blob: ab56b75c02e4e75ea8277905f2d74124341d6162 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
|
import ./make-test-python.nix ({ pkgs, ...} :
let
# Since we don't have access to the internet during the tests, we have to
# pre-fetch lxd containers beforehand.
#
# I've chosen to import Alpine Linux, because its image is turbo-tiny and,
# generally, sufficient for our tests.
alpine-meta = pkgs.fetchurl {
url = "https://tarballs.nixos.org/alpine/3.12/lxd.tar.xz";
hash = "sha256-1tcKaO9lOkvqfmG/7FMbfAEToAuFy2YMewS8ysBKuLA=";
};
alpine-rootfs = pkgs.fetchurl {
url = "https://tarballs.nixos.org/alpine/3.12/rootfs.tar.xz";
hash = "sha256-Tba9sSoaiMtQLY45u7p5DMqXTSDgs/763L/SQp0bkCA=";
};
lxd-config = pkgs.writeText "config.yaml" ''
storage_pools:
- name: default
driver: dir
config:
source: /var/lxd-pool
networks:
- name: lxdbr0
type: bridge
config:
ipv4.address: auto
ipv6.address: none
profiles:
- name: default
devices:
eth0:
name: eth0
network: lxdbr0
type: nic
root:
path: /
pool: default
type: disk
'';
in {
name = "lxd";
meta = with pkgs.lib.maintainers; {
maintainers = [ patryk27 ];
};
machine = { lib, ... }: {
virtualisation = {
# Since we're testing `limits.cpu`, we've gotta have a known number of
# cores to lean on
cores = 2;
# Ditto, for `limits.memory`
memorySize = 512;
lxc.lxcfs.enable = true;
lxd.enable = true;
};
};
testScript = ''
machine.wait_for_unit("sockets.target")
machine.wait_for_unit("lxd.service")
machine.wait_for_file("/var/lib/lxd/unix.socket")
# It takes additional second for lxd to settle
machine.sleep(1)
# lxd expects the pool's directory to already exist
machine.succeed("mkdir /var/lxd-pool")
machine.succeed(
"cat ${lxd-config} | lxd init --preseed"
)
machine.succeed(
"lxc image import ${alpine-meta} ${alpine-rootfs} --alias alpine"
)
with subtest("Containers can be launched and destroyed"):
machine.succeed("lxc launch alpine test")
machine.succeed("lxc exec test true")
machine.succeed("lxc delete -f test")
with subtest("Containers are being mounted with lxcfs inside"):
machine.succeed("lxc launch alpine test")
## ---------- ##
## limits.cpu ##
machine.succeed("lxc config set test limits.cpu 1")
# Since Alpine doesn't have `nproc` pre-installed, we've gotta resort
# to the primal methods
assert (
"1"
== machine.succeed("lxc exec test grep -- -c ^processor /proc/cpuinfo").strip()
)
machine.succeed("lxc config set test limits.cpu 2")
assert (
"2"
== machine.succeed("lxc exec test grep -- -c ^processor /proc/cpuinfo").strip()
)
## ------------- ##
## limits.memory ##
machine.succeed("lxc config set test limits.memory 64MB")
assert (
"MemTotal: 62500 kB"
== machine.succeed("lxc exec test grep -- MemTotal /proc/meminfo").strip()
)
machine.succeed("lxc config set test limits.memory 128MB")
assert (
"MemTotal: 125000 kB"
== machine.succeed("lxc exec test grep -- MemTotal /proc/meminfo").strip()
)
machine.succeed("lxc delete -f test")
with subtest("Unless explicitly changed, lxd leans on iptables"):
machine.succeed("lsmod | grep ip_tables")
machine.fail("lsmod | grep nf_tables")
'';
})
|