kubenix/modules/testing/runtime/nixos-k8s.nix

# nixos-k8s implements nixos kubernetes testing runtime

{ nixosPath
, config
, pkgs
, lib
, system ? "x86_64-linux"
, ...
}:

with lib;

let
  testing = config.testing;
  kubeconfig = "/etc/${config.services.kubernetes.pki.etcClusterAdminKubeconfig}";

  # how we differ from the standard configuration of mkKubernetesBaseTest
  extraConfiguration = { config, pkgs, lib, nodes, ... }: {
    virtualisation.memorySize = mkDefault 2048;
    networking = {
      nameservers = [ "10.0.0.254" ];
      firewall = {
        trustedInterfaces = [ "docker0" "cni0" ];
      };
    };
    services.kubernetes = {
      seedDockerImages = mkIf (elem "docker" config._m.features) config.docker.export;
      flannel.enable = false;
      kubelet = {
        networkPlugin = "cni";
        cni.config = [{
          name = "mynet";
          type = "bridge";
          bridge = "cni0";
          addIf = true;
          ipMasq = true;
          isGateway = true;
          ipam = {
            type = "host-local";
            subnet = "10.1.0.0/16";
            gateway = "10.1.0.1";
            routes = [{
              dst = "0.0.0.0/0";
            }];
          };
        }];
      };
      systemd.extraConfig = "DefaultLimitNOFILE=1048576";
      systemd.services.copy-certs = {
        description = "Share k8s certificates with host";
        script = "cp -rf /var/lib/kubernetes/secrets /tmp/xchg/";
        after = [ "kubernetes.target" ];
        wantedBy = [ "multi-user.target" ];
        serviceConfig = {
          Type = "oneshot";
          RemainAfterExit = true;
        };
      };
    };
  };

  script = ''
    machine1.succeed("${testing.testScript} --kube-config=${kubeconfig}")
  '';

  test =
    with import "${nixosPath}/tests/kubernetes/base.nix" { inherit pkgs system; };
    mkKubernetesSingleNodeTest {
      inherit extraConfiguration;
      inherit (config) name;
      test = script;
    };


in
{
  options = {
    runtime.nixos-k8s = {
      driver = mkOption {
        description = "Test driver";
        type = types.package;
        internal = true;
      };
    };
  };

  runtime.nixos-k8s.driver = test.driver;
}