pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / containers-physical_interfaces.nix
at 25.11-pre 4.9 kB view raw
1import ./make-test-python.nix ( 2 { pkgs, lib, ... }: 3 { 4 name = "containers-physical_interfaces"; 5 meta = { 6 maintainers = with lib.maintainers; [ kampfschlaefer ]; 7 }; 8 9 nodes = { 10 server = 11 { ... }: 12 { 13 virtualisation.vlans = [ 1 ]; 14 15 containers.server = { 16 privateNetwork = true; 17 interfaces = [ "eth1" ]; 18 19 config = { 20 networking.interfaces.eth1.ipv4.addresses = [ 21 { 22 address = "10.10.0.1"; 23 prefixLength = 24; 24 } 25 ]; 26 networking.firewall.enable = false; 27 }; 28 }; 29 }; 30 bridged = 31 { ... }: 32 { 33 virtualisation.vlans = [ 1 ]; 34 35 containers.bridged = { 36 privateNetwork = true; 37 interfaces = [ "eth1" ]; 38 39 config = { 40 networking.bridges.br0.interfaces = [ "eth1" ]; 41 networking.interfaces.br0.ipv4.addresses = [ 42 { 43 address = "10.10.0.2"; 44 prefixLength = 24; 45 } 46 ]; 47 networking.firewall.enable = false; 48 }; 49 }; 50 }; 51 52 bonded = 53 { ... }: 54 { 55 virtualisation.vlans = [ 1 ]; 56 57 containers.bonded = { 58 privateNetwork = true; 59 interfaces = [ "eth1" ]; 60 61 config = { 62 networking.bonds.bond0 = { 63 interfaces = [ "eth1" ]; 64 driverOptions.mode = "active-backup"; 65 }; 66 networking.interfaces.bond0.ipv4.addresses = [ 67 { 68 address = "10.10.0.3"; 69 prefixLength = 24; 70 } 71 ]; 72 networking.firewall.enable = false; 73 }; 74 }; 75 }; 76 77 bridgedbond = 78 { ... }: 79 { 80 virtualisation.vlans = [ 1 ]; 81 82 containers.bridgedbond = { 83 privateNetwork = true; 84 interfaces = [ "eth1" ]; 85 86 config = { 87 networking.bonds.bond0 = { 88 interfaces = [ "eth1" ]; 89 driverOptions.mode = "active-backup"; 90 }; 91 networking.bridges.br0.interfaces = [ "bond0" ]; 92 networking.interfaces.br0.ipv4.addresses = [ 93 { 94 address = "10.10.0.4"; 95 prefixLength = 24; 96 } 97 ]; 98 networking.firewall.enable = false; 99 }; 100 }; 101 }; 102 }; 103 104 testScript = '' 105 start_all() 106 107 with subtest("Prepare server"): 108 server.wait_for_unit("default.target") 109 server.succeed("ip link show dev eth1 >&2") 110 111 with subtest("Simple physical interface is up"): 112 server.succeed("nixos-container start server") 113 server.wait_for_unit("container@server") 114 server.succeed( 115 "systemctl -M server list-dependencies network-addresses-eth1.service >&2" 116 ) 117 118 # The other tests will ping this container on its ip. Here we just check 119 # that the device is present in the container. 120 server.succeed("nixos-container run server -- ip a show dev eth1 >&2") 121 122 with subtest("Physical device in bridge in container can ping server"): 123 bridged.wait_for_unit("default.target") 124 bridged.succeed("nixos-container start bridged") 125 bridged.wait_for_unit("container@bridged") 126 bridged.succeed( 127 "systemctl -M bridged list-dependencies network-addresses-br0.service >&2", 128 "systemctl -M bridged status -n 30 -l network-addresses-br0.service", 129 "nixos-container run bridged -- ping -w 10 -c 1 -n 10.10.0.1", 130 ) 131 132 with subtest("Physical device in bond in container can ping server"): 133 bonded.wait_for_unit("default.target") 134 bonded.succeed("nixos-container start bonded") 135 bonded.wait_for_unit("container@bonded") 136 bonded.succeed( 137 "systemctl -M bonded list-dependencies network-addresses-bond0 >&2", 138 "systemctl -M bonded status -n 30 -l network-addresses-bond0 >&2", 139 "nixos-container run bonded -- ping -w 10 -c 1 -n 10.10.0.1", 140 ) 141 142 with subtest("Physical device in bond in bridge in container can ping server"): 143 bridgedbond.wait_for_unit("default.target") 144 bridgedbond.succeed("nixos-container start bridgedbond") 145 bridgedbond.wait_for_unit("container@bridgedbond") 146 bridgedbond.succeed( 147 "systemctl -M bridgedbond list-dependencies network-addresses-br0.service >&2", 148 "systemctl -M bridgedbond status -n 30 -l network-addresses-br0.service", 149 "nixos-container run bridgedbond -- ping -w 10 -c 1 -n 10.10.0.1", 150 ) 151 ''; 152 } 153)