From b467bb4e742653c66aaf568851a5b9739e61e33d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Sun, 4 Dec 2022 04:58:36 +0100 Subject: [PATCH] Generate simd variants of each host, delete unused module --- flake.nix | 22 +++++-- hosts/hydra/hydra.nix | 2 + hosts/server10/default.nix | 1 + hosts/server8/default.nix | 20 +++--- hosts/server9/default.nix | 28 ++++++--- modules/c3d2.nix | 12 ++++ modules/default.nix | 121 ------------------------------------- modules/microvm.nix | 9 +++ 8 files changed, 71 insertions(+), 144 deletions(-) delete mode 100644 modules/default.nix diff --git a/flake.nix b/flake.nix index 3d32b924..08e39c37 100644 --- a/flake.nix +++ b/flake.nix @@ -756,11 +756,23 @@ ) sops-nix.packages; hydraJobs = - builtins.mapAttrs (_: nixos.lib.hydraJob) ( - builtins.mapAttrs (_: nixosSystem: - if nixosSystem.config ? microvm.declaredRunner - then nixosSystem.config.microvm.declaredRunner - else nixosSystem.config.system.build.toplevel + lib.mapAttrs (_: nixos.lib.hydraJob) ( + lib.mapAttrs (_: nixosSystem: + nixosSystem.config.microvm.declaredRunner or nixosSystem.config.system.build.toplevel + ) self.nixosConfigurations + // lib.mapAttrs' (hostname: nixosSystem: lib.nameValuePair + (hostname + "-simd") + (nixosSystem.config.microvm.declaredRunner or nixosSystem.config.system.build.toplevel hostname + (nixosSystem (nixosSystem.args // (with nixosSystem.args; { + hostname = hostname + "-simd"; + modules = modules ++ [ + { + sandro.simd.enable = lib.mkForce true; + } + ]; + inherit (inputs) nixpkgs; + }))) + ) ) self.nixosConfigurations // nixos.lib.filterAttrs (name: attr: (lib.match ".+-tftproot" name != null && lib.isDerivation attr) diff --git a/hosts/hydra/hydra.nix b/hosts/hydra/hydra.nix index 77f5e8e4..6c09b5cd 100644 --- a/hosts/hydra/hydra.nix +++ b/hosts/hydra/hydra.nix @@ -80,6 +80,8 @@ in }; }; + c3d2.simd.arch = "ivybridge"; + services = { hydra = { enable = true; diff --git a/hosts/server10/default.nix b/hosts/server10/default.nix index a16d803e..7cc2d455 100644 --- a/hosts/server10/default.nix +++ b/hosts/server10/default.nix @@ -9,6 +9,7 @@ c3d2 = { deployment.microvmBaseZfsDataset = "server10/vm"; hq.statistics.enable = true; + simd.arch = "ivybridge"; }; boot = { diff --git a/hosts/server8/default.nix b/hosts/server8/default.nix index a8bb6654..4a89b78b 100644 --- a/hosts/server8/default.nix +++ b/hosts/server8/default.nix @@ -5,6 +5,11 @@ ./hardware-configuration.nix ]; + c3d2 = { + # deployment.microvmBaseZfsDataset = "tank/storage"; + hq.statistics.enable = true; + simd.arch = "westmere"; + }; boot = { loader.grub = { @@ -28,15 +33,14 @@ hostName = "server8"; hostId = "08080808"; }; - system.stateVersion = "22.11"; - services.openssh.enable = true; - services.zfs.autoScrub.enable = true; - services.smartd.enable = true; - - c3d2 = { - # deployment.microvmBaseZfsDataset = "tank/storage"; - hq.statistics.enable = true; + services = { + openssh.enable = true; + smartd.enable = true; + zfs.autoScrub.enable = true; }; + skyflake.nomad.client.meta."c3d2.cpuSpeed" = "3"; + + system.stateVersion = "22.11"; } diff --git a/hosts/server9/default.nix b/hosts/server9/default.nix index 1f28e789..ea23cbbe 100644 --- a/hosts/server9/default.nix +++ b/hosts/server9/default.nix @@ -4,7 +4,14 @@ _: imports = [ ./hardware-configuration.nix ]; - boot= { + + c3d2 = { + deployment.microvmBaseZfsDataset = "tank/storage"; + hq.statistics.enable = true; + simd.arch = "westmere"; + }; + + boot = { loader.grub = { enable = true; version = 2; @@ -25,23 +32,24 @@ _: hostName = "server9"; hostId = "09090909"; }; - system.stateVersion = "21.11"; - services.openssh.enable = true; - services.zfs.autoScrub.enable = true; - services.smartd.enable = true; + # required by libvirtd + security.polkit.enable = true; - c3d2 = { - deployment.microvmBaseZfsDataset = "tank/storage"; - hq.statistics.enable = true; + services = { + openssh.enable = true; + smartd.enable = true; + zfs.autoScrub.enable = true; }; + skyflake.nomad.client.meta."c3d2.cpuSpeed" = "3"; + system.stateVersion = "21.11"; + # XXX: enable for zw-ev and poelzi-ha until we find a better solution virtualisation.libvirtd = { enable = true; onShutdown = "shutdown"; }; - # required by libvirtd - security.polkit.enable = true; + } diff --git a/modules/c3d2.nix b/modules/c3d2.nix index 60d6f2f2..3e27722d 100644 --- a/modules/c3d2.nix +++ b/modules/c3d2.nix @@ -157,6 +157,18 @@ in }; }; + simd = { + enable = lib.mkEnableOption "optimized builds with simd instructions"; + arch = lib.mkOption { + type = with lib.types; nullOr str; + default = null; + description = '' + Microarchitecture string for nixpkgs.hostPlatform.gcc.march and to generate system-features. + Can be determined with: gcc -march=native -Q --help=target | grep march + ''; + }; + }; + users = mkOption { type = types.attrsOf (types.submodule { options.sshKeys = mkOption { diff --git a/modules/default.nix b/modules/default.nix deleted file mode 100644 index 4cae18bd..00000000 --- a/modules/default.nix +++ /dev/null @@ -1,121 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - # TODO: move to flake - nixcloud-webservices = pkgs.fetchFromGitHub { - owner = "nixcloud"; - repo = "nixcloud-webservices"; - rev = "3a0767f0536fac811065eb87e6342f27eac085aa"; - sha256 = "vC0vBu+0HchrevuWsmE7giouKnSt/q4F0TffwhuNJv8="; - }; - inherit (import "${nixcloud-webservices}/pkgs" { inherit pkgs; }) nixcloud; - - profilesDir = "/nix/var/nix/profiles/lxc"; - inherit (config.lxc) containers; - inherit (config.nix) nixPath; - - toLxcConfig' = path: a: - if builtins.isString a then '' - ${path} = ${a} - '' else if builtins.isInt a then '' - ${path} = ${toString a} - '' else if builtins.isAttrs a then - lib.concatMapStrings (name: - let path' = if path == "" then name else "${path}.${name}"; - in toLxcConfig' path' (builtins.getAttr name a)) (builtins.attrNames a) - else if builtins.isList a then - lib.concatMapStrings (toLxcConfig' path) a - else - throw "Invalid LXC config value"; - toLxcConfig = toLxcConfig' ""; -in { - options = with lib.types; { - lxc.containers = mkOption { - type = attrs; - default = { }; - }; - }; - - config = lib.mkIf (containers != { }) { - virtualisation.lxc.enable = true; - environment.systemPackages = [ nixcloud.container ]; - - virtualisation.lxc.defaultConfig = '' - lxc.id_map = u 0 100000 65536 - lxc.id_map = g 0 100000 65536 - ''; - users.users.root.subGidRanges = [{ - count = 65536; - startGid = 100000; - }]; - users.users.root.subUidRanges = [{ - count = 65536; - startUid = 100000; - }]; - - systemd.services = if true then - { } - else - builtins.foldl' (services: name: - let - systemDir = "/${profilesDir}/${name}/system"; - lxcDefaults = { - lxc = { - uts.name = name; - rootfs.path = "/run/current-system/sw/share/lxc/rootfs"; - mount.entry = [ - "${systemDir}/init /init none bind,ro 0 0" - "/nix/store /nix/store none bind,ro 0 0" - ]; - autodev = 1; - include = "/run/current-system/sw/share/lxc/config/common.conf"; - apparmor.profile = "generated"; - environment = "TERM=linux"; - }; - }; - config = builtins.getAttr name containers; - lxcConfig = builtins.toFile "lxc-container-${name}.conf" - # TODO: more intelligent merging? - (toLxcConfig (lxcDefaults // config.lxc)); - - builder = { - description = "Build NixOS for lxc container ${name}"; - wants = [ "nix-daemon.socket" ]; - after = [ "nix-daemon.service" ]; - - path = with pkgs; [ coreutils nix ]; - - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = true; - Environment = [ "NIX_PATH=${builtins.concatStringsSep ":" nixPath}" ]; - }; - - script = '' - mkdir -p ${profilesDir}/${name} - - nix-env -p ${profilesDir}/${name}/system \ - -I nixos-config=${config.nixos-config} \ - -f '' \ - --set -A system - ''; - }; - starter = { - description = "LXC container ${name}"; - requires = [ "lxc-container-${name}-builder.service" ]; - after = [ "lxc-container-${name}-builder.service" ]; - - path = with pkgs; [ lxc apparmor-parser ]; - - script = '' - mkdir -p /var/lib/lxc/${name} - ln -fs ${lxcConfig} /var/lib/lxc/${name}/config - lxc-start -F -n ${name} - ''; - }; - in services // { - "lxc-container-${name}-builder" = builder; - "lxc-container-${name}" = starter; - }) { } (builtins.attrNames containers); - }; -} diff --git a/modules/microvm.nix b/modules/microvm.nix index fad57689..b93b6d2a 100644 --- a/modules/microvm.nix +++ b/modules/microvm.nix @@ -1,4 +1,5 @@ { zentralwerk, options, config, lib, pkgs, ... }: + let defaultGateways = { serv = "serv-gw"; @@ -26,6 +27,12 @@ let ) hosts6 != {} ) zentralwerk.lib.config.site.net ); + + arch-to-host = rec { + server9 = "westmere"; + server10 = "ivybridge"; + nomad = server9; + }; in { options.c3d2.deployment = with lib; { @@ -157,6 +164,8 @@ in }) {} nets; }; + c3d2.simd.arch = arch-to-host.${config.c3d2.deployment.server}; + system.build = with pkgs; { copyToServer = writeScript "copy-to-${server}" '' #! ${runtimeShell} -e