From 701fcd7982b6f7b6341598128f83c2c8f3444ef2 Mon Sep 17 00:00:00 2001 From: cmspam Date: Sun, 10 Mar 2024 23:48:22 +0900 Subject: [PATCH] nixos/incus: add openvswitch support 1. Added openvswitch integration to incus service. 2. Added tests to test openvswitch functionality with incus. --- nixos/modules/virtualisation/incus.nix | 13 ++++-- nixos/tests/incus/default.nix | 1 + nixos/tests/incus/openvswitch.nix | 65 ++++++++++++++++++++++++++ 3 files changed, 75 insertions(+), 4 deletions(-) create mode 100644 nixos/tests/incus/openvswitch.nix diff --git a/nixos/modules/virtualisation/incus.nix b/nixos/modules/virtualisation/incus.nix index a561c5682ae5..74217b2411ac 100644 --- a/nixos/modules/virtualisation/incus.nix +++ b/nixos/modules/virtualisation/incus.nix @@ -164,19 +164,24 @@ in "network-online.target" "lxcfs.service" "incus.socket" - ]; + ] + ++ lib.optional config.virtualisation.vswitch.enable "ovs-vswitchd.service"; + requires = [ "lxcfs.service" "incus.socket" - ]; + ] + ++ lib.optional config.virtualisation.vswitch.enable "ovs-vswitchd.service"; + wants = [ "network-online.target" ]; - path = lib.mkIf config.boot.zfs.enabled [ + path = lib.optional config.boot.zfs.enabled [ config.boot.zfs.package "${config.boot.zfs.package}/lib/udev" - ]; + ] + ++ lib.optional config.virtualisation.vswitch.enable config.virtualisation.vswitch.package; environment = lib.mkMerge [ { # Override Path to the LXC template configuration directory diff --git a/nixos/tests/incus/default.nix b/nixos/tests/incus/default.nix index ff36fe9d6730..474a621c5ce9 100644 --- a/nixos/tests/incus/default.nix +++ b/nixos/tests/incus/default.nix @@ -11,6 +11,7 @@ boot.initrd.systemd.enable = true; }; }; lxd-to-incus = import ./lxd-to-incus.nix { inherit system pkgs; }; + openvswitch = import ./openvswitch.nix { inherit system pkgs; }; preseed = import ./preseed.nix { inherit system pkgs; }; socket-activated = import ./socket-activated.nix { inherit system pkgs; }; ui = import ./ui.nix {inherit system pkgs;}; diff --git a/nixos/tests/incus/openvswitch.nix b/nixos/tests/incus/openvswitch.nix new file mode 100644 index 000000000000..5d4aef031ad0 --- /dev/null +++ b/nixos/tests/incus/openvswitch.nix @@ -0,0 +1,65 @@ +import ../make-test-python.nix ({ pkgs, lib, ... } : + +{ + name = "incus-openvswitch"; + + meta = { + maintainers = lib.teams.lxc.members; + }; + + nodes.machine = { lib, ... }: { + virtualisation = { + incus.enable = true; + vswitch.enable = true; + incus.preseed = { + networks = [ + { + name = "nixostestbr0"; + type = "bridge"; + config = { + "bridge.driver" = "openvswitch"; + "ipv4.address" = "10.0.100.1/24"; + "ipv4.nat" = "true"; + }; + } + ]; + profiles = [ + { + name = "nixostest_default"; + devices = { + eth0 = { + name = "eth0"; + network = "nixostestbr0"; + type = "nic"; + }; + root = { + path = "/"; + pool = "default"; + size = "35GiB"; + type = "disk"; + }; + }; + } + ]; + storage_pools = [ + { + name = "nixostest_pool"; + driver = "dir"; + } + ]; + }; + }; + networking.nftables.enable = true; + }; + + testScript = '' + machine.wait_for_unit("incus.service") + machine.wait_for_unit("incus-preseed.service") + + with subtest("Verify openvswitch bridge"): + machine.succeed("incus network info nixostestbr0") + + with subtest("Verify openvswitch bridge"): + machine.succeed("ovs-vsctl br-exists nixostestbr0") + ''; +})