jolheiser/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #295443 from ck3d/machinectl-routable

Browse Source 
nixos.test.machinectl: add routable network and shared store
This commit is contained in:
Christian Kögler 2024-03-14 22:46:14 +01:00 committed by GitHub
commit f56c78f50a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 38 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
nixos/tests/systemd-machinectl.nix
View File

@ -42,8 +42,18 @@ import ./make-test-python.nix ({ pkgs, ... }:
virtualisation.additionalPaths = [ containerSystem ]; virtualisation.additionalPaths = [ containerSystem ];
# not needed, but we want to test the nspawn file generation systemd.tmpfiles.rules = [
systemd.nspawn.${containerName} = { }; "d /var/lib/machines/shared-decl 0755 root root - -"
];
systemd.nspawn.shared-decl = {
execConfig = {
Boot = false;
Parameters = "${containerSystem}/init";
};
filesConfig = {
BindReadOnly = "/nix/store";
};
};
systemd.services."systemd-nspawn@${containerName}" = { systemd.services."systemd-nspawn@${containerName}" = {
serviceConfig.Environment = [ serviceConfig.Environment = [
@ -52,14 +62,33 @@ import ./make-test-python.nix ({ pkgs, ... }:
]; ];
overrideStrategy = "asDropin"; overrideStrategy = "asDropin";
}; };
# open DHCP for container
networking.firewall.extraCommands = ''
${pkgs.iptables}/bin/iptables -A nixos-fw -i ve-+ -p udp -m udp --dport 67 -j nixos-fw-accept
'';
}; };
testScript = '' testScript = ''
start_all() start_all()
machine.wait_for_unit("default.target"); machine.wait_for_unit("default.target");
# Install container # Test machinectl start stop of shared-decl
machine.succeed("machinectl start shared-decl");
machine.wait_until_succeeds("systemctl -M shared-decl is-active default.target");
machine.succeed("machinectl stop shared-decl");
# create containers root
machine.succeed("mkdir -p ${containerRoot}"); machine.succeed("mkdir -p ${containerRoot}");
# start container with shared nix store by using same arguments as for systemd-nspawn@.service
machine.succeed("systemd-run systemd-nspawn --machine=${containerName} --network-veth -U --bind-ro=/nix/store ${containerSystem}/init")
machine.wait_until_succeeds("systemctl -M ${containerName} is-active default.target");
# Test machinectl stop
machine.succeed("machinectl stop ${containerName}");
# Install container
# Workaround for nixos-install # Workaround for nixos-install
machine.succeed("chmod o+rx /var/lib/machines"); machine.succeed("chmod o+rx /var/lib/machines");
machine.succeed("nixos-install --root ${containerRoot} --system ${containerSystem} --no-channel-copy --no-root-passwd"); machine.succeed("nixos-install --root ${containerRoot} --system ${containerSystem} --no-channel-copy --no-root-passwd");
@ -77,6 +106,12 @@ import ./make-test-python.nix ({ pkgs, ... }:
# Test nss_mymachines via nscd # Test nss_mymachines via nscd
machine.succeed("getent hosts ${containerName}"); machine.succeed("getent hosts ${containerName}");
# Test systemd-nspawn network configuration to container
machine.succeed("networkctl --json=short status ve-${containerName} | ${pkgs.jq}/bin/jq -e '.OperationalState == \"routable\"'");
# Test systemd-nspawn network configuration to host
machine.succeed("machinectl shell ${containerName} /run/current-system/sw/bin/networkctl --json=short status host0 | ${pkgs.jq}/bin/jq -r '.OperationalState == \"routable\"'");
# Test systemd-nspawn network configuration # Test systemd-nspawn network configuration
machine.succeed("ping -n -c 1 ${containerName}"); machine.succeed("ping -n -c 1 ${containerName}");