nixos/tests/containers-macvlans.nix at 25.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / containers-macvlans.nix
at 25.11-pre 2.6 kB view raw
  1let
  2  # containers IP on VLAN 1
  3  containerIp1 = "192.168.1.253";
  4  containerIp2 = "192.168.1.254";
  5in
  6
  7import ./make-test-python.nix (
  8  { pkgs, lib, ... }:
  9  {
 10    name = "containers-macvlans";
 11    meta = {
 12      maintainers = with lib.maintainers; [ montag451 ];
 13    };
 14
 15    nodes = {
 16
 17      machine1 =
 18        { lib, ... }:
 19        {
 20          virtualisation.vlans = [ 1 ];
 21
 22          # To be able to ping containers from the host, it is necessary
 23          # to create a macvlan on the host on the VLAN 1 network.
 24          networking.macvlans.mv-eth1-host = {
 25            interface = "eth1";
 26            mode = "bridge";
 27          };
 28          networking.interfaces.eth1.ipv4.addresses = lib.mkForce [ ];
 29          networking.interfaces.mv-eth1-host = {
 30            ipv4.addresses = [
 31              {
 32                address = "192.168.1.1";
 33                prefixLength = 24;
 34              }
 35            ];
 36          };
 37
 38          containers.test1 = {
 39            autoStart = true;
 40            macvlans = [ "eth1" ];
 41
 42            config = {
 43              networking.interfaces.mv-eth1 = {
 44                ipv4.addresses = [
 45                  {
 46                    address = containerIp1;
 47                    prefixLength = 24;
 48                  }
 49                ];
 50              };
 51            };
 52          };
 53
 54          containers.test2 = {
 55            autoStart = true;
 56            macvlans = [ "eth1" ];
 57
 58            config = {
 59              networking.interfaces.mv-eth1 = {
 60                ipv4.addresses = [
 61                  {
 62                    address = containerIp2;
 63                    prefixLength = 24;
 64                  }
 65                ];
 66              };
 67            };
 68          };
 69        };
 70
 71      machine2 =
 72        { ... }:
 73        {
 74          virtualisation.vlans = [ 1 ];
 75        };
 76
 77    };
 78
 79    testScript = ''
 80      start_all()
 81      machine1.wait_for_unit("default.target")
 82      machine2.wait_for_unit("default.target")
 83
 84      with subtest(
 85          "Ping between containers to check that macvlans are created in bridge mode"
 86      ):
 87          machine1.succeed("nixos-container run test1 -- ping -n -c 1 ${containerIp2}")
 88
 89      with subtest("Ping containers from the host (machine1)"):
 90          machine1.succeed("ping -n -c 1 ${containerIp1}")
 91          machine1.succeed("ping -n -c 1 ${containerIp2}")
 92
 93      with subtest(
 94          "Ping containers from the second machine to check that containers are reachable from the outside"
 95      ):
 96          machine2.succeed("ping -n -c 1 ${containerIp1}")
 97          machine2.succeed("ping -n -c 1 ${containerIp2}")
 98    '';
 99  }
100)