Skip to content

Add nix devcontainer Helm chart#3

Draft
hinriksnaer wants to merge 3 commits into
mainfrom
hinriksnaer/stack/3
Draft

Add nix devcontainer Helm chart#3
hinriksnaer wants to merge 3 commits into
mainfrom
hinriksnaer/stack/3

Conversation

@hinriksnaer

@hinriksnaer hinriksnaer commented Jun 9, 2026

Copy link
Copy Markdown
Contributor

Helm chart for deploying nix-managed GPU dev environments on OpenShift.
Uses a minimal Fedora + Nix container image with home-manager for
declarative tool management. CUDA/PyTorch dev dependencies are installed
at runtime via nixtorch, not baked into the image.

  • Parameterized deployment with --set flags (username, GPU type, settings repo)
  • GPU profiles: MIG 1g.18gb, MIG 2g.35gb, MIG 1g.18gb x2, full GPU, CPU-only
  • Persistent home directory (100Gi) and nix binary cache (50Gi) on NFS
  • SSH server (dropbear) for VS Code Remote access
  • values.schema.json for OpenShift console form rendering
  • Input validation (required username, supported track/GPU/pullPolicy enums)
  • PVCs preserved on helm uninstall via resource-policy annotation
  • README references existing create_dev_user.sh for secret creation

hinriksnaer added a commit that referenced this pull request Jun 9, 2026
Helm chart for deploying nix-managed GPU dev environments on OpenShift.
Uses a minimal Fedora + Nix container image with home-manager for
declarative tool management. CUDA/PyTorch dev dependencies are installed
at runtime via nixtorch, not baked into the image.

- Parameterized deployment with --set flags (username, GPU type, settings repo)
- GPU profiles: MIG 1g.18gb, MIG 2g.35gb, MIG 1g.18gb x2, full GPU, CPU-only
- Persistent home directory (100Gi) and nix binary cache (50Gi) on NFS
- SSH server (dropbear) for VS Code Remote access
- values.schema.json for OpenShift console form rendering
- Input validation (required username, supported track/GPU/pullPolicy enums)
- PVCs preserved on helm uninstall via resource-policy annotation
- README references existing create_dev_user.sh for secret creation

stack-info: PR: #3, branch: hinriksnaer/stack/3
@hinriksnaer hinriksnaer force-pushed the hinriksnaer/stack/3 branch from 725e115 to 543a189 Compare June 9, 2026 20:22
@hinriksnaer hinriksnaer marked this pull request as draft June 9, 2026 20:23
Helm chart for deploying nix-managed GPU dev environments on OpenShift.
Uses a minimal Fedora + Nix container image with home-manager for
declarative tool management. CUDA/PyTorch dev dependencies are installed
at runtime via nixtorch, not baked into the image.

- Parameterized deployment with --set flags (username, GPU type, settings repo)
- GPU profiles: MIG 1g.18gb, MIG 2g.35gb, MIG 1g.18gb x2, full GPU, CPU-only
- Persistent home directory (100Gi) and nix binary cache (50Gi) on NFS
- SSH server (dropbear) for VS Code Remote access
- values.schema.json for OpenShift console form rendering
- Input validation (required username, supported track/GPU/pullPolicy enums)
- PVCs preserved on helm uninstall via resource-policy annotation
- README references existing create_dev_user.sh for secret creation

stack-info: PR: #3, branch: hinriksnaer/stack/3
- Default storage class from nfs-rwx to ocs-storagecluster-cephfs;
  templatize PVC access mode instead of hardcoding ReadWriteMany
- Default GPU from MIG 2g.35gb to full GPU (nvidia.com/gpu) with
  matching resource profile (4/16 CPU, 32Gi/32Gi memory)
- Add hostNetwork toggle and RDMA device passthrough support
- Add --track flag to create_dev_admin.sh and create_dev_user.sh;
  nix track skips workspace PVC, ConfigMaps, and static deployments
- NOTES.txt documents cluster-reader role and hostnetwork SCC prereqs
@hinriksnaer hinriksnaer force-pushed the hinriksnaer/stack/3 branch from 8c75632 to fa9d2a4 Compare June 16, 2026 16:50
Storage class and access mode are no longer hardcoded in chart
defaults. Instead, create_dev_user.sh mirrors the same detection
order as create_dev_admin.sh (CephFS > LVMS > NFS) and passes
the result to helm install. Chart values default to empty strings,
requiring the provisioning script or explicit --set overrides.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant