-
Notifications
You must be signed in to change notification settings - Fork 135
/
test-lxd-images
executable file
·99 lines (83 loc) · 2.66 KB
/
test-lxd-images
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
#!/bin/sh
set -eu
cleanup() {
echo ""
if [ "${FAIL}" = "1" ]; then
echo "Test failed"
exit 1
fi
echo "Test passed"
exit 0
}
FAIL=1
trap cleanup EXIT HUP INT TERM
# Install LXD
while :; do
[ ! -e /usr/bin/lxd ] && break
apt remove --purge lxd lxd-client --yes && break
done
snap install lxd --edge
apt install jq -y
export PATH="/snap/bin/:${PATH}"
lxd waitready --timeout=300
# Setup network
lxc network create lxdbr0 ipv4.address=10.0.0.1/16 ipv4.nat=true ipv6.address=2001:470:b368:4242::1/64 ipv6.nat=true
lxc network attach-profile lxdbr0 default eth0 eth0
# Setup storage
for backend in zfs btrfs dir; do
if [ "${backend}" = "dir" ]; then
lxc storage create default ${backend} >/dev/null 2>&1 && break
else
lxc storage create default ${backend} size=30GB >/dev/null 2>&1 && break
fi
done
lxc storage show default >/dev/null 2>&1 || exit 1
lxc profile device add default root disk pool=default path=/
# Create the containers
for i in $(lxc image list images: | grep x86_64 | grep "more" | awk '{print $2}'); do
name=$(echo "${i}" | sed -e "s/\//-/g" -e "s/\.//g")
lxc init "images:${i}" "${name}-unpriv" -c security.nesting=true
lxc init "images:${i}" "${name}-priv" -c security.privileged=true -c security.nesting=true
if [ "${name}" = "archlinux" ] || [ "${name}" = "fedora-28" ]; then
# Needed because of keyctl
lxc config set "${name}-unpriv" security.syscalls.blacklist "keyctl errno 38"
lxc config set "${name}-priv" security.syscalls.blacklist "keyctl errno 38"
# Needed because of AppArmor unix mediation bug
lxc config set "${name}-unpriv" raw.lxc lxc.apparmor.profile=unconfined
lxc config set "${name}-priv" raw.lxc lxc.apparmor.profile=unconfined
fi
done
# Start them all
COUNT=0
for url in $(lxc query "/1.0/containers" | jq -r .[]); do
name=$(echo "${url}" | cut -d/ -f4)
lxc start "${name}"
COUNT=$((COUNT+1))
if [ "${COUNT}" = "5" ]; then
COUNT=0
sleep 10
fi
done
# Wait for network
sleep 20
# Check that all containers have an IPv4 and IPv6 address
FAIL=0
for url in $(lxc query "/1.0/containers" | jq -r .[]); do
address=$(lxc query "${url}/state" | jq -r ".network.eth0.addresses | .[] | select(.scope | contains(\"global\")) | .address")
name=$(echo "${url}" | cut -d/ -f4)
echo ""
# IPv4
if echo "${address}" | grep "\." -q; then
echo "PASS-IPv4: ${name}"
else
echo "FAIL-IPv4: ${name}"
FAIL=1
fi
# IPv6
if echo "${address}" | grep ":" -q; then
echo "PASS-IPv6: ${name}"
else
echo "FAIL-IPv6: ${name}"
FAIL=1
fi
done