philipp/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Activity

containers: Add more tests for ipv6 and hostbridge

Browse source 
A testcase each for
- declarative ipv6-only container
  Seems odd to define the container IPs with their prefix length attached.
  There should be a better way…
- declarative bridged container

Also fix the ping test by waiting for the container to start

When the ping was executed, the container might not have finished starting. Or
the host-side of the container wasn't finished with config. Waiting for
2 seconds in between fixes this.
This commit is contained in:
Arnold Krille 2016-01-31 21:45:05 +01:00
parent aa46904490
commit 3b31c52d4b
4 changed files with 148 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
nixos/release.nix
View file

@ -200,6 +200,8 @@ in rec {
tests.chromium = callSubTests tests/chromium.nix {};
tests.cjdns = callTest tests/cjdns.nix {};
tests.containers = callTest tests/containers.nix {};
tests.containers-ipv6 = callTest tests/containers-ipv6.nix {};
tests.containers-bridge = callTest tests/containers-bridge.nix {};
tests.docker = hydraJob (import tests/docker.nix { system = "x86_64-linux"; });
tests.dockerRegistry = hydraJob (import tests/docker-registry.nix { system = "x86_64-linux"; });
tests.dnscrypt-proxy = callTest tests/dnscrypt-proxy.nix { system = "x86_64-linux"; };

81
nixos/tests/containers-bridge.nix Normal file
View file

@ -0,0 +1,81 @@
# Test for NixOS' container support.
let
hostIp = "192.168.0.1";
containerIp = "192.168.0.100/24";
hostIp6 = "fc00::1";
containerIp6 = "fc00::2/7";
in
import ./make-test.nix ({ pkgs, ...} : {
name = "containers-bridge";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ aristid aszlig eelco chaoflow ];
};
machine =
{ config, pkgs, ... }:
{ imports = [ ../modules/installer/cd-dvd/channel.nix ];
virtualisation.writableStore = true;
virtualisation.memorySize = 768;
networking.bridges = {
br0 = {
interfaces = [];
};
};
networking.interfaces = {
br0 = {
ip4 = [{ address = hostIp; prefixLength = 24; }];
ip6 = [{ address = hostIp6; prefixLength = 7; }];
};
};
containers.webserver =
{
autoStart = true;
privateNetwork = true;
hostBridge = "br0";
localAddress = containerIp;
localAddress6 = containerIp6;
config =
{ services.httpd.enable = true;
services.httpd.adminAddr = "foo@example.org";
networking.firewall.allowedTCPPorts = [ 80 ];
networking.firewall.allowPing = true;
};
};
virtualisation.pathsInNixDB = [ pkgs.stdenv ];
};
testScript =
''
$machine->waitForUnit("default.target");
$machine->succeed("nixos-container list") =~ /webserver/ or die;
# Start the webserver container.
$machine->succeed("nixos-container status webserver") =~ /up/ or die;
"${containerIp}" =~ /([^\/]+)\/([0-9+])/;
my $ip = $1;
chomp $ip;
$machine->succeed("ping -n -c 1 $ip");
$machine->succeed("curl --fail http://$ip/ > /dev/null");
"${containerIp6}" =~ /([^\/]+)\/([0-9+])/;
my $ip6 = $1;
chomp $ip6;
$machine->succeed("ping6 -n -c 1 $ip6");
$machine->succeed("curl --fail http://[$ip6]/ > /dev/null");
# Stop the container.
$machine->succeed("nixos-container stop webserver");
$machine->fail("curl --fail --connect-timeout 2 http://$ip/ > /dev/null");
$machine->fail("curl --fail --connect-timeout 2 http://[$ip6]/ > /dev/null");
# Destroying a declarative container should fail.
$machine->fail("nixos-container destroy webserver");
'';
})

61
nixos/tests/containers-ipv6.nix Normal file
View file

@ -0,0 +1,61 @@
# Test for NixOS' container support.
let
hostIp = "fc00::2";
localIp = "fc00::1";
in
import ./make-test.nix ({ pkgs, ...} : {
name = "containers-ipv6";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ aristid aszlig eelco chaoflow ];
};
machine =
{ config, pkgs, ... }:
{ imports = [ ../modules/installer/cd-dvd/channel.nix ];
virtualisation.writableStore = true;
virtualisation.memorySize = 768;
containers.webserver =
{ privateNetwork = true;
hostAddress6 = hostIp;
localAddress6 = localIp;
config =
{ services.httpd.enable = true;
services.httpd.adminAddr = "foo@example.org";
networking.firewall.allowedTCPPorts = [ 80 ];
networking.firewall.allowPing = true;
};
};
virtualisation.pathsInNixDB = [ pkgs.stdenv ];
};
testScript =
''
$machine->waitForUnit("default.target");
$machine->succeed("nixos-container list") =~ /webserver/ or die;
# Start the webserver container.
$machine->succeed("nixos-container start webserver");
# wait two seconds for the container to start and the network to be up
sleep 2;
# Since "start" returns after the container has reached
# multi-user.target, we should now be able to access it.
my $ip = "${localIp}";
chomp $ip;
$machine->succeed("ping6 -n -c 1 $ip");
$machine->succeed("curl --fail http://[$ip]/ > /dev/null");
# Stop the container.
$machine->succeed("nixos-container stop webserver");
$machine->fail("curl --fail --connect-timeout 2 http://[$ip]/ > /dev/null");
# Destroying a declarative container should fail.
$machine->fail("nixos-container destroy webserver");
'';
})

5
nixos/tests/containers.nix
View file

@ -34,11 +34,14 @@ import ./make-test.nix ({ pkgs, ...} : {
# Start the webserver container.
$machine->succeed("nixos-container start webserver");
# wait two seconds for the container to start and the network to be up
sleep 2;
# Since "start" returns after the container has reached
# multi-user.target, we should now be able to access it.
my $ip = $machine->succeed("nixos-container show-ip webserver");
chomp $ip;
#$machine->succeed("ping -c1 $ip"); # FIXME
$machine->succeed("ping -n -c1 $ip");
$machine->succeed("curl --fail http://$ip/ > /dev/null");
# Stop the container.