Host a DevOps exam using NixOS
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
| Title |
| |
| Subtitle |
| |
| Title of Series | ||
| Number of Parts | 19 | |
| Author | ||
| License | CC Attribution 3.0 Unported: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor. | |
| Identifiers | 10.5446/50689 (DOI) | |
| Publisher | ||
| Release Date | ||
| Language |
Content Metadata
| Subject Area | |
| Genre |
Nixcon 202015 / 19
2
3
7
8
12
14
15
17
18
19
00:00
Virtual machineWebsiteOpticsStudent's t-testOrder (biology)Computer animation
00:21
Virtual realityStudent's t-testVirtual machineWebsiteAxiom of choiceFormal languageAlpha (investment)MiniDiscRepository (publishing)CodeFocus (optics)Data modelSynchronizationKey (cryptography)SubsetOpen setPrice indexEmailService (economics)Read-only memoryDirection (geometry)Condition numberShooting methodBitGoodness of fitComputer configurationOrder (biology)Software developerKey (cryptography)Information securityUniqueness quantificationGodMedianMultiplication signLattice (order)Electric generatorCommutatorProduct (business)Student's t-testComputer fileContext awarenessLevel (video gaming)Point (geometry)Configuration spaceCodeDifferent (Kate Ryan album)ExpressionFunction (mathematics)Software testingMatching (graph theory)Uniform boundedness principleService (economics)Content (media)Interface (computing)SoftwareMessage passingProcess (computing)Virtual machineFunctional (mathematics)Public-key cryptographyEndliche ModelltheorieMereologyError messageRight angleScripting languageParameter (computer programming)SubsetInteractive televisionAttribute grammarWebsiteUniverse (mathematics)Directed graphXML
04:44
Computer animation
Transcript: English(auto-generated)
00:00
Next up is Eva Schraca, host a DevOps exam using NixOps. It's about how to host a DevOps exam deploying, sorry, it's about how to post a DevOps exam consisting in deploying a bastion host and a KVM virtual machine per student in order for them to deploy a website which will be auto-validated.
00:22
I'm using NixOS. Sorry for my French accent on my old voice. I just woke up from a COVID week. We'll show you here how with Rayan, which go to this talk and also speak today about NixOps for Proxmox. How we deploy bastion host and the KVM virtual machine per student for them to deploy a small app,
00:43
for example, in this case, a website which will be again, auto-validated. More precisely, we run it last June with 70 students simultaneously. To test their ability, we offer three different level of difficulty which becomes separate for each student to average two or three.
01:01
Exam subject are generated with LaTeX, but that's not the point of this talk. In this talk, we'll show you how we set up the infrastructure on which students could log in and how we did it completely declaratively with NixOS. A little disclaimer here. To be fair, what we write in the short deadline context
01:23
of university exam was a bit incomplete and experimental. For example, no student tried to perform the last level of the exam. Now, I want to directly show you some part of the code, which you can also find online on git.neotype.fr slash evil slash DevOps exam model.
01:44
Error was some of the different files we used. I will not go through all of these during this talk. I will, for example, pass on the content of kvm-guest.nix, which is quite straightforward and do exactly what you can get, which is to create a KVM gift. The idea here is to show you how simple it
02:03
is to turn student data into a working configuration. I will begin by showing you the short Python salsa in generate setup.py that generates some Nix code, which is student setup.nix that will be used later in our configuration file,
02:22
which is student.nix. Let's start with our bash deploy script, which is quite simple. Deploying our service is easy, thanks to NixOS. You can see that we just earth sink all our Nix file on prod and NixOS rebuild switch. Before that, we run the generate setup.py,
02:43
which is an expert here. This script will produce as about student setup.nix from the CSV file containing the matching of student, may and username, and the folder in which student has to send us their pubic SSH key to read key function here in this code subset.
03:02
The wire gap parameter function called wg, gen key, and pub key in the subprocess to set up the wire gap key pair for each student. It rely on xx.py that expose the pytunix function, which is pretty handy, and let us turn pytunix into a Nix expression.
03:21
Here is a random example of what looks like one entry of the Nix output that will be built later on prod. The student chose Debian as the guest OS for its deployment. NixOS was left as an alternative choice, but to be fair, we didn't test it yet. This is an extract of student.nix that
03:43
imports the previous configuration file which is generated. The idea is to map attributes over the student to declaratively create KVM guest. With the same idea, populate the right networking interface, networking host,
04:00
networking wire gap, interface peer, or service engine, or security access, everything you need to make it work. To sum up what we can ask, what are the benefits of this approach versus another one?
04:22
I will say NixOS make it possible to have a quick and easy interaction in our development process. For this kind of project, it's pretty handy. Five minutes was a bit tight, and Brian and I are, of course, available for answering questions on
04:40
any detail of which I just not take the time to present.