diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index ba5bfe0a4b11a..111508a2d77f2 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -1173,6 +1173,7 @@ ./services/networking/zeronet.nix ./services/networking/zerotierone.nix ./services/networking/znc/default.nix + ./services/networking/vpp.nix ./services/printing/cupsd.nix ./services/printing/ipp-usb.nix ./services/printing/cups-pdf.nix diff --git a/nixos/modules/services/networking/vpp.nix b/nixos/modules/services/networking/vpp.nix new file mode 100644 index 0000000000000..58a779fec3689 --- /dev/null +++ b/nixos/modules/services/networking/vpp.nix @@ -0,0 +1,52 @@ +{ pkgs, config, lib, ... }: +let + inherit (lib) mkEnableOption mkPackageOption mkIf types mkOption; + cfg = config.services.vpp; +in +{ + options.services.vpp = { + enable = mkEnableOption '' + vector packet processing framework. + + VPP replaces the Linux network stack by a userspace-based network stack, + driven by `vppctl`. You can enable the Linux Control Plane to continue + to interop with Linux APIs. + ''; + + package = mkPackageOption pkgs "vpp" { }; + + configFile = mkOption { + type = types.path; + description = "VPP configuration file for startup"; + }; + }; + + config = mkIf cfg.enable { + users.groups.vpp = {}; + environment.systemPackages = [ cfg.package ]; + boot.kernel.sysctl = { + "vm.nr_hugepages" = lib.mkDefault 1024; + "max_map_count" = lib.mkDefault 3096; + "hugetlb_shm_group" = lib.mkDefault 0; + # Assert that shm max ≥ total size of hugepages. + "shmmax" = lib.mkDefault 2147483648; + }; + systemd.services.vpp = { + description = "Vector Packet Processing process"; + after = [ "syslog.target" "network.target" "auditd.service" ]; + serviceConfig = { + ExecStartPre = [ + "-${pkgs.coreutils}/bin/rm -f /dev/shm/db /dev/shm/global_vm /dev/shm/vpe-api" + "-/run/current-system/sw/bin/modprobe uio_pci_generic" + ]; + + ExecStart = "${cfg.package}/bin/vpp -c ${cfg.configFile}"; + Type = "simple"; + Restart = "on-failure"; + RestartSec = "5s"; + RuntimeDirectory = "vpp"; + }; + wantedBy = [ "multi-user.target" ]; + }; + }; +} diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 8193c3dfe840f..d0c86843e1c83 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -957,6 +957,7 @@ in { vscode-remote-ssh = handleTestOn ["x86_64-linux"] ./vscode-remote-ssh.nix {}; vscodium = discoverTests (import ./vscodium.nix); vsftpd = handleTest ./vsftpd.nix {}; + vpp = handleTest ./vpp.nix { }; warzone2100 = handleTest ./warzone2100.nix {}; wasabibackend = handleTest ./wasabibackend.nix {}; watchdogd = handleTest ./watchdogd.nix {}; diff --git a/nixos/tests/vpp.nix b/nixos/tests/vpp.nix new file mode 100644 index 0000000000000..b652dff2610ba --- /dev/null +++ b/nixos/tests/vpp.nix @@ -0,0 +1,38 @@ +import ./make-test-python.nix ({ pkgs, lib, ... }: +{ + name = "vpp"; + + meta = with pkgs.lib.maintainers; { + maintainers = [ raitobezarius ]; + }; + + nodes = { + node = { ... }: { + # Clearly, VPP is hungry of hugepages… + virtualisation.memorySize = 4096; + services.vpp = { + enable = true; + configFile = pkgs.writeText "startup.conf" '' + unix { + nodaemon + nosyslog + full-coredump + cli-listen /run/vpp/cli.sock + } + + api-trace { + on + } + ''; + }; + }; + }; + + testScript = '' + start_all() + node.wait_for_unit("multi-user.target") + node.wait_for_unit("vpp.service") + node.succeed("vppctl show version | grep -i nixos") + node.succeed("vppctl show interface | grep -i local0") + ''; +}) diff --git a/pkgs/by-name/vp/vpp/package.nix b/pkgs/by-name/vp/vpp/package.nix new file mode 100644 index 0000000000000..283fd51f8d4e8 --- /dev/null +++ b/pkgs/by-name/vp/vpp/package.nix @@ -0,0 +1,96 @@ +{ lib +, stdenv +, fetchFromGitHub +, cmake +, openssl +, python3 +, subunit +, dpdk +, mbedtls_2 +, rdma-core +, libnl +, libmnl +, libpcap +, check +, fetchpatch +}: + +stdenv.mkDerivation rec { + pname = "vpp"; + version = "23.10"; + + src = fetchFromGitHub { + owner = "FDio"; + repo = "vpp"; + rev = "v${version}"; + hash = "sha256-YcDMDHvKIL2tOD98hTcuyQrL5pk80olYKNWiN+BA49U="; + }; + + patches = [ + # Important fix part of 24.02 for the Linux Control Plane. + (fetchpatch { + name = "fix-looping-netlink-messages.patch"; + url = "https://gerrit.fd.io/r/changes/vpp~39622/revisions/9/patch?download"; + decode = "base64 -d"; + stripLen = 1; + hash = "sha256-0ZDKJgXrmTzlVSSapdEoP27znKuWUrnjTXZZ4JrximA="; + }) +# Does not apply cleanly. +# (fetchpatch { +# name = "fix-optional-labels-for-prometheus.patch"; +# url = "https://gerrit.fd.io/r/changes/vpp~40199/revisions/4/patch?download"; +# decode = "base64 -d"; +# stripLen = 1; +# hash = "sha256-exuR4DucNtER2t1ecsjuNxzmhfZkhx6ABeeXmf/qQ4U="; +# }) + ]; + + postPatch = '' + patchShebangs scripts/ + substituteInPlace CMakeLists.txt \ + --replace "plugins tools/vppapigen tools/g2 tools/perftool cmake pkg" "plugins tools/vppapigen tools/g2 tools/perftool cmake" + ''; + + preConfigure = '' + echo "${version}-nixos" > scripts/.version + scripts/version + ''; + + postConfigure = '' + patchShebangs ../tools/ + patchShebangs ../vpp-api/ + ''; + + sourceRoot = "source/src"; + + cmakeFlags = [ "-DVPP_PLATFORM=default" ]; + + # A bunch of GCC13 warnings I suppose. + env.NIX_CFLAGS_COMPILE = "-Wno-array-bounds -Wno-error"; + + nativeBuildInputs = [ + cmake + ]; + + buildInputs = [ + openssl + subunit + dpdk + rdma-core + mbedtls_2 + check + libnl + libmnl + libpcap + (python3.withPackages (ps: [ ps.ply ])) + ]; + + meta = with lib; { + description = ""; + homepage = "https://github.com/FDio/vpp"; + license = licenses.asl20; + maintainers = with maintainers; [ raitobezarius ]; + mainProgram = "vpp"; + platforms = platforms.all; + }; +}