nixos/tests/containers-physical_interfaces.nix at 17.09-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / containers-physical_interfaces.nix
at 17.09-beta 4.5 kB view raw
  1
  2import ./make-test.nix ({ pkgs, ...} : {
  3  name = "containers-physical_interfaces";
  4  meta = with pkgs.stdenv.lib.maintainers; {
  5    maintainers = [ kampfschlaefer ];
  6  };
  7
  8  nodes = {
  9    server = { config, pkgs, ... }:
 10      {
 11        virtualisation.memorySize = 256;
 12        virtualisation.vlans = [ 1 ];
 13
 14        containers.server = {
 15          privateNetwork = true;
 16          interfaces = [ "eth1" ];
 17
 18          config = {
 19            networking.interfaces.eth1 = {
 20              ip4 = [ { address = "10.10.0.1"; prefixLength = 24; } ];
 21            };
 22            networking.firewall.enable = false;
 23          };
 24        };
 25      };
 26    bridged = { config, pkgs, ... }: {
 27      virtualisation.memorySize = 128;
 28      virtualisation.vlans = [ 1 ];
 29
 30      containers.bridged = {
 31        privateNetwork = true;
 32        interfaces = [ "eth1" ];
 33
 34        config = {
 35          networking.bridges.br0.interfaces = [ "eth1" ];
 36          networking.interfaces.br0 = {
 37            ip4 = [ { address = "10.10.0.2"; prefixLength = 24; } ];
 38          };
 39          networking.firewall.enable = false;
 40        };
 41      };
 42    };
 43
 44    bonded = { config, pkgs, ... }: {
 45      virtualisation.memorySize = 128;
 46      virtualisation.vlans = [ 1 ];
 47
 48      containers.bonded = {
 49        privateNetwork = true;
 50        interfaces = [ "eth1" ];
 51
 52        config = {
 53          networking.bonds.bond0 = {
 54            interfaces = [ "eth1" ];
 55            mode = "active-backup";
 56          };
 57          networking.interfaces.bond0 = {
 58            ip4 = [ { address = "10.10.0.3"; prefixLength = 24; } ];
 59          };
 60          networking.firewall.enable = false;
 61        };
 62      };
 63    };
 64
 65    bridgedbond = { config, pkgs, ... }: {
 66      virtualisation.memorySize = 128;
 67      virtualisation.vlans = [ 1 ];
 68
 69      containers.bridgedbond = {
 70        privateNetwork = true;
 71        interfaces = [ "eth1" ];
 72
 73        config = {
 74          networking.bonds.bond0 = {
 75            interfaces = [ "eth1" ];
 76            mode = "active-backup";
 77          };
 78          networking.bridges.br0.interfaces = [ "bond0" ];
 79          networking.interfaces.br0 = {
 80            ip4 = [ { address = "10.10.0.4"; prefixLength = 24; } ];
 81          };
 82          networking.firewall.enable = false;
 83        };
 84      };
 85    };
 86  };
 87
 88  testScript = ''
 89    startAll;
 90
 91    subtest "prepare server", sub {
 92      $server->waitForUnit("default.target");
 93      $server->succeed("ip link show dev eth1 >&2");
 94    };
 95
 96    subtest "simple physical interface", sub {
 97      $server->succeed("nixos-container start server");
 98      $server->waitForUnit("container\@server");
 99      $server->succeed("systemctl -M server list-dependencies network-addresses-eth1.service >&2");
100
101      # The other tests will ping this container on its ip. Here we just check
102      # that the device is present in the container.
103      $server->succeed("nixos-container run server -- ip a show dev eth1 >&2");
104    };
105
106    subtest "physical device in bridge in container", sub {
107      $bridged->waitForUnit("default.target");
108      $bridged->succeed("nixos-container start bridged");
109      $bridged->waitForUnit("container\@bridged");
110      $bridged->succeed("systemctl -M bridged list-dependencies network-addresses-br0.service >&2");
111      $bridged->succeed("systemctl -M bridged status -n 30 -l network-addresses-br0.service");
112      $bridged->succeed("nixos-container run bridged -- ping -w 10 -c 1 -n 10.10.0.1");
113    };
114
115    subtest "physical device in bond in container", sub {
116      $bonded->waitForUnit("default.target");
117      $bonded->succeed("nixos-container start bonded");
118      $bonded->waitForUnit("container\@bonded");
119      $bonded->succeed("systemctl -M bonded list-dependencies network-addresses-bond0 >&2");
120      $bonded->succeed("systemctl -M bonded status -n 30 -l network-addresses-bond0 >&2");
121      $bonded->succeed("nixos-container run bonded -- ping -w 10 -c 1 -n 10.10.0.1");
122    };
123
124    subtest "physical device in bond in bridge in container", sub {
125      $bridgedbond->waitForUnit("default.target");
126      $bridgedbond->succeed("nixos-container start bridgedbond");
127      $bridgedbond->waitForUnit("container\@bridgedbond");
128      $bridgedbond->succeed("systemctl -M bridgedbond list-dependencies network-addresses-br0.service >&2");
129      $bridgedbond->succeed("systemctl -M bridgedbond status -n 30 -l network-addresses-br0.service");
130      $bridgedbond->succeed("nixos-container run bridgedbond -- ping -w 10 -c 1 -n 10.10.0.1");
131    };
132  '';
133})