Test-Kitchen Setup with AWS

Test Kitchen

What is Kitchen

  • Kitchen is a test harness tool to execute Infrastructure as Code(IaC) on one or more platforms
  • To execute in multiple platforms kitchen have a driver plugin architecture.

Using Kitchen in Chef

Without Kitchen


  • Cookbook Development Cycle Consists of following steps
    • Write Chef Code
    • Upload the code to the server using berks
    • Wait for Convergence on the node or run chef-client
    • Verify if the code written is working
  • Problems with this approach
    • Need to upload every version to the cookbook, which is untested
    • This might lead to some non working versions
    • Process is bit more lengthy

With Kitchen


  • Cookbook development cycle consists of the following steps
    • Write Chef code
    • Verify the written code with test kitchen
    • Upload the code to the chef server using berks
    • Wait for Convergence on the node or run chef-client

Setup Workstation

Lets look at different environments using different drivers

AWS Driver for Linux

  • Prerequisites:
    • SSH Client: Git or Putty
    • IDE: Visual Studio Code with Chef Extension
    • ChefDk installed
  • Generate cookbook on the workstation
    chef generate cookbook apache_cookbook
    cd apache_cookbook
  • AWS Preparation
    • Create IAM user with at least EC2 permissions (In this demonstration i would create user with Admin permissions).
    • Authenticate Test Kitchen with AWS
      • refer here for details
      • If your workstation is
        • Linux or mac: Navigate to file at ~/.aws/credentials
        • Windows: Navigate to file at %USERPROFILE%.aws\credentials
      • Enter ACCESS_KEY from the iam user to aws_access_key_id and Secret key to aws_secret_access_key
      • Other way is to use the aws cli command
      aws configure
    • Make the note of the following id’s
      • region: us-west-2
      • availability zone: us-west-2a
      • vpc-id: Can be noted from console or use the following commands of aws cli
      aws ec2 describe-vpcs
      • subnet-id: Can be noted from console or use the following commands of aws cli
      aws ec2 describe-subnets --filters "Name=availability-zone,Values=us-west-2b"
      • Create a security group with ports 22,80,443 opened and make a note of security group name or id.
      • Image-id: ami-08692d171e3cf02d6
      • Key-Pair: Create a new key pair & make note of name
    • Kitchen command overview: Preview
    • Configure Cookbook with AWS driver:
      • open apache_cookbook folder with visual studio code
      • Navigate to file .kitchen.yml
      • Edit the file with the details as shown below
    name: ec2
    aws_ssh_key_id: test # key pair name
    region: us-west-2 # region code of aws
    availability_zone: us-west-2b # availability_zone of us-west
    subnet_id: subnet-89fb32ee # subnet-id noted from above steps
    instance_type: t2.micro # as it is free instance type
    image_id: ami-08692d171e3cf02d6 # image id of ubuntu
    security_group_ids: ["sg-0caf47d86b61769cb"]

    name: chef_zero
    # You may wish to disable always updating cookbooks in CI or other testing environments.
    # For example:
    #   always_update_cookbooks: <%= !ENV['CI'] %>
    always_update_cookbooks: true

    name: inspec

    ssh_key: ./test.pem # relative path to pem file
    connection_timeout: 10
    connection_retries: 5
    username: ubuntu # username from ami-id

- name: ubuntu-18.04

- name: default
    - recipe[apache_cookbook::default]
        - test/integration/default

    * For more info refer [here](https://docs.chef.io/config_yml_kitchen.html)
    * write simple resource in recipe default.rb
    file '/home/ubuntu/readme.txt' do
        content 'created by chef'
        action :create
    * Execute Kitchen commands to test
    kitchen list
    kitchen create
    kitchen list
    kitchen converge
    * Now login into the ec2 machine & verify
    kitchen login
    cat /home/ubuntu/readme.txt
    * Once you finish your testing you can continue updating cookbooks & converge.
    * Destroy the created ec2 machine using
    kitchen destroy

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About continuous learner

devops & cloud enthusiastic learner