pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / containers-restart_networking.nix
at 18.03-beta 3.8 kB view raw
1# Test for NixOS' container support. 2 3let 4 client_base = rec { 5 networking.firewall.enable = false; 6 7 containers.webserver = { 8 autoStart = true; 9 privateNetwork = true; 10 hostBridge = "br0"; 11 config = { 12 networking.firewall.enable = false; 13 networking.firewall.allowPing = true; 14 networking.interfaces.eth0.ipv4.addresses = [ 15 { address = "192.168.1.122"; prefixLength = 24; } 16 ]; 17 }; 18 }; 19 }; 20in import ./make-test.nix ({ pkgs, lib, ...} : 21{ 22 name = "containers-restart_networking"; 23 meta = with pkgs.stdenv.lib.maintainers; { 24 maintainers = [ kampfschlaefer ]; 25 }; 26 27 nodes = { 28 client = { lib, pkgs, ... }: client_base // { 29 virtualisation.vlans = [ 1 ]; 30 31 networking.bridges.br0 = { 32 interfaces = []; 33 rstp = false; 34 }; 35 networking.interfaces = { 36 eth1.ipv4.addresses = lib.mkOverride 0 [ ]; 37 br0.ipv4.addresses = [ { address = "192.168.1.1"; prefixLength = 24; } ]; 38 }; 39 40 }; 41 client_eth1 = { lib, pkgs, ... }: client_base // { 42 networking.bridges.br0 = { 43 interfaces = [ "eth1" ]; 44 rstp = false; 45 }; 46 networking.interfaces = { 47 eth1.ipv4.addresses = lib.mkOverride 0 [ ]; 48 br0.ipv4.addresses = [ { address = "192.168.1.2"; prefixLength = 24; } ]; 49 }; 50 }; 51 client_eth1_rstp = { lib, pkgs, ... }: client_base // { 52 networking.bridges.br0 = { 53 interfaces = [ "eth1" ]; 54 rstp = true; 55 }; 56 networking.interfaces = { 57 eth1.ipv4.addresses = lib.mkOverride 0 [ ]; 58 br0.ipv4.addresses = [ { address = "192.168.1.2"; prefixLength = 24; } ]; 59 }; 60 }; 61 }; 62 63 testScript = {nodes, ...}: let 64 originalSystem = nodes.client.config.system.build.toplevel; 65 eth1_bridged = nodes.client_eth1.config.system.build.toplevel; 66 eth1_rstp = nodes.client_eth1_rstp.config.system.build.toplevel; 67 in '' 68 $client->start(); 69 70 $client->waitForUnit("default.target"); 71 72 subtest "initial state", sub { 73 $client->succeed("ping 192.168.1.122 -c 1 -n >&2"); 74 $client->succeed("nixos-container run webserver -- ping -c 1 -n 192.168.1.1 >&2"); 75 76 $client->fail("ip l show eth1 |grep \"master br0\" >&2"); 77 $client->fail("grep eth1 /run/br0.interfaces >&2"); 78 }; 79 80 subtest "interfaces without stp", sub { 81 $client->succeed("${eth1_bridged}/bin/switch-to-configuration test >&2"); 82 83 $client->succeed("ping 192.168.1.122 -c 1 -n >&2"); 84 $client->succeed("nixos-container run webserver -- ping -c 1 -n 192.168.1.2 >&2"); 85 86 $client->succeed("ip l show eth1 |grep \"master br0\" >&2"); 87 $client->succeed("grep eth1 /run/br0.interfaces >&2"); 88 }; 89 90 # activating rstp needs another service, therefor the bridge will restart and the container will loose its connectivity 91 #subtest "interfaces with rstp", sub { 92 # $client->succeed("${eth1_rstp}/bin/switch-to-configuration test >&2"); 93 # $client->execute("ip -4 a >&2"); 94 # $client->execute("ip l >&2"); 95 # 96 # $client->succeed("ping 192.168.1.122 -c 1 -n >&2"); 97 # $client->succeed("nixos-container run webserver -- ping -c 1 -n 192.168.1.2 >&2"); 98 # 99 # $client->succeed("ip l show eth1 |grep \"master br0\" >&2"); 100 # $client->succeed("grep eth1 /run/br0.interfaces >&2"); 101 #}; 102 103 subtest "back to no interfaces and no stp", sub { 104 $client->succeed("${originalSystem}/bin/switch-to-configuration test >&2"); 105 106 $client->succeed("ping 192.168.1.122 -c 1 -n >&2"); 107 $client->succeed("nixos-container run webserver -- ping -c 1 -n 192.168.1.1 >&2"); 108 109 $client->fail("ip l show eth1 |grep \"master br0\" >&2"); 110 $client->fail("grep eth1 /run/br0.interfaces >&2"); 111 }; 112 ''; 113 114})