Refactored test case, splitted it into multiple files and added separ…

…ate master and worker nodes - ref NixOS#15

nixos/tests/kube-router/base.nix

@@ -0,0 +1,47 @@
+{pkgs, hostName, ip, domain, services, certs, hosts, sshPort}: (
+
+
+let
+
+  fqdn = "${hostName}.${domain}";
+
+in
+{
+  networking = {
+    firewall.allowedTCPPortRanges = [
+          { from = 179; to = 179; } # bgp
+          { from = 2379; to = 2380; } # etcd
+          { from = 443; to = 443; } # kubernetes.apiserver
+          { from = 10250; to = 10250; } # kubelet
+    ];
+
+    firewall.trustedInterfaces = ["kube-bridge"];
+    extraHosts = pkgs.lib.concatStringsSep "\n" (["127.0.0.1 ${fqdn}"] ++ hosts);
+  };
+
+  systemd.services.kube-proxy.path = [ pkgs.ipset pkgs.kmod ];
+  environment.systemPackages = [ pkgs.ipvsadm pkgs.iptables pkgs.dnsutils ];
+
+  virtualisation.docker.enable = true;
+  virtualisation.memorySize = 1024;
+
+  virtualisation.qemu.options = [ "-redir tcp:${toString sshPort}::22" ];
+
+  boot.initrd.postDeviceCommands = ''
+      ${pkgs.e2fsprogs}/bin/mkfs.ext4 -L var /dev/vdb
+  '';
+
+  virtualisation.emptyDiskImages = [ 4096 ];
+
+  fileSystems = pkgs.lib.mkVMOverride {
+    "/var" = {
+      device = "/dev/vdb";
+      fsType = "ext4";
+      options = [ "noauto" ];
+    };
+  };
+
+  services = services;
+
+  security.pki.certificateFiles = [ "${certs.master}/ca.pem" "${certs.worker}/ca.pem" ];
+})

nixos/tests/kube-router/kube-router.nix

@@ -0,0 +1,65 @@
+import ../make-test.nix ({ pkgs, ...} :
+
+with import ../kubernetes/base.nix { };
+let
+  hostName = "machine";
+  domain = "my.domain";
+  fqdn = "${hostName}.${domain}";
+
+  hosts = [ "192.168.1.1 api.${domain} master.${domain}" "192.168.1.2 node.${domain}" ];
+
+  certs = import ../kubernetes/certs.nix {
+                                          externalDomain = domain;
+                                          serviceClusterIp = "10.90.0.1";
+                                          kubelets = [ "master" "node" ];
+                                        };
+
+  nginxManifest = pkgs.writeText "nginx-manifest.json" (builtins.toJSON {
+                   apiVersion = "apps/v1";
+                   kind = "Deployment";
+                   metadata = {
+                     name = "nginx-deployment";
+                   };
+                   spec = {
+                     selector = {
+                       matchLabels = {
+                         app = "nginx";
+                       };
+                     };
+                     replicas = 2;
+                     template = {
+                       metadata = {
+                         labels = {
+                           app = "nginx";
+                         };
+                       };
+                       spec = {
+                         containers = [{
+                           name = "nginx";
+                           image = "nginx:1.7.9";
+                           ports = [{ containerPort = 80; }];
+                         }];
+                       };
+                     };
+                   };
+                 });
+
+  master = import ./master.nix { inherit pkgs; hostName = "master"; ip = "10.0.2.15"; inherit domain; inherit certs; inherit hosts; sshPort=2221; };
+  node = import ./node.nix { inherit pkgs; hostName = "node"; ip = "10.0.2.16"; inherit domain; inherit certs; inherit hosts; sshPort=2222; };
+in
+{
+  nodes = { inherit master; inherit node; };
+
+  # TODO: Test of Pod-To-Pod networking
+  # TODO: Test of external peering
+  # TODO: Test of service networking
+
+  testScript = ''
+    startAll
+
+    $master->waitUntilSucceeds("kubectl get node node.my.domain | grep -w Ready");
+    $master->succeed("kubectl apply -f ${nginxManifest}");
+  '';
+  #$node->waitUntilSucceeds("test \$(kubectl get pods | grep -c Running) == 2");
+
+})