pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / containers-physical_interfaces.nix
at master 4.6 kB view raw
1{ pkgs, lib, ... }: 2{ 3 name = "containers-physical_interfaces"; 4 meta = { 5 maintainers = with lib.maintainers; [ kampfschlaefer ]; 6 }; 7 8 nodes = { 9 server = 10 { ... }: 11 { 12 virtualisation.vlans = [ 1 ]; 13 14 containers.server = { 15 privateNetwork = true; 16 interfaces = [ "eth1" ]; 17 18 config = { 19 networking.interfaces.eth1.ipv4.addresses = [ 20 { 21 address = "10.10.0.1"; 22 prefixLength = 24; 23 } 24 ]; 25 networking.firewall.enable = false; 26 }; 27 }; 28 }; 29 bridged = 30 { ... }: 31 { 32 virtualisation.vlans = [ 1 ]; 33 34 containers.bridged = { 35 privateNetwork = true; 36 interfaces = [ "eth1" ]; 37 38 config = { 39 networking.bridges.br0.interfaces = [ "eth1" ]; 40 networking.interfaces.br0.ipv4.addresses = [ 41 { 42 address = "10.10.0.2"; 43 prefixLength = 24; 44 } 45 ]; 46 networking.firewall.enable = false; 47 }; 48 }; 49 }; 50 51 bonded = 52 { ... }: 53 { 54 virtualisation.vlans = [ 1 ]; 55 56 containers.bonded = { 57 privateNetwork = true; 58 interfaces = [ "eth1" ]; 59 60 config = { 61 networking.bonds.bond0 = { 62 interfaces = [ "eth1" ]; 63 driverOptions.mode = "active-backup"; 64 }; 65 networking.interfaces.bond0.ipv4.addresses = [ 66 { 67 address = "10.10.0.3"; 68 prefixLength = 24; 69 } 70 ]; 71 networking.firewall.enable = false; 72 }; 73 }; 74 }; 75 76 bridgedbond = 77 { ... }: 78 { 79 virtualisation.vlans = [ 1 ]; 80 81 containers.bridgedbond = { 82 privateNetwork = true; 83 interfaces = [ "eth1" ]; 84 85 config = { 86 networking.bonds.bond0 = { 87 interfaces = [ "eth1" ]; 88 driverOptions.mode = "active-backup"; 89 }; 90 networking.bridges.br0.interfaces = [ "bond0" ]; 91 networking.interfaces.br0.ipv4.addresses = [ 92 { 93 address = "10.10.0.4"; 94 prefixLength = 24; 95 } 96 ]; 97 networking.firewall.enable = false; 98 }; 99 }; 100 }; 101 }; 102 103 testScript = '' 104 start_all() 105 106 with subtest("Prepare server"): 107 server.wait_for_unit("default.target") 108 server.succeed("ip link show dev eth1 >&2") 109 110 with subtest("Simple physical interface is up"): 111 server.succeed("nixos-container start server") 112 server.wait_for_unit("container@server") 113 server.succeed( 114 "systemctl -M server list-dependencies network-addresses-eth1.service >&2" 115 ) 116 117 # The other tests will ping this container on its ip. Here we just check 118 # that the device is present in the container. 119 server.succeed("nixos-container run server -- ip a show dev eth1 >&2") 120 121 with subtest("Physical device in bridge in container can ping server"): 122 bridged.wait_for_unit("default.target") 123 bridged.succeed("nixos-container start bridged") 124 bridged.wait_for_unit("container@bridged") 125 bridged.succeed( 126 "systemctl -M bridged list-dependencies network-addresses-br0.service >&2", 127 "systemctl -M bridged status -n 30 -l network-addresses-br0.service", 128 "nixos-container run bridged -- ping -w 10 -c 1 -n 10.10.0.1", 129 ) 130 131 with subtest("Physical device in bond in container can ping server"): 132 bonded.wait_for_unit("default.target") 133 bonded.succeed("nixos-container start bonded") 134 bonded.wait_for_unit("container@bonded") 135 bonded.succeed( 136 "systemctl -M bonded list-dependencies network-addresses-bond0 >&2", 137 "systemctl -M bonded status -n 30 -l network-addresses-bond0 >&2", 138 "nixos-container run bonded -- ping -w 10 -c 1 -n 10.10.0.1", 139 ) 140 141 with subtest("Physical device in bond in bridge in container can ping server"): 142 bridgedbond.wait_for_unit("default.target") 143 bridgedbond.succeed("nixos-container start bridgedbond") 144 bridgedbond.wait_for_unit("container@bridgedbond") 145 bridgedbond.succeed( 146 "systemctl -M bridgedbond list-dependencies network-addresses-br0.service >&2", 147 "systemctl -M bridgedbond status -n 30 -l network-addresses-br0.service", 148 "nixos-container run bridgedbond -- ping -w 10 -c 1 -n 10.10.0.1", 149 ) 150 ''; 151}