validating puppet managed resources in aws with awspec
TRANSCRIPT
Validating Puppet managed resources with awspecGet started with rspec testing for AWS resources
Twitter: @dkcwd
First a little background….
About this session When I talk about managing resources in AWS I’m talking about the servers and other services we are leveraging in AWS.
The concepts of testing resources, whether in AWS or not, is relevant regardless of whether you are using Puppet or not.
After the session, you know more about with the awspec library.
About this session We have people of all levels of experience in this session.
Please feel free to share your knowledge and experience with the group and ask questions.
Why test our resources?
?
Why test our resources? Once the resources have been “spun up” and configured, the test suite can be run to verify resources are in line with expectations.
CI tools can alert the team to issues which need attention.
$$$ money can be saved….
Why test our resources? Resource tests can be considered part of fulfilling a contract with the business.
Demonstrating the resources are ready could be as simple as ensuring the typical ports are exposed for a web server and that a page containing some specific text can be loaded within a specific timeframe.
Why test our resources? In the context of managing your Software Development Life Cycle (SDLC)
Before we deploy an application to our infrastructure we want to know that the environment is correctly configured.
Unexpected behavior can result from leveraging configuration data which has been included in error.
But Puppet describes the desired config!
Yes! And if you are using Hiera, you are likely to be including extra data conditionally
Sometimes people make mistakes….
A hypothetical situation You’re managing your network settings with Puppet and you have conditionally configured the value of resolve.conf
The DNS settings which have been incorrectly supplied are appropriate for London when they should be settings which are appropriate for China.
Ok, so let’s talk about awspec….
Make sure you find the right library
https://github.com/k1LoW/awspec
Based on Serverspechttps://github.com/k1LoW/awspec
Some set up is required To become more familiar with awspec you should do the following:
Set up an AWS account for testing Set up an IAM user, noting the access key and secret access key Install the AWS tools and run the ``aws configure`` command
See: http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html
Spin up an AWS EC2 instance When a new instance has been loaded test the command line config
``aws ec2 describe-instances``
See: http://docs.aws.amazon.com/cli/latest/userguide/shorthand-syntax.html
Install some Ruby dependencies Install RVM to make it easier to use different versions of Ruby
See: https://rvm.io/rvm/install
Follow the awspec README.md guide
The instructions explain what you need to do to write your tests
See: https://github.com/k1LoW/awspec
Try auto-generating a test The instructions explain what you need to do to write your tests
See: https://github.com/k1LoW/awspec
The result of auto-generation
Base Dockerfile installing the Will project
There is a minor adjustment required
Base Dockerfile installing the Will project
Need to include a line at the top of the file to include the helper script.
Add the helper script if necessary
This is required for the awspec methods to work correctly.
Run your example test
Run your test suite. Note: in this case I wanted to see the exit code.
Run your example test
You should see your tests passing. If not, you’ll need to debug.
So what should we test?
Great question! That was a simple example to get you started.
Take time to understand what expectations you can define.
Here is a good question to get you in a testing mindset….
What would make you sleep better than knowing that configuration has been correctly applied?
Enjoy and share what you do….
I’m on Twitter: @dkcwdLinkedIn: https://au.linkedin.com/in/daveclarkprofile