suzanne.soy/nixpkgs
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity

nixosTests.kubernetes: port tests to python

Browse Source
This commit is contained in:
Nikolaj Hey Hinnerskov 2020-05-14 15:14:02 +02:00
parent dc3440f93a
commit 496bd1c706
3 changed files with 98 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
nixos/tests/kubernetes/base.nix
View File

@ -3,7 +3,7 @@
pkgs ? import ../../.. { inherit system config; } pkgs ? import ../../.. { inherit system config; }
}: }:
with import ../../lib/testing.nix { inherit system pkgs; }; with import ../../lib/testing-python.nix { inherit system pkgs; };
with pkgs.lib; with pkgs.lib;
let let
@ -75,10 +75,8 @@ let
) machines; ) machines;
testScript = '' testScript = ''
startAll; start_all()
'' + test;
${test}
'';
}; };
mkKubernetesMultiNodeTest = attrs: mkKubernetesBaseTest ({ mkKubernetesMultiNodeTest = attrs: mkKubernetesBaseTest ({

74
nixos/tests/kubernetes/dns.nix
View File

@ -75,51 +75,75 @@ let
singleNodeTest = { singleNodeTest = {
test = '' test = ''
# prepare machine1 for test # prepare machine1 for test
$machine1->waitUntilSucceeds("kubectl get node machine1.${domain} | grep -w Ready"); machine1.wait_until_succeeds("kubectl get node machine1.${domain} | grep -w Ready")
$machine1->waitUntilSucceeds("docker load < ${redisImage}"); machine1.wait_until_succeeds(
$machine1->waitUntilSucceeds("kubectl create -f ${redisPod}"); "docker load < ${redisImage}"
$machine1->waitUntilSucceeds("kubectl create -f ${redisService}"); )
$machine1->waitUntilSucceeds("docker load < ${probeImage}"); machine1.wait_until_succeeds(
$machine1->waitUntilSucceeds("kubectl create -f ${probePod}"); "kubectl create -f ${redisPod}"
)
machine1.wait_until_succeeds(
"kubectl create -f ${redisService}"
)
machine1.wait_until_succeeds(
"docker load < ${probeImage}"
)
machine1.wait_until_succeeds(
"kubectl create -f ${probePod}"
)
# check if pods are running # check if pods are running
$machine1->waitUntilSucceeds("kubectl get pod redis | grep Running"); machine1.wait_until_succeeds("kubectl get pod redis | grep Running")
$machine1->waitUntilSucceeds("kubectl get pod probe | grep Running"); machine1.wait_until_succeeds("kubectl get pod probe | grep Running")
$machine1->waitUntilSucceeds("kubectl get pods -n kube-system | grep 'coredns.*1/1'"); machine1.wait_until_succeeds("kubectl get pods -n kube-system | grep 'coredns.*1/1'")
# check dns on host (dnsmasq) # check dns on host (dnsmasq)
$machine1->succeed("host redis.default.svc.cluster.local"); machine1.succeed("host redis.default.svc.cluster.local")
# check dns inside the container # check dns inside the container
$machine1->succeed("kubectl exec -ti probe -- /bin/host redis.default.svc.cluster.local"); machine1.succeed("kubectl exec -ti probe -- /bin/host redis.default.svc.cluster.local")
''; '';
}; };
multiNodeTest = { multiNodeTest = {
test = '' test = ''
# Node token exchange # Node token exchange
$machine1->waitUntilSucceeds("cp -f /var/lib/cfssl/apitoken.secret /tmp/shared/apitoken.secret"); machine1.wait_until_succeeds(
$machine2->waitUntilSucceeds("cat /tmp/shared/apitoken.secret | nixos-kubernetes-node-join"); "cp -f /var/lib/cfssl/apitoken.secret /tmp/shared/apitoken.secret"
)
machine2.wait_until_succeeds(
"cat /tmp/shared/apitoken.secret | nixos-kubernetes-node-join"
)
# prepare machines for test # prepare machines for test
$machine1->waitUntilSucceeds("kubectl get node machine2.${domain} | grep -w Ready"); machine1.wait_until_succeeds("kubectl get node machine2.${domain} | grep -w Ready")
$machine2->waitUntilSucceeds("docker load < ${redisImage}"); machine2.wait_until_succeeds(
$machine1->waitUntilSucceeds("kubectl create -f ${redisPod}"); "docker load < ${redisImage}"
$machine1->waitUntilSucceeds("kubectl create -f ${redisService}"); )
$machine2->waitUntilSucceeds("docker load < ${probeImage}"); machine1.wait_until_succeeds(
$machine1->waitUntilSucceeds("kubectl create -f ${probePod}"); "kubectl create -f ${redisPod}"
)
machine1.wait_until_succeeds(
"kubectl create -f ${redisService}"
)
machine2.wait_until_succeeds(
"docker load < ${probeImage}"
)
machine1.wait_until_succeeds(
"kubectl create -f ${probePod}"
)
# check if pods are running # check if pods are running
$machine1->waitUntilSucceeds("kubectl get pod redis | grep Running"); machine1.wait_until_succeeds("kubectl get pod redis | grep Running")
$machine1->waitUntilSucceeds("kubectl get pod probe | grep Running"); machine1.wait_until_succeeds("kubectl get pod probe | grep Running")
$machine1->waitUntilSucceeds("kubectl get pods -n kube-system | grep 'coredns.*1/1'"); machine1.wait_until_succeeds("kubectl get pods -n kube-system | grep 'coredns.*1/1'")
# check dns on hosts (dnsmasq) # check dns on hosts (dnsmasq)
$machine1->succeed("host redis.default.svc.cluster.local"); machine1.succeed("host redis.default.svc.cluster.local")
$machine2->succeed("host redis.default.svc.cluster.local"); machine2.succeed("host redis.default.svc.cluster.local")
# check dns inside the container # check dns inside the container
$machine1->succeed("kubectl exec -ti probe -- /bin/host redis.default.svc.cluster.local"); machine1.succeed("kubectl exec -ti probe -- /bin/host redis.default.svc.cluster.local")
''; '';
}; };
in { in {

68
nixos/tests/kubernetes/rbac.nix
View File

@ -94,43 +94,67 @@ let
singlenode = base // { singlenode = base // {
test = '' test = ''
$machine1->waitUntilSucceeds("kubectl get node machine1.my.zyx | grep -w Ready"); machine1.wait_until_succeeds("kubectl get node machine1.my.zyx | grep -w Ready")
$machine1->waitUntilSucceeds("docker load < ${kubectlImage}"); machine1.wait_until_succeeds(
"docker load < ${kubectlImage}"
)
$machine1->waitUntilSucceeds("kubectl apply -f ${roServiceAccount}"); machine1.wait_until_succeeds(
$machine1->waitUntilSucceeds("kubectl apply -f ${roRole}"); "kubectl apply -f ${roServiceAccount}"
$machine1->waitUntilSucceeds("kubectl apply -f ${roRoleBinding}"); )
$machine1->waitUntilSucceeds("kubectl create -f ${kubectlPod}"); machine1.wait_until_succeeds(
"kubectl apply -f ${roRole}"
)
machine1.wait_until_succeeds(
"kubectl apply -f ${roRoleBinding}"
)
machine1.wait_until_succeeds(
"kubectl create -f ${kubectlPod}"
)
$machine1->waitUntilSucceeds("kubectl get pod kubectl | grep Running"); machine1.wait_until_succeeds("kubectl get pod kubectl | grep Running")
$machine1->waitUntilSucceeds("kubectl exec -ti kubectl -- kubectl get pods"); machine1.wait_until_succeeds("kubectl exec -ti kubectl -- kubectl get pods")
$machine1->fail("kubectl exec -ti kubectl -- kubectl create -f /kubectl-pod-2.json"); machine1.fail("kubectl exec -ti kubectl -- kubectl create -f /kubectl-pod-2.json")
$machine1->fail("kubectl exec -ti kubectl -- kubectl delete pods -l name=kubectl"); machine1.fail("kubectl exec -ti kubectl -- kubectl delete pods -l name=kubectl")
''; '';
}; };
multinode = base // { multinode = base // {
test = '' test = ''
# Node token exchange # Node token exchange
$machine1->waitUntilSucceeds("cp -f /var/lib/cfssl/apitoken.secret /tmp/shared/apitoken.secret"); machine1.wait_until_succeeds(
$machine2->waitUntilSucceeds("cat /tmp/shared/apitoken.secret | nixos-kubernetes-node-join"); "cp -f /var/lib/cfssl/apitoken.secret /tmp/shared/apitoken.secret"
)
machine2.wait_until_succeeds(
"cat /tmp/shared/apitoken.secret | nixos-kubernetes-node-join"
)
$machine1->waitUntilSucceeds("kubectl get node machine2.my.zyx | grep -w Ready"); machine1.wait_until_succeeds("kubectl get node machine2.my.zyx | grep -w Ready")
$machine2->waitUntilSucceeds("docker load < ${kubectlImage}"); machine2.wait_until_succeeds(
"docker load < ${kubectlImage}"
)
$machine1->waitUntilSucceeds("kubectl apply -f ${roServiceAccount}"); machine1.wait_until_succeeds(
$machine1->waitUntilSucceeds("kubectl apply -f ${roRole}"); "kubectl apply -f ${roServiceAccount}"
$machine1->waitUntilSucceeds("kubectl apply -f ${roRoleBinding}"); )
$machine1->waitUntilSucceeds("kubectl create -f ${kubectlPod}"); machine1.wait_until_succeeds(
"kubectl apply -f ${roRole}"
)
machine1.wait_until_succeeds(
"kubectl apply -f ${roRoleBinding}"
)
machine1.wait_until_succeeds(
"kubectl create -f ${kubectlPod}"
)
$machine1->waitUntilSucceeds("kubectl get pod kubectl | grep Running"); machine1.wait_until_succeeds("kubectl get pod kubectl | grep Running")
$machine1->waitUntilSucceeds("kubectl exec -ti kubectl -- kubectl get pods"); machine1.wait_until_succeeds("kubectl exec -ti kubectl -- kubectl get pods")
$machine1->fail("kubectl exec -ti kubectl -- kubectl create -f /kubectl-pod-2.json"); machine1.fail("kubectl exec -ti kubectl -- kubectl create -f /kubectl-pod-2.json")
$machine1->fail("kubectl exec -ti kubectl -- kubectl delete pods -l name=kubectl"); machine1.fail("kubectl exec -ti kubectl -- kubectl delete pods -l name=kubectl")
''; '';
}; };