pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / k3s / single-node.nix
at 23.11-pre 2.6 kB view raw
1import ../make-test-python.nix ({ pkgs, lib, k3s, ... }: 2 let 3 imageEnv = pkgs.buildEnv { 4 name = "k3s-pause-image-env"; 5 paths = with pkgs; [ tini (hiPrio coreutils) busybox ]; 6 }; 7 pauseImage = pkgs.dockerTools.streamLayeredImage { 8 name = "test.local/pause"; 9 tag = "local"; 10 contents = imageEnv; 11 config.Entrypoint = [ "/bin/tini" "--" "/bin/sleep" "inf" ]; 12 }; 13 testPodYaml = pkgs.writeText "test.yml" '' 14 apiVersion: v1 15 kind: Pod 16 metadata: 17 name: test 18 spec: 19 containers: 20 - name: test 21 image: test.local/pause:local 22 imagePullPolicy: Never 23 command: ["sh", "-c", "sleep inf"] 24 ''; 25 in 26 { 27 name = "${k3s.name}-single-node"; 28 meta = with pkgs.lib.maintainers; { 29 maintainers = [ euank ]; 30 }; 31 32 nodes.machine = { pkgs, ... }: { 33 environment.systemPackages = with pkgs; [ k3s gzip ]; 34 35 # k3s uses enough resources the default vm fails. 36 virtualisation.memorySize = 1536; 37 virtualisation.diskSize = 4096; 38 39 services.k3s.enable = true; 40 services.k3s.role = "server"; 41 services.k3s.package = k3s; 42 # Slightly reduce resource usage 43 services.k3s.extraFlags = builtins.toString [ 44 "--disable" "coredns" 45 "--disable" "local-storage" 46 "--disable" "metrics-server" 47 "--disable" "servicelb" 48 "--disable" "traefik" 49 "--pause-image" "test.local/pause:local" 50 ]; 51 52 users.users = { 53 noprivs = { 54 isNormalUser = true; 55 description = "Can't access k3s by default"; 56 password = "*"; 57 }; 58 }; 59 }; 60 61 testScript = '' 62 start_all() 63 64 machine.wait_for_unit("k3s") 65 machine.succeed("k3s kubectl cluster-info") 66 machine.fail("sudo -u noprivs k3s kubectl cluster-info") 67 '' # Fix-Me: Tests fail for 'aarch64-linux' as: "CONFIG_CGROUP_FREEZER: missing (fail)" 68 + lib.optionalString (!pkgs.stdenv.isAarch64) ''machine.succeed("k3s check-config")'' + '' 69 70 machine.succeed( 71 "${pauseImage} | k3s ctr image import -" 72 ) 73 74 # Also wait for our service account to show up; it takes a sec 75 machine.wait_until_succeeds("k3s kubectl get serviceaccount default") 76 machine.succeed("k3s kubectl apply -f ${testPodYaml}") 77 machine.succeed("k3s kubectl wait --for 'condition=Ready' pod/test") 78 machine.succeed("k3s kubectl delete -f ${testPodYaml}") 79 80 # regression test for #176445 81 machine.fail("journalctl -o cat -u k3s.service | grep 'ipset utility not found'") 82 83 machine.shutdown() 84 ''; 85 })