Work-Bench Snapshot: A Primer on Nix - Reproducible Builds and Deployments

May 9, 2023
Work-Bench Snapshot: A Primer on Nix - Reproducible Builds and Deployments
Interested in reading more?

Sign up for our Enterprise Weekly Newsletter.

We'll send you our top, curated content straight to your inbox (along with top industry news, events, and fundings).

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Nix can be polarizing.

On a recent call with an engineer at a unicorn startup, he said that he wouldn’t work at a company that doesn’t use Nix. At the same time, he’s seen developers leave companies because they use Nix.

Hate it or love it, Nix is on top of every developer's mind. But what is Nix, what’s it for, and who would want to use it? As we’ll explore, the ecosystem surrounding the project has progressed greatly and the value of Nix doesn’t have to be so binary. We’re starting to see some clear use cases, like reproducible developer environments, reliability, and security, pop up in the enterprise and it may not be long before we see skeptics become believers.

What is Nix?

Lots of people talk about Nix as if it's just one thing. But really, it's four things: (1) Nix build tool, (2) Nix language, (3) Nix packages, and (4) Nix Operating System (OS). These all build on each other.

You’ll most commonly hear people describe Nix as either a build tool / package manager or a Linux distribution. Package managers encase your source code with the dependencies that they’re reliant on, while Linux distributions are operating systems and often, package managers too. A company can use the Nix build tool without using the distribution.

Common Use Cases

Nix has many benefits that include a potential replacement for Docker as well as other package managers and system configurations by allowing developers to create reproducible, declarative, and secure software.

Common use cases for Nix across infrastructure and security include:

  • Reproducible Developer Environments - solving for the “it works on my machine” problem
  • Package Management - replacing Docker and containers
  • System Configuration - replacing other operating systems like Red Hat and Linux
  • Knowing what’s in your Packages via SBOM reports - offering increased security

Solving The “It Works On My Machine” Problem

The use case that resonates most with users are reproducible developer environments. Startups like Flox and Determinate Systems are finding the most immediate value here, given reproducible developer environments guarantee exactly the same environments when recreated, irrespective of when or where you run them. They ensure that tools, versions, and configurations are identical across environments. More critically, they enable developers to (1) work on projects together with the same tools and, (2) more effectively simulate production environments.

As a further example, while Docker offers tools for creating identical containers across environments, there is still no guarantee that the images will be reproducible in the future because of their third-party dependencies. Nix solves this problem by offering a package manager that isolates dependencies and makes them explicit. For developers to access true reproducible developer environments, they can leverage the nix-shell tool, which offers environments with the relevant input packages for projects. Like this developer said on Hacker News, “You can fire up nix-shell for a project and just magically have the dependencies for that project available.” Unlike a Docker image, the Nix environment is guaranteed to be reproducible, even with time.

Docker and Nix are not redundant. Many argue that they suit different use cases and in certain situations, can be used in tandem. In fact, we’re already seeing people try to unite the worlds of Nix and Kubernetes, which could be an easier on ramp for enterprises.

Some Disadvantages of Nix

Nix can be difficult to understand. According to practitioners, this has to do with a lack of tutorials and documentation. As a result, developers find Nix polarizing because of its steep learning curve. But for some, that learning curve is worth it:

Some also claim that Nix is lacking “polish” and could benefit from more mainstream adoption. 

Companies Using Nix

Nix is getting early use at legitimate companies like Shopify, Replit, Anduril, Target, GCHQ, and others. These are nice stamps of approval, but it’s too early to say what broader adoption will look like.

Additional Resources In The Nix Ecosystem

Websites / Videos: 
  • Nixos: This is the official Nix site where you can install Nix and learn more about the broader ecosystem.
  • Zero-to-Nix: This is a guide to Nix from Determinate Systems.
  • Nixology: These are a series of videos that Shopify engineer Burke Libbey compiled to help educate developers and promote Nix.
Blog Posts: 
Will Nix Overtake Docker? by Connor Brewster
“In many discussions about Nix, the comparison of Nix and Docker comes up frequently. This question could be dismissed by saying that Nix and Docker are different tools that solve different problems. One is a toolkit for building and deploying containers and the other is a package and configuration manager. However, these tools do have some overlap: they can both be used to create reproducible environments.”
Nix Primer by Alex Mackenzie
“Whatever your Nix headline of choice is, build tools & package managers bridge single-player development to multitenant production — history would have me believe that any paradigm shift in this realm is worth paying attention to.”
Nix: An Idea whose Time has Come by Rev Team
“Nix surfaces all the complexity involved in building software and forces you to deal with it. In order to make builds truly reproducible, this is largely inevitable. But once the “Nix way” is integrated, and the community tooling leveraged, your system becomes wonderfully transparent. No more chasing down configs and building tooling across your system and various languages. You gain a unified interface for dealing with building, composing, and sharing software artifacts across ecosystems. Nothing is hidden from you, and you can change whatever you like. In that sense, it belongs squarely in the Linux FOSS tradition.”

Many thanks to Jon Lehr and Kelley Mak for their contributions to this blog post!

If you’re building or investing in the space, we’d love to connect with you!