Puppet meetup testing

1,045 views

Published on

Puppet testing presentation given at Denver Puppet Meetup on 11/12/2013

0 Comments
6 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,045
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
14
Comments
0
Likes
6
Embeds 0
No embeds

No notes for slide
  • We will look at a manifest and what a catalog is in the next few slides
  • Bullet 1: resource graph and all the dependenciesBullet 2: a given node can have several modules defined for resources that need to be on that systemBullet 3: puppet source lives on master; agent has no puppet code.
  • This gives an idea of how validate the server is configured as expected. If time permits, we can demo thisNow we will shift focus
  • Puppet meetup testing

    1. 1. Phil Zimmerman phil.zimmerman@twcable.com https://twitter.com/phil_zimmerman
    2. 2.       Software defined infrastructure – perfect for VCS Configuration Management for servers Declarative language written in Ruby DSL Uses manifests to define server configurations Brings servers into a desired state and keeps them there Eliminates “snowflake” environments
    3. 3.  Puppet Modules  Self-contained bundles of code  Develop your own  Download from the Puppet Forge (https://forge.puppetlabs.com/)  Contain manifests, files, templates and, ahem… tests
    4. 4.  Puppet Manifests  End in the .pp file extension  Each manifest in a puppet module should contain one class or defined type  Define the set of resources (packages, files, services) that the module represents  Can contain logic (conditionals, collections, functions, etc)  Are the source for the compiled catalog
    5. 5.  The catalog  Represents the DAG (directed acyclic graph) of     resources and the desired system state for a given node Is compiled from the set of modules’ manifests defined for a given node In master/agent puppet, compiled by the master and applied on the agent node Masterless puppet, compiled locally on node Represented on disk as a YAML document
    6. 6.      Need to upgrade Java version on tomcat6 vms Get latest puppet code from vcs Make the version change in my manifest Simple change, it looks good to me Commit my changes
    7. 7. Oh no – Java was updated on my tomcat7 vms too…. Wait, wat?!  Face Palm  FAIL!!
    8. 8.       Puppet manifests are code Improve consistency and predictability of server provisioning Well-defined tools (rspec-puppet, puppet parser, puppet-lint, serverspec, vagrant, etc.) Automatable Complex, data-driven server configuration Think of others and future you!
    9. 9.        Syntax Checking Static Analysis Unit Tests (rspec-puppet) Configure Jenkins to Run These Vagrant Server-spec Packer
    10. 10. puppet parser validate -make sure the manifests will generate a catalog
    11. 11. puppet-lint -make sure we adhere to the puppet style guide
    12. 12.  rspec-puppet (http://rspec-puppet.com/)     Written by Tim Sharpe (https://github.com/rodjek) rspec, extended to work with puppet “unit tests” for puppet code Designed to test the catalog ▪ ▪ ▪ ▪ Tests at the module level, not system level Verify resources are present and dependencies are met Verify resources are configured as expected Verify file content (even when using templates and hiera – yes!)  puppetlabs-spec_helper (Rakefile, .fixtures.yml)
    13. 13.  rspec-puppet ruby gem  rspec-puppet-init ▪ Rakefile ▪ spec/spec_helper.rb ▪ spec/{classes,defines,functions,hosts,fixtures}  puppetlabs_spec_helper ruby gem  .fixtures.yml  Ideal for testing manifests referencing forge modules  Both gems work together to ease the burden of boilerplate setup and configuration
    14. 14. Test that the sshd package is installed
    15. 15. Make sure sshd_config file is present with desired attributes:
    16. 16. Ensure sshd_config has certain entries:
    17. 17. Verify sshd service is enabled and running with proper resource dependencies in place:
    18. 18.  Parameterized class  let(:params) { {:foo => ‘abc’, :bar => ‘xyz’} }  Specify values for facter facts  let(:facts) { {:operatingsystem => ‘CentOS’, :ipaddress => ‘192.168.33.10’} }  Specify fqdn for a node  let(:node) { ‘puppet-test-01.lab.webapps.rr.com’ }
    19. 19. hiera-puppet-helper gem
    20. 20.    This is awesome, but we’re not done Next level of testing is to perform a puppet run on a test vm and verify all is good We are ready for a server test – enter serverspec
    21. 21.  Server Spec (http://serverspec.org/)  Designed to validate that a server is configured appropriately after it’s been provisioned  Independent of Puppet, Chef, CFEngine, SaltStack, etc.  Tests your servers’ actual state directly via ssh ▪ No server-side software or agents required!
    22. 22.    serverspec ruby gem similar dsl as rspec, rspec-puppet serverspec-init  spec dir  sample spec file  spec_helper.rb  Rakefile
    23. 23. describe iptables do it { should have_rule(‘-P INPUT ACCEPT’).with_table(‘mangle’).with_chain(‘INPUT’) } end describe port(2003) do it { should be_listening.with(‘udp’) } end describe package(‘httpd’) do it { should be_installed } end describe service(‘sshd’) do it { should be_monitored_by(‘monit’) } end
    24. 24.   We use Puppet Enterprise at TWC Vagrantfile that auto installs and configures Puppet Enterprise master and agent(s)  https://github.com/adrienthebo/vagrant-pe_build    Personal replica of production Puppet Enterprise setup Can apply any role to the agent and test the server config Destroy the agent vm when done
    25. 25.        “Create identical machine images for multiple platforms from a single source configuration” Supports all the main provisioners including Puppet Can optionally create a vagrant box from the same source configuration Automatable and Testable Extendable plugin architecture Powerful option for any vm architecture, especially cloud-based (internal and external) Full of awesome
    26. 26.  Miscellaneous Links      http://www.slideshare.net/PuppetLabs/stephen-connolly http://www.slideshare.net/PuppetLabs/automated-puppet-testing-puppetcampchicago-12-scott-nottingham https://github.com/adrienthebo/vagrant-pe_build https://github.com/puppetlabs/rspec-system Vim Tools  Syntastic (https://github.com/scrooloose/syntastic) ▪  Vim-puppet (https://github.com/rodjek/vim-puppet) ▪ ▪  Checks syntax and displays errors to the user Syntax highlighting Style checking Cool Tool Links    Vagrant - http://www.vagrantup.com Packer - http://www.packer.io Stackhammer - http://www.cloudsmith.com

    ×