Building and Testing Puppet with Docker

Carla Souza

Carla Souza

Software engineer for ReliantPuppet user since 2010Container virtualization user since 2008

Our environment

~15k nodesRedboxesAmazon EC2 InstancesVirtual machines

OpenVZ containersKVM

Code your infrastructure

Code QA

Check your syntax

puppet parse validatepuppet-lintyaml syntax checkererb syntax checker

Variable data type validationvalidate_absolute_pathvalidate_arrayvalidate_augeasvalidate_boolvalidate_cmdvalidate_hashvalidate_ipv4_addressvalidate_ipv6_addressvalidate_revalidate_slength

validate_string

Smoke testing#tests/test.pp

class { 'apt': }

puppet apply --noop --modulepath=".." tests/test.pp

rspec-puppet

https://github.com/puppetlabs/puppetlabs-apt/blob/master/spec/unit/puppet/type/apt_key_spec.rb#L75

beaker

beaker

https://github.com/puppetlabs/puppetlabs-apt/blob/master/spec/acceptance/nodesets/default.yml

Code Review

No errors on the puppet run!=

Correctly configured

Mimic the production environment

Image from http://wegeekgirls.files.wordpress.com/2014/04/mystique_x-men_days-of-future-past.png

1. Target node's hostname2. Use custom facts*3. Specify OS4. Thats all

* not required

Step 2: Facts

Write your own custom facts# myserver-facts.txtdomain=reliantsecurity.comipaddress=172.17.42.1ipaddress_docker0=172.17.42.1ipaddress_lo=127.0.0.1ipaddress_wlan0=172.16.3.218is_virtual=false

Step 2: Facts

Steal facts from an existing node

Step 2: Facts$ mystique fetch-facts myserver

$ mystique fetch-facts --hostname myserver --user carla myserver.company

# myserver-facts.txtdomain=reliantsecurity.comipaddress=172.17.42.1ipaddress_docker0=172.17.42.1ipaddress_lo=127.0.0.1ipaddress_wlan0=172.16.3.218is_virtual=false(...)

Step 3: Specify OS

--os ubuntu14.04

--os debian-wheezy

# mystique run --os ubuntu14.04 --hostname myserver

# mystique run --facts /path/to/facts.txt --hostname myserver

Image from http://wegeekgirls.files.wordpress.com/2014/04/mystique_x-men_days-of-future-past.png

FROM tianon/debian:wheezy

RUN apt-get -qq -y install puppet puppetmaster

ONBUILD ADD puppet.tar.gz /etc/puppet/

$ ls .

./

../

.git/

.gitignorefiles/templates/manifests/modules/auth.confautosign.conffileserver.confnamespaceauth.conf

FROM mystique/debian:latest

ADD myserver-facts.txt /etc/facter/facts.d/

RUN puppet apply --modulepath=/etc/puppet/modules master.pp

CMD puppet agent --no-daemonize

# mystique run --facts /path/to/facts.txt --hostname myserver

Report for myserver

12 resources created

2 warnings

0 errors

# mystique run --facts /path/to/facts.txt \

--hostname myserver \

--verbose

Why using the existing tools?

What can I do with all this?

Future steps● Mimic existing resources from nodes● Extend supported OS● Specify puppet version● Multiple node testing

○ Linking containers● User an existing Puppet Master

Thank you!

carlasouza@reliantsecurity.com

https://github.com/carlasouza/mystique*

Twitter: @carlaas* not yet available