{ pkgs, serverPkg, clientPkg }: { name = "lightscale-lab-dns"; nodes = { node1 = { ... }: { networking.hostName = "node1"; networking.usePredictableInterfaceNames = false; virtualisation.vlans = [ 1 ]; networking.interfaces.eth1.useDHCP = false; networking.interfaces.eth1.ipv4.addresses = [ { address = "10.0.0.1"; prefixLength = 24; } ]; networking.firewall.enable = false; services.resolved.enable = true; boot.kernelModules = [ "wireguard" ]; environment.systemPackages = [ serverPkg clientPkg pkgs.wireguard-tools pkgs.iproute2 pkgs.iputils pkgs.curl pkgs.dnsutils ]; }; node2 = { ... }: { networking.hostName = "node2"; networking.usePredictableInterfaceNames = false; virtualisation.vlans = [ 1 ]; networking.interfaces.eth1.useDHCP = false; networking.interfaces.eth1.ipv4.addresses = [ { address = "10.0.0.2"; prefixLength = 24; } ]; networking.firewall.enable = false; services.resolved.enable = true; boot.kernelModules = [ "wireguard" ]; environment.systemPackages = [ clientPkg pkgs.wireguard-tools pkgs.iproute2 pkgs.iputils pkgs.curl pkgs.dnsutils ]; }; }; testScript = '' start_all() node1.wait_for_unit("multi-user.target") node2.wait_for_unit("multi-user.target") node1.wait_until_succeeds("ip -4 addr show dev eth1 | grep -q '10.0.0.1/24'") node2.wait_until_succeeds("ip -4 addr show dev eth1 | grep -q '10.0.0.2/24'") node1.succeed("touch /tmp/lightscale-server.log") node1.execute("sh -c 'tail -n +1 -f /tmp/lightscale-server.log >/dev/console 2>&1 &'") node1.succeed( "systemd-run --no-block --unit=lightscale-server --service-type=simple " "--property=Restart=on-failure --property=RestartSec=1 " "--property=TimeoutStartSec=30 " "--property=StandardOutput=append:/tmp/lightscale-server.log " "--property=StandardError=append:/tmp/lightscale-server.log " "--setenv=RUST_LOG=info -- " "lightscale-server --listen 10.0.0.1:8080 --state /tmp/lightscale-state.json" ) node1.wait_for_unit("lightscale-server.service") node1.wait_for_open_port(8080, addr="10.0.0.1", timeout=120) import json net = json.loads(node1.succeed( "curl -sSf -X POST http://10.0.0.1:8080/v1/networks " "-H 'content-type: application/json' " "-d '{\"name\":\"dns\",\"bootstrap_token_ttl_seconds\":600," \ "\"bootstrap_token_uses\":10,\"bootstrap_token_tags\":[\"dns\"]}'" )) token = net["bootstrap_token"]["token"] def enroll(node, name, ip): node.succeed( "lightscale-client --profile dns --config /tmp/ls-config.json " "init http://10.0.0.1:8080" ) node.succeed( f"lightscale-client --profile dns --config /tmp/ls-config.json " f"--state-dir /tmp/ls-state register --node-name {name} -- {token}" ) node.succeed( f"lightscale-client --profile dns --config /tmp/ls-config.json " f"--state-dir /tmp/ls-state heartbeat --endpoint {ip}:51820" ) enroll(node1, "node1", "10.0.0.1") enroll(node2, "node2", "10.0.0.2") node1.succeed( "lightscale-client --profile dns --config /tmp/ls-config.json " "--state-dir /tmp/ls-state netmap | grep -q 'peers: 1'" ) node1.succeed( "lightscale-client --profile dns --config /tmp/ls-config.json " "--state-dir /tmp/ls-state dns --format hosts --output /tmp/hosts.out" ) node1.succeed( "lightscale-client --profile dns --config /tmp/ls-config.json " "--state-dir /tmp/ls-state dns --format json --output /tmp/dns.json" ) node1.succeed( "lightscale-client --profile dns --config /tmp/ls-config.json " "--state-dir /tmp/ls-state dns --format hosts " "--apply-hosts --hosts-path /tmp/hosts.apply" ) state = json.loads(node1.succeed("cat /tmp/ls-state/state.json")) netmap = state["last_netmap"] node_name = netmap["node"]["dns_name"] peer_name = netmap["peers"][0]["dns_name"] dns_domain = netmap["network"]["dns_domain"] peer_ipv4 = netmap["peers"][0]["ipv4"] peer_ipv6 = netmap["peers"][0]["ipv6"] hosts_out = node1.succeed("cat /tmp/hosts.out") assert node_name in hosts_out assert peer_name in hosts_out assert state["ipv4"] in hosts_out assert state["ipv6"] in hosts_out dns_json = json.loads(node1.succeed("cat /tmp/dns.json")) assert dns_json["network"]["dns_domain"] == dns_domain record_names = [record["name"] for record in dns_json["records"]] assert node_name in record_names assert peer_name in record_names hosts_apply = node1.succeed("cat /tmp/hosts.apply") assert "# lightscale:dns begin" in hosts_apply assert "# lightscale:dns end" in hosts_apply assert node_name in hosts_apply assert peer_name in hosts_apply def start_agent(node, endpoint): node.succeed("touch /tmp/lightscale-agent.log") cmd = ( "lightscale-client --profile dns --config /tmp/ls-config.json " "--state-dir /tmp/ls-state agent --listen-port 51820 " "--heartbeat-interval 5 --longpoll-timeout 5 " f"--endpoint {endpoint}" ) node.succeed( "systemd-run --no-block --unit=lightscale-agent --service-type=simple " "--property=Restart=on-failure --property=RestartSec=1 " "--property=TimeoutStartSec=30 " "--property=StandardOutput=append:/tmp/lightscale-agent.log " "--property=StandardError=append:/tmp/lightscale-agent.log -- " + cmd ) node.wait_for_unit("lightscale-agent.service") node.wait_until_succeeds("ip link show ls-dns", timeout=60) start_agent(node1, "10.0.0.1:51820") start_agent(node2, "10.0.0.2:51820") node1.succeed("touch /tmp/lightscale-dns.log") node1.succeed( "systemd-run --no-block --unit=lightscale-dns --service-type=simple " "--property=Restart=on-failure --property=RestartSec=1 " "--property=TimeoutStartSec=30 " "--property=StandardOutput=append:/tmp/lightscale-dns.log " "--property=StandardError=append:/tmp/lightscale-dns.log -- " "lightscale-client --profile dns --config /tmp/ls-config.json " "--state-dir /tmp/ls-state dns-serve --listen 127.0.0.1:53 " "--apply-resolver --interface ls-dns" ) node1.wait_until_succeeds("resolvectl dns ls-dns | grep -q '127.0.0.1'", timeout=60) node1.wait_until_succeeds( f"resolvectl domain ls-dns | grep -q '~{dns_domain}'", timeout=60, ) node1.wait_until_succeeds( f"dig +short @127.0.0.1 {peer_name} | grep -q '{peer_ipv4}'", timeout=60, ) node1.wait_until_succeeds( f"dig +short -t AAAA @127.0.0.1 {peer_name} | grep -qi '{peer_ipv6}'", timeout=60, ) ''; }