SlideShare a Scribd company logo

Automating Your Salt Tests

Download as PPTX, PDF
R
Ryan Currah
1 of 27
Automating Your Salt Tests Ryan Currah github@ryancurrah twitter@rcurrah
MY EXPERIENCE • Was lead Salt engineer for large Canadian bank • Develop formulas • Salt master architecture • Salt git development strategy • Salt testing and testing automation
TALK GOAL Help newer Salt users start off on the right foot
DON’T FORGET TO AUTOMATE TESTING If you don’t automate testing it will become a bottleneck If you do automate testing you will catch issues early and feel confident when you release
TESTING AS CODE Requirements • State testing defined as code • Jobs defined as code • Pipeline capabilities • Fast testing feedback • Tools were on premise
TESTING TOOLS SELECTED • Code analysis: shellcheck (bash), flake8 (python) • State testing: ServerSpec • Container: Docker • Test orchestration: Jenkins Pipeline (Formerly Workflow) • Versioning: Git tag + bumpversion
CODE ANALYSIS ON FORMULAS Not uncommon to see scripts in formulas Code analysis enables • Good coding styles • Consistency • Express how we want code to be written • No jinja templated scripts (Use cmd.script w/ input arguments instead)
TEST STATE Two different views of state • For example in the issue github.com/saltstack/salt/issues/24647 • file.copy state with force=True did not work • Reported no changes when the file should have changed • ServerSpec tests caught this issue Audit formula changes • Formula changes will be captured by tests
ServerSpec What can you test? • Process is running • Service is running • Service is enabled on boot • Port is open • Firewall rule exists • Package is installed • User and group exists • File exists • File user and group ownership • File hashes • The list goes on see… http://serverspec.org/resource_types.html Reuseable spec files known a shared files • http://serverspec.org/advanced_tips.html • https://github.com/rubyisbeautiful/serverspec_examples
JOBS AS CODE Jenkins Pipeline enables jobs as code and a deilvery pipeline (without the spaghetti jobs) • Jenkinsfile (Groovy script) placed in the Salt formula repo • Pipeline stages (Build, QA, Production) • Pipeline visualization and metrics • Average build time, current build time, stage views, failed steps
JENKINS PLUGINS USED • Pipeline • Pipeline: Multibranch • Pipeline Remote Loader Plugin • Git Plugin • SSH Agent Plugin • AnsiColor Plugin
JENKINS SERVER SETUP • Docker installed • Docker allow Jenkins user to run it • Testing container with systemd, salt-minion, ruby, shellcheck and flake8 installed • Bumpversion installed • Git SSH credential setup for pushing tags
RUNNING SERVICES IN CONTAINERS • Install systemd in the testing container • Remove systemd links in /etc/systemd • Mount cgroups to container (ro) • Privileged container or –v /tmp:/run • Run command /usr/sbin/init Source: https://rhatdan.wordpress.com/2014/04/30/running-systemd-within-a-docker-container/
FORMULA REPOSITORIES • Create a repository for each formula • Repository has a tests folder • Release updates independent of other states • Use git backend for formulas
BRANCHING STRATEGY GITHUB FLOW
DEVELOPING LOCALLY • Provide salt formula developers a local development environment • Create a vagrant box or docker image (RHEL developer licenses are free now) • Provide an example formula with tests • Document how to get started • Jenkins feature testing
GOOD PULL REQUESTS Salt best practices • Less Jinja the better • No Jinja whitespace control characters in sls files • defaults.yaml • Pillars are for overiding defaults • Predictable and sane state id’s https://docs.saltstack.com/en/latest/topics/best_practices.html https://docs.saltstack.com/en/latest/topics/development/conventions/ Require tests pass Review code together • Potential bugs • Readability • Test coverage (ServerSpec tests) • Compliment / reinforce good practices http://kevinlondon.com/2015/05/05/code-review-best-practices.html
RELASING NEW SALT FORUMLAS Use semantic versioning • Example v0.2.0 • semver.org Tag releases • Tag new version v0.3.0 • Re-tag “latest” Bumpversion will automatically bump the forumula version Rollback “latest” to a previous version if things break Salt-masters use the gitfs backend docs.saltstack.com/en/latest/topics/tutorials/gitfs.html#per-remote-configuration-parameters
SALTSTACK GIT BACKENDS Pygit and Gitpython Pygit2 • Supports authentication • Cloning process tends to hang Gitpython • Easy to install • No authentication supported
DEMO Jenkins Pipeline • Pipeline script • Multibanch pipeline jobs • Testing feature branches • Testing master branches • ServerSpec output • Automatic promotion
STATE EVENTS What is a state event? Result of a state execution in a structured format that a can be parsed Why state events? • Analytics on state execution results • Alert operations on failed states • Easily compile issue reports for engineering More details: http://www.currah.ca/tech/2015/12/09/salt-state-events-splunk.html New splunk returner: https://github.com/saltstack/salt/blob/develop/salt/returners/splunk.py
EVENT RETURNER • Event returners only run on the master • Salt has a list of event returners or build your own • Create your own returner, place in _returners directory • Returner state events basically state.sls and state.highstate • Add minion id and jid to state return data for correlating state events to a specific host or action More details: http://www.currah.ca/tech/2015/12/09/salt-state-events-splunk.html Splunk returner: https://github.com/saltstack/salt/blob/develop/salt/returners/splunk.py List of Returners: https://docs.saltstack.com/en/latest/ref/returners/
EXAMPLE STATE EVENT Automatic Field Extraction
DEMO SALTSTACK STATE EVENTS • Generating events • Searching events • Event dashboard
CODE • https://github.com/ryancurrah/vagrant-salt-talk • https://github.com/ryancurrah/salt-minion-dockerfile • https://github.com/ryancurrah/salt-pipeline • https://github.com/ryancurrah/salt-apache-formula • https://github.com/ryancurrah/salt-lint-example • https://github.com/ryancurrah/salt-splunk-http-returner
Questions?
Please Provide Feedback Use the SaltConf16 event app to provide feedback for this presentation.

Recommended

Testing Salt States (part 1)
Testing Salt States (part 1)Testing Salt States (part 1)
Testing Salt States (part 1)jasondenning
 
Automated testing on steroids – Trick for managing test data using Docker sna...
Automated testing on steroids – Trick for managing test data using Docker sna...Automated testing on steroids – Trick for managing test data using Docker sna...
Automated testing on steroids – Trick for managing test data using Docker sna...Lucas Jellema
 
Trust, but verify | Testing with Docker Containers
Trust, but verify | Testing with Docker ContainersTrust, but verify | Testing with Docker Containers
Trust, but verify | Testing with Docker ContainersNan Liu
 
Docker & ci
Docker & ciDocker & ci
Docker & ciPatxi Gortázar
 
CI/CD on Android project via Jenkins Pipeline
CI/CD on Android project via Jenkins PipelineCI/CD on Android project via Jenkins Pipeline
CI/CD on Android project via Jenkins PipelineVeaceslav Gaidarji
 
Pipeline based deployments on Jenkins
Pipeline based deployments on JenkinsPipeline based deployments on Jenkins
Pipeline based deployments on JenkinsKnoldus Inc.
 
Jenkins Declarative Pipelines 101
Jenkins Declarative Pipelines 101Jenkins Declarative Pipelines 101
Jenkins Declarative Pipelines 101Malcolm Groves
 
Bgoug 2019.11 test your pl sql - not your patience
Bgoug 2019.11 test your pl sql - not your patienceBgoug 2019.11 test your pl sql - not your patience
Bgoug 2019.11 test your pl sql - not your patienceJacek Gebal
 

Recommended

Testing Salt States (part 1)
Testing Salt States (part 1)Testing Salt States (part 1)
Testing Salt States (part 1)jasondenning
 
Automated testing on steroids – Trick for managing test data using Docker sna...
Automated testing on steroids – Trick for managing test data using Docker sna...Automated testing on steroids – Trick for managing test data using Docker sna...
Automated testing on steroids – Trick for managing test data using Docker sna...Lucas Jellema
 
Trust, but verify | Testing with Docker Containers
Trust, but verify | Testing with Docker ContainersTrust, but verify | Testing with Docker Containers
Trust, but verify | Testing with Docker ContainersNan Liu
 
Docker & ci
Docker & ciDocker & ci
Docker & ciPatxi Gortázar
 
CI/CD on Android project via Jenkins Pipeline
CI/CD on Android project via Jenkins PipelineCI/CD on Android project via Jenkins Pipeline
CI/CD on Android project via Jenkins PipelineVeaceslav Gaidarji
 
Pipeline based deployments on Jenkins
Pipeline based deployments on JenkinsPipeline based deployments on Jenkins
Pipeline based deployments on JenkinsKnoldus Inc.
 
Jenkins Declarative Pipelines 101
Jenkins Declarative Pipelines 101Jenkins Declarative Pipelines 101
Jenkins Declarative Pipelines 101Malcolm Groves
 
Bgoug 2019.11 test your pl sql - not your patience
Bgoug 2019.11 test your pl sql - not your patienceBgoug 2019.11 test your pl sql - not your patience
Bgoug 2019.11 test your pl sql - not your patienceJacek Gebal
 
Open Source tools overview
Open Source tools overviewOpen Source tools overview
Open Source tools overviewLuciano Resende
 
Golang workshop
Golang workshopGolang workshop
Golang workshopVictor S. Recio
 
Jenkins days workshop pipelines - Eric Long
Jenkins days workshop pipelines - Eric LongJenkins days workshop pipelines - Eric Long
Jenkins days workshop pipelines - Eric Longericlongtx
 
Continuous Delivery in OSS using Shipkit.org
Continuous Delivery in OSS using Shipkit.orgContinuous Delivery in OSS using Shipkit.org
Continuous Delivery in OSS using Shipkit.orgMarcinStachniuk
 
Jenkins pipeline as code
Jenkins pipeline as codeJenkins pipeline as code
Jenkins pipeline as codeMohammad Imran Ansari
 
Pipeline as code - new feature in Jenkins 2
Pipeline as code - new feature in Jenkins 2Pipeline as code - new feature in Jenkins 2
Pipeline as code - new feature in Jenkins 2Michal Ziarnik
 
An Open-Source Chef Cookbook CI/CD Implementation Using Jenkins Pipelines
An Open-Source Chef Cookbook CI/CD Implementation Using Jenkins PipelinesAn Open-Source Chef Cookbook CI/CD Implementation Using Jenkins Pipelines
An Open-Source Chef Cookbook CI/CD Implementation Using Jenkins PipelinesSteffen Gebert
 
[WroclawJUG] Continuous Delivery in OSS using Shipkit
[WroclawJUG] Continuous Delivery in OSS using Shipkit[WroclawJUG] Continuous Delivery in OSS using Shipkit
[WroclawJUG] Continuous Delivery in OSS using ShipkitMarcinStachniuk
 
Jenkins Pipelines
Jenkins PipelinesJenkins Pipelines
Jenkins PipelinesSteffen Gebert
 
DrupalCon Los Angeles - Continuous Integration Toolbox
DrupalCon Los Angeles - Continuous Integration ToolboxDrupalCon Los Angeles - Continuous Integration Toolbox
DrupalCon Los Angeles - Continuous Integration ToolboxAndrii Podanenko
 
JavaOne 2016 - Pipeline as code
JavaOne 2016 - Pipeline as codeJavaOne 2016 - Pipeline as code
JavaOne 2016 - Pipeline as codeBert Jan Schrijver
 
Webinar - Unbox GitLab CI/CD
Webinar - Unbox GitLab CI/CD Webinar - Unbox GitLab CI/CD
Webinar - Unbox GitLab CI/CD Annie Huang
 
Killer R10K Workflow - PuppetConf 2014
Killer R10K Workflow - PuppetConf 2014Killer R10K Workflow - PuppetConf 2014
Killer R10K Workflow - PuppetConf 2014Puppet
 
JSDC 2015 - TDD 的開發哲學,以 Node.js 為例
JSDC 2015 - TDD 的開發哲學,以 Node.js 為例JSDC 2015 - TDD 的開發哲學,以 Node.js 為例
JSDC 2015 - TDD 的開發哲學,以 Node.js 為例謝 宗穎
 
(Declarative) Jenkins Pipelines
(Declarative) Jenkins Pipelines(Declarative) Jenkins Pipelines
(Declarative) Jenkins PipelinesSteffen Gebert
 
Perl Continous Integration
Perl Continous IntegrationPerl Continous Integration
Perl Continous IntegrationMichael Peters
 
An OpenShift Migration: From 3.9 to 4.5
An OpenShift Migration: From 3.9 to 4.5An OpenShift Migration: From 3.9 to 4.5
An OpenShift Migration: From 3.9 to 4.5Everett Toews
 
Github - Git Training Slides: Foundations
Github - Git Training Slides: FoundationsGithub - Git Training Slides: Foundations
Github - Git Training Slides: FoundationsLee Hanxue
 
Continuous Delivery of Puppet Manifests
Continuous Delivery of Puppet ManifestsContinuous Delivery of Puppet Manifests
Continuous Delivery of Puppet ManifestsKris Buytaert
 
Puppet in the Pipeline
Puppet in the PipelinePuppet in the Pipeline
Puppet in the PipelineAnna Kennedy
 
CICD Azure DevOps
CICD Azure DevOpsCICD Azure DevOps
CICD Azure DevOpsSergey Seletsky
 
Tuenti Release Workflow
Tuenti Release WorkflowTuenti Release Workflow
Tuenti Release WorkflowTuenti
 

More Related Content

What's hot

Open Source tools overview
Open Source tools overviewOpen Source tools overview
Open Source tools overviewLuciano Resende
 
Jenkins days workshop pipelines - Eric Long
Jenkins days workshop pipelines - Eric LongJenkins days workshop pipelines - Eric Long
Jenkins days workshop pipelines - Eric Longericlongtx
 
Continuous Delivery in OSS using Shipkit.org
Continuous Delivery in OSS using Shipkit.orgContinuous Delivery in OSS using Shipkit.org
Continuous Delivery in OSS using Shipkit.orgMarcinStachniuk
 
Pipeline as code - new feature in Jenkins 2
Pipeline as code - new feature in Jenkins 2Pipeline as code - new feature in Jenkins 2
Pipeline as code - new feature in Jenkins 2Michal Ziarnik
 
An Open-Source Chef Cookbook CI/CD Implementation Using Jenkins Pipelines
An Open-Source Chef Cookbook CI/CD Implementation Using Jenkins PipelinesAn Open-Source Chef Cookbook CI/CD Implementation Using Jenkins Pipelines
An Open-Source Chef Cookbook CI/CD Implementation Using Jenkins PipelinesSteffen Gebert
 
[WroclawJUG] Continuous Delivery in OSS using Shipkit
[WroclawJUG] Continuous Delivery in OSS using Shipkit[WroclawJUG] Continuous Delivery in OSS using Shipkit
[WroclawJUG] Continuous Delivery in OSS using ShipkitMarcinStachniuk
 
DrupalCon Los Angeles - Continuous Integration Toolbox
DrupalCon Los Angeles - Continuous Integration ToolboxDrupalCon Los Angeles - Continuous Integration Toolbox
DrupalCon Los Angeles - Continuous Integration ToolboxAndrii Podanenko
 
JavaOne 2016 - Pipeline as code
JavaOne 2016 - Pipeline as codeJavaOne 2016 - Pipeline as code
JavaOne 2016 - Pipeline as codeBert Jan Schrijver
 
Webinar - Unbox GitLab CI/CD
Webinar - Unbox GitLab CI/CD Webinar - Unbox GitLab CI/CD
Webinar - Unbox GitLab CI/CD Annie Huang
 
Killer R10K Workflow - PuppetConf 2014
Killer R10K Workflow - PuppetConf 2014Killer R10K Workflow - PuppetConf 2014
Killer R10K Workflow - PuppetConf 2014Puppet
 
JSDC 2015 - TDD 的開發哲學,以 Node.js 為例
JSDC 2015 - TDD 的開發哲學,以 Node.js 為例JSDC 2015 - TDD 的開發哲學,以 Node.js 為例
JSDC 2015 - TDD 的開發哲學,以 Node.js 為例謝 宗穎
 
(Declarative) Jenkins Pipelines
(Declarative) Jenkins Pipelines(Declarative) Jenkins Pipelines
(Declarative) Jenkins PipelinesSteffen Gebert
 
Perl Continous Integration
Perl Continous IntegrationPerl Continous Integration
Perl Continous IntegrationMichael Peters
 
An OpenShift Migration: From 3.9 to 4.5
An OpenShift Migration: From 3.9 to 4.5An OpenShift Migration: From 3.9 to 4.5
An OpenShift Migration: From 3.9 to 4.5Everett Toews
 
Github - Git Training Slides: Foundations
Github - Git Training Slides: FoundationsGithub - Git Training Slides: Foundations
Github - Git Training Slides: FoundationsLee Hanxue
 
Continuous Delivery of Puppet Manifests
Continuous Delivery of Puppet ManifestsContinuous Delivery of Puppet Manifests
Continuous Delivery of Puppet ManifestsKris Buytaert
 
Puppet in the Pipeline
Puppet in the PipelinePuppet in the Pipeline
Puppet in the PipelineAnna Kennedy
 

What's hot (20)

Open Source tools overview
Open Source tools overviewOpen Source tools overview
Open Source tools overview
 
Golang workshop
Golang workshopGolang workshop
Golang workshop
 
Jenkins days workshop pipelines - Eric Long
Jenkins days workshop pipelines - Eric LongJenkins days workshop pipelines - Eric Long
Jenkins days workshop pipelines - Eric Long
 
Continuous Delivery in OSS using Shipkit.org
Continuous Delivery in OSS using Shipkit.orgContinuous Delivery in OSS using Shipkit.org
Continuous Delivery in OSS using Shipkit.org
 
Jenkins pipeline as code
Jenkins pipeline as codeJenkins pipeline as code
Jenkins pipeline as code
 
Pipeline as code - new feature in Jenkins 2
Pipeline as code - new feature in Jenkins 2Pipeline as code - new feature in Jenkins 2
Pipeline as code - new feature in Jenkins 2
 
An Open-Source Chef Cookbook CI/CD Implementation Using Jenkins Pipelines
An Open-Source Chef Cookbook CI/CD Implementation Using Jenkins PipelinesAn Open-Source Chef Cookbook CI/CD Implementation Using Jenkins Pipelines
An Open-Source Chef Cookbook CI/CD Implementation Using Jenkins Pipelines
 
[WroclawJUG] Continuous Delivery in OSS using Shipkit
[WroclawJUG] Continuous Delivery in OSS using Shipkit[WroclawJUG] Continuous Delivery in OSS using Shipkit
[WroclawJUG] Continuous Delivery in OSS using Shipkit
 
Jenkins Pipelines
Jenkins PipelinesJenkins Pipelines
Jenkins Pipelines
 
DrupalCon Los Angeles - Continuous Integration Toolbox
DrupalCon Los Angeles - Continuous Integration ToolboxDrupalCon Los Angeles - Continuous Integration Toolbox
DrupalCon Los Angeles - Continuous Integration Toolbox
 
JavaOne 2016 - Pipeline as code
JavaOne 2016 - Pipeline as codeJavaOne 2016 - Pipeline as code
JavaOne 2016 - Pipeline as code
 
Webinar - Unbox GitLab CI/CD
Webinar - Unbox GitLab CI/CD Webinar - Unbox GitLab CI/CD
Webinar - Unbox GitLab CI/CD
 
Killer R10K Workflow - PuppetConf 2014
Killer R10K Workflow - PuppetConf 2014Killer R10K Workflow - PuppetConf 2014
Killer R10K Workflow - PuppetConf 2014
 
JSDC 2015 - TDD 的開發哲學,以 Node.js 為例
JSDC 2015 - TDD 的開發哲學,以 Node.js 為例JSDC 2015 - TDD 的開發哲學,以 Node.js 為例
JSDC 2015 - TDD 的開發哲學,以 Node.js 為例
 
(Declarative) Jenkins Pipelines
(Declarative) Jenkins Pipelines(Declarative) Jenkins Pipelines
(Declarative) Jenkins Pipelines
 
Perl Continous Integration
Perl Continous IntegrationPerl Continous Integration
Perl Continous Integration
 
An OpenShift Migration: From 3.9 to 4.5
An OpenShift Migration: From 3.9 to 4.5An OpenShift Migration: From 3.9 to 4.5
An OpenShift Migration: From 3.9 to 4.5
 
Github - Git Training Slides: Foundations
Github - Git Training Slides: FoundationsGithub - Git Training Slides: Foundations
Github - Git Training Slides: Foundations
 
Continuous Delivery of Puppet Manifests
Continuous Delivery of Puppet ManifestsContinuous Delivery of Puppet Manifests
Continuous Delivery of Puppet Manifests
 
Puppet in the Pipeline
Puppet in the PipelinePuppet in the Pipeline
Puppet in the Pipeline
 

Similar to Automating Your Salt Tests

Tuenti Release Workflow
Tuenti Release WorkflowTuenti Release Workflow
Tuenti Release WorkflowTuenti
 
Open Policy Agent for governance as a code
Open Policy Agent for governance as a code Open Policy Agent for governance as a code
Open Policy Agent for governance as a code Alexander Tokarev
 
2017 jenkins world
2017 jenkins world2017 jenkins world
2017 jenkins worldBrent Laster
 
SCALE12X: Chef for OpenStack
SCALE12X: Chef for OpenStackSCALE12X: Chef for OpenStack
SCALE12X: Chef for OpenStackMatt Ray
 
Compliance Automation with InSpec
Compliance Automation with InSpec Compliance Automation with InSpec
Compliance Automation with InSpec Nathen Harvey
 
Writing Custom Saltstack Execution Modules
Writing Custom Saltstack Execution ModulesWriting Custom Saltstack Execution Modules
Writing Custom Saltstack Execution ModulesJulian Pacheco
 
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...E. Camden Fisher
 
OUG Ireland Meet-up 12th January
OUG Ireland Meet-up 12th JanuaryOUG Ireland Meet-up 12th January
OUG Ireland Meet-up 12th JanuaryBrendan Tierney
 
Version Control and Continuous Integration
Version Control and Continuous IntegrationVersion Control and Continuous Integration
Version Control and Continuous IntegrationGeff Henderson Chang
 
Infinum Android Talks #13 - Developing Android Apps Like Navy Seals by Ivan Kušt
Infinum Android Talks #13 - Developing Android Apps Like Navy Seals by Ivan KuštInfinum Android Talks #13 - Developing Android Apps Like Navy Seals by Ivan Kušt
Infinum Android Talks #13 - Developing Android Apps Like Navy Seals by Ivan KuštInfinum
 
Team Development on Force.com
Team Development on Force.comTeam Development on Force.com
Team Development on Force.comDaniel Hoechst
 
What I Learned From Writing a Test Framework (And Why I May Never Write One A...
What I Learned From Writing a Test Framework (And Why I May Never Write One A...What I Learned From Writing a Test Framework (And Why I May Never Write One A...
What I Learned From Writing a Test Framework (And Why I May Never Write One A...Daryl Walleck
 
Magento 2 Workflows
Magento 2 WorkflowsMagento 2 Workflows
Magento 2 WorkflowsRyan Street
 
Continuous Deployment into the Unknown with Artifactory, Bintray, Docker and ...
Continuous Deployment into the Unknown with Artifactory, Bintray, Docker and ...Continuous Deployment into the Unknown with Artifactory, Bintray, Docker and ...
Continuous Deployment into the Unknown with Artifactory, Bintray, Docker and ...Gilad Garon
 
Hidden Treasure - TestComplete Script Extensions
Hidden Treasure - TestComplete Script ExtensionsHidden Treasure - TestComplete Script Extensions
Hidden Treasure - TestComplete Script ExtensionsSmartBear
 
Pipeline 101 Lorelei Mccollum
Pipeline 101 Lorelei MccollumPipeline 101 Lorelei Mccollum
Pipeline 101 Lorelei MccollumLorelei McCollum
 
XWiki SAS development practices
XWiki SAS development practicesXWiki SAS development practices
XWiki SAS development practicesVincent Massol
 

Similar to Automating Your Salt Tests (20)

CICD Azure DevOps
CICD Azure DevOpsCICD Azure DevOps
CICD Azure DevOps
 
Tuenti Release Workflow
Tuenti Release WorkflowTuenti Release Workflow
Tuenti Release Workflow
 
Open Policy Agent for governance as a code
Open Policy Agent for governance as a code Open Policy Agent for governance as a code
Open Policy Agent for governance as a code
 
2017 jenkins world
2017 jenkins world2017 jenkins world
2017 jenkins world
 
SCALE12X: Chef for OpenStack
SCALE12X: Chef for OpenStackSCALE12X: Chef for OpenStack
SCALE12X: Chef for OpenStack
 
Compliance Automation with InSpec
Compliance Automation with InSpec Compliance Automation with InSpec
Compliance Automation with InSpec
 
Writing Custom Saltstack Execution Modules
Writing Custom Saltstack Execution ModulesWriting Custom Saltstack Execution Modules
Writing Custom Saltstack Execution Modules
 
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
 
OUG Ireland Meet-up 12th January
OUG Ireland Meet-up 12th JanuaryOUG Ireland Meet-up 12th January
OUG Ireland Meet-up 12th January
 
Version Control and Continuous Integration
Version Control and Continuous IntegrationVersion Control and Continuous Integration
Version Control and Continuous Integration
 
Infinum Android Talks #13 - Developing Android Apps Like Navy Seals by Ivan Kušt
Infinum Android Talks #13 - Developing Android Apps Like Navy Seals by Ivan KuštInfinum Android Talks #13 - Developing Android Apps Like Navy Seals by Ivan Kušt
Infinum Android Talks #13 - Developing Android Apps Like Navy Seals by Ivan Kušt
 
Team Development on Force.com
Team Development on Force.comTeam Development on Force.com
Team Development on Force.com
 
Versioning for Developers
Versioning for DevelopersVersioning for Developers
Versioning for Developers
 
What I Learned From Writing a Test Framework (And Why I May Never Write One A...
What I Learned From Writing a Test Framework (And Why I May Never Write One A...What I Learned From Writing a Test Framework (And Why I May Never Write One A...
What I Learned From Writing a Test Framework (And Why I May Never Write One A...
 
Building XWiki
Building XWikiBuilding XWiki
Building XWiki
 
Magento 2 Workflows
Magento 2 WorkflowsMagento 2 Workflows
Magento 2 Workflows
 
Continuous Deployment into the Unknown with Artifactory, Bintray, Docker and ...
Continuous Deployment into the Unknown with Artifactory, Bintray, Docker and ...Continuous Deployment into the Unknown with Artifactory, Bintray, Docker and ...
Continuous Deployment into the Unknown with Artifactory, Bintray, Docker and ...
 
Hidden Treasure - TestComplete Script Extensions
Hidden Treasure - TestComplete Script ExtensionsHidden Treasure - TestComplete Script Extensions
Hidden Treasure - TestComplete Script Extensions
 
Pipeline 101 Lorelei Mccollum
Pipeline 101 Lorelei MccollumPipeline 101 Lorelei Mccollum
Pipeline 101 Lorelei Mccollum
 
XWiki SAS development practices
XWiki SAS development practicesXWiki SAS development practices
XWiki SAS development practices
 

Automating Your Salt Tests

  • 1. Automating Your Salt Tests Ryan Currah github@ryancurrah twitter@rcurrah
  • 2. MY EXPERIENCE • Was lead Salt engineer for large Canadian bank • Develop formulas • Salt master architecture • Salt git development strategy • Salt testing and testing automation
  • 3. TALK GOAL Help newer Salt users start off on the right foot
  • 4. DON’T FORGET TO AUTOMATE TESTING If you don’t automate testing it will become a bottleneck If you do automate testing you will catch issues early and feel confident when you release
  • 5. TESTING AS CODE Requirements • State testing defined as code • Jobs defined as code • Pipeline capabilities • Fast testing feedback • Tools were on premise
  • 6. TESTING TOOLS SELECTED • Code analysis: shellcheck (bash), flake8 (python) • State testing: ServerSpec • Container: Docker • Test orchestration: Jenkins Pipeline (Formerly Workflow) • Versioning: Git tag + bumpversion
  • 7. CODE ANALYSIS ON FORMULAS Not uncommon to see scripts in formulas Code analysis enables • Good coding styles • Consistency • Express how we want code to be written • No jinja templated scripts (Use cmd.script w/ input arguments instead)
  • 8. TEST STATE Two different views of state • For example in the issue github.com/saltstack/salt/issues/24647 • file.copy state with force=True did not work • Reported no changes when the file should have changed • ServerSpec tests caught this issue Audit formula changes • Formula changes will be captured by tests
  • 9. ServerSpec What can you test? • Process is running • Service is running • Service is enabled on boot • Port is open • Firewall rule exists • Package is installed • User and group exists • File exists • File user and group ownership • File hashes • The list goes on see… http://serverspec.org/resource_types.html Reuseable spec files known a shared files • http://serverspec.org/advanced_tips.html • https://github.com/rubyisbeautiful/serverspec_examples
  • 10. JOBS AS CODE Jenkins Pipeline enables jobs as code and a deilvery pipeline (without the spaghetti jobs) • Jenkinsfile (Groovy script) placed in the Salt formula repo • Pipeline stages (Build, QA, Production) • Pipeline visualization and metrics • Average build time, current build time, stage views, failed steps
  • 11. JENKINS PLUGINS USED • Pipeline • Pipeline: Multibranch • Pipeline Remote Loader Plugin • Git Plugin • SSH Agent Plugin • AnsiColor Plugin
  • 12. JENKINS SERVER SETUP • Docker installed • Docker allow Jenkins user to run it • Testing container with systemd, salt-minion, ruby, shellcheck and flake8 installed • Bumpversion installed • Git SSH credential setup for pushing tags
  • 13. RUNNING SERVICES IN CONTAINERS • Install systemd in the testing container • Remove systemd links in /etc/systemd • Mount cgroups to container (ro) • Privileged container or –v /tmp:/run • Run command /usr/sbin/init Source: https://rhatdan.wordpress.com/2014/04/30/running-systemd-within-a-docker-container/
  • 14. FORMULA REPOSITORIES • Create a repository for each formula • Repository has a tests folder • Release updates independent of other states • Use git backend for formulas
  • 16. DEVELOPING LOCALLY • Provide salt formula developers a local development environment • Create a vagrant box or docker image (RHEL developer licenses are free now) • Provide an example formula with tests • Document how to get started • Jenkins feature testing
  • 17. GOOD PULL REQUESTS Salt best practices • Less Jinja the better • No Jinja whitespace control characters in sls files • defaults.yaml • Pillars are for overiding defaults • Predictable and sane state id’s https://docs.saltstack.com/en/latest/topics/best_practices.html https://docs.saltstack.com/en/latest/topics/development/conventions/ Require tests pass Review code together • Potential bugs • Readability • Test coverage (ServerSpec tests) • Compliment / reinforce good practices http://kevinlondon.com/2015/05/05/code-review-best-practices.html
  • 18. RELASING NEW SALT FORUMLAS Use semantic versioning • Example v0.2.0 • semver.org Tag releases • Tag new version v0.3.0 • Re-tag “latest” Bumpversion will automatically bump the forumula version Rollback “latest” to a previous version if things break Salt-masters use the gitfs backend docs.saltstack.com/en/latest/topics/tutorials/gitfs.html#per-remote-configuration-parameters
  • 19. SALTSTACK GIT BACKENDS Pygit and Gitpython Pygit2 • Supports authentication • Cloning process tends to hang Gitpython • Easy to install • No authentication supported
  • 20. DEMO Jenkins Pipeline • Pipeline script • Multibanch pipeline jobs • Testing feature branches • Testing master branches • ServerSpec output • Automatic promotion
  • 21. STATE EVENTS What is a state event? Result of a state execution in a structured format that a can be parsed Why state events? • Analytics on state execution results • Alert operations on failed states • Easily compile issue reports for engineering More details: http://www.currah.ca/tech/2015/12/09/salt-state-events-splunk.html New splunk returner: https://github.com/saltstack/salt/blob/develop/salt/returners/splunk.py
  • 22. EVENT RETURNER • Event returners only run on the master • Salt has a list of event returners or build your own • Create your own returner, place in _returners directory • Returner state events basically state.sls and state.highstate • Add minion id and jid to state return data for correlating state events to a specific host or action More details: http://www.currah.ca/tech/2015/12/09/salt-state-events-splunk.html Splunk returner: https://github.com/saltstack/salt/blob/develop/salt/returners/splunk.py List of Returners: https://docs.saltstack.com/en/latest/ref/returners/
  • 23. EXAMPLE STATE EVENT Automatic Field Extraction
  • 24. DEMO SALTSTACK STATE EVENTS • Generating events • Searching events • Event dashboard
  • 25. CODE • https://github.com/ryancurrah/vagrant-salt-talk • https://github.com/ryancurrah/salt-minion-dockerfile • https://github.com/ryancurrah/salt-pipeline • https://github.com/ryancurrah/salt-apache-formula • https://github.com/ryancurrah/salt-lint-example • https://github.com/ryancurrah/salt-splunk-http-returner
  • 27. Please Provide Feedback Use the SaltConf16 event app to provide feedback for this presentation.