Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Ansible with with Molecule

Ansible with with Molecule

Markus Hanses

February 28, 2019
Tweet

More Decks by Markus Hanses

Other Decks in Programming

Transcript

  1. Advantages • Quality gate for Infrastructure as Code • Isolated

    test environment • Early feedback during development • Fail fast before application in real systems • Encourages separation of concerns in Ansible Roles
  2. Create your Environment $> virtualenv project/venv # creates env $>

    source project/venv/bin/activate # activates env $> deactivate # deactivates env
  3. Create new Ansible role $> molecule init role --role-name user.rolename

    -d docker $> molecule init role -r user.rolename -d docker # choose driver from one below... # azure, docker, ec2, gce, lxc, lxd, openstack, vagrant, # delegated
  4. Add Molecule to existing Ansible role $> ansible-galaxy init user.rolename

    $> cd user.rolename $> molecule init scenario -r user.rolename
  5. Add new scenarios to Molecule $> molecule init scenario \

    # long --scenario-name special \ -r user.rolename $> molecule init scenario \ # short -s special \ -r user.rolename
  6. Molecule configurations • Test run ◦ molecule.yml # Molecule configuration

    file ◦ playbook.yml # Test case definition • Syntax checks ◦ yamllint # Linter for Yaml files / Ansible, Molecole ◦ flake8 # Linter for Python code / Testinfra ◦ ansible-lint # Linter for Ansible playbooks
  7. Molecule test run $> molecule test # bare metal $>

    docker run --rm -it \ # docker -v '$(pwd)':/tmp/$(basename "${PWD}"):ro \ -v /var/run/docker.sock:/var/run/docker.sock \ -w /tmp/$(basename "${PWD}") \ retr0h/molecule:latest \ sudo molecule test
  8. Molecule test matrix └── default ├── lint # flake8, yamllint,

    ansible-lint syntax check ├── destroy # deletes pre-existing containers ├── dependency # installs python dependencies ├── syntax # Playbook syntax check ├── create # creates the docker container ├── prepare # prepares the docker container / pre-configuration ├── converge # executes the test playbook ├── idempotence # executes the test playbook a second time ├── side_effect # Occurs additional effects to the environment ├── verify # executes the Testinfra tests └── destroy # deletes new containers
  9. Sources • pyenv, https://github.com/pyenv/pyenv • Virtualenv, https://docs.python-guide.org/dev/virtualenvs/ • Molecule, https://molecule.readthedocs.io/en/latest/index.html

    • Testinfra, https://testinfra.readthedocs.io/en/latest/# • flake8, http://flake8.pycqa.org/en/latest/ • yamllint, https://yamllint.readthedocs.io/en/stable/ • ansible-lint, https://github.com/ansible/ansible-lint • Digital Ocean Blog Post, http://bit.do/eJXD3 • Demo project, https://github.com/marhan/ansible-role-fail2ban • Demo pipeline, https://travis-ci.org/marhan/ansible-role-fail2ban