mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-09-11 15:08:33 +01:00
Code Issues Wiki Activity

nixos/azure: add Gen 2 VM, aarch64 and accelerated networking support (#333508)

Browse source
This commit is contained in:
Jonas Chevalier 2024-08-30 10:59:49 +02:00 committed by GitHub
parent 25039823dc 94683f9e55
commit 1e9fccb79f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 100 additions and 64 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
nixos/modules/virtualisation/azure-agent.nix
View file

@ -11,7 +11,6 @@ let
'';
in
{
###### interface
@ -35,13 +34,9 @@ in
config = lib.mkIf cfg.enable {
assertions = [{
assertion = pkgs.stdenv.hostPlatform.isx86;
message = "Azure not currently supported on ${pkgs.stdenv.hostPlatform.system}";
}
{
assertion = config.networking.networkmanager.enable == false;
message = "Windows Azure Linux Agent is not compatible with NetworkManager";
}];
assertion = config.networking.networkmanager.enable == false;
message = "Windows Azure Linux Agent is not compatible with NetworkManager";
}];
boot.initrd.kernelModules = [ "ata_piix" ];
networking.firewall.allowedUDPPorts = [ 68 ];

122
nixos/modules/virtualisation/azure-common.nix
View file

@ -1,67 +1,85 @@
{ lib, pkgs, ... }:
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.virtualisation.azure;
mlxDrivers = [ "mlx4_en" "mlx4_core" "mlx5_core" ];
in
{
imports = [ ../profiles/headless.nix ];
require = [ ./azure-agent.nix ];
virtualisation.azure.agent.enable = true;
boot.kernelParams = [ "console=ttyS0" "earlyprintk=ttyS0" "rootdelay=300" "panic=1" "boot.panic_on_fail" ];
boot.initrd.kernelModules = [ "hv_vmbus" "hv_netvsc" "hv_utils" "hv_storvsc" ];
# Generate a GRUB menu.
boot.loader.grub.device = "/dev/sda";
boot.loader.timeout = 0;
boot.growPartition = true;
# Don't put old configurations in the GRUB menu. The user has no
# way to select them anyway.
boot.loader.grub.configurationLimit = 0;
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
autoResize = true;
options.virtualisation.azure = {
acceleratedNetworking = mkOption {
default = false;
description = "Whether the machine's network interface has enabled accelerated networking.";
};
};
# Allow root logins only using the SSH key that the user specified
# at instance creation time, ping client connections to avoid timeouts
services.openssh.enable = true;
services.openssh.settings.PermitRootLogin = "prohibit-password";
services.openssh.settings.ClientAliveInterval = 180;
imports = [
../profiles/headless.nix
./azure-agent.nix
];
# Force getting the hostname from Azure
networking.hostName = mkDefault "";
config = {
virtualisation.azure.agent.enable = true;
# Always include cryptsetup so that NixOps can use it.
# sg_scan is needed to finalize disk removal on older kernels
environment.systemPackages = [ pkgs.cryptsetup pkgs.sg3_utils ];
boot.kernelParams = [ "console=ttyS0" "earlyprintk=ttyS0" "rootdelay=300" "panic=1" "boot.panic_on_fail" ];
boot.initrd.kernelModules = [ "hv_vmbus" "hv_netvsc" "hv_utils" "hv_storvsc" ];
boot.initrd.availableKernelModules = lib.optionals cfg.acceleratedNetworking mlxDrivers;
networking.usePredictableInterfaceNames = false;
# Accelerated networking
systemd.network.networks."99-azure-unmanaged-devices.network" = lib.mkIf cfg.acceleratedNetworking {
matchConfig.Driver = mlxDrivers;
linkConfig.Unmanaged = "yes";
};
networking.networkmanager.unmanaged = lib.mkIf cfg.acceleratedNetworking
(builtins.map (drv: "driver:${drv}") mlxDrivers);
services.udev.extraRules = ''
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:0", ATTR{removable}=="0", SYMLINK+="disk/by-lun/0",
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:1", ATTR{removable}=="0", SYMLINK+="disk/by-lun/1",
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:2", ATTR{removable}=="0", SYMLINK+="disk/by-lun/2"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:3", ATTR{removable}=="0", SYMLINK+="disk/by-lun/3"
# Generate a GRUB menu.
boot.loader.grub.device = "/dev/sda";
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:4", ATTR{removable}=="0", SYMLINK+="disk/by-lun/4"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:5", ATTR{removable}=="0", SYMLINK+="disk/by-lun/5"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:6", ATTR{removable}=="0", SYMLINK+="disk/by-lun/6"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:7", ATTR{removable}=="0", SYMLINK+="disk/by-lun/7"
boot.growPartition = true;
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:8", ATTR{removable}=="0", SYMLINK+="disk/by-lun/8"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:9", ATTR{removable}=="0", SYMLINK+="disk/by-lun/9"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:10", ATTR{removable}=="0", SYMLINK+="disk/by-lun/10"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:11", ATTR{removable}=="0", SYMLINK+="disk/by-lun/11"
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
autoResize = true;
};
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:12", ATTR{removable}=="0", SYMLINK+="disk/by-lun/12"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:13", ATTR{removable}=="0", SYMLINK+="disk/by-lun/13"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:14", ATTR{removable}=="0", SYMLINK+="disk/by-lun/14"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:15", ATTR{removable}=="0", SYMLINK+="disk/by-lun/15"
# Allow root logins only using the SSH key that the user specified
# at instance creation time, ping client connections to avoid timeouts
services.openssh.enable = true;
services.openssh.settings.PermitRootLogin = "prohibit-password";
services.openssh.settings.ClientAliveInterval = 180;
'';
# Force getting the hostname from Azure
networking.hostName = mkDefault "";
# Always include cryptsetup so that NixOps can use it.
# sg_scan is needed to finalize disk removal on older kernels
environment.systemPackages = [ pkgs.cryptsetup pkgs.sg3_utils ];
networking.usePredictableInterfaceNames = false;
services.udev.extraRules = ''
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:0", ATTR{removable}=="0", SYMLINK+="disk/by-lun/0",
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:1", ATTR{removable}=="0", SYMLINK+="disk/by-lun/1",
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:2", ATTR{removable}=="0", SYMLINK+="disk/by-lun/2"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:3", ATTR{removable}=="0", SYMLINK+="disk/by-lun/3"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:4", ATTR{removable}=="0", SYMLINK+="disk/by-lun/4"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:5", ATTR{removable}=="0", SYMLINK+="disk/by-lun/5"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:6", ATTR{removable}=="0", SYMLINK+="disk/by-lun/6"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:7", ATTR{removable}=="0", SYMLINK+="disk/by-lun/7"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:8", ATTR{removable}=="0", SYMLINK+="disk/by-lun/8"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:9", ATTR{removable}=="0", SYMLINK+="disk/by-lun/9"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:10", ATTR{removable}=="0", SYMLINK+="disk/by-lun/10"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:11", ATTR{removable}=="0", SYMLINK+="disk/by-lun/11"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:12", ATTR{removable}=="0", SYMLINK+="disk/by-lun/12"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:13", ATTR{removable}=="0", SYMLINK+="disk/by-lun/13"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:14", ATTR{removable}=="0", SYMLINK+="disk/by-lun/14"
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:15", ATTR{removable}=="0", SYMLINK+="disk/by-lun/15"
'';
};
}

31
nixos/modules/virtualisation/azure-image.nix
View file

@ -7,8 +7,8 @@ in
{
imports = [ ./azure-common.nix ];
options = {
virtualisation.azureImage.diskSize = mkOption {
options.virtualisation.azureImage = {
diskSize = mkOption {
type = with types; either (enum [ "auto" ]) int;
default = "auto";
example = 2048;
@ -16,14 +16,34 @@ in
Size of disk image. Unit is MB.
'';
};
virtualisation.azureImage.contents = mkOption {
bootSize = mkOption {
type = types.int;
default = 256;
description = ''
ESP partition size. Unit is MB.
Only effective when vmGeneration is `v2`.
'';
};
contents = mkOption {
type = with types; listOf attrs;
default = [ ];
description = ''
Extra contents to add to the image.
'';
};
vmGeneration = mkOption {
type = with types; enum [ "v1" "v2" ];
default = "v1";
description = ''
VM Generation to use.
For v2, secure boot needs to be turned off during creation.
'';
};
};
config = {
system.build.azureImage = import ../../lib/make-disk-image.nix {
name = "azure-image";
@ -33,9 +53,12 @@ in
'';
configFile = ./azure-config-user.nix;
format = "raw";
bootSize = "${toString cfg.bootSize}M";
partitionTableType = if cfg.vmGeneration == "v2" then "efi" else "legacy";
inherit (cfg) diskSize contents;
inherit config lib pkgs;
};
};
}