Make Docker instantiatable, add tests
This commit is contained in:
parent
98e257790f
commit
dc01c9bf8b
|
@ -63,7 +63,7 @@ in
|
|||
};
|
||||
|
||||
docker = import ./docker {
|
||||
inherit createManagedProcess;
|
||||
inherit createManagedProcess runtimeDir libDir;
|
||||
inherit (pkgs) docker kmod;
|
||||
};
|
||||
|
||||
|
|
|
@ -1,13 +1,23 @@
|
|||
{createManagedProcess, docker, kmod}:
|
||||
{createManagedProcess, docker, kmod, runtimeDir, libDir}:
|
||||
{instanceSuffix ? "", instanceName ? "docker${instanceSuffix}", extraArgs ? []}:
|
||||
|
||||
let
|
||||
user = "docker";
|
||||
group = "docker";
|
||||
user = instanceName;
|
||||
group = instanceName;
|
||||
in
|
||||
createManagedProcess {
|
||||
name = "docker";
|
||||
inherit instanceName;
|
||||
foregroundProcess = "${docker}/bin/dockerd";
|
||||
args = [ "--group=${group}" "--host=unix://" "--log-driver=json-file" ];
|
||||
args = [
|
||||
"--group=${group}"
|
||||
"--host=unix://${runtimeDir}/${instanceName}.sock"
|
||||
# Add -alt suffix. We only need PID files for the backends that requires processes to daemonize on their own.
|
||||
# The `daemon` command will create PID files for them. Without the -alt suffix they will conflict causing the Docker daemon to refuse to start.
|
||||
"--pidfile=${runtimeDir}/${instanceName}-alt.pid"
|
||||
"--data-root=${libDir}/${instanceName}"
|
||||
"--exec-root=${runtimeDir}/${instanceName}"
|
||||
"--log-driver=json-file"
|
||||
] ++ extraArgs;
|
||||
path = [ kmod ];
|
||||
|
||||
credentials = {
|
||||
|
|
|
@ -23,6 +23,10 @@ in
|
|||
inherit pkgs processManagers profiles testService;
|
||||
};
|
||||
|
||||
docker = import ./docker {
|
||||
inherit pkgs processManagers profiles testService;
|
||||
};
|
||||
|
||||
influxdb = import ./influxdb {
|
||||
inherit pkgs processManagers profiles testService;
|
||||
};
|
||||
|
|
|
@ -0,0 +1,26 @@
|
|||
{ pkgs, testService, processManagers, profiles }:
|
||||
|
||||
testService {
|
||||
exprFile = ./processes.nix;
|
||||
systemPackages = [ pkgs.docker ];
|
||||
|
||||
readiness = {instanceName, instance, runtimeDir, ...}:
|
||||
''
|
||||
machine.wait_for_file("${runtimeDir}/${instanceName}.sock")
|
||||
'';
|
||||
|
||||
tests = {instanceName, instance, stateDir, runtimeDir, forceDisableUserChange, ...}:
|
||||
# The primary instance should be connectible with the default parameters
|
||||
if instanceName == "docker" && !forceDisableUserChange then ''
|
||||
machine.succeed("docker info | grep 'Docker Root Dir: ${stateDir}/lib/${instanceName}'")
|
||||
'' else ''
|
||||
machine.succeed(
|
||||
"docker --host=unix://${runtimeDir}/${instanceName}.sock info | grep 'Docker Root Dir: ${stateDir}/lib/${instanceName}'"
|
||||
)
|
||||
'';
|
||||
|
||||
inherit processManagers;
|
||||
|
||||
# There's an experimental rootless feature for Docker, but a hassle to setup. As a result, we disable unprivileged mode
|
||||
profiles = builtins.filter (profile: profile == "privileged") profiles;
|
||||
}
|
|
@ -0,0 +1,30 @@
|
|||
{ pkgs ? import <nixpkgs> { inherit system; }
|
||||
, system ? builtins.currentSystem
|
||||
, stateDir ? "/var"
|
||||
, runtimeDir ? "${stateDir}/run"
|
||||
, logDir ? "${stateDir}/log"
|
||||
, spoolDir ? "${stateDir}/spool"
|
||||
, cacheDir ? "${stateDir}/cache"
|
||||
, libDir ? "${stateDir}/lib"
|
||||
, tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
|
||||
, forceDisableUserChange ? false
|
||||
, processManager
|
||||
}:
|
||||
|
||||
let
|
||||
constructors = import ../../services-agnostic/constructors.nix {
|
||||
inherit pkgs stateDir runtimeDir logDir tmpDir cacheDir libDir spoolDir forceDisableUserChange processManager;
|
||||
};
|
||||
in
|
||||
rec {
|
||||
docker = {
|
||||
pkg = constructors.docker {};
|
||||
};
|
||||
|
||||
docker-secondary = rec {
|
||||
pkg = constructors.docker {
|
||||
instanceSuffix = "-secondary";
|
||||
extraArgs = [ "--iptables=false" ]; # Avoids conflicting NAT settings with the primary instances
|
||||
};
|
||||
};
|
||||
}
|
Loading…
Reference in New Issue