![Page 1: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/1.jpg)
© 2014 Cassini Consulting
Andreas Schmidt
Testing server infrastructure with serverspec
![Page 2: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/2.jpg)
Cassini Consulting @cassinigmbh • IT & Management Consulting Andreas Schmidt • From Dev to Ops • Infrastructure & Deployment
Automation w/ ruby
![Page 3: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/3.jpg)
• Purpose of infrastructure testing
• #serverspec • Examples / Demo
• Use Cases & benefits
? !
![Page 4: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/4.jpg)
Provisioning & Delivery
![Page 5: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/5.jpg)
Application being tested?
![Page 6: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/6.jpg)
Servers being tested?
![Page 7: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/7.jpg)
How is infrastructure
being specified?
![Page 8: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/8.jpg)
„Startup“
• Recent cloud technology
• Virtual Infrastructure Provisioning
• „Phoenix Server“
„Classic“ IT Environments
• Both virtualized & non-virtualized
• Mixed Provisioning
processes
• IT outsourcing
• IT System & Software Architecture
Regulated IT Environments
• i.e. banking, insurance companies, government
• + Compliance
• + Security
Low Cost Short Cycle Time
Documentation (Internal/External) Audit Capabilities
Internal Documentation Acceptance Tests
![Page 9: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/9.jpg)
Automated Provisioning & Configuration Management
![Page 10: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/10.jpg)
Lower-level configuration aspects • VM infrastructure & kernel parameters • Networking • Logical volume management
Side effects • RPM post-install scripts
Documentation • Specification of infrastructure • Human Readable
Testing on machine itself
what‘s missing?
![Page 11: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/11.jpg)
Machine parse-able Human read-able
Infrastructure Specification
![Page 12: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/12.jpg)
serverspec • www.serverspec.org • github.com/serverspec/serverspec MIT License Gosuke Miyashita @gokusenator
„With serverspec, you can write RSpec tests for checking your servers are configured correctly.“
![Page 13: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/13.jpg)
serverspec describe package 'openssh-server' doit { should be_installed }enddescribe file '/etc/ssh/sshd_config' doit { should be_mode 600 }it { should be_owned_by 'root' } enddescribe service 'ssh' do it { should be_enabled }end
![Page 14: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/14.jpg)
Development box
CM code
![Page 15: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/15.jpg)
Development box
CM code
CM code specs
Test locally
![Page 16: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/16.jpg)
Development box
CM code
Staging
Provision
CM code specs
box „state“
Test locally
![Page 17: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/17.jpg)
Development box
CM code
Staging
Provision
Test locally
CM code specs
box „state“
server spec
„Spec“ box
![Page 18: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/18.jpg)
Development box
CM code
Staging
Provision
Test locally
CM code specs
box „state“
Test on server(s)
server spec
„Spec“ box
![Page 19: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/19.jpg)
Development box
CM code
Staging
Local VM or Container
Provision
Test locally
CM code specs
box „state“
Provisio
n
Test on server(s)
server spec
„Spec“ box
![Page 20: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/20.jpg)
Development box
CM code
Staging
Local VM or Container
Provision
Test locally
CM code specs
box „state“
Test
Provisio
n
Test on server(s)
server spec
„Spec“ box
![Page 21: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/21.jpg)
Development box
CM code
Staging
Local VM or Container
Provision
Test locally
CM code specs
box „state“
Test
Provisio
n
Test on server(s)
server spec
„Spec“ box
![Page 22: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/22.jpg)
$ gem install serverspec
diff-lcs, highline, rakenet-sshrspec, rspec-core, rspec-expectations, rspec-mockspecinfra, serverspec
Basics
ssh to target hosts
spec basics
„Backend“ for infrastructure tests (local/remote, command abstraction, helpers)
„Frontend“ w/ resource types à rspec
![Page 23: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/23.jpg)
Demo • Serverspec Basics
• Overview of resource types
• Using abstractions and facts
• Introduce roles
• Environment-independent specs through properties
![Page 24: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/24.jpg)
Monitoring vs. Spec • Dynamic Aspects
(crashed servers, services not reachable, disk full, ...)
• Mostly in „internal form“, not human readable, special checks buried in scripts
• Static Aspects (how system is built)
• Explicit form, human readable
• Keep your system up & running
• Build according to a specification and prove compliance with it
![Page 25: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/25.jpg)
Additional tools • Comparable:
rspec-system (! beaker-rspec), rspec-system-serverspec
• Integrate serverspec into vagrant as a provisioner: github.com/jvoorhis/vagrant-serverspec
• Reporting http://vincent.bernat.im/en/blog/2014-serverspec-test-infrastructure.html
![Page 26: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/26.jpg)
![Page 27: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/27.jpg)
Infrastructure QA
![Page 28: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/28.jpg)
Infrastructure regression
testing
![Page 29: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/29.jpg)
Automated acceptance
testing
![Page 30: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/30.jpg)
Audit Capabilities
![Page 31: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/31.jpg)
Work test driven –
Define, build, compare your environments.
![Page 33: OSDC 2014: Andreas Schmidt - Testing server infrastructure with serverspec](https://reader033.vdocument.in/reader033/viewer/2022052823/554f6bd7b4c905c8088b522d/html5/thumbnails/33.jpg)
Cassini Consulting Niederlassung Düsseldorf Andreas Schmidt Bennigsen-Platz 1 40474 Düsseldorf Deutschland [email protected] visit www.cassini.de
Alle Angaben basieren auf dem derzeitigen Kenntnisstand. Änderungen vorbehalten. Dieses Dokument von Cassini Consulting ist ausschließlich für den Adressaten bzw. Auftraggeber bestimmt. Es bleibt bis zur einer ausdrücklichen Übertragung von Nutzungsrechten Eigentum von Cassini. Jede Bearbeitung, Verwertung, Vervielfältigung und/oder gewerbsmäßige Verbreitung des Werkes ist nur mit Einverständnis von Cassini zulässig.