From 1c707ecfea20f25816f690cb001a5823fec749fe Mon Sep 17 00:00:00 2001 From: romner-set Date: Thu, 10 Oct 2024 20:37:52 +0200 Subject: [PATCH] nixos/tests/vpp: init --- nixos/tests/all-tests.nix | 1 + nixos/tests/vpp.nix | 132 ++++++++++++++++++++++++++++++++ pkgs/by-name/vp/vpp/package.nix | 5 ++ 3 files changed, 138 insertions(+) create mode 100644 nixos/tests/vpp.nix diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 0c5236143c37c..65a663f90f5ce 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -1137,6 +1137,7 @@ in { victoriametrics = handleTest ./victoriametrics {}; vikunja = handleTest ./vikunja.nix {}; virtualbox = handleTestOn ["x86_64-linux"] ./virtualbox.nix {}; + vpp = handleTest ./vpp.nix {}; vscode-remote-ssh = handleTestOn ["x86_64-linux"] ./vscode-remote-ssh.nix {}; vscodium = discoverTests (import ./vscodium.nix); vsftpd = handleTest ./vsftpd.nix {}; diff --git a/nixos/tests/vpp.nix b/nixos/tests/vpp.nix new file mode 100644 index 0000000000000..938ba5a914656 --- /dev/null +++ b/nixos/tests/vpp.nix @@ -0,0 +1,132 @@ +# This test runs FD.io's VPP and tests routing between two virtual networks. +# Topology is similar to the `nat` test, with a client on one network, a server +# on another, and a VPP-powered router inbetween connecting the two. + +import ./make-test-python.nix ( + { pkgs, lib, ... }: + { + name = "vpp"; + + meta.maintainers = with lib.maintainers; [ romner-set ]; + + nodes = { + client = + { ... }: + { + virtualisation.vlans = [ 1 ]; + networking.interfaces = lib.mkForce { + eth1.ipv6.addresses = [ + { + address = "fd01::2"; + prefixLength = 64; + } + ]; + }; + networking.defaultGateway6 = "fd01::1"; + networking.useDHCP = false; + }; + server = + { ... }: + { + virtualisation.vlans = [ 2 ]; + networking.interfaces = lib.mkForce { + eth1.ipv6.addresses = [ + { + address = "fd02::2"; + prefixLength = 64; + } + ]; + }; + networking.defaultGateway6 = "fd02::1"; + networking.useDHCP = false; + + services.nginx.enable = true; + services.nginx.statusPage = true; + + networking.firewall.allowedTCPPorts = [ 80 ]; + }; + router = + { config, ... }: + { + virtualisation.vlans = [ + 1 + 2 + ]; + + # Disable netdevs so VPP can take over them + networking.useDHCP = false; + networking.interfaces = lib.mkForce { }; + + # install igb_uio driver + boot.extraModulePackages = [ config.boot.kernelPackages.dpdk-kmods ]; + + virtualisation.memorySize = 4096; + services.vpp.hugepages = { + autoSetup = true; + count = 1024; + }; + + services.vpp.instances.main = { + enable = true; + kernelModule = "igb_uio"; + settings = { + unix.cli-listen = "/run/vpp/cli.sock"; # override a default value + + plugins = { + # Selectively enable only necessary plugins + plugin.default.disable = true; + plugin."dpdk_plugin.so".enable = true; + }; + + dpdk.dev."0000:00:09.0".name = "vlan1"; + dpdk.dev."0000:00:0a.0".name = "vlan2"; + }; + startupConfig = '' + set int state vlan1 up + set int state vlan2 up + set int ip addr vlan1 fd01::1/64 + set int ip addr vlan2 fd02::1/64 + ''; + }; + }; + }; + + testScript = '' + start_all() + + # wait for router + router.wait_for_unit("vpp-main.service") + router.wait_for_file("/run/vpp/cli.sock") + + # make sure VPP initialized correctly + # the sleep is necessary since startupConfig executes *after* the service starts + router.sleep(2) + router.succeed("vppctl show int addr | grep -A1 vlan1 | grep -q fd01::1/64") + router.succeed("vppctl show int addr | grep -A1 vlan2 | grep -q fd02::1/64") + + # wait for server, make sure nginx is reachable + server.wait_for_unit("nginx.service") + server.succeed("curl --fail http://[::1]") + + # wait for client, make sure it can connect to the server through the router + client.wait_for_unit("network.target") + client.succeed("curl --fail http://[fd02::2]") + + # test ICMP + server.succeed("ping -c 1 fd01::2") + client.succeed("ping -c 1 fd02::2") + + # disable interfaces in VPP, make sure server isn't reachable + router.succeed("vppctl set int state vlan1 down") + router.succeed("vppctl set int state vlan2 down") + client.fail("curl --fail --connect-timeout 5 http://[fd02::2]") + client.fail("ping -c 1 fd02::2") + + # restart VPP, make sure it restores its config & server becomes reachable again + router.succeed("systemctl restart vpp-main") + router.wait_for_unit("vpp-main.service") + client.succeed("curl --fail http://[fd02::2]") + client.succeed("ping -c 1 fd02::2") + ''; + } +) diff --git a/pkgs/by-name/vp/vpp/package.nix b/pkgs/by-name/vp/vpp/package.nix index df61bb81f9c23..55b1f7aa0c527 100644 --- a/pkgs/by-name/vp/vpp/package.nix +++ b/pkgs/by-name/vp/vpp/package.nix @@ -3,6 +3,7 @@ stdenv, fetchFromGitHub, nix-update-script, + nixosTests, cmake, pkg-config, check, @@ -118,6 +119,10 @@ stdenv.mkDerivation rec { passthru.updateScript = nix-update-script { }; + passthru.tests = { + inherit (nixosTests) vpp; + }; + meta = { description = "Fast, scalable layer 2-4 multi-platform network stack running in user space"; homepage = "https://s3-docs.fd.io/vpp/${version}/";