TESTING PROGRAMMABLE INFRASTRUCTURE (WITH RUBY) @burythehammer - - PowerPoint PPT Presentation

@burythehammer

MATT LONG

TESTING PROGRAMMABLE INFRASTRUCTURE (WITH RUBY)

@burythehammer

PROGRAMMABLE INFRASTRUCTURE IS GREAT, BUT WE'RE MISSING SOMETHING.

TESTING.

@burythehammer

I'M A TESTER

HELLO, I'M MATT

@burythehammer

@burythehammer

I WORK HERE ↑

@burythehammer

I AM NOT A SYSADMIN

@burythehammer

WHAT IS PROGRAMMABLE INFRASTRUCTURE?

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

THE APPLICATION OF METHODS AND TOOLING FROM SOFTWARE DEVELOPMENT TO THE MANAGEMENT OF IT INFRASTRUCTURE PROGRAMMABLE INFRASTRUCTURE IS..

THE INTERNET

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

WHAT DO WE MEAN BY THIS?

▸ Automated provisioning & configuration ▸ Configuration as code ▸ Version / source controlled

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

TOOLING EXAMPLES

@burythehammer

PROGRAMMABLE INFRASTRUCTURE IS AWESOME!

Credit: Vault Boy, Bethesda Softworks

@burythehammer

BUT IT CAN GET COMPLEX

@burythehammer

TESTING IS USED TO MITIGATE COMPLEXITY & RISK

@burythehammer

BUT INFRA TESTING IS RARE

Credit: Gunshow, KC Green

@burythehammer

TESTING A CLOUD BROKER

AN INFRASTRUCTURE HEAVY PRODUCT

@burythehammer

THE PROBLEM

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

WE WANT TO MOVE TO THE CLOUD... BUT WE'RE WARY OF LOCK IN

Large organisation

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

USERS

CLOUD BROKER

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

BENEFITS

▸ Quick, easy provisioning ▸ one team previously took 3 months ▸ Don't need to work at a low level ▸ Templates for common dev environments ▸ Built in best practice: monitoring, security ▸ Track spending

@burythehammer

THIS IS A REALLY COMPLICATED APPLICATION

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

WORKFLOW

▸ Log into Web UI ▸ Fill in information about environment ▸ Broker creates and bootstraps resources ▸ SSH into resources

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

WEB TESTING

▸ Log into Web UI ▸ Fill in information about environment

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

???

▸ Broker creates and bootstraps resources ▸ SSH into resources

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

INFRASTRUCTURE TESTING

▸ Broker creates and bootstraps resources ▸ SSH into resources

@burythehammer

HOW DO YOU TEST INFRASTRUCTURE?

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

WHAT TO TEST?

Deployment scripts unit tests? Does the VPN server work? Can instances 
 access one another? Are services running? Linting?

@burythehammer

THIS SEEMS FAMILIAR..

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

Does the VPN box work?
 Can I SSH into a server? Do our deployment scripts work?
 Linting? Are services running?

ANOTHER TESTING PYRAMID?

Can instances access one another? expensive, slow cheap, fast

@burythehammer

TOOLING

@burythehammer

UNIT TESTING

▸ Bash scripts ▸ Ansible scripts ▸ Terraform scripts

@burythehammer

LINTING

▸ Quick sanity check ▸ Available in all tools ▸ Run in CI before committing

@burythehammer

UNIT TESTING IS HARD

▸ Cultural issues ▸ Technical issues ▸ Return on investment

@burythehammer

INTEGRATION TESTING

▸ Packages installed ▸ Services running ▸ Ports listening

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

▸ Ruby / RSpec based ▸ Great community ▸ Very readable ▸ Very quick! ▸ Can SSH into instances

SERVERSPEC

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

SERVERSPEC EXAMPLE

describe package('jenkins') do it { should be_installed } end describe service('jenkins') do it { should be_enabled } it { should be_running } end describe port(8080) do it { should be_listening } end

@burythehammer

ACCEPTANCE TESTING

▸ SSHing into machines ▸ Using applications ▸ e.g. samba, openvpn

@burythehammer

TESTING PROGRAMMABLE INFRASTRUCTURE

▸ Executable specifications ▸ Both test & business can read it ▸ Available in Ruby, Java, C#... etc ▸ Great reporting ▸ Good CI integration

CUCUMBER

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

Scenario: Searching for Wikipedia Given I am on the website "www.google.com" When I search for "Wikipedia" Then the first link should be "www.wikipedia.org"

CUCUMBER EXAMPLE

@burythehammer

TESTING PROGRAMMABLE INFRASTRUCTURE

RUBY

▸ Fantastic testing community ▸ More suitable for SSHing into boxes ▸ "Win RM" gem ▸ Ops already familiar with it ▸ Reduces tech stack

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

TOOLS WE DIDN'T USE

▸ Bats ▸ ShUnit2 ▸ Goss ▸ Inspec / TestInfra ▸ AWS Spec ▸ Test Kitchen

@burythehammer

OUR SOLUTION

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

USERS

CLOUD BROKER

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

USERS

WEB TEST FRAMEWORK

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

USERS

WEB TESTS

https://github.com/opencredo/test-automation-quickstart

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

USERS

INFRASTRUCTURE TEST FRAMEWORK

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

INFRASTRUCTURE TESTS

Serverspec

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

INFRASTRUCTURE TESTING STACK

/ Serverspec Linting tools

@burythehammer

TESTING PROGRAMMABLE INFRASTRUCTURE

SERVERSPEC SMOKE TESTS

▸ Run before everything else ▸ Really quick ▸ Catches obvious errors ▸ Not complex tasks

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

Background:
 Given environment has been created
 And the following user details:
 | user_alias | username | public_key |
 | userA | testuser | test | 
 
 Scenario: IPA - Login via SSH Key authentication succeeds
 Given user "userA" is authorised to access environment vms
 When user "userA" starts ssh session in host "env" 
 Then I should be able to echo "hello world"


CUCUMBER FOR ACCEPTANCE TESTING

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

Background:
 Given environment has been created
 And the following user details:
 | user_alias | username | public_key |
 | userA | testuser | test | 
 
 
 Scenario: IPA - Login via SSH Key authentication succeeds
 Given user "userA" is authorised to access environment vms
 When user "userA" starts ssh session in host "env" 
 Then I should be able to echo "hello world"


CUCUMBER FOR ACCEPTANCE TESTING

Cloud broker APIs

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

Background:
 Given environment has been created
 And the following user details:
 | user_alias | username | public_key |
 | userA | testuser | test | 
 
 
 Scenario: IPA - Login via SSH Key authentication succeeds
 Given user "userA" is authorised to access environment vms
 When user "userA" starts ssh session in host "env" 
 Then I should be able to echo "hello world"


CUCUMBER FOR ACCEPTANCE TESTING

Standard Ruby

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

Background:
 Given environment has been created
 And the following user details:
 | user_alias | username | public_key |
 | userA | testuser | test | 
 
 
 Scenario: IPA - Login via SSH Key authentication succeeds
 Given user "userA" is authorised to access environment vms
 When user "userA" starts ssh session in host "env" 
 Then I should be able to echo "hello world"


CUCUMBER FOR ACCEPTANCE TESTING

RSpec assertions

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

UNDER THE CUCUMBER, PLAIN RUBY

Then(/^I should be able to echo "([^"]*)"$/) do |text| cmd = "echo #{text}"

• utput = @session.exec!(cmd)

close_ssh(@session) expect(output.to_s.strip).to eql(text) end

@burythehammer

LESSONS LEARNED

THE GOOD, THE BAD, AND THE UGLY

@burythehammer

TESTING PROGRAMMABLE INFRASTRUCTURE

THE GOOD

▸ Specialised tests for each layer ▸ Quick, expressive ServerSpec

tests

▸ Power of a full programming

language for user tests

▸ ... it's also totally doable!

Credit: Overwatch, Blizzard Entertainment

@burythehammer

TESTING PROGRAMMABLE INFRASTRUCTURE

THE BAD

▸ Over reliance on

acceptance tests

▸ Context switching with

two suites

▸ Out of my comfort zone

Credit: Futurama, Fox

@burythehammer

TESTING PROGRAMMABLE INFRASTRUCTURE

THE UGLY

▸ Starting infrastructure is SLOW. ▸ It's expensive...

@burythehammer

IT WAS WORTH IT

DESPITE ALL THAT

@burythehammer

CONCLUSIONS

@burythehammer

TESTING IS IMPORTANT

BUT OFTEN IGNORED

@burythehammer

TESTERS AND OPS SHOULD WORK TOGETHER

WE NEED TO GET OUT OF OUR COMFORT ZONES

@burythehammer

TOOLS EXIST

BUT BE PREPARED TO HACK

@burythehammer

FINALLY...

TESTING PROGRAMMABLE INFRASTRUCTURE

@burythehammer

THE APPLICATION OF METHODS AND TOOLING FROM SOFTWARE DEVELOPMENT TO MANAGEMENT OF IT INFRASTRUCTURE PROGRAMMABLE INFRASTRUCTURE IS..

@burythehammer

TESTING IS A SOFTWARE DEVELOPMENT METHOD

WE SHOULD APPLY IT TO INFRASTRUCTURE

@burythehammer

THANKS! QUESTIONS?

matt.long@opencredo.com <-- sponsors booth on 5th floor! @burythehammer