From ffdcec2d94622d842f340a98ff5d3564e3c52ce1 Mon Sep 17 00:00:00 2001 From: Adam Stephens Date: Thu, 4 Jan 2024 14:29:36 -0500 Subject: [PATCH] nixos/tests/incus: add lxd-to-incus migration test --- nixos/modules/virtualisation/incus.nix | 9 +- nixos/modules/virtualisation/lxd.nix | 6 +- nixos/tests/incus/default.nix | 5 +- nixos/tests/incus/lxd-to-incus.nix | 112 +++++++++++++++++++++++ pkgs/by-name/lx/lxd-to-incus/package.nix | 9 ++ pkgs/tools/admin/lxd/default.nix | 1 + 6 files changed, 131 insertions(+), 11 deletions(-) create mode 100644 nixos/tests/incus/lxd-to-incus.nix diff --git a/nixos/modules/virtualisation/incus.nix b/nixos/modules/virtualisation/incus.nix index 3e48f8873ed4..ea4cb916aa08 100644 --- a/nixos/modules/virtualisation/incus.nix +++ b/nixos/modules/virtualisation/incus.nix @@ -150,10 +150,12 @@ in after = [ "network-online.target" "lxcfs.service" - ] ++ (lib.optional cfg.socketActivation "incus.socket"); + "incus.socket" + ]; requires = [ "lxcfs.service" - ] ++ (lib.optional cfg.socketActivation "incus.socket"); + "incus.socket" + ]; wants = [ "network-online.target" ]; @@ -183,7 +185,7 @@ in }; }; - systemd.sockets.incus = lib.mkIf cfg.socketActivation { + systemd.sockets.incus = { description = "Incus UNIX socket"; wantedBy = [ "sockets.target" ]; @@ -191,7 +193,6 @@ in ListenStream = "/var/lib/incus/unix.socket"; SocketMode = "0660"; SocketGroup = "incus-admin"; - Service = "incus.service"; }; }; diff --git a/nixos/modules/virtualisation/lxd.nix b/nixos/modules/virtualisation/lxd.nix index c4c856d9be30..a963e67eee2a 100644 --- a/nixos/modules/virtualisation/lxd.nix +++ b/nixos/modules/virtualisation/lxd.nix @@ -224,16 +224,14 @@ in { LimitNPROC = "infinity"; TasksMax = "infinity"; - Restart = "on-failure"; - TimeoutStartSec = "${cfg.startTimeout}s"; - TimeoutStopSec = "30s"; - # By default, `lxd` loads configuration files from hard-coded # `/usr/share/lxc/config` - since this is a no-go for us, we have to # explicitly tell it where the actual configuration files are Environment = lib.mkIf (config.virtualisation.lxc.lxcfs.enable) "LXD_LXC_TEMPLATE_CONFIG=${pkgs.lxcfs}/share/lxc/config"; }; + + unitConfig.ConditionPathExists = "!/var/lib/incus/.migrated-from-lxd"; }; systemd.services.lxd-preseed = lib.mkIf (cfg.preseed != null) { diff --git a/nixos/tests/incus/default.nix b/nixos/tests/incus/default.nix index c88974605e30..26e8a4ac4c77 100644 --- a/nixos/tests/incus/default.nix +++ b/nixos/tests/incus/default.nix @@ -6,9 +6,8 @@ }: { container = import ./container.nix { inherit system pkgs; }; + lxd-to-incus = import ./lxd-to-incus.nix { inherit system pkgs; }; preseed = import ./preseed.nix { inherit system pkgs; }; socket-activated = import ./socket-activated.nix { inherit system pkgs; }; - virtual-machine = handleTestOn [ "x86_64-linux" ] ./virtual-machine.nix { - inherit system pkgs; - }; + virtual-machine = handleTestOn [ "x86_64-linux" ] ./virtual-machine.nix { inherit system pkgs; }; } diff --git a/nixos/tests/incus/lxd-to-incus.nix b/nixos/tests/incus/lxd-to-incus.nix new file mode 100644 index 000000000000..67245b54e752 --- /dev/null +++ b/nixos/tests/incus/lxd-to-incus.nix @@ -0,0 +1,112 @@ +import ../make-test-python.nix ( + + { pkgs, lib, ... }: + + let + releases = import ../../release.nix { configuration.documentation.enable = lib.mkForce false; }; + + container-image-metadata = releases.lxdContainerMeta.${pkgs.stdenv.hostPlatform.system}; + container-image-rootfs = releases.lxdContainerImage.${pkgs.stdenv.hostPlatform.system}; + in + { + name = "lxd-to-incus"; + + meta = { + maintainers = lib.teams.lxc.members; + }; + + nodes.machine = + { lib, ... }: + { + environment.systemPackages = [ pkgs.lxd-to-incus ]; + + virtualisation = { + diskSize = 6144; + cores = 2; + memorySize = 2048; + + lxd.enable = true; + lxd.preseed = { + networks = [ + { + name = "nixostestbr0"; + type = "bridge"; + config = { + "ipv4.address" = "10.0.100.1/24"; + "ipv4.nat" = "true"; + }; + } + ]; + profiles = [ + { + name = "default"; + devices = { + eth0 = { + name = "eth0"; + network = "nixostestbr0"; + type = "nic"; + }; + root = { + path = "/"; + pool = "nixostest_pool"; + size = "35GiB"; + type = "disk"; + }; + }; + } + { + name = "nixos_notdefault"; + devices = { }; + } + ]; + storage_pools = [ + { + name = "nixostest_pool"; + driver = "dir"; + } + ]; + }; + + incus.enable = true; + }; + }; + + testScript = '' + def lxd_wait_for_preseed(_) -> bool: + _, output = machine.systemctl("is-active lxd-preseed.service") + return ("inactive" in output) + + def lxd_instance_is_up(_) -> bool: + status, _ = machine.execute("lxc exec container --disable-stdin --force-interactive /run/current-system/sw/bin/true") + return status == 0 + + def incus_instance_is_up(_) -> bool: + status, _ = machine.execute("incus exec container --disable-stdin --force-interactive /run/current-system/sw/bin/true") + return status == 0 + + with machine.nested("initialize lxd and resources"): + machine.wait_for_unit("sockets.target") + machine.wait_for_unit("lxd.service") + retry(lxd_wait_for_preseed) + + machine.succeed("lxc image import ${container-image-metadata}/*/*.tar.xz ${container-image-rootfs}/*/*.tar.xz --alias nixos") + machine.succeed("lxc launch nixos container") + retry(lxd_instance_is_up) + + machine.wait_for_unit("incus.service") + + with machine.nested("run migration"): + machine.succeed("lxd-to-incus --yes") + + with machine.nested("verify resources migrated to incus"): + machine.succeed("incus config show container") + retry(incus_instance_is_up) + machine.succeed("incus exec container -- true") + machine.succeed("incus profile show default | grep nixostestbr0") + machine.succeed("incus profile show default | grep nixostest_pool") + machine.succeed("incus profile show nixos_notdefault") + machine.succeed("incus storage show nixostest_pool") + machine.succeed("incus network show nixostestbr0") + ''; + } +) diff --git a/pkgs/by-name/lx/lxd-to-incus/package.nix b/pkgs/by-name/lx/lxd-to-incus/package.nix index b9c15347d3ba..eb63c986b814 100644 --- a/pkgs/by-name/lx/lxd-to-incus/package.nix +++ b/pkgs/by-name/lx/lxd-to-incus/package.nix @@ -1,6 +1,7 @@ { lib , buildGoModule , fetchFromGitHub +, fetchpatch , nix-update-script }: @@ -15,6 +16,14 @@ buildGoModule rec { hash = "sha256-crWepf5j3Gd1lhya2DGIh/to7l+AnjKJPR+qUd9WOzw="; }; + patches = [ + # create migration touch file, remove > 0.4.0 + (fetchpatch { + url = "https://github.com/lxc/incus/commit/edc5fd2a9baccfb7b6814a440e2947cbb580afcf.diff"; + hash = "sha256-ffQfMFrKDPuLU4jVbG/VGHSO3DmeHw30ATJ8yxJAoHQ="; + }) + ]; + modRoot = "cmd/lxd-to-incus"; vendorHash = "sha256-cBAqJz3Y4CqyxTt7u/4mXoQPKmKgQ3gYJV1NiC/H+TA="; diff --git a/pkgs/tools/admin/lxd/default.nix b/pkgs/tools/admin/lxd/default.nix index 4a70d2276573..65dd2c70daa2 100644 --- a/pkgs/tools/admin/lxd/default.nix +++ b/pkgs/tools/admin/lxd/default.nix @@ -76,6 +76,7 @@ buildGoModule rec { ''; passthru.tests.lxd = nixosTests.lxd; + passthru.tests.lxd-to-incus = nixosTests.incus.lxd-to-incus; passthru.ui = callPackage ./ui.nix { }; passthru.updateScript = gitUpdater { url = "https://github.com/canonical/lxd.git";