SlideShare a Scribd company logo

Infrastructure testing with Molecule and TestInfra

Download as PPTX, PDF
T
Tomislav Plavcic

This document discusses infrastructure as code testing using Molecule and TestInfra. It provides an overview of infrastructure as code, benefits of testing IaC, and introduces the Molecule and TestInfra tools. Molecule is used for testing Ansible roles and supports multiple operating systems, distributions, and providers. TestInfra allows writing unit tests in Python to test the configuration of servers managed by tools like Ansible. Examples are provided of using Molecule to create and test roles and using TestInfra modules to write tests.

Technology
1 of 29
Infrastructure and Linux package testing with Molecule/TestInfra Tomislav Plavčić Percona
Topics • Infrastructure as Code • Testing IaC / Frameworks • Molecule • TestInfra • Examples / Demo
Infrastructure as Code IaC
Infrastructure as code benefits Infrastructure as Code (IaC) is a method to provision and manage IT infrastructure through the use of source code, rather than through standard operating procedures and manual processes. You’re basically treating your servers, databases, networks, and other infrastructure like software. Benefits: • Speed and simplicity • Configuration consistency • Minimization of risk • Cost savings • Increased efficiency in software development
Infrastructure as code tools Open source tools: • Chef • Puppet • Ansible (RedHat) • Terraform (HashiCorp, multi-cloud) Cloud specific tools: • CloudFormation (AWS) • Google Cloud Deployment Manager • Azure Resource Manager
Differences • Configuration Management vs Provisioning • Procedural vs Declarative • Master vs Masterless • Agent vs Agentless (Pull vs Push)
• Maintained by RedHat. • Playbooks written in YAML files. • Configuration management • Procedural/Declarative (Hybrid) • Masterless • Agentless (Push) Ansible
Infrastructure as code testing
• It changes • It is code • Make changes with more confidence • Faster troubleshooting • Continuous compliance and security standards Why test infrastructure as code?
Ansible / Molecule / TestInfra stack • Molecule (python) - Tool for testing Ansible roles. By default uses Ansible asserts for verification, but TestInfra is optional. • TestInfra (python) - Unit tests in Python to test actual state of your servers configured by management tools. Chef / TestKitchen / InSpec stack • Test Kitchen (ruby) - Test Kitchen is an integration tool for developing and testing infrastructure code and software on isolated target platforms. • InSpec (ruby) - Chef InSpec is a free and open-source framework for testing and auditing your applications and infrastructure. • ServerSpec (ruby) - ServerSpec is an extension the ruby RSpec framework. Frameworks
• Goss (go) - YAML based serverspec alternative tool for validating a server’s configuration. - Allows the user to generate tests from the current system state. • Container Structure Tests (go) - github: GoogleContainerTools/container-structure-test - Can be used to check the output of commands in an image, as well as verify metadata and content of the filesystem. - Tests can be run either through a standalone binary, or through a Docker image. Frameworks
We provide MySQL, MongoDB, PostgreSQL and some other tools to the users in form of: • Debian/Ubuntu packages (apt repo) • RedHat/CentOS packages (yum repo) • Docker images (dockerhub repo) • binary tarballs Testing packages before they become part of user infrastructure including some smoke tests for features. Checking test environments and setup. Our use case
Molecule
• https://github.com/ansible-community/molecule • Designed to aid in the development and testing of Ansible roles. • Uses Ansible to manage instances to operate on and supports any provider Ansible supports. • Maintained by Ansible community. Testing with multiple: • instances • operating systems and distributions • virtualization providers • test frameworks • testing scenarios Molecule
Pip is the only supported installation method. apt install python python-pip python -m venv ~/python-venv/python-molecule source ~/python-venv/python-molecule/bin/activate pip install molecule 'molecule[docker]' Install
source: https://blog.codecentric.de/en/2018/12/test-driven-infrastructure-ansible-molecule/ Workflow
• DigitalOcean • Docker • EC2 • GCE • Hetzner Cloud • Linode Drivers supported • LXC • LXD • Openstack • Podman • Vagrant • Azure
Project structure
Main config file which defines: • dependency manager (default: galaxy) • driver provider (default: docker) • lint command • platforms definition • provisioner (ansible only) • scenario definition • verifier framework (from v3 default is: Ansible) molecule.yml
molecule.yml example dependency: name: galaxy driver: name: vagrant provider: name: virtualbox lint: name: yamllint platforms: - name: new-project-server box: ubuntu/bionic64 instance_raw_config_args: - "vm.network 'forwarded_port', guest: 80, host: 8088" provisioner: name: ansible lint: name: ansible-lint verifier: name: testinfra lint: name: flake8 test_sequence: - lint - destroy - dependency - create - prepare - converge - verify - cleanup - destroy
# create new role molecule init role my-new-role1 --verifier-name testinfra --driver-name docker # create instances molecule create # list created instances molecule list # run ansible playbook molecule converge # run verifier assertions molecule verify # destroy created instances molecule destroy # run the whole create/converge/verify/destroy workflow molecule test Basic commands
TestInfra
Write unit tests in Python to test actual state of your servers configured by management tools like Salt, Ansible, Puppet, Chef... Testinfra aims to be a Serverspec equivalent in python and is written as a plugin to the powerful Pytest test engine. Has "--junit-xml" parameter for exporting and loading test results into jenkins. Installation: pip install pytest-testinfra Testinfra overview
Modules Testinfra modules are provided through the host fixture, declare it as arguments of your test function to make it available within it. Example modules: • file • group • package • environment • process • service • user • socket • docker
def test_passwd_file(host): passwd = host.file("/etc/passwd") assert passwd.contains("root") assert passwd.user == "root" assert passwd.group == "root" assert passwd.mode == 0o644 def test_nginx_is_installed(host): nginx = host.package("nginx") assert nginx.is_installed assert nginx.version.startswith("1.2") def test_nginx_running_and_enabled(host): nginx = host.service("nginx") assert nginx.is_running assert nginx.is_enabled Test examples
Connection backends • local (default when no hosts provided, commands are run locally in a subprocess under the current user) • paramiko (python implementation of ssh protocol) • docker • podman • ssh • salt • ansible • kubectl • openshift • winrm • lxc/lxd
Examples / Demo
About me • Tomislav Plavčić • QA Engineer at Percona • @tplavcic • tomislav.plavcic@percona.com 28
Thank You!

Recommended

DevOps with Kubernetes
DevOps with KubernetesDevOps with Kubernetes
DevOps with KubernetesEastBanc Tachnologies
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentationJohn Lynch
 
How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...Yevgeniy Brikman
 
K8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingK8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingPiotr Perzyna
 
Ansible
AnsibleAnsible
AnsibleRahul Bajaj
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentationSuresh Kumar
 
Ansible
AnsibleAnsible
AnsibleVishal Yadav
 
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...Simplilearn
 

Recommended

DevOps with Kubernetes
DevOps with KubernetesDevOps with Kubernetes
DevOps with KubernetesEastBanc Tachnologies
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentationJohn Lynch
 
How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...Yevgeniy Brikman
 
K8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingK8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingPiotr Perzyna
 
Ansible
AnsibleAnsible
AnsibleRahul Bajaj
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentationSuresh Kumar
 
Ansible
AnsibleAnsible
AnsibleVishal Yadav
 
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...Simplilearn
 
Gitlab ci-cd
Gitlab ci-cdGitlab ci-cd
Gitlab ci-cdDan MAGIER
 
Kubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionKubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionStefan Schimanski
 
DevOps with Ansible
DevOps with AnsibleDevOps with Ansible
DevOps with AnsibleSwapnil Jain
 
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Henning Jacobs
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentationKumar Y
 
Unix shell scripting basics
Unix shell scripting basicsUnix shell scripting basics
Unix shell scripting basicsManav Prasad
 
ansible why ?
ansible why ?ansible why ?
ansible why ?Yashar Esmaildokht
 
Terraform modules restructured
Terraform modules restructuredTerraform modules restructured
Terraform modules restructuredAmi Mahloof
 
Ansible - Hands on Training
Ansible - Hands on TrainingAnsible - Hands on Training
Ansible - Hands on TrainingMehmet Ali Aydın
 
Spring Boot
Spring BootSpring Boot
Spring BootJiayun Zhou
 
[오픈소스컨설팅] 스카우터 사용자 가이드 2020
[오픈소스컨설팅] 스카우터 사용자 가이드 2020[오픈소스컨설팅] 스카우터 사용자 가이드 2020
[오픈소스컨설팅] 스카우터 사용자 가이드 2020Ji-Woong Choi
 
(발표자료) CentOS EOL에 따른 대응 OS 검토 및 적용 방안.pdf
(발표자료) CentOS EOL에 따른 대응 OS 검토 및 적용 방안.pdf(발표자료) CentOS EOL에 따른 대응 OS 검토 및 적용 방안.pdf
(발표자료) CentOS EOL에 따른 대응 OS 검토 및 적용 방안.pdfssuserf8b8bd1
 
Automation with ansible
Automation with ansibleAutomation with ansible
Automation with ansibleKhizer Naeem
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes BasicsAntonin Stoklasek
 
Introduction to Ansible
Introduction to AnsibleIntroduction to Ansible
Introduction to AnsibleCoreStack
 
IT Automation with Ansible
IT Automation with AnsibleIT Automation with Ansible
IT Automation with AnsibleRayed Alrashed
 
RESTful API 설계
RESTful API 설계RESTful API 설계
RESTful API 설계Jinho Yoo
 
Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker, Inc.
 
Docker architecture-04-1
Docker architecture-04-1Docker architecture-04-1
Docker architecture-04-1Mohammadreza Amini
 
EKS에서 Opentelemetry로 코드실행 모니터링하기 - 신재현 (인덴트코퍼레이션) :: AWS Community Day Online...
EKS에서 Opentelemetry로 코드실행 모니터링하기 - 신재현 (인덴트코퍼레이션) :: AWS Community Day Online...EKS에서 Opentelemetry로 코드실행 모니터링하기 - 신재현 (인덴트코퍼레이션) :: AWS Community Day Online...
EKS에서 Opentelemetry로 코드실행 모니터링하기 - 신재현 (인덴트코퍼레이션) :: AWS Community Day Online...AWSKRUG - AWS한국사용자모임
 
Automated Testing with Docker on Steroids - nlOUG TechExperience 2018 (Amersf...
Automated Testing with Docker on Steroids - nlOUG TechExperience 2018 (Amersf...Automated Testing with Docker on Steroids - nlOUG TechExperience 2018 (Amersf...
Automated Testing with Docker on Steroids - nlOUG TechExperience 2018 (Amersf...Lucas Jellema
 
Docker and kubernetes
Docker and kubernetesDocker and kubernetes
Docker and kubernetesDongwon Kim
 

More Related Content

What's hot

Kubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionKubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionStefan Schimanski
 
DevOps with Ansible
DevOps with AnsibleDevOps with Ansible
DevOps with AnsibleSwapnil Jain
 
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Henning Jacobs
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentationKumar Y
 
Unix shell scripting basics
Unix shell scripting basicsUnix shell scripting basics
Unix shell scripting basicsManav Prasad
 
Terraform modules restructured
Terraform modules restructuredTerraform modules restructured
Terraform modules restructuredAmi Mahloof
 
[오픈소스컨설팅] 스카우터 사용자 가이드 2020
[오픈소스컨설팅] 스카우터 사용자 가이드 2020[오픈소스컨설팅] 스카우터 사용자 가이드 2020
[오픈소스컨설팅] 스카우터 사용자 가이드 2020Ji-Woong Choi
 
(발표자료) CentOS EOL에 따른 대응 OS 검토 및 적용 방안.pdf
(발표자료) CentOS EOL에 따른 대응 OS 검토 및 적용 방안.pdf(발표자료) CentOS EOL에 따른 대응 OS 검토 및 적용 방안.pdf
(발표자료) CentOS EOL에 따른 대응 OS 검토 및 적용 방안.pdfssuserf8b8bd1
 
Automation with ansible
Automation with ansibleAutomation with ansible
Automation with ansibleKhizer Naeem
 
Introduction to Ansible
Introduction to AnsibleIntroduction to Ansible
Introduction to AnsibleCoreStack
 
IT Automation with Ansible
IT Automation with AnsibleIT Automation with Ansible
IT Automation with AnsibleRayed Alrashed
 
RESTful API 설계
RESTful API 설계RESTful API 설계
RESTful API 설계Jinho Yoo
 
Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker, Inc.
 
EKS에서 Opentelemetry로 코드실행 모니터링하기 - 신재현 (인덴트코퍼레이션) :: AWS Community Day Online...
EKS에서 Opentelemetry로 코드실행 모니터링하기 - 신재현 (인덴트코퍼레이션) :: AWS Community Day Online...EKS에서 Opentelemetry로 코드실행 모니터링하기 - 신재현 (인덴트코퍼레이션) :: AWS Community Day Online...
EKS에서 Opentelemetry로 코드실행 모니터링하기 - 신재현 (인덴트코퍼레이션) :: AWS Community Day Online...AWSKRUG - AWS한국사용자모임
 

What's hot (20)

Gitlab ci-cd
Gitlab ci-cdGitlab ci-cd
Gitlab ci-cd
 
Kubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionKubernetes Architecture and Introduction
Kubernetes Architecture and Introduction
 
DevOps with Ansible
DevOps with AnsibleDevOps with Ansible
DevOps with Ansible
 
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
 
Unix shell scripting basics
Unix shell scripting basicsUnix shell scripting basics
Unix shell scripting basics
 
ansible why ?
ansible why ?ansible why ?
ansible why ?
 
Terraform modules restructured
Terraform modules restructuredTerraform modules restructured
Terraform modules restructured
 
Ansible - Hands on Training
Ansible - Hands on TrainingAnsible - Hands on Training
Ansible - Hands on Training
 
Spring Boot
Spring BootSpring Boot
Spring Boot
 
[오픈소스컨설팅] 스카우터 사용자 가이드 2020
[오픈소스컨설팅] 스카우터 사용자 가이드 2020[오픈소스컨설팅] 스카우터 사용자 가이드 2020
[오픈소스컨설팅] 스카우터 사용자 가이드 2020
 
(발표자료) CentOS EOL에 따른 대응 OS 검토 및 적용 방안.pdf
(발표자료) CentOS EOL에 따른 대응 OS 검토 및 적용 방안.pdf(발표자료) CentOS EOL에 따른 대응 OS 검토 및 적용 방안.pdf
(발표자료) CentOS EOL에 따른 대응 OS 검토 및 적용 방안.pdf
 
Automation with ansible
Automation with ansibleAutomation with ansible
Automation with ansible
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
 
Introduction to Ansible
Introduction to AnsibleIntroduction to Ansible
Introduction to Ansible
 
IT Automation with Ansible
IT Automation with AnsibleIT Automation with Ansible
IT Automation with Ansible
 
RESTful API 설계
RESTful API 설계RESTful API 설계
RESTful API 설계
 
Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker 101 - Nov 2016
Docker 101 - Nov 2016
 
Docker architecture-04-1
Docker architecture-04-1Docker architecture-04-1
Docker architecture-04-1
 
EKS에서 Opentelemetry로 코드실행 모니터링하기 - 신재현 (인덴트코퍼레이션) :: AWS Community Day Online...
EKS에서 Opentelemetry로 코드실행 모니터링하기 - 신재현 (인덴트코퍼레이션) :: AWS Community Day Online...EKS에서 Opentelemetry로 코드실행 모니터링하기 - 신재현 (인덴트코퍼레이션) :: AWS Community Day Online...
EKS에서 Opentelemetry로 코드실행 모니터링하기 - 신재현 (인덴트코퍼레이션) :: AWS Community Day Online...
 

Similar to Infrastructure testing with Molecule and TestInfra

Automated Testing with Docker on Steroids - nlOUG TechExperience 2018 (Amersf...
Automated Testing with Docker on Steroids - nlOUG TechExperience 2018 (Amersf...Automated Testing with Docker on Steroids - nlOUG TechExperience 2018 (Amersf...
Automated Testing with Docker on Steroids - nlOUG TechExperience 2018 (Amersf...Lucas Jellema
 
Docker and kubernetes
Docker and kubernetesDocker and kubernetes
Docker and kubernetesDongwon Kim
 
Distributed Tests on Pulsar with Fallout - Pulsar Summit NA 2021
Distributed Tests on Pulsar with Fallout - Pulsar Summit NA 2021Distributed Tests on Pulsar with Fallout - Pulsar Summit NA 2021
Distributed Tests on Pulsar with Fallout - Pulsar Summit NA 2021StreamNative
 
What's new in Docker - InfraKit - Docker Meetup Berlin 2016
What's new in Docker - InfraKit - Docker Meetup Berlin 2016What's new in Docker - InfraKit - Docker Meetup Berlin 2016
What's new in Docker - InfraKit - Docker Meetup Berlin 2016Patrick Chanezon
 
Automated Deployment and Configuration Engines. Ansible
Automated Deployment and Configuration Engines. AnsibleAutomated Deployment and Configuration Engines. Ansible
Automated Deployment and Configuration Engines. AnsibleAlberto Molina Coballes
 
ONOS System Test - ONS2016
ONOS System Test - ONS2016ONOS System Test - ONS2016
ONOS System Test - ONS2016Suibin Zhang
 
BSidesDFW2022-PurpleTeam_Cloud_Identity.pptx
BSidesDFW2022-PurpleTeam_Cloud_Identity.pptxBSidesDFW2022-PurpleTeam_Cloud_Identity.pptx
BSidesDFW2022-PurpleTeam_Cloud_Identity.pptxJasonOstrom1
 
Best Practices for Running Kafka on Docker Containers
Best Practices for Running Kafka on Docker ContainersBest Practices for Running Kafka on Docker Containers
Best Practices for Running Kafka on Docker ContainersBlueData, Inc.
 
Our Puppet Story (GUUG FFG 2015)
Our Puppet Story (GUUG FFG 2015)Our Puppet Story (GUUG FFG 2015)
Our Puppet Story (GUUG FFG 2015)DECK36
 
What I Learned From Writing a Test Framework (And Why I May Never Write One A...
What I Learned From Writing a Test Framework (And Why I May Never Write One A...What I Learned From Writing a Test Framework (And Why I May Never Write One A...
What I Learned From Writing a Test Framework (And Why I May Never Write One A...Daryl Walleck
 
The Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldThe Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldDevOps.com
 
Jakarta EE Test Strategies (2022)
Jakarta EE Test Strategies (2022)Jakarta EE Test Strategies (2022)
Jakarta EE Test Strategies (2022)Ryan Cuprak
 
Get you Java application ready for Kubernetes !
Get you Java application ready for Kubernetes !Get you Java application ready for Kubernetes !
Get you Java application ready for Kubernetes !Anthony Dahanne
 
SCALE12X: Chef for OpenStack
SCALE12X: Chef for OpenStackSCALE12X: Chef for OpenStack
SCALE12X: Chef for OpenStackMatt Ray
 
Linux containers and docker
Linux containers and dockerLinux containers and docker
Linux containers and dockerFabio Fumarola
 
Go Faster with Ansible (PHP meetup)
Go Faster with Ansible (PHP meetup)Go Faster with Ansible (PHP meetup)
Go Faster with Ansible (PHP meetup)Richard Donkin
 

Similar to Infrastructure testing with Molecule and TestInfra (20)

Automated Testing with Docker on Steroids - nlOUG TechExperience 2018 (Amersf...
Automated Testing with Docker on Steroids - nlOUG TechExperience 2018 (Amersf...Automated Testing with Docker on Steroids - nlOUG TechExperience 2018 (Amersf...
Automated Testing with Docker on Steroids - nlOUG TechExperience 2018 (Amersf...
 
Docker and kubernetes
Docker and kubernetesDocker and kubernetes
Docker and kubernetes
 
Power of Azure Devops
Power of Azure DevopsPower of Azure Devops
Power of Azure Devops
 
Distributed Tests on Pulsar with Fallout - Pulsar Summit NA 2021
Distributed Tests on Pulsar with Fallout - Pulsar Summit NA 2021Distributed Tests on Pulsar with Fallout - Pulsar Summit NA 2021
Distributed Tests on Pulsar with Fallout - Pulsar Summit NA 2021
 
What's new in Docker - InfraKit - Docker Meetup Berlin 2016
What's new in Docker - InfraKit - Docker Meetup Berlin 2016What's new in Docker - InfraKit - Docker Meetup Berlin 2016
What's new in Docker - InfraKit - Docker Meetup Berlin 2016
 
Automated Deployment and Configuration Engines. Ansible
Automated Deployment and Configuration Engines. AnsibleAutomated Deployment and Configuration Engines. Ansible
Automated Deployment and Configuration Engines. Ansible
 
ONOS System Test - ONS2016
ONOS System Test - ONS2016ONOS System Test - ONS2016
ONOS System Test - ONS2016
 
BSidesDFW2022-PurpleTeam_Cloud_Identity.pptx
BSidesDFW2022-PurpleTeam_Cloud_Identity.pptxBSidesDFW2022-PurpleTeam_Cloud_Identity.pptx
BSidesDFW2022-PurpleTeam_Cloud_Identity.pptx
 
Best Practices for Running Kafka on Docker Containers
Best Practices for Running Kafka on Docker ContainersBest Practices for Running Kafka on Docker Containers
Best Practices for Running Kafka on Docker Containers
 
Our Puppet Story (GUUG FFG 2015)
Our Puppet Story (GUUG FFG 2015)Our Puppet Story (GUUG FFG 2015)
Our Puppet Story (GUUG FFG 2015)
 
Kubernetes @ meetic
Kubernetes @ meeticKubernetes @ meetic
Kubernetes @ meetic
 
Gradle
GradleGradle
Gradle
 
What I Learned From Writing a Test Framework (And Why I May Never Write One A...
What I Learned From Writing a Test Framework (And Why I May Never Write One A...What I Learned From Writing a Test Framework (And Why I May Never Write One A...
What I Learned From Writing a Test Framework (And Why I May Never Write One A...
 
Devops
DevopsDevops
Devops
 
The Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldThe Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote World
 
Jakarta EE Test Strategies (2022)
Jakarta EE Test Strategies (2022)Jakarta EE Test Strategies (2022)
Jakarta EE Test Strategies (2022)
 
Get you Java application ready for Kubernetes !
Get you Java application ready for Kubernetes !Get you Java application ready for Kubernetes !
Get you Java application ready for Kubernetes !
 
SCALE12X: Chef for OpenStack
SCALE12X: Chef for OpenStackSCALE12X: Chef for OpenStack
SCALE12X: Chef for OpenStack
 
Linux containers and docker
Linux containers and dockerLinux containers and docker
Linux containers and docker
 
Go Faster with Ansible (PHP meetup)
Go Faster with Ansible (PHP meetup)Go Faster with Ansible (PHP meetup)
Go Faster with Ansible (PHP meetup)
 

Recently uploaded

costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 

Recently uploaded (20)

costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 

Infrastructure testing with Molecule and TestInfra

  • 1. Infrastructure and Linux package testing with Molecule/TestInfra Tomislav Plavčić Percona
  • 2. Topics • Infrastructure as Code • Testing IaC / Frameworks • Molecule • TestInfra • Examples / Demo
  • 4. Infrastructure as code benefits Infrastructure as Code (IaC) is a method to provision and manage IT infrastructure through the use of source code, rather than through standard operating procedures and manual processes. You’re basically treating your servers, databases, networks, and other infrastructure like software. Benefits: • Speed and simplicity • Configuration consistency • Minimization of risk • Cost savings • Increased efficiency in software development
  • 5. Infrastructure as code tools Open source tools: • Chef • Puppet • Ansible (RedHat) • Terraform (HashiCorp, multi-cloud) Cloud specific tools: • CloudFormation (AWS) • Google Cloud Deployment Manager • Azure Resource Manager
  • 6. Differences • Configuration Management vs Provisioning • Procedural vs Declarative • Master vs Masterless • Agent vs Agentless (Pull vs Push)
  • 7. • Maintained by RedHat. • Playbooks written in YAML files. • Configuration management • Procedural/Declarative (Hybrid) • Masterless • Agentless (Push) Ansible
  • 9. • It changes • It is code • Make changes with more confidence • Faster troubleshooting • Continuous compliance and security standards Why test infrastructure as code?
  • 10. Ansible / Molecule / TestInfra stack • Molecule (python) - Tool for testing Ansible roles. By default uses Ansible asserts for verification, but TestInfra is optional. • TestInfra (python) - Unit tests in Python to test actual state of your servers configured by management tools. Chef / TestKitchen / InSpec stack • Test Kitchen (ruby) - Test Kitchen is an integration tool for developing and testing infrastructure code and software on isolated target platforms. • InSpec (ruby) - Chef InSpec is a free and open-source framework for testing and auditing your applications and infrastructure. • ServerSpec (ruby) - ServerSpec is an extension the ruby RSpec framework. Frameworks
  • 11. • Goss (go) - YAML based serverspec alternative tool for validating a server’s configuration. - Allows the user to generate tests from the current system state. • Container Structure Tests (go) - github: GoogleContainerTools/container-structure-test - Can be used to check the output of commands in an image, as well as verify metadata and content of the filesystem. - Tests can be run either through a standalone binary, or through a Docker image. Frameworks
  • 12. We provide MySQL, MongoDB, PostgreSQL and some other tools to the users in form of: • Debian/Ubuntu packages (apt repo) • RedHat/CentOS packages (yum repo) • Docker images (dockerhub repo) • binary tarballs Testing packages before they become part of user infrastructure including some smoke tests for features. Checking test environments and setup. Our use case
  • 14. • https://github.com/ansible-community/molecule • Designed to aid in the development and testing of Ansible roles. • Uses Ansible to manage instances to operate on and supports any provider Ansible supports. • Maintained by Ansible community. Testing with multiple: • instances • operating systems and distributions • virtualization providers • test frameworks • testing scenarios Molecule
  • 15. Pip is the only supported installation method. apt install python python-pip python -m venv ~/python-venv/python-molecule source ~/python-venv/python-molecule/bin/activate pip install molecule 'molecule[docker]' Install
  • 17. • DigitalOcean • Docker • EC2 • GCE • Hetzner Cloud • Linode Drivers supported • LXC • LXD • Openstack • Podman • Vagrant • Azure
  • 19. Main config file which defines: • dependency manager (default: galaxy) • driver provider (default: docker) • lint command • platforms definition • provisioner (ansible only) • scenario definition • verifier framework (from v3 default is: Ansible) molecule.yml
  • 20. molecule.yml example dependency: name: galaxy driver: name: vagrant provider: name: virtualbox lint: name: yamllint platforms: - name: new-project-server box: ubuntu/bionic64 instance_raw_config_args: - "vm.network 'forwarded_port', guest: 80, host: 8088" provisioner: name: ansible lint: name: ansible-lint verifier: name: testinfra lint: name: flake8 test_sequence: - lint - destroy - dependency - create - prepare - converge - verify - cleanup - destroy
  • 21. # create new role molecule init role my-new-role1 --verifier-name testinfra --driver-name docker # create instances molecule create # list created instances molecule list # run ansible playbook molecule converge # run verifier assertions molecule verify # destroy created instances molecule destroy # run the whole create/converge/verify/destroy workflow molecule test Basic commands
  • 23. Write unit tests in Python to test actual state of your servers configured by management tools like Salt, Ansible, Puppet, Chef... Testinfra aims to be a Serverspec equivalent in python and is written as a plugin to the powerful Pytest test engine. Has "--junit-xml" parameter for exporting and loading test results into jenkins. Installation: pip install pytest-testinfra Testinfra overview
  • 24. Modules Testinfra modules are provided through the host fixture, declare it as arguments of your test function to make it available within it. Example modules: • file • group • package • environment • process • service • user • socket • docker
  • 25. def test_passwd_file(host): passwd = host.file("/etc/passwd") assert passwd.contains("root") assert passwd.user == "root" assert passwd.group == "root" assert passwd.mode == 0o644 def test_nginx_is_installed(host): nginx = host.package("nginx") assert nginx.is_installed assert nginx.version.startswith("1.2") def test_nginx_running_and_enabled(host): nginx = host.service("nginx") assert nginx.is_running assert nginx.is_enabled Test examples
  • 26. Connection backends • local (default when no hosts provided, commands are run locally in a subprocess under the current user) • paramiko (python implementation of ssh protocol) • docker • podman • ssh • salt • ansible • kubectl • openshift • winrm • lxc/lxd
  • 28. About me • Tomislav Plavčić • QA Engineer at Percona • @tplavcic • tomislav.plavcic@percona.com 28