153 lines
4.5 KiB
Nix
153 lines
4.5 KiB
Nix
{ system ? builtins.currentSystem, pkgs ? import <nixpkgs> { inherit system; } }:
|
|
with import ./base.nix { inherit system; };
|
|
let
|
|
domain = "my.zyx";
|
|
|
|
redisPod = pkgs.writeText "redis-pod.json" (builtins.toJSON {
|
|
kind = "Pod";
|
|
apiVersion = "v1";
|
|
metadata.name = "redis";
|
|
metadata.labels.name = "redis";
|
|
spec.containers = [{
|
|
name = "redis";
|
|
image = "redis";
|
|
args = ["--bind" "0.0.0.0"];
|
|
imagePullPolicy = "Never";
|
|
ports = [{
|
|
name = "redis-server";
|
|
containerPort = 6379;
|
|
}];
|
|
}];
|
|
});
|
|
|
|
redisService = pkgs.writeText "redis-service.json" (builtins.toJSON {
|
|
kind = "Service";
|
|
apiVersion = "v1";
|
|
metadata.name = "redis";
|
|
spec = {
|
|
ports = [{port = 6379; targetPort = 6379;}];
|
|
selector = {name = "redis";};
|
|
};
|
|
});
|
|
|
|
redisImage = pkgs.dockerTools.buildImage {
|
|
name = "redis";
|
|
tag = "latest";
|
|
contents = [ pkgs.redis pkgs.bind.host ];
|
|
config.Entrypoint = "/bin/redis-server";
|
|
};
|
|
|
|
probePod = pkgs.writeText "probe-pod.json" (builtins.toJSON {
|
|
kind = "Pod";
|
|
apiVersion = "v1";
|
|
metadata.name = "probe";
|
|
metadata.labels.name = "probe";
|
|
spec.containers = [{
|
|
name = "probe";
|
|
image = "probe";
|
|
args = [ "-f" ];
|
|
tty = true;
|
|
imagePullPolicy = "Never";
|
|
}];
|
|
});
|
|
|
|
probeImage = pkgs.dockerTools.buildImage {
|
|
name = "probe";
|
|
tag = "latest";
|
|
contents = [ pkgs.bind.host pkgs.busybox ];
|
|
config.Entrypoint = "/bin/tail";
|
|
};
|
|
|
|
extraConfiguration = { config, pkgs, ... }: {
|
|
environment.systemPackages = [ pkgs.bind.host ];
|
|
# virtualisation.docker.extraOptions = "--dns=${config.services.kubernetes.addons.dns.clusterIp}";
|
|
services.dnsmasq.enable = true;
|
|
services.dnsmasq.servers = [
|
|
"/cluster.local/${config.services.kubernetes.addons.dns.clusterIp}#53"
|
|
];
|
|
};
|
|
|
|
base = {
|
|
name = "dns";
|
|
inherit domain extraConfiguration;
|
|
};
|
|
|
|
singleNodeTest = {
|
|
test = ''
|
|
# prepare machine1 for test
|
|
machine1.wait_until_succeeds("kubectl get node machine1.${domain} | grep -w Ready")
|
|
machine1.wait_until_succeeds(
|
|
"docker load < ${redisImage}"
|
|
)
|
|
machine1.wait_until_succeeds(
|
|
"kubectl create -f ${redisPod}"
|
|
)
|
|
machine1.wait_until_succeeds(
|
|
"kubectl create -f ${redisService}"
|
|
)
|
|
machine1.wait_until_succeeds(
|
|
"docker load < ${probeImage}"
|
|
)
|
|
machine1.wait_until_succeeds(
|
|
"kubectl create -f ${probePod}"
|
|
)
|
|
|
|
# check if pods are running
|
|
machine1.wait_until_succeeds("kubectl get pod redis | grep Running")
|
|
machine1.wait_until_succeeds("kubectl get pod probe | grep Running")
|
|
machine1.wait_until_succeeds("kubectl get pods -n kube-system | grep 'coredns.*1/1'")
|
|
|
|
# check dns on host (dnsmasq)
|
|
machine1.succeed("host redis.default.svc.cluster.local")
|
|
|
|
# check dns inside the container
|
|
machine1.succeed("kubectl exec -ti probe -- /bin/host redis.default.svc.cluster.local")
|
|
'';
|
|
};
|
|
|
|
multiNodeTest = {
|
|
test = ''
|
|
# Node token exchange
|
|
machine1.wait_until_succeeds(
|
|
"cp -f /var/lib/cfssl/apitoken.secret /tmp/shared/apitoken.secret"
|
|
)
|
|
machine2.wait_until_succeeds(
|
|
"cat /tmp/shared/apitoken.secret | nixos-kubernetes-node-join"
|
|
)
|
|
|
|
# prepare machines for test
|
|
machine1.wait_until_succeeds("kubectl get node machine2.${domain} | grep -w Ready")
|
|
machine2.wait_until_succeeds(
|
|
"docker load < ${redisImage}"
|
|
)
|
|
machine1.wait_until_succeeds(
|
|
"kubectl create -f ${redisPod}"
|
|
)
|
|
machine1.wait_until_succeeds(
|
|
"kubectl create -f ${redisService}"
|
|
)
|
|
machine2.wait_until_succeeds(
|
|
"docker load < ${probeImage}"
|
|
)
|
|
machine1.wait_until_succeeds(
|
|
"kubectl create -f ${probePod}"
|
|
)
|
|
|
|
# check if pods are running
|
|
machine1.wait_until_succeeds("kubectl get pod redis | grep Running")
|
|
machine1.wait_until_succeeds("kubectl get pod probe | grep Running")
|
|
machine1.wait_until_succeeds("kubectl get pods -n kube-system | grep 'coredns.*1/1'")
|
|
|
|
# check dns on hosts (dnsmasq)
|
|
machine1.succeed("host redis.default.svc.cluster.local")
|
|
machine2.succeed("host redis.default.svc.cluster.local")
|
|
|
|
# check dns inside the container
|
|
machine1.succeed("kubectl exec -ti probe -- /bin/host redis.default.svc.cluster.local")
|
|
'';
|
|
};
|
|
in {
|
|
singlenode = mkKubernetesSingleNodeTest (base // singleNodeTest);
|
|
multinode = mkKubernetesMultiNodeTest (base // multiNodeTest);
|
|
}
|