Image for post kvm-on-github-actions
Nov 29, 2023 by Graham Christensen

KVM on GitHub Actions

announcement installer

KVM is the most widely used virtualization framework for Linux due to its close integration with the Linux kernel. It’s become a mainstay in the Nix community because NixOS’s innovative test framework relies on it for virtualization. I’m pleased to announce that last week the Determinate Nix Installer Action began enabling KVM on Linux GitHub Actions runners by default. Add one line of code to your YAML Actions configuration and you’re good to go:

- uses: DeterminateSystems/nix-installer-action@main

What has changed

Despite KVM’s popularity, Nix folks have been essentially blocked from using KVM in GitHub Actions. This is a shame for many reason, but above all because KVM is required for running NixOS tests. This means that a major piece of Nix and NixOS has required solutions like custom runners—which is fine but often a pretty heavy lift.

And beyond NixOS tests, this also unblocks fun VM-related things like running Firecracker VMs in Actions.

Requirements

Please note that GitHub’s policies stipulate that KVM is only available on larger, paid Actions runners. Our testing reveals, however, that they generously provide it to public projects as well.

Find out more about how Determinate Systems is transforming the developer experience around Nix

How we did it

Well, it turns out that Linux GitHub Actions runners do support KVM. They just need a little coaxing (in the form of a few setup commands). You can see how we do it in this pull request.

Disabling KVM

As I mentioned above, the baseline GitHub Actions configuration for the Determinate Nix Installer will automatically enable KVM:

- uses: DeterminateSystems/nix-installer-action@main

You can, however, disable this behavior if you need to:

- uses: DeterminateSystems/nix-installer-action@main
  with:
    kvm: false

Conclusion

This is indeed a small change but one that I believe could have a major impact in the Nix community. Thorough testing is crucial for using NixOS in production environments and I’m relieved to see this barrier to entry removed.

If you have other ideas for how we can improve the experience of using Nix on GitHub Actions—or more broadly—please get in touch and let us know how!

Share
Avatar for Graham Christensen
Written by Graham Christensen

Graham is a Nix and Rust developer, with a passion and focus on reliability in the lower levels of the stack. He founded Determinate Systems, Inc to support Nix adoption at your workplace.