nixos/graylog: add test

Basic test which confirms new inputs can be created and that messages can be sent to a UDP-GELF input using `netcat`. This test requires 4GB of RAM to avoid issues due insufficient memory (please refer to `nixos/tests/elk.nix` for a detailed explanation of the issue) for elasticsearch. Also it's ensured that elasticsearch has an open HTTP port for communication when starting `graylog`. This is a workaround to ensure that all services are started in proper order, even in test environments with less power. However this shouldn't be implemented in the `nixos/graylog` module as this might be harmful when using elasticsearch clusters that require e.g. authentication and/or run on different servers.
5 years ago · 16d0b8dcbd
parent 60ed1f425b
commit 16d0b8dcbd
2 changed files with 112 additions and 0 deletions
--- a/nixos/tests/all-tests.nix
+++ b/nixos/tests/all-tests.nix
@ -99,6 +99,7 @@ in
  graphene = handleTest ./graphene.nix {};
  grafana = handleTest ./grafana.nix {};
  graphite = handleTest ./graphite.nix {};
+  graylog = handleTest ./graylog.nix {};
  hadoop.hdfs = handleTestOn [ "x86_64-linux" ] ./hadoop/hdfs.nix {};
  hadoop.yarn = handleTestOn [ "x86_64-linux" ] ./hadoop/yarn.nix {};
  handbrake = handleTestOn ["x86_64-linux"] ./handbrake.nix {};
--- a/nixos/tests/graylog.nix
+++ b/nixos/tests/graylog.nix
@ -0,0 +1,111 @@
+import ./make-test.nix ({ pkgs, lib, ... }: {
+  name = "graylog";
+  meta.maintainers = with lib.maintainers; [ ma27 ];
+
+  machine = { pkgs, ... }: {
+    virtualisation.memorySize = 4096;
+    virtualisation.diskSize = 4096;
+
+    services.mongodb.enable = true;
+    services.elasticsearch.enable = true;
+    services.elasticsearch.package = pkgs.elasticsearch-oss;
+    services.elasticsearch.extraConf = ''
+      network.publish_host: 127.0.0.1
+      network.bind_host: 127.0.0.1
+    '';
+
+    services.graylog = {
+      enable = true;
+      passwordSecret = "YGhZ59wXMrYOojx5xdgEpBpDw2N6FbhM4lTtaJ1KPxxmKrUvSlDbtWArwAWMQ5LKx1ojHEVrQrBMVRdXbRyZLqffoUzHfssc";
+      elasticsearchHosts = [ "http://localhost:9200" ];
+
+      # `echo -n "nixos" | shasum -a 256`
+      rootPasswordSha2 = "6ed332bcfa615381511d4d5ba44a293bb476f368f7e9e304f0dff50230d1a85b";
+    };
+
+    environment.systemPackages = [ pkgs.jq ];
+
+    systemd.services.graylog.path = [ pkgs.netcat ];
+    systemd.services.graylog.preStart = ''
+      until nc -z localhost 9200; do
+        sleep 2
+      done
+    '';
+  };
+
+  testScript = let
+    payloads.login = pkgs.writeText "login.json" (builtins.toJSON {
+      host = "127.0.0.1:9000";
+      username = "admin";
+      password = "nixos";
+    });
+
+    payloads.input = pkgs.writeText "input.json" (builtins.toJSON {
+      title = "Demo";
+      global = false;
+      type = "org.graylog2.inputs.gelf.udp.GELFUDPInput";
+      node = "@node@";
+      configuration = {
+        bind_address = "0.0.0.0";
+        decompress_size_limit = 8388608;
+        number_worker_threads = 1;
+        override_source = null;
+        port = 12201;
+        recv_buffer_size = 262144;
+      };
+    });
+
+    payloads.gelf_message = pkgs.writeText "gelf.json" (builtins.toJSON {
+      host = "example.org";
+      short_message = "A short message";
+      full_message = "A long message";
+      version = "1.1";
+      level = 5;
+      facility = "Test";
+    });
+  in ''
+    $machine->start;
+    $machine->waitForUnit("graylog.service");
+    $machine->waitForOpenPort(9000);
+    $machine->succeed("curl -sSfL http://127.0.0.1:9000/");
+
+    my $session = $machine->succeed("curl -X POST "
+                                  . "-sSfL http://127.0.0.1:9000/api/system/sessions "
+                                  . "-d \$(cat ${payloads.login}) "
+                                  . "-H 'Content-Type: application/json' "
+                                  . "-H 'Accept: application/json' "
+                                  . "-H 'x-requested-by: cli' "
+                                  . "| jq .session_id | xargs echo"
+                                  );
+
+    chomp($session);
+
+    $machine->succeed("curl -X POST "
+                    . "-sSfL http://127.0.0.1:9000/api/system/inputs -u $session:session "
+                    . "-d \$(cat ${payloads.input} | sed -e \"s,\@node\@,\$(cat /var/lib/graylog/server/node-id),\") "
+                    . "-H 'Accept: application/json' "
+                    . "-H 'Content-Type: application/json' "
+                    . "-H 'x-requested-by: cli' "
+                    );
+
+    $machine->waitUntilSucceeds("test \"\$(curl -sSfL 'http://127.0.0.1:9000/api/cluster/inputstates' "
+                              . "-u $session:session "
+                              . "-H 'Accept: application/json' "
+                              . "-H 'Content-Type: application/json' "
+                              . "-H 'x-requested-by: cli'"
+                              . "| jq 'to_entries[]|.value|.[0]|.state' | xargs echo"
+                              . ")\" = \"RUNNING\""
+                              );
+
+    $machine->succeed("echo -n \$(cat ${payloads.gelf_message}) | nc -w10 -u 127.0.0.1 12201");
+
+    $machine->succeed("test \"\$(curl -X GET "
+                    . "-sSfL 'http://127.0.0.1:9000/api/search/universal/relative?query=*' "
+                    . "-u $session:session "
+                    . "-H 'Accept: application/json' "
+                    . "-H 'Content-Type: application/json' "
+                    . "-H 'x-requested-by: cli'"
+                    . " | jq '.total_results' | xargs echo)\" = \"1\""
+                    );
+  '';
+})