about summary refs log tree commit diff
path: root/src/libstore/remote-store.cc
AgeCommit message (Collapse)AuthorFilesLines
2016-02-16 Rename ValidPathInfo::hash -> narHash for consistencyEelco Dolstra1-1/+1
2016-01-31 Use the daemon when we don't have write access to the Nix databaseEelco Dolstra1-8/+2
2015-12-02 daemon: Add 'buildMode' parameter to 'buildPaths' RPCLudovic Courtès1-3/+9
2015-09-03 Implement buildDerivation() via the daemonEelco Dolstra1-1/+9
2015-07-20 More cleanupEelco Dolstra1-102/+63
2015-07-17 OCD: foreach -> C++11 ranged forEelco Dolstra1-14/+14
2015-07-17 Allow remote builds without sending the derivation closureEelco Dolstra1-0/+7
Previously, to build a derivation remotely, we had to copy the entire closure of the .drv file to the remote machine, even though we only need the top-level derivation. This is very wasteful: the closure can contain thousands of store paths, and in some Hydra use cases, include source paths that are very large (e.g. Git/Mercurial checkouts). So now there is a new operation, StoreAPI::buildDerivation(), that performs a build from an in-memory representation of a derivation (BasicDerivation) rather than from a on-disk .drv file. The only files that need to be in the Nix store are the sources of the derivation (drv.inputSrcs), and the needed output paths of the dependencies (as described by drv.inputDrvs). "nix-store --serve" exposes this interface. Note that this is a privileged operation, because you can construct a derivation that builds any store path whatsoever. Fixing this will require changing the hashing scheme (i.e., the output paths should be computed from the other fields in BasicDerivation, allowing them to be verified without access to other derivations). However, this would be quite nice because it would allow .drv-free building (e.g. "nix-env -i" wouldn't have to write any .drv files to disk). Fixes #173.
2015-06-02 Add a ‘verifyStore’ RPCLudovic Courtès1-0/+10
Hello! The patch below adds a ‘verifyStore’ RPC with the same signature as the current LocalStore::verifyStore method. Thanks, Ludo’. >From aef46c03ca77eb6344f4892672eb6d9d06432041 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org> Date: Mon, 1 Jun 2015 23:17:10 +0200 Subject: [PATCH] Add a 'verifyStore' remote procedure call.
2015-03-25 addToStore(): Take explicit name argumentEelco Dolstra1-2/+2
2014-12-14 Merge branch 'cygwin-master' of https://github.com/ternaris/nixEelco Dolstra1-0/+1
2014-12-13 Better error messageEelco Dolstra1-1/+1
2014-12-12 Silence some warnings on GCC 4.9Eelco Dolstra1-1/+1
2014-12-09 Explicitly include required C headersMarko Durkovic1-0/+1
2014-10-31 Improve error message if the daemon worker fails to startEelco Dolstra1-2/+1
2014-09-01 Add an 'optimiseStore' remote procedure call.Ludovic Courtès1-0/+7
2014-08-20 Use proper quotes everywhereEelco Dolstra1-3/+3
2014-07-25 nix-daemon: Pass on the user's $SSH_AUTH_SOCK to the SSH substituterEelco Dolstra1-0/+2
2014-07-23 Remove dead codeEelco Dolstra1-2/+0
2014-07-14 build-remote.pl: Fix building multiple output derivationsEelco Dolstra1-1/+0
We were importing paths without sorting them topologically, leading to "path is not valid" errors. See e.g. http://hydra.nixos.org/build/12451761
2014-07-11 build-remote.pl: Use ‘nix-store --serve’ on the remote sideEelco Dolstra1-0/+1
This makes things more efficient (we don't need to use an SSH master connection, and we only start a single remote process) and gets rid of locking issues (the remote nix-store process will keep inputs and outputs locked as long as they're needed). It also makes it more or less secure to connect directly to the root account on the build machine, using a forced command (e.g. ‘command="nix-store --serve --write"’). This bypasses the Nix daemon and is therefore more efficient. Also, don't call nix-store to import the output paths.
2014-06-10 Report daemon OOM betterEelco Dolstra1-5/+17
When copying a large path causes the daemon to run out of memory, you now get: error: Nix daemon out of memory instead of: error: writing to file: Broken pipe
2014-06-10 Print a warning when loading a large path into memoryEelco Dolstra1-0/+3
I.e. if you have a derivation with src = ./huge-directory; you'll get a warning that this is not a good idea.
2014-02-18 Add a flag ‘--check’ to verify build determinismEelco Dolstra1-2/+2
The flag ‘--check’ to ‘nix-store -r’ or ‘nix-build’ will cause Nix to redo the build of a derivation whose output paths are already valid. If the new output differs from the original output, an error is printed. This makes it easier to test if a build is deterministic. (Obviously this cannot catch all sources of non-determinism, but it catches the most common one, namely the current time.) For example: $ nix-build '<nixpkgs>' -A patchelf ... $ nix-build '<nixpkgs>' -A patchelf --check error: derivation `/nix/store/1ipvxsdnbhl1rw6siz6x92s7sc8nwkkb-patchelf-0.6' may not be deterministic: hash mismatch in output `/nix/store/4pc1dmw5xkwmc6q3gdc9i5nbjl4dkjpp-patchelf-0.6.drv' The --check build fails if not all outputs are valid. Thus the first call to nix-build is necessary to ensure that all outputs are valid. The current outputs are left untouched: the new outputs are either put in a chroot or diverted to a different location in the store using hash rewriting.
2013-09-06 Don't apply the CPU affinity hack to nix-shell (and other Perl programs)Eelco Dolstra1-1/+1
As discovered by Todd Veldhuizen, the shell started by nix-shell has its affinity set to a single CPU. This is because nix-shell connects to the Nix daemon, which causes the affinity hack to be applied. So we turn this off for Perl programs.
2013-08-07 Run the daemon worker on the same CPU as the clientEelco Dolstra1-1/+12
On a system with multiple CPUs, running Nix operations through the daemon is significantly slower than "direct" mode: $ NIX_REMOTE= nix-instantiate '<nixos>' -A system real 0m0.974s user 0m0.875s sys 0m0.088s $ NIX_REMOTE=daemon nix-instantiate '<nixos>' -A system real 0m2.118s user 0m1.463s sys 0m0.218s The main reason seems to be that the client and the worker get moved to a different CPU after every call to the worker. This patch adds a hack to lock them to the same CPU. With this, the overhead of going through the daemon is very small: $ NIX_REMOTE=daemon nix-instantiate '<nixos>' -A system real 0m1.074s user 0m0.809s sys 0m0.098s
2013-03-08 Revert "Prevent config.h from being clobbered"Eelco Dolstra1-1/+1
This reverts commit 28bba8c44f484eae38e8a15dcec73cfa999156f6.
2013-03-07 Prevent config.h from being clobberedEelco Dolstra1-1/+1
2013-02-19 Add `Settings::nixDaemonSocketFile'.Ludovic Courtès1-1/+1
2012-12-29 nix-build: Support talking to old daemonsEelco Dolstra1-1/+10
Fixes #76.
2012-12-20 nix-store -q --roots: Respect the gc-keep-outputs/gc-keep-derivations settingsEelco Dolstra1-0/+10
So if a path is not garbage solely because it's reachable from a root due to the gc-keep-outputs or gc-keep-derivations settings, ‘nix-store -q --roots’ now shows that root.
2012-11-15 Don't use std::cerr in a few placesEelco Dolstra1-1/+1
Slightly scared of using std::cerr in a vforked process...
2012-10-03 Drop support for running nix-worker in "slave" modeEelco Dolstra1-55/+3
AFAIK nobody uses this, setuid binaries are evil, and there is no good reason why people can't just run the daemon.
2012-10-03 Add a ‘--repair’ flag to nix-instantiateEelco Dolstra1-3/+7
This allows repairing corrupted derivations and other source files.
2012-10-02 Add a --repair flag to ‘nix-store -r’ to repair derivation outputsEelco Dolstra1-1/+2
With this flag, if any valid derivation output is missing or corrupt, it will be recreated by using a substitute if available, or by rebuilding the derivation. The latter may use hash rewriting if chroots are not available.
2012-09-13 RemoteStore::connectToDaemon(): Set close-on-exec flagEelco Dolstra1-0/+1
This ensures that "nix-build --run-env" doesn't keep a connection to the worker open, preventing it from exiting.
2012-08-27 Merge branch 'master' into no-manifestsEelco Dolstra1-1/+1
2012-08-01 Drop the block count in the garbage collectorEelco Dolstra1-1/+1
2012-07-31 Pass all --option flags to the daemonEelco Dolstra1-0/+10
2012-07-30 Refactor settings processingEelco Dolstra1-12/+12
Put all Nix configuration flags in a Settings object.
2012-07-30 WhitespaceEelco Dolstra1-21/+21
2012-07-18 Merge branch 'master' into no-manifestsEelco Dolstra1-0/+12
2012-07-17 Add function queryPathFromHashPart()Eelco Dolstra1-0/+12
To implement binary caches efficiently, Hydra needs to be able to map the hash part of a store path (e.g. "gbg...zr7") to the full store path (e.g. "/nix/store/gbg...kzr7-subversion-1.7.5"). (The binary cache mechanism uses hash parts as a key for looking up store paths to ensure privacy.) However, doing a search in the Nix store for /nix/store/<hash>* is expensive since it requires reading the entire directory. queryPathFromHashPart() prevents this by doing a cheap database lookup.
2012-07-11 Replace hasSubstitutes() with querySubstitutablePaths()Eelco Dolstra1-7/+17
querySubstitutablePaths() takes a set of paths, so this greatly reduces daemon <-> client latency.
2012-07-11 Add a function queryValidPaths()Eelco Dolstra1-0/+17
queryValidPaths() combines multiple calls to isValidPath() in one. This matters when using the Nix daemon because it reduces latency. For instance, on "nix-env -qas \*" it reduces execution time from 5.7s to 4.7s (which is indistinguishable from the non-daemon case).
2012-07-11 Rename queryValidPaths() to queryAllValidPaths()Eelco Dolstra1-2/+2
2012-07-11 Implement querySubstitutablePathInfos() in the daemonEelco Dolstra1-23/+37
Also removed querySubstitutablePathInfo().
2012-07-06 download-from-binary-cache: parallelise fetching of NAR info filesEelco Dolstra1-0/+13
Getting substitute information using the binary cache substituter has non-trivial latency overhead. A package or NixOS system configuration can have hundreds of dependencies, and in the worst case (when the local info cache is empty) we have to do a separate HTTP request for each of these. If the ping time to the server is t, getting N info files will take tN seconds; e.g., with a ping time of 0.1s to nixos.org, sequentially downloading 1000 info files (a typical NixOS config) will take at least 100 seconds. To fix this problem, the binary cache substituter can now perform requests in parallel. This required changing the substituter interface to support a function querySubstitutablePathInfos() that queries multiple paths at the same time, and rewriting queryMissing() to take advantage of parallelism. (Due to local caching, parallelising queryMissing() is sufficient for most use cases, since it's almost always called before building a derivation and thus fills the local info cache.) For example, parallelism speeds up querying all 1056 paths in a particular NixOS system configuration from 116s to 2.6s. It works so well because the eccentricity of the top-level derivation in the dependency graph is only 9. So we only need 10 round-trips (when using an unlimited number of parallel connections) to get everything. Currently we do a maximum of 150 parallel connections to the server. Thus it's important that the binary cache server (e.g. nixos.org) has a high connection limit. Alternatively we could use HTTP pipelining, but WWW::Curl doesn't support it and libcurl has a hard-coded limit of 5 requests per pipeline.
2012-06-27 nix-store -r: do substitutions in parallelEelco Dolstra1-2/+2
I.e. when multiple non-derivation arguments are passed to ‘nix-store -r’ to be substituted, do them in parallel.
2012-05-29 Reserve some disk space for the garbage collectorEelco Dolstra1-2/+4
We can't open a SQLite database if the disk is full. Since this prevents the garbage collector from running when it's most needed, we reserve some dummy space that we can free just before doing a garbage collection. This actually revives some old code from the Berkeley DB days. Fixes #27.
2012-04-30 * Add an option ‘build-use-substitutes’, which can be set to ‘false’Eelco Dolstra1-0/+3
to disable use of substitutes; i.e., force building from source. Fixes Nix/221.