natalie
/
nixpkgs-custom
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

flannel service: init

release-18.03-flake
Jaka Hudoklin 2016-09-27 22:56:58 +02:00
parent eb1377ba30
commit feb9fc3aff
3 changed files with 209 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
nixos/modules/module-list.nix
View File

@ -345,6 +345,7 @@
./services/networking/ferm.nix
./services/networking/firefox/sync-server.nix
./services/networking/firewall.nix
./services/networking/flannel.nix
./services/networking/flashpolicyd.nix
./services/networking/freenet.nix
./services/networking/gale.nix

153
nixos/modules/services/networking/flannel.nix 100644
View File

@ -0,0 +1,153 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.flannel;
networkConfig = filterAttrs (n: v: v != null) {
Network = cfg.network;
SubnetLen = cfg.subnetLen;
SubnetMin = cfg.subnetMin;
SubnetMax = cfg.subnetMax;
Backend = cfg.backend;
};
in {
options.services.flannel = {
enable = mkEnableOption "flannel";
package = mkOption {
description = "Package to use for flannel";
type = types.package;
default = pkgs.flannel.bin;
};
publicIp = mkOption {
description = ''
IP accessible by other nodes for inter-host communication.
Defaults to the IP of the interface being used for communication.
'';
type = types.nullOr types.str;
default = null;
};
iface = mkOption {
description = ''
Interface to use (IP or name) for inter-host communication.
Defaults to the interface for the default route on the machine.
'';
type = types.nullOr types.str;
default = null;
};
etcd = {
endpoints = mkOption {
description = "Etcd endpoints";
type = types.listOf types.str;
default = ["http://127.0.0.1:2379"];
};
prefix = mkOption {
description = "Etcd key prefix";
type = types.str;
default = "/coreos.com/network";
};
caFile = mkOption {
description = "Etcd certificate authority file";
type = types.nullOr types.path;
default = null;
};
certFile = mkOption {
description = "Etcd cert file";
type = types.nullOr types.path;
default = null;
};
keyFile = mkOption {
description = "Etcd key file";
type = types.nullOr types.path;
default = null;
};
};
network = mkOption {
description = " IPv4 network in CIDR format to use for the entire flannel network.";
type = types.str;
};
subnetLen = mkOption {
description = ''
The size of the subnet allocated to each host. Defaults to 24 (i.e. /24)
unless the Network was configured to be smaller than a /24 in which case
it is one less than the network.
'';
type = types.int;
default = 24;
};
subnetMin = mkOption {
description = ''
The beginning of IP range which the subnet allocation should start with.
Defaults to the first subnet of Network.
'';
type = types.nullOr types.str;
default = null;
};
subnetMax = mkOption {
description = ''
The end of IP range which the subnet allocation should start with.
Defaults to the last subnet of Network.
'';
type = types.nullOr types.str;
default = null;
};
backend = mkOption {
description = "Type of backend to use and specific configurations for that backend.";
type = types.attrs;
default = {
Type = "vxlan";
};
};
};
config = mkIf cfg.enable {
systemd.services.flannel = {
description = "Flannel Service";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
environment = {
FLANNELD_PUBLIC_IP = cfg.publicIp;
FLANNELD_ETCD_ENDPOINTS = concatStringsSep "," cfg.etcd.endpoints;
FLANNELD_ETCD_KEYFILE = cfg.etcd.keyFile;
FLANNELD_ETCD_CERTFILE = cfg.etcd.certFile;
FLANNELD_ETCD_CAFILE = cfg.etcd.caFile;
FLANNELD_IFACE = cfg.iface;
ETCDCTL_CERT_FILE = cfg.etcd.certFile;
ETCDCTL_KEY_FILE = cfg.etcd.keyFile;
ETCDCTL_CA_FILE = cfg.etcd.caFile;
ETCDCTL_PEERS = concatStringsSep "," cfg.etcd.endpoints;
};
preStart = ''
echo "setting network configuration"
until ${pkgs.etcdctl.bin}/bin/etcdctl set /coreos.com/network/config '${builtins.toJSON networkConfig}'
do
echo "setting network configuration, retry"
sleep 1
done
'';
postStart = ''
while [ ! -f /run/flannel/subnet.env ]
do
sleep 1
done
'';
serviceConfig.ExecStart = "${cfg.package}/bin/flannel";
};
services.etcd.enable = mkDefault cfg.etcd.endpoints == ["http://127.0.0.1:2379"];
};
}

55
nixos/tests/flannel.nix 100644
View File

@ -0,0 +1,55 @@
import ./make-test.nix ({ pkgs, ...} : rec {
name = "flannel";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ offline ];
};
nodes = let
flannelConfig = {
services.flannel = {
enable = true;
network = "10.1.0.0/16";
iface = "eth1";
etcd.endpoints = ["http://etcd:2379"];
};
networking.firewall.allowedUDPPorts = [ 8472 ];
};
in {
etcd = { config, pkgs, ... }: {
services = {
etcd = {
enable = true;
listenClientUrls = ["http://etcd:2379"];
listenPeerUrls = ["http://etcd:2380"];
initialAdvertisePeerUrls = ["http://etcd:2379"];
initialCluster = ["etcd=http://etcd:2379"];
};
};
networking.firewall.allowedTCPPorts = [ 2379 ];
};
node1 = { config, ... }: {
require = [flannelConfig];
};
node2 = { config, ... }: {
require = [flannelConfig];
};
};
testScript = ''
startAll;
$node1->waitForUnit("flannel.service");
$node2->waitForUnit("flannel.service");
my $ip1 = $node1->succeed("ip -4 addr show flannel.1 | grep -oP '(?<=inet).*(?=/)'");
my $ip2 = $node2->succeed("ip -4 addr show flannel.1 | grep -oP '(?<=inet).*(?=/)'");
$node1->waitUntilSucceeds("ping -c 1 $ip2");
$node2->waitUntilSucceeds("ping -c 1 $ip1");
'';
})