Nix From The Dark Ages: Without Root.

Transcript

1. NIX FROM THE DARK AGES: WITHOUT ROOT ROHIT GOSWAMI Created:

   2020-10-17 Sat 10:19 1

2. HELLO NIXCON! Find me here: Who? Rohit Goswami MInstP AMIChemE

   AMIE Doctoral Researcher, University of Iceland, Faculty of Physical Sciences https://rgoswami.me 2

3. BIG PICTURE 3

4. Woes ACADEMIC CLUSTERS No docker If lucky, will have singularity

   No userspace support No proot Probably runs CentOS or something Has a networked le system Uses a resource queue Slurm, PBS Might have support for lmod 4

5. Necessary Evil However WHY? Users can’t be trusted Massive amounts

   of resources are consumed Resource limits are tracked Users need new software Developers need guarantees of high resources To test parallelism and more 5

6. WHERE’S NIX? Nix is the solution Used by some scienti

   c software too Does no one use it then? What if no-one cared? [dolstraNixSafePolicyFree2004] [goswamiDSEAMSDeferredStructural2020] Some clusters have nix support They actually support it though GRICAD has [bzeznikNixHPCPackage2017] The Flatiron Institute and also support nix Compute Canada Then you end up here ( ) post 6

7. WHERE ARE WE? 7

8. Prerequisites A whole lot of user- installed junk Concept METHODOLOGY

   REVIEW Listed here Somehow get nix to build Do unholy things to paths Indiscriminate source pruning Let nix re-install itself Described here 8

9. ACKNOWLEDGEMENTS Who worked on it rst? Built upto 2.0.4 apparently

   Seemingly abandoned after 2015 jefdaj/nix-no-root pjotrp/nix-no-root 9

10. HOORAY? Not quite! 10

11. WHAT WENT WRONG? Massive waste of resources Though they can

    be traced to the user Effectively builds on the login node (~ 3 hours) Can’t be helped without integration with a queue 11

12. WHAT DO WE NEED? 12

13. BETTER PERMISSION HANDLING e.g. building ruby involves: watch -n1 -x

    chmod 777 -R /tmp/nix-build-ruby-2.6.6.drv-0/source/lib/ Less gratuitous permissions might be set 13

14. BETTER NFS LOCKS Maybe even build in a temporary directory

    until the lock is released Currently one of the “ xes” includes: nix-build # something about a .nfs lockfile in some .nix/$HASH-pkg/.nfs0234234 mv .nix/$HASH-pkg/ .diePKGs/ nix-build # profit 14

15. Builder Provenance Who built what? a.k.a. Billing Honestly the only

    way to make this go mainstream Queue Integration Can only build on the head node Need slurm or PBS to run on the whole cluster BILLS AND QUEUES 15

16. FUTURE DIRECTIONS 16

17. UNION MOUNT by catern Proposed here Would reduce compilation Currently

    does not actually replace the global store Discussion here 17

18. PERSONAL GOALS Native le path test Hash relative to a

    pre x Cleaner Setup Maybe a derivation Return Next Year! Hopefully with cleaner methods 18

19. THE END 19

20. BIBLIOGRAPHY Bzeznik, Henriot, Reis, Richard & Tavard, Nix as HPC

    Package Management System, 1-6, in in: Proceedings of the Fourth International Workshop on HPC User Support Tools - HUST'17, edited by ACM Press Dolstra, family=Jonge & Visser, Nix: A Safe and Policy-Free System for Software Deployment, , 15 . Goswami, Goswami & Singh, D-SEAMS: Deferred Structural Elucidation Analysis for Molecular Simulations, Journal of Chemical Information and Modeling, 60(4), 2169-2177 . . [bzeznikNixHPCPackage2017] [dolstraNixSafePolicyFree2004] [goswamiDSEAMSDeferredStructural2020] doi 20

21. THANKS! 21