colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #278753 from adamcstephens/incus/migrate-test

Browse Source 
incus, lxd: ensure lxd->incus migration is supported and tested
This commit is contained in:
Adam C. Stephens 2024-01-18 08:01:23 -05:00 committed by GitHub
commit 887d3f54c6
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 131 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
nixos/modules/virtualisation/incus.nix
View File

@ -150,10 +150,12 @@ in
after = [
"network-online.target"
"lxcfs.service"
] ++ (lib.optional cfg.socketActivation "incus.socket");
"incus.socket"
];
requires = [
"lxcfs.service"
] ++ (lib.optional cfg.socketActivation "incus.socket");
"incus.socket"
];
wants = [
"network-online.target"
];
@ -183,7 +185,7 @@ in
};
};
systemd.sockets.incus = lib.mkIf cfg.socketActivation {
systemd.sockets.incus = {
description = "Incus UNIX socket";
wantedBy = [ "sockets.target" ];
@ -191,7 +193,6 @@ in
ListenStream = "/var/lib/incus/unix.socket";
SocketMode = "0660";
SocketGroup = "incus-admin";
Service = "incus.service";
};
};

6
nixos/modules/virtualisation/lxd.nix
View File

@ -214,16 +214,14 @@ in {
LimitNPROC = "infinity";
TasksMax = "infinity";
Restart = "on-failure";
TimeoutStartSec = "${cfg.startTimeout}s";
TimeoutStopSec = "30s";
# By default, `lxd` loads configuration files from hard-coded
# `/usr/share/lxc/config` - since this is a no-go for us, we have to
# explicitly tell it where the actual configuration files are
Environment = lib.mkIf (config.virtualisation.lxc.lxcfs.enable)
"LXD_LXC_TEMPLATE_CONFIG=${pkgs.lxcfs}/share/lxc/config";
};
unitConfig.ConditionPathExists = "!/var/lib/incus/.migrated-from-lxd";
};
systemd.services.lxd-preseed = lib.mkIf (cfg.preseed != null) {

5
nixos/tests/incus/default.nix
View File

@ -6,9 +6,8 @@
}:
{
container = import ./container.nix { inherit system pkgs; };
lxd-to-incus = import ./lxd-to-incus.nix { inherit system pkgs; };
preseed = import ./preseed.nix { inherit system pkgs; };
socket-activated = import ./socket-activated.nix { inherit system pkgs; };
virtual-machine = handleTestOn [ "x86_64-linux" ] ./virtual-machine.nix {
inherit system pkgs;
};
virtual-machine = handleTestOn [ "x86_64-linux" ] ./virtual-machine.nix { inherit system pkgs; };
}

112
nixos/tests/incus/lxd-to-incus.nix Normal file
View File

@ -0,0 +1,112 @@
import ../make-test-python.nix (
{ pkgs, lib, ... }:
let
releases = import ../../release.nix { configuration.documentation.enable = lib.mkForce false; };
container-image-metadata = releases.lxdContainerMeta.${pkgs.stdenv.hostPlatform.system};
container-image-rootfs = releases.lxdContainerImage.${pkgs.stdenv.hostPlatform.system};
in
{
name = "lxd-to-incus";
meta = {
maintainers = lib.teams.lxc.members;
};
nodes.machine =
{ lib, ... }:
{
environment.systemPackages = [ pkgs.lxd-to-incus ];
virtualisation = {
diskSize = 6144;
cores = 2;
memorySize = 2048;
lxd.enable = true;
lxd.preseed = {
networks = [
{
name = "nixostestbr0";
type = "bridge";
config = {
"ipv4.address" = "10.0.100.1/24";
"ipv4.nat" = "true";
};
}
];
profiles = [
{
name = "default";
devices = {
eth0 = {
name = "eth0";
network = "nixostestbr0";
type = "nic";
};
root = {
path = "/";
pool = "nixostest_pool";
size = "35GiB";
type = "disk";
};
};
}
{
name = "nixos_notdefault";
devices = { };
}
];
storage_pools = [
{
name = "nixostest_pool";
driver = "dir";
}
];
};
incus.enable = true;
};
};
testScript = ''
def lxd_wait_for_preseed(_) -> bool:
_, output = machine.systemctl("is-active lxd-preseed.service")
return ("inactive" in output)
def lxd_instance_is_up(_) -> bool:
status, _ = machine.execute("lxc exec container --disable-stdin --force-interactive /run/current-system/sw/bin/true")
return status == 0
def incus_instance_is_up(_) -> bool:
status, _ = machine.execute("incus exec container --disable-stdin --force-interactive /run/current-system/sw/bin/true")
return status == 0
with machine.nested("initialize lxd and resources"):
machine.wait_for_unit("sockets.target")
machine.wait_for_unit("lxd.service")
retry(lxd_wait_for_preseed)
machine.succeed("lxc image import ${container-image-metadata}/*/*.tar.xz ${container-image-rootfs}/*/*.tar.xz --alias nixos")
machine.succeed("lxc launch nixos container")
retry(lxd_instance_is_up)
machine.wait_for_unit("incus.service")
with machine.nested("run migration"):
machine.succeed("lxd-to-incus --yes")
with machine.nested("verify resources migrated to incus"):
machine.succeed("incus config show container")
retry(incus_instance_is_up)
machine.succeed("incus exec container -- true")
machine.succeed("incus profile show default | grep nixostestbr0")
machine.succeed("incus profile show default | grep nixostest_pool")
machine.succeed("incus profile show nixos_notdefault")
machine.succeed("incus storage show nixostest_pool")
machine.succeed("incus network show nixostestbr0")
'';
}
)

9
pkgs/by-name/lx/lxd-to-incus/package.nix
View File

@ -1,6 +1,7 @@
{ lib
, buildGoModule
, fetchFromGitHub
, fetchpatch
, nix-update-script
}:
@ -15,6 +16,14 @@ buildGoModule rec {
hash = "sha256-crWepf5j3Gd1lhya2DGIh/to7l+AnjKJPR+qUd9WOzw=";
};
patches = [
# create migration touch file, remove > 0.4.0
(fetchpatch {
url = "https://github.com/lxc/incus/commit/edc5fd2a9baccfb7b6814a440e2947cbb580afcf.diff";
hash = "sha256-ffQfMFrKDPuLU4jVbG/VGHSO3DmeHw30ATJ8yxJAoHQ=";
})
];
modRoot = "cmd/lxd-to-incus";
vendorHash = "sha256-cBAqJz3Y4CqyxTt7u/4mXoQPKmKgQ3gYJV1NiC/H+TA=";

1
pkgs/tools/admin/lxd/default.nix
View File

@ -76,6 +76,7 @@ buildGoModule rec {
'';
passthru.tests.lxd = nixosTests.lxd;
passthru.tests.lxd-to-incus = nixosTests.incus.lxd-to-incus;
passthru.ui = callPackage ./ui.nix { };
passthru.updateScript = gitUpdater {
url = "https://github.com/canonical/lxd.git";