Test Driven Infrastructure with Docker, Test Kitchen and Serverspec
2 likes•778 views
The document outlines a framework for test-driven infrastructure using Docker, Test Kitchen, and Serverspec, emphasizing the importance of treating infrastructure code like regular code. It details the processes for creating virtual machines or containers, applying configuration management through Puppet, and verifying with Serverspec while highlighting the advantages of this test-first approach. The presentation concludes with a call to action for adopting a test-driven methodology for infrastructure setup and ongoing improvements in testing practices.
![Serverspec test suite
▸ http://serverspec.org/ - RSpec based framework
▸ http://serverspec.org/resource_types.html
▸ Independent of kitchen - can be used standalone
▸ We keep test suite together with puppet code under
spec directory to have ability to create consistent PRs
describe file('/var/log/httpd') do
it { should be_directory }
end
describe docker_image('busybox:latest') do
its(['Architecture']) { should eq 'amd64' }
end](https://image.slidesharecdn.com/dockermeetup-151101172213-lva1-app6891/85/Test-Driven-Infrastructure-with-Docker-Test-Kitchen-and-Serverspec-9-320.jpg)
Test Driven Infrastructure with Docker, Test Kitchen and Serverspec
- 1. Test Driven Infrastructure with Docker, Test Kitchen and Serverspec Yury Tsarev
- 2. Agenda ▸ Goal ▸ Test kitchen ▸ Docker driver ▸ kitchen-puppet provisioner ▸ Serverspec verifier ▸ Shellmocking ▸ Defining puppet type in kitchen ▸ Create test-driven infrastructure change ▸ Wrap-up
- 3. Goal ▸ Infrastructure code should be treated as any other code ▸ Apply TDD for puppet ▸ Grow regression test suite
- 4. Test kitchen ▸ http://kitchen.ci/ ▸ Test orchestrator ▸ Originated in Chef community ▸ Very pluggable on all levels ▸ "Your infrastructure deserves tests too." ▸ Book - Test-Driven Infrastructure with Chef
- 5. Test kitchen - high level process 1. Create VM/Container (docker driver) 2. Run configuration management code there (puppet provisioner) 3. Test with verifier (serverspec)
- 6. Main configuration file - .kitchen.yml ▸ Driver: what type of VM/containerization/cloud to use ▸ Provisioner: which configuration management tool to apply ▸ Verifier: test automation type to verify with ▸ Transport: mechanism to upload files into instance under test
- 7. Docker driver ▸ https://github.com/portertech/kitchen-docker ▸ kitchen driver to work with docker containers as machines under test driver: name: docker image: docker-registry.na.intgdc.com:80/gdc:R23 platform: rhel use_sudo: false provision_command: yum clean all && yum makecache
- 8. kitchen-puppet provisioner ▸ https://github.com/neillturner/kitchen-puppet ▸ Uploads puppet code into instance ▸ Runs puppet there (converge) ▸ Provides facts customization facility custom_facts: docker: 1 hostname: kitchen_test ec2data_branch: develop # pulp repo branch, critical for gitflow repo ec2data_gitbranch: develop # git branch ec2data_freeipa_otp: test ec2_public_ipv4: 127.0.0.1 ec2_local_ipv4: 127.0.0.1 has_mnt: 0
- 9. Serverspec test suite ▸ http://serverspec.org/ - RSpec based framework ▸ http://serverspec.org/resource_types.html ▸ Independent of kitchen - can be used standalone ▸ We keep test suite together with puppet code under spec directory to have ability to create consistent PRs describe file('/var/log/httpd') do it { should be_directory } end describe docker_image('busybox:latest') do its(['Architecture']) { should eq 'amd64' } end
- 10. Serverspec verifier: busser or shell ▸ Simple https://github.com/test-kitchen/busser-serverspec ▸ Advanced https://github.com/vincentbernat/serverspec-example
- 11. Serverspec verifier in GD ▸ Based on shell verifier and serverspec test suite ▸ Runs a serverspec test suite against the configured (converged) instance ▸ Reports in shell and junit - jenkins ready verifier: name: shell remote_exec: true command: | sudo -s <<SERVERSPEC export SERVERSPEC_ENV=$EC2DATA_ENVIRONMENT export SERVERSPEC_BACKEND=exec serverspec junit=true tag=~skip_in_kitchen check:role:$EC2DATA_TYPE SERVERSPEC
- 12. Transport ▸ https://github.com/coderanger/kitchen-sync ▸ Replaced default scp with sftp transport ▸ Reduced 1.5m to 5 sec for puppet and test suite upload!
- 13. Shellmocking ▸ To bypass external dependencies ▸ To bypass docker specific limitations ▸ Implementation located in puppet repo under spec/shellmock ▸ Simple ruby script ▸ Wraps yum invocation ▸ Mock is defined in simple yaml format: package: /path/to/executable: contents
- 14. Defining puppet type in kitchen ▸ Declare in platforms section of .kitchen.yml platforms: - name: zuul provisioner: custom_facts: ec2data_type: zuul ▸ kitchen converge ▸ pray ▸ shellmock ▸ repeat
- 15. Create test-driven infrastructure change ▸ Write serverspec expectation for new code ▸ kitchen verify <type> ▸ Observe related test is red ▸ Write puppet code ▸ kitchen converge <type> ▸ kitchen verify <type> ▸ Observe related test is green ▸ Commit the changes and create PR to puppet repo ▸ DEMO
- 16. Wrap-up: Benefits ▸ Scratch environment ▸ Test in isolation ▸ Easy to test permutations ▸ Resource efficiency ▸ Test-first/test-driven approach for infrastructure code ▸ Fast feedback - even before a commit ▸ Naturally growing regression test suite
- 17. Wrap-up: OSS side of things ▸ Multiple open source projects combined ▸ We contributed a lot into related kitchen projects and serverspec ▸ Nominated as kitchen-puppet core contributor
- 18. Wrap-up: What is next ? ▸ Define all types in kitchen ▸ with every next adopted type it will be easier ▸ Create smart way to test only related types for code change, a.k.a puppet dependency tracking
- 19. Wrap-up: A note on agnostic approach ▸ As the kitchen driver is agnostic to virtualization solution/cloud ▸ As the kitchen provisioner is agnostic to configuration management solution ▸ As the serverspec is agnostic to way to configure servers at all ▸ We are capable to make brave movements in future!
- 20. Wrap-up: Try it! ▸ http://kitchen.ci/ ▸ https://github.com/portertech/kitchen-docker ▸ https://github.com/neillturner/kitchen-puppet ▸ http://serverspec.org/