Owner
Copy link

This doesn't exist until the next commit.

This doesn't exist until the next commit.
raito commented 2025-08-22 00:40:40 +00:00
Author
Owner
Copy link

thanks

thanks
raito marked this conversation as resolved
services/baremetal/hardware/sea01/aarch64.nix Outdated
@ -0,0 +5,4 @@
{
config = lib.mkIf (cfg.enable && cfg.az == "sea01" && cfg.hostPlatform == "aarch64") {
nixpkgs.hostPlatform = "aarch64-linux";
networking.domain = "sea01-aarch64.infra.forkos.org";
delroth commented 2025-08-22 00:38:35 +00:00
Owner
Copy link

(Not to fix now, but I'm still very very unconvinced by putting hostPlatform in the hostname...)

(Not to fix now, but I'm still very very unconvinced by putting hostPlatform in the hostname...)
raito commented 2025-08-22 00:53:09 +00:00
Author
Owner
Copy link

To be processed in #270.

To be processed in #270.
raito marked this conversation as resolved
raito force-pushed hypervisors from b3e8420c23 to 69c78c045e 2025-08-22 01:04:21 +00:00 Compare
raito force-pushed hypervisors from 69c78c045e to d393d8a56e 2025-08-22 01:16:54 +00:00 Compare
requested review from delroth 2025-08-22 01:18:40 +00:00
delroth approved these changes 2025-08-22 01:19:29 +00:00
dnscontrol/zones/afnix.fr.js Outdated
@ -22,6 +22,11 @@ D("afnix.fr", REG_NONE, DnsProvider(DNS_DNSIMPLE),
AAAA("vpn-gw.wob01.infra", "2a01:584:11::2"),
// FIXME: hv01.sea01-x86_64.infra.forkos.org is kept for legacy reasons.
delroth commented 2025-08-22 01:18:08 +00:00
Owner
Copy link

x86-64

x86-64
raito marked this conversation as resolved
raito force-pushed hypervisors from d393d8a56e to cbf5b148d1 2025-08-22 01:50:17 +00:00 Compare
raito merged commit cbf5b148d1 into main 2025-08-22 01:50:27 +00:00
raito deleted branch hypervisors 2025-08-22 01:50:27 +00:00
raito commented 2025-08-22 02:03:10 +00:00
Author
Owner
Copy link

Follow up in #271.

Follow up in https://git.lix.systems/the-distro/infra/pulls/271.
Sign in to join this conversation.
Reviewers
No reviewers
delroth
Labels
Clear labels   
Compat/Breaking

Breaking change that won't be backward compatible

  
Difficulty
Architectural
Requires changes in multiple pieces of the stack: the Nix interpreter, etc.

  
Difficulty
Easy
Infrastructure beginner friendly tasks

  
Difficulty
Hard
Requires prior knowledge, research and design

  
Help Wanted

Looking for a first task to pick? This one is looking for somefew to do it as well!

  
Kind
Bug
Something is not working

  
Kind
Documentation
Documentation changes

  
Kind
Enhancement
Improve existing functionality

  
Kind
Feature
New functionality

  
Kind
Testing
Issue or pull request related to testing

  
Priority
Critical
The priority is critical

  
Priority
High
The priority is high

  
Priority
Low
The priority is low

  
Priority
Medium
The priority is medium

  
Reviewed
Confirmed
Issue has been confirmed

  
Reviewed
Duplicate
This issue or pull request already exists

  
Reviewed
Invalid
Invalid issue

  
Reviewed
Won't Fix
This issue won't be fixed

  
Security

This is a security issue

  
Silenced Alert

This issue was created to track a silenced alert which needs remediation work.

  
Status
Abandoned
Somebody has started to work on this but abandoned work

  
Status
Blocked
Something is blocking this issue or pull request

  
Status
Need More Info
Feedback is required to reproduce issue or to continue work

  
Status
Postponed
We can do this later

  
Tracking Issue

Umbrella issue of many things at the same time

No labels
Compat/Breaking
Difficulty
Architectural
Difficulty
Easy
Difficulty
Hard
Help Wanted
Kind
Bug
Kind
Documentation
Kind
Enhancement
Kind
Feature
Kind
Testing
Priority
Critical
Priority
High
Priority
Low
Priority
Medium
Reviewed
Confirmed
Reviewed
Duplicate
Reviewed
Invalid
Reviewed
Won't Fix
Security
Silenced Alert
Status
Abandoned
Status
Blocked
Status
Need More Info
Status
Postponed
Tracking Issue
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: the-distro/infra#269
No description provided.
Delete branch "hypervisors"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?