From 5362fc5415623c2d6903b2afd3ad752292e0439b Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Sun, 10 Jul 2016 00:00:04 +0300
Subject: [PATCH] - Working with user namespace and MAC-VLAN, some basic tests.
- Updated TODO list.
---
README.rst | 2 +-
molecule.yml | 6 +++---
tasks/main.yml | 25 ++++++++++++++++---------
tests/playbook.yml | 22 ++++++++++++++++++++--
tests/templates/jessie.nspawn | 10 ++++++++++
tests/test_example.py | 6 ------
tests/test_nspawn.py | 4 ++++
7 files changed, 54 insertions(+), 21 deletions(-)
create mode 100644 tests/templates/jessie.nspawn
delete mode 100644 tests/test_example.py
create mode 100644 tests/test_nspawn.py
diff --git a/README.rst b/README.rst
index 35f0eee..3031477 100644
--- a/README.rst
+++ b/README.rst
@@ -55,4 +55,4 @@ at: https://www.shore.co.il/git/.
TODO
----
-- Test mac-vlan on Vagrant.
+- Test that the container is running in a different user namespace.
diff --git a/molecule.yml b/molecule.yml
index 0d86e79..d5c1a6b 100644
--- a/molecule.yml
+++ b/molecule.yml
@@ -13,10 +13,10 @@ vagrant:
- name: virtualbox
type: virtualbox
platforms:
- - name: openbsd
- box: kaorimatz/openbsd-5.9-amd64
+ - name: debian
+ box: fujimakishouten/debian-stretch64
instances:
- - name: ansible-role-example
+ - name: ansible-role-nspawn
options:
append_platform_to_hostname: yes
raw_config_args:
diff --git a/tasks/main.yml b/tasks/main.yml
index 7bc45f4..f0cf616 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -4,16 +4,11 @@
- assert:
that:
- ansible_os_family == 'Debian'
- - ansible_distribution_release == 'stretch'
+ - ansible_distribution_version == 'stretch/sid'
+ - ansible_service_mgr == 'systemd'
-- name: apt-get install
- apt:
- name: '{{ item }}'
- state: present
- update_cache: yes
- cache_valid_time: 3600
+- name: APT install
with_items:
- - systemd-sysv
- systemd-container
- libnss-myhostname
- libnss-mymachines
@@ -21,11 +16,23 @@
- btrfs-tools
- debootstrap
- yum
+ - uidmap
+ apt:
+ name: '{{ item }}'
+ state: present
+ update_cache: yes
+ cache_valid_time: 3600
- name: Create npawn configuration directory
file:
path: /etc/systemd/nspawn
owner: root
group: root
- mode: '0755'
+ mode: 0o0755
state: directory
+
+- name: Enable machines target
+ service:
+ name: machines.target
+ enabled: yes
+ state: started
diff --git a/tests/playbook.yml b/tests/playbook.yml
index e739a2b..89cb5fc 100644
--- a/tests/playbook.yml
+++ b/tests/playbook.yml
@@ -1,5 +1,23 @@
---
- hosts: all
- gather_facts: false
roles:
- - role: ansible-role-example
+ - role: ansible-role-nspawn
+ post_tasks:
+ - name: Create Debian Jessie chroot
+ command: /usr/sbin/debootstrap jessie /var/lib/machines/jessie http://httpredir.debian.org/debian
+ args:
+ creates: /var/lib/machines/jessie/etc/machine-id
+
+ - name: Configure container
+ template:
+ src: jessie.nspawn
+ dest: /etc/systemd/nspawn/jessie.nspawn
+ owner: root
+ group: root
+ mode: 0o0644
+
+ - name: Enable container service
+ service:
+ name: systemd-nspawn@jessie.service
+ state: started
+ enabled: yes
diff --git a/tests/templates/jessie.nspawn b/tests/templates/jessie.nspawn
new file mode 100644
index 0000000..f8c931a
--- /dev/null
+++ b/tests/templates/jessie.nspawn
@@ -0,0 +1,10 @@
+[Exec]
+Boot=yes
+PrivateUsers=yes
+
+[Files]
+PrivateUsersChown=yes
+
+[Network]
+Private=yes
+MACVLAN={{ ansible_default_ipv4['interface'] }}
diff --git a/tests/test_example.py b/tests/test_example.py
deleted file mode 100644
index 0596b7d..0000000
--- a/tests/test_example.py
+++ /dev/null
@@ -1,6 +0,0 @@
-def test_example(Command):
- assert Command('uname').rc == 0
-
-
-def test_ansible(Ansible):
- assert Ansible('debug', 'msg={{ eleven }}')['msg'] == '11'
diff --git a/tests/test_nspawn.py b/tests/test_nspawn.py
new file mode 100644
index 0000000..8e9c7e2
--- /dev/null
+++ b/tests/test_nspawn.py
@@ -0,0 +1,4 @@
+def test_nspawn(Command, Service, Process):
+ assert Service('systemd-nspawn@jessie.service').is_running
+ assert Service('systemd-nspawn@jessie.service').is_enabled
+ assert 'jessie' in Command('machinectl list').stdout
--
GitLab