All geek questions in one place

Is there really no easy way to test puppet scripts on a remote machine?

I am experimenting with Puppet scripts for deployment.

I believe that the most difficult part of writing these scripts is iterative testing.

I donโ€™t want puppet apply on my local development machine that can screw things up. I have a remote box with a clean list where I want to apply. I also do not see how a puppeteer can help me; I may be using the puppeteer at a later location for production deployments, but for now I just want my code to work.

So, I put together a quick shell script that will rsync different directories from my local puppet module path to / tmp on the remote machine, and then run puppet apply . This is terribly uncomfortable. This is slow, especially if we are talking about a syntax error.

I think I really want something like a puppeteer-puppet mix, where the puppet machine on the remote machine receives an already compiled manifest. Just adhoc-one over an SSH connection, without actually setting up Puppetmaster, dealing with certificates, etc. puppet apply user@host .

There seems to be nothing like this, but how do other people deal with this? It seems to me that the experience with the puppet script is incredibly frustrating to me, as it is.

+6
source share
7 answers

I would recommend using Vagrant. If you are not checking the setup of the puppet wizard, you can use the built-in provisioning integration .

Once you have all the settings, you can start vagrancy provisioning or just run the vm vagrant puppet.

Here is an article you may find helpful.

+9
source

I would also look at rpsec puppet tests using rspec-puppet and puppetlabs-spec-helper . Rspec-puppet-init will break the puppet document and the cheppetto and maybe some other things due to symbolic links, and there are some problems with hiera , but the tests are easy to configure otherwise and work well, and can also be attached to jenkins / hudson .

+3
source

Usually I have two levels of testing for my doll scripts.

Unit tests for quick feedback: Written using rspec-puppet , they compile the doll catalog for the class / define / etc, and also make statements about it. Run locally every time I make small changes, and on the build server every time I check. Tests run quickly (<10 seconds) and select syntax and dependency problems.

Functional tests to ensure that it really works: Written using Cucumber with Aruba . When I finish implementing the function and unit tests to pass it, these tests provide a virtual machine (using Vagrant ) with the appropriate puppet manifest (s), log in and make statements about the state of the virtual machine. The tests themselves look something like this:

 Given I am SSHed into Vagrant box "webserver" When I type "php --version" Then the output should include "PHP 5.4.11"
+2
source

Vagrant is the most useful environment for rapid infrastructure development that I have found. This will most closely reflect (99%) your production setup, and you can explain those tiny differences in the puppet so that everything works as expected. It takes about 30 minutes to start working with it and will repeatedly pay you money for the time saved, with scripts to copy files :)

If this is useful for visualization, on my desktop I have 3 terminals side by side:

Terminal 1) Editing puppet manifestos, classes, ruby โ€‹โ€‹code, etc. Terminal 2) Performing a "roving security" that the puppet just does, along with any facts you want to go through, etc. Terminal 3) "roaming ssh" in the box so that I can poke how the puppet does its job.

Hope this helps!

+1
source

I stumbled upon rump , considering another question . If you are using git, this might be useful. A slide panel is available there .

From README.md: "Rump helps you run Puppet locally against Git validation.

0
source

Why don't you want to control a puppet master? It was created specifically for this situation.

If you absolutely cannot control the puppet master, you will have to wrap your puppets in another script that first downloads the file (with curl or wget) and applies them after a successful download. Given that the puppet is a fairly simple application to run, I donโ€™t see how not to use it would be better.

0
source

You might be interested in citac, a toolkit for automatically testing puppet scripts. It is available on Github: https://github.com/citac/citac

Citac systematically runs your Puppet manifest in a variety of configurations, simulating short-term system crashes, various resource orders, and more. Generated test reports inform you of problems with non-idempotent resources, problems related to convergence, etc.

The tool uses Docker containers to execute, so your system remains untouched during testing. State changes are monitored during the execution of the Puppet script, and detailed test reports are generated.

To get an idea of โ€‹โ€‹what errors the tool found, a large-scale assessment was conducted with more than 150 publicly available Puppet scripts. The results can be found here: http://citac.imtqy.com/eval/ Please feel free to provide feedback, pull requests, etc. Happy testing!

0
source

Source: https://habr.com/ru/post/919685/

More articles:


All Articles