aboutsummaryrefslogtreecommitdiff
path: root/doc/manual/introduction.xml
diff options
context:
space:
mode:
Diffstat (limited to 'doc/manual/introduction.xml')
-rw-r--r--doc/manual/introduction.xml363
1 files changed, 84 insertions, 279 deletions
diff --git a/doc/manual/introduction.xml b/doc/manual/introduction.xml
index feabeef9c..48e29c0d8 100644
--- a/doc/manual/introduction.xml
+++ b/doc/manual/introduction.xml
@@ -1,288 +1,93 @@
<chapter>
<title>Introduction</title>
- <sect1>
- <title>The problem space</title>
+ <para>
+ Nix is a system for software deployment. It supports the
+ creation and distribution of software packages, as well as the installation
+ and subsequent management of these on target machines (i.e., it is also a
+ package manager).
+ </para>
+
+ <para>
+ Nix solves some large problems that exist in most current deployment and
+ package management systems. <emphasis>Dependency determination</emphasis>
+ is a big one: the correct installation of a software component requires
+ that all dependencies of that component (i.e., other components used by it)
+ are also installed. Most systems have no way to verify that the specified
+ dependencies of a component are actually sufficient.
+ </para>
+
+ <para>
+ Another big problem is the lack of support for concurrent availability of
+ multiple <emphasis>variants</emphasis> of a component. It must be possible
+ to have several versions of a component installed at the same time, or
+ several instances of the same version built with different parameters.
+ Unfortunately, components are in general not properly isolated from each
+ other. For instance, upgrading a component that is a dependency for some
+ other component might break the latter.
+ </para>
+
+ <para>
+ Nix solves these problems by building and storing packages in paths that
+ are infeasible to predict in advance. For example, the artifacts of a
+ package <literal>X</literal> might be stored in
+ <filename>/nix/store/d58a0606ed616820de291d594602665d-X</filename>, rather
+ than in, say, <filename>/usr/lib</filename>. The path component
+ <filename>d58a...</filename> is actually a cryptographic hash of all the
+ inputs (i.e., sources, requisites, and build flags) used in building
+ <literal>X</literal>, and as such is very fragile: any change to the inputs
+ will change the hash. Therefore it is not sensible to
+ <emphasis>hard-code</emphasis> such a path into the build scripts of a
+ package <literal>Y</literal> that uses <literal>X</literal> (as does happen
+ with <quote>fixed</quote> paths such as <filename>/usr/lib</filename>).
+ Rather, the build script of package <literal>Y</literal> is parameterised
+ with the actual location of <literal>X</literal>, which is supplied by the
+ Nix system.
+ </para>
+
+ <para>
+ As stated above, the path name of a file system object contain a
+ cryptographic hash of all inputs involved in building it. A change to any
+ of the inputs will cause the hash to change--and by extension, the path
+ name. These inputs include both sources (variation in time) and
+ configuration options (variation in space). Therefore variants of the same
+ package don't clash---they can co-exist peacefully within the same file
+ system.
+ </para>
+
+ <para>
+ Other features:
+ </para>
+
+ <para>
+ <emphasis>Transparent source/binary deployment.</emphasis>
+ </para>
+
+ <para>
+ <emphasis>Unambiguous identification of configuration.</emphasis>
+ </para>
+
+ <para>
+ <emphasis>Automatic storage management.</emphasis>
+ </para>
+
+ <para>
+ <emphasis>Atomic upgrades and rollbacks.</emphasis>
+ </para>
+
+ <para>
+ <emphasis>Support for many simultaneous configurations.</emphasis>
+ </para>
+
+ <para>
+ <emphasis>Portability.</emphasis> Nix is quite portable. Contrary to
+ build systems like those in, e.g., Vesta and ClearCase, it does not rely on
+ operating system extensions.
+ </para>
- <para>
- Nix is a system for controlling the automatic creation and distribution
- of data, such as computer programs and other software artifacts. This is
- a very general problem, and there are many applications that fall under
- this description.
- </para>
-
- <sect2>
- <title>Build management</title>
-
- <para>
- Build management tools are used to perform <emphasis>software
- builds</emphasis>, that is, the construction of derived products
- (<emphasis>derivates)</emphasis>) such as executable programs from
- source code. A commonly used build tool is Make, which is a standard
- tool on Unix systems. These tools have to deal with several issues:
- <itemizedlist>
-
- <listitem>
- <para>
- <emphasis>Efficiency</emphasis>. Since building large systems
- can take a substantial amount of time, it is desirable that build
- steps that have been performed in the past are not repeated
- unnecessarily, i.e., if a new build differs from a previous build
- only with respect to certain sources, then only the build steps
- that (directly or indirectly) <emphasis>depend</emphasis> on
- those sources should be redone.
- </para>
- </listitem>
-
- <listitem>
- <para>
- <emphasis>Correctness</emphasis> is this context means that the
- derivates produced by a build are always consistent with the
- sources, that is, they are equal to what we would get if we were
- to build the derivates from those sources. This requirement is
- trivially met when we do a full, unconditional build, but is far
- from trivial under the requirement of efficiency, since it is not
- easy to determine which derivates are affected by a change to a
- source.
- </para>
- </listitem>
-
- <listitem>
- <para>
- <emphasis>Variability</emphasis> is the property that a software
- system can be built in a (potentially large) number of variants.
- Variation exists both in <emphasis>time</emphasis>---the
- evolution of different versions of an artifact---and in
- <emphasis>space</emphasis>---the artifact might have
- configuration options that lead to variants that differ in the
- features they support (for example, a system might be built with
- or without debugging information).
- </para>
-
- <para>
- Build managers historically have had good support for variation
- in time (rebuilding the system in an intelligent way when sources
- change is one of the primary reasons to use a build manager), but
- not always for variation in space. For example,
- <command>make</command> will not automatically ensure that
- variant builds are properly isolated from each other (they will
- in fact overwrite each other unless special precautions are
- taken).
- </para>
- </listitem>
-
- <listitem>
- <para>
- <emphasis>High-level system modelling language</emphasis>. The
- language in which one describes what and how derivates are to be
- produced should have sufficient abstraction facilities to make it
- easy to specify the derivation of even very large systems. Also,
- the language should be <emphasis>modular</emphasis> to enable
- components from possible different sources to be easily combined.
- </para>
- </listitem>
-
- </itemizedlist>
- </para>
-
- </sect2>
-
- <sect2>
- <title>Package management</title>
-
- <para>
- After software has been built, is must also be
- <emphasis>deployed</emphasis> in the intended target environment, e.g.,
- the user's workstation. Examples include the Red Hat package manager
- (RPM), Microsoft's MSI, and so on. Here also we have several issues to
- contend with:
- <itemizedlist>
- <listitem>
- <para>
- The <emphasis>creation</emphasis> of packages from some formal
- description of what artifacts should be distributed in the
- package.
- </para>
- </listitem>
- <listitem>
- <para>
- The <emphasis>deployment</emphasis> of packages, that is, the
- mechanism by which we get them onto the intended target
- environment. This can be as simple as copying a file, but
- complexity comes from the wide range of possible installation
- media (such as a network install), and the scalability of the
- process (if a program must be installed on a thousand systems, we
- do not want to visit each system and perform some manual steps to
- install the program on that system; that is, the complexity for
- the system administrator should be constant, not linear).
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </sect2>
-
- </sect1>
-
-
- <!--######################################################################-->
-
- <sect1>
- <title>What Nix provides</title>
-
- <para>
- Here is a summary of Nix's main features:
- </para>
-
- <itemizedlist>
-
- <listitem>
- <para>
- <emphasis>Reliable dependencies.</emphasis> Builds of file system
- objects depend on other file system object, such as source files,
- tools, and so on. We would like to ensure that a build does not
- refer to any objects that have not been declared as inputs for that
- build. This is important for several reasons. First, if any of the
- inputs change, we need to rebuild the things that depend on them to
- maintain consistency between sources and derivates. Second, when we
- <emphasis>deploy</emphasis> file system objects (that is, copy them
- to a different system), we want to be certain that we copy everything
- that we need.
- </para>
-
- <para>
- Nix ensures this by building and storing file system objects in paths
- that are infeasible to predict in advance. For example, the
- artifacts of a package <literal>X</literal> might be stored in
- <filename>/nix/store/d58a0606ed616820de291d594602665d-X</filename>,
- rather than in, say, <filename>/usr/lib</filename>. The path
- component <filename>d58a...</filename> is actually a cryptographic
- hash of all the inputs (i.e., sources, requisites, and build flags)
- used in building <literal>X</literal>, and as such is very fragile:
- any change to the inputs will change the hash. Therefore it is not
- sensible to <emphasis>hard-code</emphasis> such a path into the build
- scripts of a package <literal>Y</literal> that uses
- <literal>X</literal> (as does happen with <quote>fixed</quote> paths
- such as <filename>/usr/lib</filename>). Rather, the build script of
- package <literal>Y</literal> is parameterised with the actual
- location of <literal>X</literal>, which is supplied by the Nix
- system.
- </para>
- </listitem>
-
- <listitem>
- <para>
- <emphasis>Support for variability.</emphasis>
- </para>
-
- <para>
- As stated above, the path name of a file system object contain a
- cryptographic hash of all inputs involved in building it. A change to
- any of the inputs will cause the hash to change--and by extension,
- the path name. These inputs include both sources (variation in time)
- and configuration options (variation in space). Therefore variants
- of the same package don't clash---they can co-exist peacefully within
- the same file system. So thanks to Nix's mechanism for reliably
- dealing with dependencies, we obtain management of variants for free
- (or, to quote Simon Peyton-Jone, it's not free, but it has already
- been paid for).
- </para>
-
- </listitem>
-
- <listitem>
- <para>
- <emphasis>Transparent source/binary deployment.</emphasis>
- </para>
- </listitem>
-
- <listitem>
- <para>
- <emphasis>Easy configuration duplication.</emphasis>
- </para>
- </listitem>
-
- <listitem>
- <para>
- <emphasis>Automatic storage management.</emphasis>
- </para>
- </listitem>
-
- <listitem>
- <para>
- <emphasis>Atomic upgrades and rollbacks.</emphasis>
- </para>
- </listitem>
-
- <listitem>
- <para>
- <emphasis>Support for many simultaneous configurations.</emphasis>
- </para>
- </listitem>
-
- <listitem>
- <para>
- <emphasis>Portability.</emphasis> Nix is quite portable. Contrary
- to build systems like those in, e.g., Vesta and ClearCase [sic?], it
- does not rely on operating system extensions.
- </para>
- </listitem>
-
- </itemizedlist>
-
- <para>
- Here is what Nix doesn't yet provide, but will:
- </para>
-
- <itemizedlist>
-
- <listitem>
- <para>
- <emphasis>Build management.</emphasis> In principle it is already
- possible to do build management using Fix (by writing builders that
- perform appropriate build steps), but the Fix language is not yet
- powerful enough to make this pleasant. The <ulink
- url='http://www.cs.uu.nl/~eelco/maak/'>Maak build manager</ulink>
- should be retargeted to produce Nix expressions, or alternatively,
- extend Fix with Maak's semantics and concrete syntax (since Fix needs
- a concrete syntax anyway). Another interesting idea is to write a
- <command>make</command> implementation that uses Nix as a back-end to
- support <ulink
- url='http://www.research.att.com/~bs/bs_faq.html#legacy'>legacy</ulink>
- build files.
- </para>
- </listitem>
-
- </itemizedlist>
-
- </sect1>
-
-
- <!--######################################################################-->
-
- <sect1>
- <title>The Nix system</title>
-
- <para>
- ...
- </para>
-
- <para>
- Existing tools in this field generally both a underlying model (such as
- the derivation graph of build tools, or the versioning scheme that
- determines when two packages are <quote>compatible</quote> in a package
- management system) and a formalism that allows ...
- </para>
-
- <para>
- Following the principle of separation of mechanism and policy, the Nix
- system separates the <emphasis>low-level aspect</emphasis> of file system
- object management form the <emphasis>high-level aspect</emphasis> of the
- ...
- </para>
+</chapter>
- </sect1>
-</chapter>
<!--
local variables:
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-23 22:55:10 +0000