Skip to content

Instantly share code, notes, and snippets.

@bglgwyng
Created January 9, 2025 01:09
Show Gist options
  • Save bglgwyng/034b441cfd4c0f4ecec6ee93dc7f6966 to your computer and use it in GitHub Desktop.
Save bglgwyng/034b441cfd4c0f4ecec6ee93dc7f6966 to your computer and use it in GitHub Desktop.
k8s on NixOS
apiVersion: batch/v1
kind: Job
metadata:
name: example
spec:
template:
spec:
containers:
- name: flake-runner
# TODO: use minimal image
image: busybox:latest
command:
- nix
- run
env:
- name: NIX_REMOTE
value: daemon
- name: PATH
value: /run/current-system/sw/bin:/usr/bin
- name: NVIDIA_VISIBLE_DEVICES
value: all
- name: NVIDIA_DRIVER_CAPABILITIES
value: all
- name: NIX_SSL_CERT_FILE
value: /etc/ssl/certs/ca-bundle.crt
resources:
limits:
nvidia.com/gpu: "1"
volumeMounts:
- mountPath: /nix/store
name: nix-store
- mountPath: /run/current-system/sw/bin
name: nix-bin
- mountPath: /nix/var/nix/daemon-socket/socket
name: nix-daemon-socket
- mountPath: /etc/nix/nix.conf
name: nix-conf
subPath: nix.conf
- mountPath: /root/.ssh
name: ssh-config
- mountPath: /etc/ssl/certs/ca-bundle.crt
name: ca-bundle
restartPolicy: Never
runtimeClassName: nvidia
volumes:
- hostPath:
path: /nix/store
type: Directory
name: nix-store
- hostPath:
path: /run/current-system/sw/bin
type: Directory
name: nix-bin
- hostPath:
path: /nix/var/nix/daemon-socket/socket
type: Socket
name: nix-daemon-socket
- configMap:
items:
- key: nix.conf
path: nix.conf
name: nix-config
name: nix-conf
- name: ssh-config
projected:
sources:
- secret:
items:
- key: private-key
mode: 384
path: id_ed25519
name: gitea-auth
- configMap:
items:
- key: known-hosts
mode: 384
path: known_hosts
name: nix-config
- name: ca-bundle
hostPath:
path: /etc/ssl/certs/ca-bundle.crt
type: File
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment