nixpkgs/nixos/tests/lxd/container.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132

import ../make-test-python.nix ({ pkgs, lib, ... } :

let
  releases = import ../../release.nix {
    configuration = {
      # Building documentation makes the test unnecessarily take a longer time:
      documentation.enable = lib.mkForce false;

      # Our tests require `grep` & friends:
      environment.systemPackages = with pkgs; [ busybox ];
    };
  };

  lxd-image-metadata = releases.lxdContainerMeta.${pkgs.stdenv.hostPlatform.system};
  lxd-image-rootfs = releases.lxdContainerImage.${pkgs.stdenv.hostPlatform.system};
  lxd-image-rootfs-squashfs = releases.lxdContainerImageSquashfs.${pkgs.stdenv.hostPlatform.system};

in {
  name = "lxd-container";

  meta = {
    maintainers = lib.teams.lxc.members;
  };

  nodes.machine = { lib, ... }: {
    virtualisation = {
      diskSize = 6144;

      # Since we're testing `limits.cpu`, we've gotta have a known number of
      # cores to lean on
      cores = 2;

      # Ditto, for `limits.memory`
      memorySize = 512;

      lxc.lxcfs.enable = true;
      lxd.enable = true;
    };
  };

  testScript = ''
    def instance_is_up(_) -> bool:
      status, _ = machine.execute("lxc exec container --disable-stdin --force-interactive /run/current-system/sw/bin/true")
      return status == 0

    machine.wait_for_unit("sockets.target")
    machine.wait_for_unit("lxd.service")
    machine.wait_for_file("/var/lib/lxd/unix.socket")

    # Wait for lxd to settle
    machine.succeed("lxd waitready")

    # no preseed should mean no service
    machine.fail("systemctl status lxd-preseed.service")

    machine.succeed("lxd init --minimal")

    machine.succeed(
        "lxc image import ${lxd-image-metadata}/*/*.tar.xz ${lxd-image-rootfs}/*/*.tar.xz --alias nixos"
    )

    with subtest("Container can be managed"):
        machine.succeed("lxc launch nixos container")
        with machine.nested("Waiting for instance to start and be usable"):
          retry(instance_is_up)
        machine.succeed("echo true | lxc exec container /run/current-system/sw/bin/bash -")
        machine.succeed("lxc delete -f container")

    with subtest("Squashfs image is functional"):
        machine.succeed(
            "lxc image import ${lxd-image-metadata}/*/*.tar.xz ${lxd-image-rootfs-squashfs} --alias nixos-squashfs"
        )
        machine.succeed("lxc launch nixos-squashfs container")
        with machine.nested("Waiting for instance to start and be usable"):
          retry(instance_is_up)
        machine.succeed("echo true | lxc exec container /run/current-system/sw/bin/bash -")
        machine.succeed("lxc delete -f container")

    with subtest("Container is mounted with lxcfs inside"):
        machine.succeed("lxc launch nixos container")
        with machine.nested("Waiting for instance to start and be usable"):
            retry(instance_is_up)

        ## ---------- ##
        ## limits.cpu ##

        machine.succeed("lxc config set container limits.cpu 1")
        machine.succeed("lxc restart container")
        with machine.nested("Waiting for instance to start and be usable"):
            retry(instance_is_up)

        assert (
            "1"
            == machine.succeed("lxc exec container grep -- -c ^processor /proc/cpuinfo").strip()
        )

        machine.succeed("lxc config set container limits.cpu 2")
        machine.succeed("lxc restart container")
        with machine.nested("Waiting for instance to start and be usable"):
            retry(instance_is_up)

        assert (
            "2"
            == machine.succeed("lxc exec container grep -- -c ^processor /proc/cpuinfo").strip()
        )

        ## ------------- ##
        ## limits.memory ##

        machine.succeed("lxc config set container limits.memory 64MB")
        machine.succeed("lxc restart container")
        with machine.nested("Waiting for instance to start and be usable"):
            retry(instance_is_up)

        assert (
            "MemTotal:          62500 kB"
            == machine.succeed("lxc exec container grep -- MemTotal /proc/meminfo").strip()
        )

        machine.succeed("lxc config set container limits.memory 128MB")
        machine.succeed("lxc restart container")
        with machine.nested("Waiting for instance to start and be usable"):
            retry(instance_is_up)

        assert (
            "MemTotal:         125000 kB"
            == machine.succeed("lxc exec container grep -- MemTotal /proc/meminfo").strip()
        )

        machine.succeed("lxc delete -f container")
  '';
})