pyrox.dev
1import ./make-test-python.nix ({ pkgs, lib, ... }: {
2 name = "containers-physical_interfaces";
3 meta = {
4 maintainers = with lib.maintainers; [ kampfschlaefer ];
5 };
6
7 nodes = {
8 server = { ... }:
9 {
10 virtualisation.memorySize = 256;
11 virtualisation.vlans = [ 1 ];
12
13 containers.server = {
14 privateNetwork = true;
15 interfaces = [ "eth1" ];
16
17 config = {
18 networking.interfaces.eth1.ipv4.addresses = [
19 { address = "10.10.0.1"; prefixLength = 24; }
20 ];
21 networking.firewall.enable = false;
22 };
23 };
24 };
25 bridged = { ... }: {
26 virtualisation.memorySize = 128;
27 virtualisation.vlans = [ 1 ];
28
29 containers.bridged = {
30 privateNetwork = true;
31 interfaces = [ "eth1" ];
32
33 config = {
34 networking.bridges.br0.interfaces = [ "eth1" ];
35 networking.interfaces.br0.ipv4.addresses = [
36 { address = "10.10.0.2"; prefixLength = 24; }
37 ];
38 networking.firewall.enable = false;
39 };
40 };
41 };
42
43 bonded = { ... }: {
44 virtualisation.memorySize = 128;
45 virtualisation.vlans = [ 1 ];
46
47 containers.bonded = {
48 privateNetwork = true;
49 interfaces = [ "eth1" ];
50
51 config = {
52 networking.bonds.bond0 = {
53 interfaces = [ "eth1" ];
54 driverOptions.mode = "active-backup";
55 };
56 networking.interfaces.bond0.ipv4.addresses = [
57 { address = "10.10.0.3"; prefixLength = 24; }
58 ];
59 networking.firewall.enable = false;
60 };
61 };
62 };
63
64 bridgedbond = { ... }: {
65 virtualisation.memorySize = 128;
66 virtualisation.vlans = [ 1 ];
67
68 containers.bridgedbond = {
69 privateNetwork = true;
70 interfaces = [ "eth1" ];
71
72 config = {
73 networking.bonds.bond0 = {
74 interfaces = [ "eth1" ];
75 driverOptions.mode = "active-backup";
76 };
77 networking.bridges.br0.interfaces = [ "bond0" ];
78 networking.interfaces.br0.ipv4.addresses = [
79 { address = "10.10.0.4"; prefixLength = 24; }
80 ];
81 networking.firewall.enable = false;
82 };
83 };
84 };
85 };
86
87 testScript = ''
88 start_all()
89
90 with subtest("Prepare server"):
91 server.wait_for_unit("default.target")
92 server.succeed("ip link show dev eth1 >&2")
93
94 with subtest("Simple physical interface is up"):
95 server.succeed("nixos-container start server")
96 server.wait_for_unit("container@server")
97 server.succeed(
98 "systemctl -M server list-dependencies network-addresses-eth1.service >&2"
99 )
100
101 # The other tests will ping this container on its ip. Here we just check
102 # that the device is present in the container.
103 server.succeed("nixos-container run server -- ip a show dev eth1 >&2")
104
105 with subtest("Physical device in bridge in container can ping server"):
106 bridged.wait_for_unit("default.target")
107 bridged.succeed("nixos-container start bridged")
108 bridged.wait_for_unit("container@bridged")
109 bridged.succeed(
110 "systemctl -M bridged list-dependencies network-addresses-br0.service >&2",
111 "systemctl -M bridged status -n 30 -l network-addresses-br0.service",
112 "nixos-container run bridged -- ping -w 10 -c 1 -n 10.10.0.1",
113 )
114
115 with subtest("Physical device in bond in container can ping server"):
116 bonded.wait_for_unit("default.target")
117 bonded.succeed("nixos-container start bonded")
118 bonded.wait_for_unit("container@bonded")
119 bonded.succeed(
120 "systemctl -M bonded list-dependencies network-addresses-bond0 >&2",
121 "systemctl -M bonded status -n 30 -l network-addresses-bond0 >&2",
122 "nixos-container run bonded -- ping -w 10 -c 1 -n 10.10.0.1",
123 )
124
125 with subtest("Physical device in bond in bridge in container can ping server"):
126 bridgedbond.wait_for_unit("default.target")
127 bridgedbond.succeed("nixos-container start bridgedbond")
128 bridgedbond.wait_for_unit("container@bridgedbond")
129 bridgedbond.succeed(
130 "systemctl -M bridgedbond list-dependencies network-addresses-br0.service >&2",
131 "systemctl -M bridgedbond status -n 30 -l network-addresses-br0.service",
132 "nixos-container run bridgedbond -- ping -w 10 -c 1 -n 10.10.0.1",
133 )
134 '';
135})