Conversation on IRC has convinced me that this is the right thing to do after all: <https://logs.spectrum-os.org/spectrum/2019-10-15#1571117332-1571144389;> --- Jean-Phillipe, I'd be curious to hear your thoughts on the above discussion, since you recommended block devices to me when we talked. design.html | 29 ++++++++++++++--------------- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/design.html b/design.html index 4b96a41..dc14cfe 100644 --- a/design.html +++ b/design.html @@ -43,23 +43,22 @@ one per application. Each virtual machine will be generated by a <a href="https://nixos.org/nix/">Nix</a> derivation, and will have a completely immutable root file system. Persistent storage will be -provided by virtual block devices, that arbitrary paths on the system -can be mapped to from the host. There may be other writable mount -points inside the virtual machine, but these will not persist between -reboots of the VM. Using Nix to generate virtual machines allows them -to be reproducibly built, rolled back, edited, and migrated as source -code, rather than large, opaque virtual machine images. +provided by mounting subdirectories of the global state directory into +virtual machines. There may be other writable mount points inside the +virtual machine, but these will not persist between reboots of the VM. +Using Nix to generate virtual machines allows them to be reproducibly +built, rolled back, edited, and migrated as source code, rather than +large, opaque virtual machine images. <p> -Virtual block devices will also be defined in Nix, and block devices -and applications will be <var>m</var>:<var>n</var>. Some virtual -machines may have no persistent storage, or even write access to a -disk, at all. In other cases, it might be desirable for multiple -applications to be able to access the same device, such as a local -mail store being shared by two mail clients. Other resources and -permissions, such as network cards and USB controllers, will similarly -be defined in Nix. There are three logical sections for the Nix -configuration -- applications, which are just packages, resources +State directories and applications will be <var>m</var>:<var>n</var>. +Some virtual machines may have no persistent storage, or even write +access to a disk, at all. In other cases, it might be desirable for +multiple applications to be able to access the same device, such as a +local mail store being shared by two mail clients. Other resources +and permissions, such as network cards and USB controllers, will +similarly be defined in Nix. There are three logical sections for the +Nix configuration -- applications, which are just packages, resources (virtual or physical devices), and <i>application instances</i>, which are mappings between applications and accessible resources. This structure allows users to have multiple instances of the same -- 2.23.0