I just found out nixery !
Nixery is a Docker-compatible container registry that is capable of transparently building and serving container images using Nix.
Images are built on-demand based on the image name. Every package that the user intends to include in the image is specified as a path component of the image name.
The path components refer to top-level keys in nixpkgs and are used to build a container image using a layering strategy that optimises for caching popular and/or large dependencies.
In other words, you start with the base image,
nixery.dev/, and then lists the packages and tools you want available. Usually, you start with the
shell metapackage, followed by any NixOS package(s).
This is very handy when working with Kubernetes.
Command format to run an ephemeral pod on Kubernetes
kubectl run -it --rm --restart=Never \
<NAME> -- <CMD>
Connect to a database using
psql, assuming the service is called
kubectl run -it --rm --restart=Never \ --image=nixery.dev/postgresql \ --env PGPASSWORD=some-password \ psql -- psql -h my-db -U some-username
Test the connectivity to a pod:
kubectl run -it --rm --restart=Never \ --image=nixery.dev/shell/unixtools.ping \ ping -- ping keycloak.cluster.local
Get a shell with
kubectl run -it --rm --restart=Never \ --image=nixery.dev/shell/curl/gnugrep/ping/netcat \ shell -- bash
For those not familiar with NixOs, it may be troublesome to find the package name that will bring you the executable you need. Here are some:
Also, I wasn't able to run with
root permissions, meaning I could not run
iptables -L (with the package
iptables). Maybe I missed something ? Let me know in the comments !