Test Kitchen
What is Kitchen
- Kitchen is a test harness tool to execute Infrastructure as Code(IaC) on one or more platforms
- To execute in multiple platforms kitchen have a driver plugin architecture.
Using Kitchen in Chef
Without Kitchen
- Cookbook Development Cycle Consists of following steps
- Write Chef Code
- Upload the code to the server using berks
- Wait for Convergence on the node or run chef-client
- Verify if the code written is working
- Problems with this approach
- Need to upload every version to the cookbook, which is untested
- This might lead to some non working versions
- Process is bit more lengthy
With Kitchen
- Cookbook development cycle consists of the following steps
- Write Chef code
- Verify the written code with test kitchen
- Upload the code to the chef server using berks
- Wait for Convergence on the node or run chef-client
Setup Workstation
Lets look at different environments using different drivers
AWS Driver for Linux
- Prerequisites:
- SSH Client: Git or Putty
- IDE: Visual Studio Code with Chef Extension
- ChefDk installed
- Generate cookbook on the workstation
chef generate cookbook apache_cookbook cd apache_cookbook
- AWS Preparation
- Create IAM user with at least EC2 permissions (In this demonstration i would create user with Admin permissions).
- Authenticate Test Kitchen with AWS
- refer here for details
- If your workstation is
- Linux or mac: Navigate to file at ~/.aws/credentials
- Windows: Navigate to file at %USERPROFILE%.aws\credentials
- Enter ACCESS_KEY from the iam user to aws_access_key_id and Secret key to aws_secret_access_key
- Other way is to use the aws cli command
aws configure
- Make the note of the following id’s
- region: us-west-2
- availability zone: us-west-2a
- vpc-id: Can be noted from console or use the following commands of aws cli
aws ec2 describe-vpcs
- subnet-id: Can be noted from console or use the following commands of aws cli
aws ec2 describe-subnets --filters "Name=availability-zone,Values=us-west-2b"
- Create a security group with ports 22,80,443 opened and make a note of security group name or id.
- Image-id: ami-08692d171e3cf02d6
- Key-Pair: Create a new key pair & make note of name
- Kitchen command overview:
- Configure Cookbook with AWS driver:
- open apache_cookbook folder with visual studio code
- Navigate to file .kitchen.yml
- Edit the file with the details as shown below
---
driver:
name: ec2
aws_ssh_key_id: test # key pair name
region: us-west-2 # region code of aws
availability_zone: us-west-2b # availability_zone of us-west
subnet_id: subnet-89fb32ee # subnet-id noted from above steps
instance_type: t2.micro # as it is free instance type
image_id: ami-08692d171e3cf02d6 # image id of ubuntu
security_group_ids: ["sg-0caf47d86b61769cb"]
provisioner:
name: chef_zero
# You may wish to disable always updating cookbooks in CI or other testing environments.
# For example:
# always_update_cookbooks: <%= !ENV['CI'] %>
always_update_cookbooks: true
verifier:
name: inspec
transport:
ssh_key: ./test.pem # relative path to pem file
connection_timeout: 10
connection_retries: 5
username: ubuntu # username from ami-id
platforms:
- name: ubuntu-18.04
suites:
- name: default
run_list:
- recipe[apache_cookbook::default]
verifier:
inspec_tests:
- test/integration/default
attributes:
* For more info refer [here](https://docs.chef.io/config_yml_kitchen.html)
* write simple resource in recipe default.rb
```
file '/home/ubuntu/readme.txt' do
content 'created by chef'
action :create
end
```
* Execute Kitchen commands to test
```
kitchen list
kitchen create
kitchen list
kitchen converge
```
* Now login into the ec2 machine & verify
```
kitchen login
cat /home/ubuntu/readme.txt
```
* Once you finish your testing you can continue updating cookbooks & converge.
* Destroy the created ec2 machine using
```
kitchen destroy
```