add sysbox services

2023-12-03 16:11:07 +01:00
parent b074b8dff7
commit 9891fb3f35
2 changed files with 61 additions and 0 deletions
--- a/hosts/fw.cloonar.com/modules/sysbox.nix
+++ b/hosts/fw.cloonar.com/modules/sysbox.nix
@@ -0,0 +1,60 @@
+{ pkgs, ... }:
+{
+  systemd.services.sysbox = {
+    description = "Sysbox container runtime";
+    documentation = "https://github.com/nestybox/sysbox";
+    bindsTo = [ "sysbox-mgr.service" "sysbox-fs.service" ];
+    after = [ "sysbox-mgr.service" "sysbox-fs.service" ];
+    before = [ "docker.service" "containerd.service" ];
+    wantedBy = [ "multi-user.target" ];
+    serviceConfig = {
+      Type = "exec";
+      ExecStart = ''
+        /bin/sh -c "${pkgs.sysbox}/bin/sysbox-runc --version && ${pkgs.sysbox}/bin/sysbox-mgr --version && ${pkgs.sysbox}/bin/sysbox-fs --version && /bin/sleep infinity"
+      '';
+    };
+  };
+
+  systemd.services.sysbox-fs = {
+    description = "sysbox-fs (part of the Sysbox container runtime)";
+    partOf = "sysbox.service";
+    after = "sysbox-mgr.service";
+    wantedBy = [ "multi-user.target" ];
+    serviceConfig = {
+      Type = "simple";
+      Type = "notify";
+      ExecStart = "${pkgs.sysbox}/bin/sysbox-fs";
+      TimeoutStartSec = 10;
+      TimeoutStopSec = 10;
+      StartLimitInterval = 0;
+      NotifyAccess = "main";
+      OOMScoreAdjust = -500;
+      # The number of files opened by sysbox-fs is a function of the number of
+      # containers and the workloads within them. Thus we set the limit to
+      # infinite so to prevent "too many open files" errors.
+      LimitNOFILE = "infinity";
+      LimitNPROC = "infinity";
+    };
+  };
+
+  systemd.services.sysbox-mgr = {
+    description = "sysbox-mgr (part of the Sysbox container runtime)";
+    partOf = "sysbox.service";
+    wantedBy = [ "multi-user.target" ];
+    serviceConfig = {
+      Type = "simple";
+      Type = "notify";
+      ExecStart = "${pkgs.sysbox}/bin/sysbox-mgr";
+      TimeoutStartSec = 45;
+      TimeoutStopSec = 90;
+      StartLimitInterval = 0;
+      NotifyAccess = "main";
+      OOMScoreAdjust = -500;
+      # The number of files opened by sysbox-fs is a function of the number of
+      # containers and the workloads within them. Thus we set the limit to
+      # infinite so to prevent "too many open files" errors.
+      LimitNOFILE = "infinity";
+      LimitNPROC = "infinity";
+    };
+  };
+}