pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / containers-restart_networking.nix
at master 3.8 kB view raw
1{ pkgs, lib, ... }: 2{ 3 name = "containers-restart_networking"; 4 meta = { 5 maintainers = with lib.maintainers; [ kampfschlaefer ]; 6 }; 7 8 nodes = { 9 client = { 10 virtualisation.vlans = [ 1 ]; 11 12 networking.firewall.enable = false; 13 14 containers.webserver = { 15 autoStart = true; 16 privateNetwork = true; 17 hostBridge = "br0"; 18 config = { 19 networking.firewall.enable = false; 20 networking.interfaces.eth0.ipv4.addresses = [ 21 { 22 address = "192.168.1.122"; 23 prefixLength = 24; 24 } 25 ]; 26 }; 27 }; 28 29 networking.bridges.br0 = { 30 interfaces = [ ]; 31 rstp = false; 32 }; 33 34 networking.interfaces.br0.ipv4.addresses = [ 35 { 36 address = "192.168.1.1"; 37 prefixLength = 24; 38 } 39 ]; 40 41 networking.interfaces.eth1 = { 42 ipv4.addresses = lib.mkForce [ ]; 43 ipv6.addresses = lib.mkForce [ ]; 44 }; 45 46 specialisation.eth1.configuration = { 47 networking.bridges.br0.interfaces = [ "eth1" ]; 48 networking.interfaces = { 49 eth1.ipv4.addresses = lib.mkForce [ ]; 50 eth1.ipv6.addresses = lib.mkForce [ ]; 51 br0.ipv4.addresses = [ 52 { 53 address = "192.168.1.2"; 54 prefixLength = 24; 55 } 56 ]; 57 }; 58 }; 59 60 specialisation.eth1-rstp.configuration = { 61 networking.bridges.br0 = { 62 interfaces = [ "eth1" ]; 63 rstp = lib.mkForce true; 64 }; 65 66 networking.interfaces = { 67 eth1.ipv4.addresses = lib.mkForce [ ]; 68 eth1.ipv6.addresses = lib.mkForce [ ]; 69 br0.ipv4.addresses = [ 70 { 71 address = "192.168.1.2"; 72 prefixLength = 24; 73 } 74 ]; 75 }; 76 }; 77 }; 78 }; 79 80 testScript = '' 81 client.start() 82 83 client.wait_for_unit("default.target") 84 85 with subtest("Initial configuration connectivity check"): 86 client.succeed("ping 192.168.1.122 -c 1 -n >&2") 87 client.succeed("nixos-container run webserver -- ping -c 1 -n 192.168.1.1 >&2") 88 89 client.fail("ip l show eth1 |grep 'master br0' >&2") 90 client.fail("grep eth1 /run/br0.interfaces >&2") 91 92 with subtest("Bridged configuration without STP preserves connectivity"): 93 client.succeed( 94 "/run/booted-system/specialisation/eth1/bin/switch-to-configuration test >&2" 95 ) 96 97 client.succeed( 98 "ping 192.168.1.122 -c 1 -n >&2", 99 "nixos-container run webserver -- ping -c 1 -n 192.168.1.2 >&2", 100 "ip l show eth1 |grep 'master br0' >&2", 101 "grep eth1 /run/br0.interfaces >&2", 102 ) 103 104 # activating rstp needs another service, therefore the bridge will restart and the container will lose its connectivity 105 # with subtest("Bridged configuration with STP"): 106 # client.succeed("/run/booted-system/specialisation/eth1-rstp/bin/switch-to-configuration test >&2") 107 # client.execute("ip -4 a >&2") 108 # client.execute("ip l >&2") 109 # 110 # client.succeed( 111 # "ping 192.168.1.122 -c 1 -n >&2", 112 # "nixos-container run webserver -- ping -c 1 -n 192.168.1.2 >&2", 113 # "ip l show eth1 |grep 'master br0' >&2", 114 # "grep eth1 /run/br0.interfaces >&2", 115 # ) 116 117 with subtest("Reverting to initial configuration preserves connectivity"): 118 client.succeed( 119 "/run/booted-system/bin/switch-to-configuration test >&2" 120 ) 121 122 client.succeed("ping 192.168.1.122 -c 1 -n >&2") 123 client.succeed("nixos-container run webserver -- ping -c 1 -n 192.168.1.1 >&2") 124 125 client.fail("ip l show eth1 |grep 'master br0' >&2") 126 client.fail("grep eth1 /run/br0.interfaces >&2") 127 ''; 128 129}