2020-04-05 21:25:34 +07:00
|
|
|
# nixos-k8s implements nixos kubernetes testing runtime
|
2023-07-07 22:01:34 -04:00
|
|
|
{ config, pkgs, lib, ... }:
|
2022-04-02 12:40:35 -07:00
|
|
|
with lib; let
|
2022-04-02 13:43:57 -07:00
|
|
|
inherit (config) testing;
|
2021-05-13 20:35:56 -04:00
|
|
|
# kubeconfig = "/etc/${config.services.kubernetes.pki.etcClusterAdminKubeconfig}";
|
|
|
|
|
kubeconfig = "/etc/kubernetes/cluster-admin.kubeconfig";
|
|
|
|
|
kubecerts = "/var/lib/kubernetes/secrets";
|
2021-05-12 22:34:05 -04:00
|
|
|
|
|
|
|
|
# how we differ from the standard configuration of mkKubernetesBaseTest
|
2023-07-07 22:01:34 -04:00
|
|
|
extraConfiguration = { config, ... }: {
|
2021-05-13 20:35:56 -04:00
|
|
|
virtualisation = {
|
|
|
|
|
memorySize = 2048;
|
|
|
|
|
};
|
|
|
|
|
|
2021-05-12 22:34:05 -04:00
|
|
|
networking = {
|
2023-07-07 22:01:34 -04:00
|
|
|
nameservers = [ "10.0.0.254" ];
|
2021-05-12 22:34:05 -04:00
|
|
|
firewall = {
|
2023-07-07 22:01:34 -04:00
|
|
|
trustedInterfaces = [ "docker0" "cni0" ];
|
2021-05-12 22:34:05 -04:00
|
|
|
};
|
|
|
|
|
};
|
2021-05-13 20:35:56 -04:00
|
|
|
|
2021-05-12 22:34:05 -04:00
|
|
|
services.kubernetes = {
|
|
|
|
|
flannel.enable = false;
|
|
|
|
|
kubelet = {
|
2021-05-13 20:35:56 -04:00
|
|
|
seedDockerImages = testing.docker.images;
|
2021-05-12 22:34:05 -04:00
|
|
|
networkPlugin = "cni";
|
2023-07-07 22:01:34 -04:00
|
|
|
cni.config = [{
|
|
|
|
|
name = "mynet";
|
|
|
|
|
type = "bridge";
|
|
|
|
|
bridge = "cni0";
|
|
|
|
|
addIf = true;
|
|
|
|
|
ipMasq = true;
|
|
|
|
|
isGateway = true;
|
|
|
|
|
ipam = {
|
|
|
|
|
type = "host-local";
|
|
|
|
|
subnet = "10.1.0.0/16";
|
|
|
|
|
gateway = "10.1.0.1";
|
|
|
|
|
routes = [{
|
|
|
|
|
dst = "0.0.0.0/0";
|
|
|
|
|
}];
|
|
|
|
|
};
|
|
|
|
|
}];
|
2021-05-13 01:18:12 -07:00
|
|
|
};
|
2021-05-13 20:35:56 -04:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
systemd = {
|
|
|
|
|
extraConfig = "DefaultLimitNOFILE=1048576";
|
|
|
|
|
# Host tools should have a chance to access guest's kube api
|
|
|
|
|
services.copy-certs = {
|
2021-05-13 01:18:12 -07:00
|
|
|
description = "Share k8s certificates with host";
|
2021-05-13 20:35:56 -04:00
|
|
|
script = "cp -rf ${kubecerts} /tmp/xchg/; cp -f ${kubeconfig} /tmp/xchg/;";
|
2023-07-07 22:01:34 -04:00
|
|
|
after = [ "kubernetes.target" ];
|
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
2021-05-13 01:18:12 -07:00
|
|
|
serviceConfig = {
|
|
|
|
|
Type = "oneshot";
|
|
|
|
|
RemainAfterExit = true;
|
|
|
|
|
};
|
2020-04-05 21:25:34 +07:00
|
|
|
};
|
2021-05-12 22:34:05 -04:00
|
|
|
};
|
|
|
|
|
};
|
2020-04-05 21:25:34 +07:00
|
|
|
|
2021-05-12 22:34:05 -04:00
|
|
|
script = ''
|
|
|
|
|
machine1.succeed("${testing.testScript} --kube-config=${kubeconfig}")
|
|
|
|
|
'';
|
2020-04-05 21:25:34 +07:00
|
|
|
|
2023-07-07 22:01:34 -04:00
|
|
|
test = with import "${pkgs.path}/nixos/tests/kubernetes/base.nix"
|
|
|
|
|
{
|
|
|
|
|
inherit pkgs;
|
|
|
|
|
inherit (pkgs) system;
|
|
|
|
|
};
|
2021-05-12 22:34:05 -04:00
|
|
|
mkKubernetesSingleNodeTest {
|
|
|
|
|
inherit extraConfiguration;
|
2021-05-13 20:35:56 -04:00
|
|
|
inherit (config.testing) name;
|
2021-05-12 22:34:05 -04:00
|
|
|
test = script;
|
2020-04-05 21:25:34 +07:00
|
|
|
};
|
2023-07-07 22:01:34 -04:00
|
|
|
in
|
|
|
|
|
{
|
2021-05-13 20:35:56 -04:00
|
|
|
options.testing.runtime.nixos-k8s = {
|
|
|
|
|
driver = mkOption {
|
|
|
|
|
description = "Test driver";
|
|
|
|
|
type = types.package;
|
|
|
|
|
internal = true;
|
2020-04-05 21:25:34 +07:00
|
|
|
};
|
|
|
|
|
};
|
2021-05-12 22:34:05 -04:00
|
|
|
|
2021-05-13 20:35:56 -04:00
|
|
|
config.testing.runtime.nixos-k8s.driver = test.driver;
|
2020-04-05 21:25:34 +07:00
|
|
|
}
|
