pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / containers-restart_networking.nix
at 25.11-pre 4.1 kB view raw
1import ./make-test-python.nix ( 2 { pkgs, lib, ... }: 3 { 4 name = "containers-restart_networking"; 5 meta = { 6 maintainers = with lib.maintainers; [ kampfschlaefer ]; 7 }; 8 9 nodes = { 10 client = { 11 virtualisation.vlans = [ 1 ]; 12 13 networking.firewall.enable = false; 14 15 containers.webserver = { 16 autoStart = true; 17 privateNetwork = true; 18 hostBridge = "br0"; 19 config = { 20 networking.firewall.enable = false; 21 networking.interfaces.eth0.ipv4.addresses = [ 22 { 23 address = "192.168.1.122"; 24 prefixLength = 24; 25 } 26 ]; 27 }; 28 }; 29 30 networking.bridges.br0 = { 31 interfaces = [ ]; 32 rstp = false; 33 }; 34 35 networking.interfaces.br0.ipv4.addresses = [ 36 { 37 address = "192.168.1.1"; 38 prefixLength = 24; 39 } 40 ]; 41 42 networking.interfaces.eth1 = { 43 ipv4.addresses = lib.mkForce [ ]; 44 ipv6.addresses = lib.mkForce [ ]; 45 }; 46 47 specialisation.eth1.configuration = { 48 networking.bridges.br0.interfaces = [ "eth1" ]; 49 networking.interfaces = { 50 eth1.ipv4.addresses = lib.mkForce [ ]; 51 eth1.ipv6.addresses = lib.mkForce [ ]; 52 br0.ipv4.addresses = [ 53 { 54 address = "192.168.1.2"; 55 prefixLength = 24; 56 } 57 ]; 58 }; 59 }; 60 61 specialisation.eth1-rstp.configuration = { 62 networking.bridges.br0 = { 63 interfaces = [ "eth1" ]; 64 rstp = lib.mkForce true; 65 }; 66 67 networking.interfaces = { 68 eth1.ipv4.addresses = lib.mkForce [ ]; 69 eth1.ipv6.addresses = lib.mkForce [ ]; 70 br0.ipv4.addresses = [ 71 { 72 address = "192.168.1.2"; 73 prefixLength = 24; 74 } 75 ]; 76 }; 77 }; 78 }; 79 }; 80 81 testScript = '' 82 client.start() 83 84 client.wait_for_unit("default.target") 85 86 with subtest("Initial configuration connectivity check"): 87 client.succeed("ping 192.168.1.122 -c 1 -n >&2") 88 client.succeed("nixos-container run webserver -- ping -c 1 -n 192.168.1.1 >&2") 89 90 client.fail("ip l show eth1 |grep 'master br0' >&2") 91 client.fail("grep eth1 /run/br0.interfaces >&2") 92 93 with subtest("Bridged configuration without STP preserves connectivity"): 94 client.succeed( 95 "/run/booted-system/specialisation/eth1/bin/switch-to-configuration test >&2" 96 ) 97 98 client.succeed( 99 "ping 192.168.1.122 -c 1 -n >&2", 100 "nixos-container run webserver -- ping -c 1 -n 192.168.1.2 >&2", 101 "ip l show eth1 |grep 'master br0' >&2", 102 "grep eth1 /run/br0.interfaces >&2", 103 ) 104 105 # activating rstp needs another service, therefore the bridge will restart and the container will lose its connectivity 106 # with subtest("Bridged configuration with STP"): 107 # client.succeed("/run/booted-system/specialisation/eth1-rstp/bin/switch-to-configuration test >&2") 108 # client.execute("ip -4 a >&2") 109 # client.execute("ip l >&2") 110 # 111 # client.succeed( 112 # "ping 192.168.1.122 -c 1 -n >&2", 113 # "nixos-container run webserver -- ping -c 1 -n 192.168.1.2 >&2", 114 # "ip l show eth1 |grep 'master br0' >&2", 115 # "grep eth1 /run/br0.interfaces >&2", 116 # ) 117 118 with subtest("Reverting to initial configuration preserves connectivity"): 119 client.succeed( 120 "/run/booted-system/bin/switch-to-configuration test >&2" 121 ) 122 123 client.succeed("ping 192.168.1.122 -c 1 -n >&2") 124 client.succeed("nixos-container run webserver -- ping -c 1 -n 192.168.1.1 >&2") 125 126 client.fail("ip l show eth1 |grep 'master br0' >&2") 127 client.fail("grep eth1 /run/br0.interfaces >&2") 128 ''; 129 130 } 131)