pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / containers-extra_veth.nix
at 21.11-pre 3.1 kB view raw
1import ./make-test-python.nix ({ pkgs, lib, ... }: { 2 name = "containers-extra_veth"; 3 meta = { 4 maintainers = with lib.maintainers; [ kampfschlaefer ]; 5 }; 6 7 machine = 8 { pkgs, ... }: 9 { imports = [ ../modules/installer/cd-dvd/channel.nix ]; 10 virtualisation.writableStore = true; 11 virtualisation.memorySize = 768; 12 virtualisation.vlans = []; 13 14 networking.useDHCP = false; 15 networking.bridges = { 16 br0 = { 17 interfaces = []; 18 }; 19 br1 = { interfaces = []; }; 20 }; 21 networking.interfaces = { 22 br0 = { 23 ipv4.addresses = [{ address = "192.168.0.1"; prefixLength = 24; }]; 24 ipv6.addresses = [{ address = "fc00::1"; prefixLength = 7; }]; 25 }; 26 br1 = { 27 ipv4.addresses = [{ address = "192.168.1.1"; prefixLength = 24; }]; 28 }; 29 }; 30 31 containers.webserver = 32 { 33 autoStart = true; 34 privateNetwork = true; 35 hostBridge = "br0"; 36 localAddress = "192.168.0.100/24"; 37 localAddress6 = "fc00::2/7"; 38 extraVeths = { 39 veth1 = { hostBridge = "br1"; localAddress = "192.168.1.100/24"; }; 40 veth2 = { hostAddress = "192.168.2.1"; localAddress = "192.168.2.100"; }; 41 }; 42 config = 43 { 44 networking.firewall.allowedTCPPorts = [ 80 ]; 45 }; 46 }; 47 48 virtualisation.pathsInNixDB = [ pkgs.stdenv ]; 49 }; 50 51 testScript = 52 '' 53 machine.wait_for_unit("default.target") 54 assert "webserver" in machine.succeed("nixos-container list") 55 56 with subtest("Status of the webserver container is up"): 57 assert "up" in machine.succeed("nixos-container status webserver") 58 59 with subtest("Ensure that the veths are inside the container"): 60 assert "state UP" in machine.succeed( 61 "nixos-container run webserver -- ip link show veth1" 62 ) 63 assert "state UP" in machine.succeed( 64 "nixos-container run webserver -- ip link show veth2" 65 ) 66 67 with subtest("Ensure the presence of the extra veths"): 68 assert "state UP" in machine.succeed("ip link show veth1") 69 assert "state UP" in machine.succeed("ip link show veth2") 70 71 with subtest("Ensure the veth1 is part of br1 on the host"): 72 assert "master br1" in machine.succeed("ip link show veth1") 73 74 with subtest("Ping on main veth"): 75 machine.succeed("ping -n -c 1 192.168.0.100") 76 machine.succeed("ping -n -c 1 fc00::2") 77 78 with subtest("Ping on the first extra veth"): 79 machine.succeed("ping -n -c 1 192.168.1.100 >&2") 80 81 with subtest("Ping on the second extra veth"): 82 machine.succeed("ping -n -c 1 192.168.2.100 >&2") 83 84 with subtest("Container can be stopped"): 85 machine.succeed("nixos-container stop webserver") 86 machine.fail("ping -n -c 1 192.168.1.100 >&2") 87 machine.fail("ping -n -c 1 192.168.2.100 >&2") 88 89 with subtest("Destroying a declarative container should fail"): 90 machine.fail("nixos-container destroy webserver") 91 ''; 92})