Nix: a space odyssey
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
| Title |
| |
| Title of Series | ||
| Number of Parts | 28 | |
| Author | ||
| License | CC Attribution 3.0 Unported: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor. | |
| Identifiers | 10.5446/61017 (DOI) | |
| Publisher | ||
| Release Date | ||
| Language |
Content Metadata
| Subject Area | ||
| Genre | ||
| Abstract |
|
NixCon 202220 / 28
10
12
20
21
22
24
25
26
27
00:00
Inheritance (object-oriented programming)SatelliteComputer wormEmbedded systemAlgebraic closureSatelliteAlgebraic closureMedical imagingSpacetimeProcess (computing)Connected spaceSoftware developerHeegaard splittingRoundness (object)WebsitePhysical systemPlanningBitMultiplication signForestDiagramShared memoryServer (computing)BuildingSerial portSource codeVideo game consoleRight angleVirtual machineElectric generatorEntire functionArmCuboidCoprocessorData storage deviceFocus (optics)MereologyCache (computing)Confidence intervalBinary codeNeuroinformatikRemote procedure callQuicksortSoftware testingPoint (geometry)outputState of matterCorrespondence (mathematics)Scripting languageException handlingLine (geometry)Computer hardwareFile archiverKernel (computing)1 (number)Module (mathematics)SoftwareControl flowService (economics)Computer wormConfiguration spaceCASE <Informatik>Moving averageSet (mathematics)Booting
Transcript: English(auto-generated)
00:08
Are we good now? Can you hear me? Can you hear me? In the background?
00:22
Okay. Well, welcome everyone. I would like to say thank you for your attention and your time. I'm Leandro and today I want to present you not as much of a talk as other talks that we have today but rather more like a testimonial or like a tale
00:41
right? About our experience with Nix and the work, right? So, we've been using Nix as a part of our satellite development so we at OraTech develop satellite payloads and these payloads their focus is to
01:01
monitor the Earth from space, right? So basically the idea here is that this just is basically the shoe size box that we give to space, right, and then just we never had access to it again. So
01:20
you use it to like take pictures like this for example. Now you may wonder what the fuck is that on the left, right? Or the right in your case, right? That's actually Paris. Just that yeah, it was quite cloudy. So I'm sorry I couldn't get any clearer pictures from our satellite but on the right you can see another example that I found
01:41
within our archives I'm not going to even try to pronounce that city but yeah so the thing is this is about our first one payload our first one's payload was pretty much done by the time I joined the company, right? So
02:00
that's sort of what I come in right joined the company about a year ago and they had this sort of let's call it well intentioned script to build a Debian system where you just
02:21
put everything together into a makefile and just get some sort of Debian image but it wasn't really like really expandable, right? It's just you get only a very basic system which requires a lot of
02:41
manual processing. You got every time you have to update the satellite you have to manually connect to it like send the JavaScript or send the packages, ensure that everything works and you cannot fuck up basically because if you can't fuck up any space you are pretty much screwed so here is what
03:02
we started to start to envision we needed something that allows us to have more confidence in our own update process and our own software that we are going to push into space so this is
03:21
just our first idea, right? Okay, what is the most basic concept that we need to learn from this is just develop things have them somehow get built into an image that we can trust is reproducible and we can test it on-ground first
03:41
and then we can create an exact copy on space but we cannot be sending like an entire image on space each time so we had to find some way to make it make that work into more reliable but also small, something that can be
04:01
done in small chunks so here is what the idea of Nix comes into the picture right? So we wanted to we started to go down the hole of Nix just okay, yes, we can start using Nix but why not just
04:20
Nix OS for like if you are going to use Nix on space just might as well, right? and then we were starting to consider Flex as well this is the thing that very rough plan started to get into a more
04:40
more and more Nix centered approach and actually that's like basically how I got hired actually because it wasn't my idea it was the senior developer's idea just like he heard about this Nix thing and in the interview
05:00
you know, as you can actually do it's like, oh, hello, I'm D'andro have you heard about our O'Lorra server Nix? and that landed the job interview for some reason so we started like putting it into place and I started like actually
05:21
developing the whole thing around Nix called me crazy, you would write definitely but I wanted to show you just like how every single piece of my diagram quickly became infected with Nix pretty much so
05:44
yes, so the process started like a developer started to use Nix on their own computers, they started the package stuff with flakes then they can proceed to read their own images these images themselves are
06:04
flakes but they're custom stuff that I've had to hack around because, well, they're running on Jetson Nanos, not Nanos Jetson Saviors, which are pretty much non-supported so I had to hack around the kernel
06:21
and make it work but then they are built on a dedicated builder so one of the features that Nix provides you is just, I'm not going to build it on my computer, I can build it on a dedicated server or like machine in our case it's just Raspberry Pi
06:41
but you can delegate that into another system and the great idea about that is that Jetsons are ARM devices so you don't have to worry about any cross-compiling or having to SSH into a machine that is ARM based so that you can have a native binary or anything just
07:02
transparently, just Nix builds on your computer and just if it's configured properly it just knows to go to that server and just get everything built and then after that the whole process is done you can just trigger the pipeline just again
07:20
that pipeline is going to be using Nix it's going to use the same processes as well so you don't even need to reread it again because it's already cached into your build server but then we are also going to cache it as well so we can share it like between different build servers
07:40
the pipeline knows which build server was used so that because we have a couple of them you will know to find the correct build server so that it doesn't have to reread again and then put it into a cache so that all build servers have access to it and then it will automatically
08:01
take that binary and just that image all its updates and just send the corresponding Nix store packages to a ground satellite replica which is basically just a set of nano with some hardware around it that's used for testing purposes
08:20
and that allows us to just do some proper testing like a lot of manual processes go into testing but that allows us to ensure that we can trust our software it boots, it doesn't break it doesn't break our software
08:41
but just all our services are working the hardware itself works as expected because we have custom hardware so it requires custom kernel modules and all that sort of thing and once we have that trust and the software that we tested
09:01
we can just straight up push it to space through the same pipeline this is like a dotted line because this is expecting a manual input has to manually be approved and then we can just push it straight to space and we know that it's going to be
09:22
an exact copy of what we have on ground and not have to worry about any statefulness or anything just gets immediately pushed and starts running again no worries over there and as I've said before, everything
09:41
ends up using Nix in the background and except for the developers at least yet they haven't found a way to get the failures running on Nix itself but yeah, one of the many key points that
10:01
I wanted to highlight specifically reproducibility as I said is a very important topic for testing on ground we need to be able to have as identical as possible on ground compared to space
10:21
remote readers as I said, we need to we need to have R binaries and we don't have R computers ourselves so that allows us to transfer it in things the cache splits up we have a lot of really big
10:42
stuff that we need to build that can take quite a while and that cache allows us to save a lot of time specifically because we also have like an ARM 7 processor and I don't know if you've ever tried to build ARM 7 stuff pretty much tries to build a lot of stuff
11:00
from source so that can save up days of building time then the ability to just package it into closures and being able to send it to like another system so you can share stuff with within systems that this allows us to the custom upload process
11:21
because connection within a satellite and ground is not stable, it's not trustworthy so you have to like split it up into small pieces and slowly trickle it over in space until you can get the whole thing over and then you have to put it all together back in space
11:41
and just continue as if you just used for a next copy closure and then the generation is also something that we find really useful because no matter how much you test stuff there is a very high probability that something at some point is going to go wrong
12:00
and as I said you cannot have any problems in space so the thing is that you need it gives you that confidence that even if I fail at testing something on ground, even if I accidentally push something that I shouldn't have or whatever I can always go back
12:22
and just roll back the configuration and not have to worry about it too much and also that generation thing is I don't have to have two copies in space of the same image for example, it's just have a single image with all the paths in the store and then
12:41
you just pretty much just switch whichever path you are pointing to and that's just changing the generation so it saves us also a lot of space storage that it's really valuable in space so
13:01
honestly, being like how nervous I am because this is my first talk, I went a little bit too fast I think I'm sorry about that but yes, I want to open up for questions I gave you some example questions here but you can ask me about anything give him a round of applause
13:27
so are there any questions? my apologies for the ringing, I'm trying to figure it out but are there questions? no? no questions? no hands? am I missing
13:41
ah, there we go yeah so if there's a problem you mentioned generations do you like SSH to the machine and then just pick the other generation
14:00
is there anything to help if you completely bust it and you need to reboot the system can you go into that or would that be too much detail? no, that's fine so basically, beyond this automated process, if it completely fails to put up, that's going to be
14:20
automatically rolled back, but if it boots up but something goes wrong you don't have quite often it's not an SSH session per se, it's more like a bus, like, connected to a serial console that's using some weird arbitrary stuff to connect to the ground
14:40
and we just get access to that so it's SSH but mostly specifically any other questions? just more of a practical
15:00
curiosity, how did you uninstall Debian on the satellite and then get Nixos running? oh, maybe I wasn't clear about that, this is our next payload that we're going to be deploying so from we deployed our first satellite, right forest 1, but then from forest 2 on, we're planning to use Nixos on it, so I may be lying
15:22
a little bit over the title because it's not yet on space, it's going to be in a couple of months, but yes, we're not updating stuff, Debian stuff in space that we don't touch. We do have time for
15:41
more, so if there's questions please raise your hand and I'll come No? Okay, then one more round of applause please, thank you Just wanted to mention yeah, thanks again for your time
16:01
but we're hiring just if you're curious about it you can check on that website or you can ask me around, I will probably be at the hiring happy hour so feel free also to come around and thank you