| blob | ddaa688be6132359f1f6c921f8c5705c430d6b94 |
1 {
2 lib,
3 stdenv,
4 runCommand,
5 fetchurl,
6 fetchFromGitHub,
7 fetchPypi,
8 fetchpatch2,
10 # Build time
11 autoconf,
12 automake,
13 cmake,
14 ensureNewerSourcesHook,
15 fmt,
16 git,
17 libtool,
18 makeWrapper,
19 nasm,
20 pkg-config,
21 which,
23 # Tests
24 nixosTests,
26 # Runtime dependencies
27 arrow-cpp,
28 babeltrace,
29 boost182, # using the version installed by ceph's `install-deps.sh`
30 bzip2,
31 cryptsetup,
32 cunit,
33 e2fsprogs,
34 doxygen,
35 gperf,
36 graphviz,
37 gnugrep,
38 gtest,
39 icu,
40 kmod,
41 libcap,
42 libcap_ng,
43 libnl,
44 libxml2,
45 lmdb,
46 lttng-ust,
47 lua,
48 lvm2,
49 lz4,
50 oath-toolkit,
51 openldap,
52 parted,
53 python311, # to get an idea which Python versions are supported by Ceph, see upstream `do_cmake.sh` (see `PYBUILD=` variable)
54 rdkafka,
55 rocksdb,
56 snappy,
57 openssh,
58 sqlite,
59 utf8proc,
60 xfsprogs,
61 zlib,
62 zstd,
64 # Dependencies of overridden Python dependencies, hopefully we can remove these soon.
65 rustPlatform,
67 # Optional Dependencies
68 curl ? null,
69 expat ? null,
70 fuse ? null,
71 libatomic_ops ? null,
72 libedit ? null,
73 libs3 ? null,
74 yasm ? null,
76 # Mallocs
77 gperftools ? null,
78 jemalloc ? null,
80 # Crypto Dependencies
81 cryptopp ? null,
82 nspr ? null,
83 nss ? null,
85 # Linux Only Dependencies
86 linuxHeaders,
87 util-linux,
88 libuuid,
89 udev,
90 keyutils,
91 rdma-core,
92 rabbitmq-c,
93 libaio ? null,
94 libxfs ? null,
95 liburing ? null,
96 zfs ? null,
97 ...
98 }:
100 # We must have one crypto library
101 assert cryptopp != null || (nss != null && nspr != null);
103 let
104 shouldUsePkg =
105 pkg: if pkg != null && lib.meta.availableOn stdenv.hostPlatform pkg then pkg else null;
107 optYasm = shouldUsePkg yasm;
108 optExpat = shouldUsePkg expat;
109 optCurl = shouldUsePkg curl;
110 optFuse = shouldUsePkg fuse;
111 optLibedit = shouldUsePkg libedit;
112 optLibatomic_ops = shouldUsePkg libatomic_ops;
113 optLibs3 = shouldUsePkg libs3;
115 optJemalloc = shouldUsePkg jemalloc;
116 optGperftools = shouldUsePkg gperftools;
118 optCryptopp = shouldUsePkg cryptopp;
119 optNss = shouldUsePkg nss;
120 optNspr = shouldUsePkg nspr;
122 optLibaio = shouldUsePkg libaio;
123 optLibxfs = shouldUsePkg libxfs;
124 optZfs = shouldUsePkg zfs;
126 # Downgrade rocksdb, 7.10 breaks ceph
127 rocksdb' = rocksdb.overrideAttrs {
128 version = "7.9.2";
129 src = fetchFromGitHub {
130 owner = "facebook";
131 repo = "rocksdb";
132 rev = "refs/tags/v7.9.2";
133 hash = "sha256-5P7IqJ14EZzDkbjaBvbix04ceGGdlWBuVFH/5dpD5VM=";
134 };
135 };
137 hasRadosgw = optExpat != null && optCurl != null && optLibedit != null;
139 # Malloc implementation (can be jemalloc, tcmalloc or null)
140 malloc = if optJemalloc != null then optJemalloc else optGperftools;
142 # We prefer nss over cryptopp
143 cryptoStr =
144 if optNss != null && optNspr != null then
145 "nss"
146 else if optCryptopp != null then
147 "cryptopp"
148 else
149 "none";
151 cryptoLibsMap = {
152 nss = [
153 optNss
154 optNspr
155 ];
156 cryptopp = [ optCryptopp ];
157 none = [ ];
158 };
160 getMeta = description: {
161 homepage = "https://ceph.io/en/";
162 inherit description;
163 license = with lib.licenses; [
164 lgpl21
165 gpl2Only
166 bsd3
167 mit
168 publicDomain
169 ];
170 maintainers = with lib.maintainers; [
171 adev
172 ak
173 johanot
174 krav
175 nh2
176 ];
177 platforms = [
178 "x86_64-linux"
179 "aarch64-linux"
180 ];
181 };
183 ceph-common =
184 with python.pkgs;
185 buildPythonPackage {
186 pname = "ceph-common";
187 inherit src version;
189 sourceRoot = "ceph-${version}/src/python-common";
191 propagatedBuildInputs = [
192 pyyaml
193 ];
195 nativeCheckInputs = [
196 pytestCheckHook
197 ];
199 disabledTests = [
200 # requires network access
201 "test_valid_addr"
202 ];
204 meta = getMeta "Ceph common module for code shared by manager modules";
205 };
207 # Watch out for python <> boost compatibility
208 python = python311.override {
209 self = python;
210 packageOverrides =
211 self: super:
212 let
213 bcryptOverrideVersion = "4.0.1";
214 in
215 {
216 # Ceph does not support the following yet:
217 # * `bcrypt` > 4.0
218 # * `cryptography` > 40
219 # See:
220 # * https://github.com/NixOS/nixpkgs/pull/281858#issuecomment-1899358602
221 # * Upstream issue: https://tracker.ceph.com/issues/63529
222 # > Python Sub-Interpreter Model Used by ceph-mgr Incompatible With Python Modules Based on PyO3
223 # * Moved to issue: https://tracker.ceph.com/issues/64213
224 # > MGR modules incompatible with later PyO3 versions - PyO3 modules may only be initialized once per interpreter process
226 bcrypt = super.bcrypt.overridePythonAttrs (old: rec {
227 pname = "bcrypt";
228 version = bcryptOverrideVersion;
229 src = fetchPypi {
230 inherit pname version;
231 hash = "sha256-J9N1kDrIJhz+QEf2cJ0W99GNObHskqr3KvmJVSplDr0=";
232 };
233 cargoRoot = "src/_bcrypt";
234 cargoDeps = rustPlatform.fetchCargoTarball {
235 inherit src;
236 sourceRoot = "${pname}-${version}/${cargoRoot}";
237 name = "${pname}-${version}";
238 hash = "sha256-lDWX69YENZFMu7pyBmavUZaalGvFqbHSHfkwkzmDQaY=";
239 };
240 });
242 # We pin the older `cryptography` 40 here;
243 # this also forces us to pin other packages, see below
244 cryptography = self.callPackage ./old-python-packages/cryptography.nix { };
246 # This is the most recent version of `pyopenssl` that's still compatible with `cryptography` 40.
247 # See https://github.com/NixOS/nixpkgs/pull/281858#issuecomment-1899358602
248 # and https://github.com/pyca/pyopenssl/blob/d9752e44127ba36041b045417af8a0bf16ec4f1e/CHANGELOG.rst#2320-2023-05-30
249 pyopenssl = super.pyopenssl.overridePythonAttrs (old: rec {
250 version = "23.1.1";
251 src = fetchPypi {
252 pname = "pyOpenSSL";
253 inherit version;
254 hash = "sha256-hBSYub7GFiOxtsR+u8AjZ8B9YODhlfGXkIF/EMyNsLc=";
255 };
256 disabledTests = old.disabledTests or [ ] ++ [
257 "test_export_md5_digest"
258 ];
259 propagatedBuildInputs = old.propagatedBuildInputs or [ ] ++ [
260 self.flaky
261 ];
262 });
264 # This is the most recent version of `trustme` that's still compatible with `cryptography` 40.
265 # See https://github.com/NixOS/nixpkgs/issues/359723
266 # and https://github.com/python-trio/trustme/commit/586f7759d5c27beb44da60615a71848eb2a5a490
267 trustme = self.callPackage ./old-python-packages/trustme.nix { };
269 fastapi = super.fastapi.overridePythonAttrs (old: {
270 # Flaky test:
271 # ResourceWarning: Unclosed <MemoryObjectSendStream>
272 # Unclear whether it's flaky in general or only in this overridden package set.
273 doCheck = false;
274 });
276 # Ceph does not support `kubernetes` >= 19, see:
277 # https://github.com/NixOS/nixpkgs/pull/281858#issuecomment-1900324090
278 kubernetes = super.kubernetes.overridePythonAttrs (old: rec {
279 version = "18.20.0";
280 src = fetchFromGitHub {
281 owner = "kubernetes-client";
282 repo = "python";
283 rev = "v${version}";
284 sha256 = "1sawp62j7h0yksmg9jlv4ik9b9i1a1w9syywc9mv8x89wibf5ql1";
285 fetchSubmodules = true;
286 };
287 });
289 };
290 };
292 boost = boost182.override {
293 enablePython = true;
294 inherit python;
295 };
297 # TODO: split this off in build and runtime environment
298 ceph-python-env = python.withPackages (
299 ps: with ps; [
300 ceph-common
302 # build time
303 cython_0
305 # debian/control
306 bcrypt
307 cherrypy
308 influxdb
309 jinja2
310 kubernetes
311 natsort
312 numpy
313 pecan
314 prettytable
315 pyjwt
316 pyopenssl
317 python-dateutil
318 pyyaml
319 requests
320 routes
321 scikit-learn
322 scipy
323 setuptools
324 sphinx
325 virtualenv
326 werkzeug
328 # src/cephadm/zipapp-reqs.txt
329 markupsafe
331 # src/pybind/mgr/requirements-required.txt
332 cryptography
333 jsonpatch
335 # src/tools/cephfs/shell/setup.py
336 cmd2
337 colorama
338 ]
339 );
340 inherit (ceph-python-env.python) sitePackages;
342 version = "19.2.0";
343 src = fetchurl {
344 url = "https://download.ceph.com/tarballs/ceph-${version}.tar.gz";
345 hash = "sha256-30vkW1j49hFIxyxzkssSKVSq0VqiwLfDtOb62xfxadM=";
346 };
347 in
348 rec {
349 ceph = stdenv.mkDerivation {
350 pname = "ceph";
351 inherit src version;
353 patches = [
354 (fetchpatch2 {
355 name = "ceph-s3select-arrow-18-compat.patch";
356 url = "https://github.com/ceph/s3select/commit/f333ec82e6e8a3f7eb9ba1041d1442b2c7cd0f05.patch";
357 hash = "sha256-21fi5tMIs/JmuhwPYMWtampv/aqAe+EoPAXZLJlOvgo=";
358 stripLen = 1;
359 extraPrefix = "src/s3select/";
360 })
361 ];
363 nativeBuildInputs = [
364 autoconf # `autoreconf` is called, e.g. for `qatlib_ext`
365 automake # `aclocal` is called, e.g. for `qatlib_ext`
366 cmake
367 fmt
368 git
369 makeWrapper
370 libtool # used e.g. for `qatlib_ext`
371 nasm
372 pkg-config
373 python
374 python.pkgs.python # for the toPythonPath function
375 python.pkgs.wrapPython
376 which
377 (ensureNewerSourcesHook { year = "1980"; })
378 # for building docs/man-pages presumably
379 doxygen
380 graphviz
381 ];
383 buildInputs =
384 cryptoLibsMap.${cryptoStr}
385 ++ [
386 arrow-cpp
387 babeltrace
388 boost
389 bzip2
390 # Adding `ceph-python-env` here adds the env's `site-packages` to `PYTHONPATH` during the build.
391 # This is important, otherwise the build system may not find the Python deps and then
392 # silently skip installing ceph-volume and other Ceph python tools.
393 ceph-python-env
394 cryptsetup
395 cunit
396 e2fsprogs # according to `debian/control` file, `ceph-volume` is supposed to use it
397 gperf
398 gtest
399 icu
400 libcap
401 libnl
402 libxml2
403 lmdb
404 lttng-ust
405 lua
406 lvm2 # according to `debian/control` file, e.g. `pvs` command used by `src/ceph-volume/ceph_volume/api/lvm.py`
407 lz4
408 malloc
409 oath-toolkit
410 openldap
411 optLibatomic_ops
412 optLibs3
413 optYasm
414 parted # according to `debian/control` file, used by `src/ceph-volume/ceph_volume/util/disk.py`
415 rdkafka
416 rocksdb'
417 snappy
418 openssh # according to `debian/control` file, `ssh` command used by `cephadm`
419 sqlite
420 utf8proc
421 xfsprogs # according to `debian/control` file, `ceph-volume` is supposed to use it
422 zlib
423 zstd
424 ]
425 ++ lib.optionals stdenv.hostPlatform.isLinux [
426 keyutils
427 libcap_ng
428 liburing
429 libuuid
430 linuxHeaders
431 optLibaio
432 optLibxfs
433 optZfs
434 rabbitmq-c
435 rdma-core
436 udev
437 util-linux
438 ]
439 ++ lib.optionals hasRadosgw [
440 optCurl
441 optExpat
442 optFuse
443 optLibedit
444 ];
446 # Picked up, amongst others, by `wrapPythonPrograms`.
447 pythonPath = [
448 ceph-python-env
449 "${placeholder "out"}/${ceph-python-env.sitePackages}"
450 ];
452 # replace /sbin and /bin based paths with direct nix store paths
453 # increase the `command` buffer size since 2 nix store paths cannot fit within 128 characters
454 preConfigure = ''
455 substituteInPlace src/common/module.c \
456 --replace "char command[128];" "char command[256];" \
457 --replace "/sbin/modinfo" "${kmod}/bin/modinfo" \
458 --replace "/sbin/modprobe" "${kmod}/bin/modprobe" \
459 --replace "/bin/grep" "${gnugrep}/bin/grep"
461 # The install target needs to be in PYTHONPATH for "*.pth support" check to succeed
462 export PYTHONPATH=$PYTHONPATH:$lib/${sitePackages}:$out/${sitePackages}
463 patchShebangs src/
464 '';
466 cmakeFlags = [
467 "-DCMAKE_INSTALL_DATADIR=${placeholder "lib"}/lib"
469 "-DWITH_CEPHFS_SHELL:BOOL=ON"
470 "-DWITH_SYSTEMD:BOOL=OFF"
471 # `WITH_JAEGER` requires `thrift` as a depenedncy (fine), but the build fails with:
472 # CMake Error at src/opentelemetry-cpp-stamp/opentelemetry-cpp-build-Release.cmake:49 (message):
473 # Command failed: 2
474 #
475 # 'make' 'opentelemetry_trace' 'opentelemetry_exporter_jaeger_trace'
476 #
477 # See also
478 #
479 # /build/ceph-18.2.0/build/src/opentelemetry-cpp/src/opentelemetry-cpp-stamp/opentelemetry-cpp-build-*.log
480 # and that file contains:
481 # /build/ceph-18.2.0/src/jaegertracing/opentelemetry-cpp/exporters/jaeger/src/TUDPTransport.cc: In member function 'virtual void opentelemetry::v1::exporter::jaeger::TUDPTransport::close()':
482 # /build/ceph-18.2.0/src/jaegertracing/opentelemetry-cpp/exporters/jaeger/src/TUDPTransport.cc:71:7: error: '::close' has not been declared; did you mean 'pclose'?
483 # 71 | ::THRIFT_CLOSESOCKET(socket_);
484 # | ^~~~~~~~~~~~~~~~~~
485 # Looks like `close()` is somehow not included.
486 # But the relevant code is already removed in `open-telemetry` 1.10: https://github.com/open-telemetry/opentelemetry-cpp/pull/2031
487 # So it's proably not worth trying to fix that for this Ceph version,
488 # and instead just disable Ceph's Jaeger support.
489 "-DWITH_JAEGER:BOOL=OFF"
490 "-DWITH_TESTS:BOOL=OFF"
492 # Use our own libraries, where possible
493 "-DWITH_SYSTEM_ARROW:BOOL=ON" # Only used if other options enable Arrow support.
494 "-DWITH_SYSTEM_BOOST:BOOL=ON"
495 "-DWITH_SYSTEM_GTEST:BOOL=ON"
496 "-DWITH_SYSTEM_ROCKSDB:BOOL=ON"
497 "-DWITH_SYSTEM_UTF8PROC:BOOL=ON"
498 "-DWITH_SYSTEM_ZSTD:BOOL=ON"
500 # Use our own python libraries too, see:
501 # https://github.com/NixOS/nixpkgs/pull/344993#issuecomment-2391046329
502 "-DCEPHADM_BUNDLED_DEPENDENCIES=none"
504 # TODO breaks with sandbox, tries to download stuff with npm
505 "-DWITH_MGR_DASHBOARD_FRONTEND:BOOL=OFF"
506 # WITH_XFS has been set default ON from Ceph 16, keeping it optional in nixpkgs for now
507 ''-DWITH_XFS=${if optLibxfs != null then "ON" else "OFF"}''
508 ] ++ lib.optional stdenv.hostPlatform.isLinux "-DWITH_SYSTEM_LIBURING=ON";
510 preBuild =
511 # The legacy-option-headers target is not correctly empbedded in the build graph.
512 # It also contains some internal race conditions that we work around by building with `-j 1`.
513 # Upstream discussion for additional context at https://tracker.ceph.com/issues/63402.
514 ''
515 cmake --build . --target legacy-option-headers -j 1
516 '';
518 postFixup = ''
519 wrapPythonPrograms
520 wrapProgram $out/bin/ceph-mgr --prefix PYTHONPATH ":" "$(toPythonPath ${placeholder "out"}):$(toPythonPath ${ceph-python-env})"
522 # Test that ceph-volume exists since the build system has a tendency to
523 # silently drop it with misconfigurations.
524 test -f $out/bin/ceph-volume
525 '';
527 outputs = [
528 "out"
529 "lib"
530 "dev"
531 "doc"
532 "man"
533 ];
535 doCheck = false; # uses pip to install things from the internet
537 # Takes 7+h to build with 2 cores.
538 requiredSystemFeatures = [ "big-parallel" ];
540 meta = getMeta "Distributed storage system";
542 passthru = {
543 inherit version;
544 inherit python; # to be able to test our overridden packages above individually with `nix-build -A`
545 tests = {
546 inherit (nixosTests)
547 ceph-multi-node
548 ceph-single-node
549 ceph-single-node-bluestore
550 ceph-single-node-bluestore-dmcrypt
551 ;
552 };
553 };
554 };
556 ceph-client =
557 runCommand "ceph-client-${version}"
558 {
559 meta = getMeta "Tools needed to mount Ceph's RADOS Block Devices/Cephfs";
560 }
561 ''
562 mkdir -p $out/{bin,etc,${sitePackages},share/bash-completion/completions}
563 cp -r ${ceph}/bin/{ceph,.ceph-wrapped,rados,rbd,rbdmap} $out/bin
564 cp -r ${ceph}/bin/ceph-{authtool,conf,dencoder,rbdnamer,syn} $out/bin
565 cp -r ${ceph}/bin/rbd-replay* $out/bin
566 cp -r ${ceph}/sbin/mount.ceph $out/bin
567 cp -r ${ceph}/sbin/mount.fuse.ceph $out/bin
568 ln -s bin $out/sbin
569 cp -r ${ceph}/${sitePackages}/* $out/${sitePackages}
570 cp -r ${ceph}/etc/bash_completion.d $out/share/bash-completion/completions
571 # wrapPythonPrograms modifies .ceph-wrapped, so lets just update its paths
572 substituteInPlace $out/bin/ceph --replace ${ceph} $out
573 substituteInPlace $out/bin/.ceph-wrapped --replace ${ceph} $out
574 '';
575 }