Test-Kitchen Setup with AWS

Test Kitchen

What is Kitchen

  • Kitchen is a test harness tool to execute Infrastructure as Code(IaC) on one or more platforms
  • To execute in multiple platforms kitchen have a driver plugin architecture.

Using Kitchen in Chef

Without Kitchen


  • Cookbook Development Cycle Consists of following steps
    • Write Chef Code
    • Upload the code to the server using berks
    • Wait for Convergence on the node or run chef-client
    • Verify if the code written is working
  • Problems with this approach
    • Need to upload every version to the cookbook, which is untested
    • This might lead to some non working versions
    • Process is bit more lengthy

With Kitchen


  • Cookbook development cycle consists of the following steps
    • Write Chef code
    • Verify the written code with test kitchen
    • Upload the code to the chef server using berks
    • Wait for Convergence on the node or run chef-client

Setup Workstation

Lets look at different environments using different drivers

AWS Driver for Linux

  • Prerequisites:
    • SSH Client: Git or Putty
    • IDE: Visual Studio Code with Chef Extension
    • ChefDk installed
  • Generate cookbook on the workstation
    chef generate cookbook apache_cookbook
    cd apache_cookbook
  • AWS Preparation
    • Create IAM user with at least EC2 permissions (In this demonstration i would create user with Admin permissions).
    • Authenticate Test Kitchen with AWS
      • refer here for details
      • If your workstation is
        • Linux or mac: Navigate to file at ~/.aws/credentials
        • Windows: Navigate to file at %USERPROFILE%.aws\credentials
      • Enter ACCESS_KEY from the iam user to aws_access_key_id and Secret key to aws_secret_access_key
      • Other way is to use the aws cli command
      aws configure
    • Make the note of the following id’s
      • region: us-west-2
      • availability zone: us-west-2a
      • vpc-id: Can be noted from console or use the following commands of aws cli
      aws ec2 describe-vpcs
      • subnet-id: Can be noted from console or use the following commands of aws cli
      aws ec2 describe-subnets --filters "Name=availability-zone,Values=us-west-2b"
      • Create a security group with ports 22,80,443 opened and make a note of security group name or id.
      • Image-id: ami-08692d171e3cf02d6
      • Key-Pair: Create a new key pair & make note of name
    • Kitchen command overview: Preview
    • Configure Cookbook with AWS driver:
      • open apache_cookbook folder with visual studio code
      • Navigate to file .kitchen.yml
      • Edit the file with the details as shown below
      name: ec2
      aws_ssh_key_id: test # key pair name
      region: us-west-2 # region code of aws
      availability_zone: us-west-2b # availability_zone of us-west
      subnet_id: subnet-89fb32ee # subnet-id noted from above steps
      instance_type: t2.micro # as it is free instance type
      image_id: ami-08692d171e3cf02d6 # image id of ubuntu
      security_group_ids: ["sg-0caf47d86b61769cb"]
      name: chef_zero
      # You may wish to disable always updating cookbooks in CI or other testing environments.
      # For example:
      #   always_update_cookbooks: <%= !ENV['CI'] %>
      always_update_cookbooks: true
      name: inspec
      ssh_key: ./test.pem # relative path to pem file
      connection_timeout: 10
      connection_retries: 5
      username: ubuntu # username from ami-id
      - name: ubuntu-16.04
      - name: default
          - recipe[apache_cookbook::default]
              - test/integration/default
      • For more info refer here
      • write simple resource in recipe default.rb
      file '/home/ubuntu/readme.txt' do
          content 'created by chef'
          action :create
      • Execute Kitchen commands to test
      kitchen list
      kitchen create
      kitchen list
      kitchen converge
      • Now login into the ec2 machine & verify
      kitchen login
      cat /home/ubuntu/readme.txt
      • Once you finish your testing you can continue updating cookbooks & converge.
      • Destroy the created ec2 machine using
      kitchen destroy

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About continuous learner

devops & cloud enthusiastic learner