2016-12-06 00:11:49 +01:00
|
|
|
# Test for NixOS' container support.
|
|
|
|
|
|
|
|
|
|
let
|
|
|
|
|
# containers IP on VLAN 1
|
|
|
|
|
containerIp1 = "192.168.1.253";
|
|
|
|
|
containerIp2 = "192.168.1.254";
|
|
|
|
|
in
|
|
|
|
|
|
2019-12-01 02:29:24 +01:00
|
|
|
import ./make-test-python.nix ({ pkgs, ...} : {
|
2016-12-06 00:11:49 +01:00
|
|
|
name = "containers-macvlans";
|
|
|
|
|
meta = with pkgs.stdenv.lib.maintainers; {
|
|
|
|
|
maintainers = [ montag451 ];
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
nodes = {
|
|
|
|
|
|
|
|
|
|
machine1 =
|
2018-07-20 20:56:59 +00:00
|
|
|
{ lib, ... }:
|
2016-12-06 00:11:49 +01:00
|
|
|
{
|
|
|
|
|
virtualisation.memorySize = 256;
|
|
|
|
|
virtualisation.vlans = [ 1 ];
|
|
|
|
|
|
|
|
|
|
# To be able to ping containers from the host, it is necessary
|
|
|
|
|
# to create a macvlan on the host on the VLAN 1 network.
|
|
|
|
|
networking.macvlans.mv-eth1-host = {
|
|
|
|
|
interface = "eth1";
|
|
|
|
|
mode = "bridge";
|
|
|
|
|
};
|
2017-12-03 05:14:54 +01:00
|
|
|
networking.interfaces.eth1.ipv4.addresses = lib.mkForce [];
|
2016-12-06 00:11:49 +01:00
|
|
|
networking.interfaces.mv-eth1-host = {
|
2017-12-03 05:14:54 +01:00
|
|
|
ipv4.addresses = [ { address = "192.168.1.1"; prefixLength = 24; } ];
|
2016-12-06 00:11:49 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
containers.test1 = {
|
|
|
|
|
autoStart = true;
|
|
|
|
|
macvlans = [ "eth1" ];
|
|
|
|
|
|
|
|
|
|
config = {
|
|
|
|
|
networking.interfaces.mv-eth1 = {
|
2017-12-03 05:14:54 +01:00
|
|
|
ipv4.addresses = [ { address = containerIp1; prefixLength = 24; } ];
|
2016-12-06 00:11:49 +01:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
containers.test2 = {
|
|
|
|
|
autoStart = true;
|
|
|
|
|
macvlans = [ "eth1" ];
|
|
|
|
|
|
|
|
|
|
config = {
|
|
|
|
|
networking.interfaces.mv-eth1 = {
|
2017-12-03 05:14:54 +01:00
|
|
|
ipv4.addresses = [ { address = containerIp2; prefixLength = 24; } ];
|
2016-12-06 00:11:49 +01:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
machine2 =
|
2018-07-20 20:56:59 +00:00
|
|
|
{ ... }:
|
2016-12-06 00:11:49 +01:00
|
|
|
{
|
|
|
|
|
virtualisation.memorySize = 256;
|
|
|
|
|
virtualisation.vlans = [ 1 ];
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
testScript = ''
|
2019-12-01 02:29:24 +01:00
|
|
|
start_all()
|
|
|
|
|
machine1.wait_for_unit("default.target")
|
|
|
|
|
machine2.wait_for_unit("default.target")
|
2016-12-06 00:11:49 +01:00
|
|
|
|
2019-12-01 02:29:24 +01:00
|
|
|
with subtest(
|
|
|
|
|
"Ping between containers to check that macvlans are created in bridge mode"
|
|
|
|
|
):
|
|
|
|
|
machine1.succeed("nixos-container run test1 -- ping -n -c 1 ${containerIp2}")
|
2016-12-06 00:11:49 +01:00
|
|
|
|
2019-12-01 02:29:24 +01:00
|
|
|
with subtest("Ping containers from the host (machine1)"):
|
|
|
|
|
machine1.succeed("ping -n -c 1 ${containerIp1}")
|
|
|
|
|
machine1.succeed("ping -n -c 1 ${containerIp2}")
|
2016-12-06 00:11:49 +01:00
|
|
|
|
2019-12-01 02:29:24 +01:00
|
|
|
with subtest(
|
|
|
|
|
"Ping containers from the second machine to check that containers are reachable from the outside"
|
|
|
|
|
):
|
|
|
|
|
machine2.succeed("ping -n -c 1 ${containerIp1}")
|
|
|
|
|
machine2.succeed("ping -n -c 1 ${containerIp2}")
|
2016-12-06 00:11:49 +01:00
|
|
|
'';
|
|
|
|
|
})
|
