nixos/tests/gvisor.nix at 25.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / gvisor.nix
at 25.11-pre 1.3 kB view raw
 1# This test runs a container through gvisor and checks if simple container starts
 2
 3import ./make-test-python.nix (
 4  { pkgs, ... }:
 5  {
 6    name = "gvisor";
 7    meta = with pkgs.lib.maintainers; {
 8      maintainers = [ ];
 9    };
10
11    nodes = {
12      gvisor =
13        { pkgs, ... }:
14        {
15          virtualisation.docker = {
16            enable = true;
17            extraOptions = "--add-runtime runsc=${pkgs.gvisor}/bin/runsc";
18          };
19
20          networking = {
21            dhcpcd.enable = false;
22            defaultGateway = "192.168.1.1";
23            interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [
24              {
25                address = "192.168.1.2";
26                prefixLength = 24;
27              }
28            ];
29          };
30        };
31    };
32
33    testScript = ''
34      start_all()
35
36      gvisor.wait_for_unit("network.target")
37      gvisor.wait_for_unit("sockets.target")
38
39      # Test the Docker runtime
40      gvisor.succeed("tar cv --files-from /dev/null | docker import - scratchimg")
41      gvisor.succeed(
42          "docker run -d --name=sleeping --runtime=runsc -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
43      )
44      gvisor.succeed("docker ps | grep sleeping")
45      gvisor.succeed("docker stop sleeping")
46    '';
47  }
48)