pyrox.dev / nixpkgs
lol
fork atom

nixos-container: force systemd-nspawn to use unified cgroups hierarchy

Jakub Okoński 12508ac7 b0bce6ae

options
unified split
Changed files
+25
nixos
modules
virtualisation
nixos-containers.nix
tests
all-tests.nix
containers-unified-hierarchy.nix
pkgs
tools
virtualization
nixos-container
default.nix
+2
nixos/modules/virtualisation/nixos-containers.nix 
···

       
138

       
138

       
 

       
        fi


     

       
139

       
139

       
 

       
      ''}


     

       
140

       
140

       
 

       



     

       

       
141

       
+

       
      export SYSTEMD_NSPAWN_UNIFIED_HIERARCHY=1


     

       

       
142

       
+

       



     

       
141

       
143

       
 

       
      # Run systemd-nspawn without startup notification (we'll


     

       
142

       
144

       
 

       
      # wait for the container systemd to signal readiness)


     

       
143

       
145

       
 

       
      # Kill signal handling means systemd-nspawn will pass a system-halt signal
+1
nixos/tests/all-tests.nix 
···

       
143

       
143

       
 

       
  containers-reloadable = handleTest ./containers-reloadable.nix {};


     

       
144

       
144

       
 

       
  containers-restart_networking = handleTest ./containers-restart_networking.nix {};


     

       
145

       
145

       
 

       
  containers-tmpfs = handleTest ./containers-tmpfs.nix {};


     

       

       
146

       
+

       
  containers-unified-hierarchy = handleTest ./containers-unified-hierarchy.nix {};


     

       
146

       
147

       
 

       
  convos = handleTest ./convos.nix {};


     

       
147

       
148

       
 

       
  corerad = handleTest ./corerad.nix {};


     

       
148

       
149

       
 

       
  coturn = handleTest ./coturn.nix {};
+21
nixos/tests/containers-unified-hierarchy.nix 
···

       

       
1

       
+

       
import ./make-test-python.nix ({ pkgs, lib, ... }: {


     

       

       
2

       
+

       
  name = "containers-unified-hierarchy";


     

       

       
3

       
+

       
  meta = {


     

       

       
4

       
+

       
    maintainers = with lib.maintainers; [ farnoy ];


     

       

       
5

       
+

       
  };


     

       

       
6

       
+

       



     

       

       
7

       
+

       
  nodes.machine = { ... }: {


     

       

       
8

       
+

       
    containers = {


     

       

       
9

       
+

       
      test-container = {


     

       

       
10

       
+

       
        autoStart = true;


     

       

       
11

       
+

       
        config = { };


     

       

       
12

       
+

       
      };


     

       

       
13

       
+

       
    };


     

       

       
14

       
+

       
  };


     

       

       
15

       
+

       



     

       

       
16

       
+

       
  testScript = ''


     

       

       
17

       
+

       
    machine.wait_for_unit("default.target")


     

       

       
18

       
+

       



     

       

       
19

       
+

       
    machine.succeed("echo 'stat -fc %T /sys/fs/cgroup/ | grep cgroup2fs' | nixos-container root-login test-container")


     

       

       
20

       
+

       
  '';


     

       

       
21

       
+

       
})
+1
pkgs/tools/virtualization/nixos-container/default.nix 
···

       
25

       
25

       
 

       
          containers-ip


     

       
26

       
26

       
 

       
          containers-tmpfs


     

       
27

       
27

       
 

       
          containers-ephemeral


     

       

       
28

       
+

       
          containers-unified-hierarchy


     

       
28

       
29

       
 

       
          ;


     

       
29

       
30

       
 

       
      };


     

       
30

       
31

       
 

       
    };