Molecule - Testing Ansible code

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hi my name is robert debok i work for adventist and today i'd like to show you molecule molecule is a testing framework for ansible and it's really useful to see if your code works so let's have a look at a random role just picked one doesn't really matter which one you'll see the files and directories that you are used to like tasks and the defaults and the vars and handlers and so on everything's there nothing special about it but you do see one extra directory the molecule directory so this is something you could add to your roles let's have a look in here there's a single directory now and these directories are called scenarios i have one scenario the default scenario if you don't specify anything this runs so what's in here there's a couple of files most importantly i guess is the molecule file which instructs molecule what to do prepare is runs quite early on the instances you specify a molecule to sort of shape that container environment to allow the converge playbook to run so you could imagine if you're let's say configuring a web server that in prepare you need to install some stuff like open ssl or change to firewall or so that's not a part of your actual role lastly the verify runs and that's a checker so to see if your role worked let's have a look let's start with a molecule and go over the files one by one so this is a file that's that's it's not too long it's 20 something lines or so and what's in here it says first get all the dependencies and the file for that is requirements.yml there's also a linting stage so it does some linting yamalint and ansible lint i think by now ansiblind has yamalint integrate so this line could be removed but i'll check it out later in this case i'm trying to run stuff on docker i like that a lot it's quick and easy to run and troubleshoot and so on you could have could have different drivers of course and the platforms is the part where you can tell molecule what to start in this case i'm starting a single machine single container actually now call it turn minus fedora if no one specified the image minus latest if no one specified the tag and i'll use a talk's nv name i'll get back to that later i use an image basically roberto bock fedora latest but you could override it that by setting the namespace the image and the tag and in that container i run init and i mount a couple of volumes and it runs privileged and that's required because in these containers i want to start and stop stuff and my containers are already built everything's in there otherwise molecule will install a few things or so and i don't like that i like full control there it runs a provisioning step with ansible of course i'm not sure why this is a configurable but okay and finally it does a verifier so let's have a look in the other playbooks so first it runs the prepare and in this case on all the containers i installed a couple of packages with that bootstrap one it's python sudo basically and apal extra package for enterprise linux so once that run the system is ready to run the converge playbook and mostly you'll see just the role being called here too so run the turn roll whatever it is and set a few variables listening ip and an external ip so pretty simple nothing specifically difficult here and finally it runs the verify step and that is an interesting one because you can check if your role made the instance work so you don't need to go over all the packages if they're there or the services if they've been started you just want to check does it listen now is there a webpage is there can i send the mail stuff like that in this case i do not know turn that well i did see that port 3478 apparently should work so in this case let's check if 3478 runs and some that's about it so let's let's run it let's go back into the regular directory and run molecule test so there's a few options you could give here molecule test that will run once spin up everything do all the testing and changes and destroy everything again if you're developing it's very useful to add destroy is never so that it doesn't matter if it fails or if it's successful it will keep that instance so you can log in there and have a look let's do that in this instance and and log into the system later and meanwhile there are a few extra parameters so now we run molecule test you can also run molecule converge or molecule verify or molecule login to log into that system let's wait a bit it's installing all the dependencies it found running all the linting steps so in between you also see these info running this and that stage so that's useful this is still molecule nothing on my role or my play or so it starts up a container it's there it now runs the prepare playbook which had that bootstrap and e-pal roll so it's installing the minimum it needs for the roll to work and that's nice to split the requirements into the prepare playbook and the code of this role into just this role the converge playbook that's if you keep that pattern it will be pretty easy to use i'll be back in a moment so molecule ran this playbook is stable so i knew it would succeed but let's say if it did not succeed you can also log in and troubleshoot so that's really convenient if it fails or you want to check out what's there or so and not everything is in this container it's just a very empty container so sometimes you need to install stuff i'm not sure what but you can also troubleshoot basically and when you're done so now a container is running you can destroy everything unless you specify just test then it destroys everything by itself the destruction downloads the roles the uh sorry the requirements again maybe that's that's needed to create or destroy the instance and then starts to destroy everything so here you see that molecule gave a destroy command and then it waits a bit until it's destroyed now destroying things is pretty quick making things making a container run could take a while so that's fine of course to do async for destroy yeah not sure if it's required so that's it that's uh that's how molecule works i think it's really useful to to test i'd like to show you one more trick because you saw in this molecule the variables so you saw the image default fedora the tag default latest so in this case you can also say image equals ubuntu or something uh tag equals latest oh that's the evil so we don't need to specify that and then molecule test so that's also possible so it's really convenient to switch operating system or distribution and try your role on a different platform and you can also do that in ci not going in too deep but there's a couple of files here i test stuff with git lab and in gitlab it runs it runs molecule again molecule test based on the image and the tag it's received and those two variables are expressed in a matrix and that's real convenient because you have a 46 line file which does all these tests so for example debian latest and bullseye and fedora 33 34 and raw heights 35 now so it's just with a single commit you run i don't know 10 12 jobs or so and they test the same role on all the different architectures on all these different distributions really really useful and the same applies for github they have actions here it is molecule and it runs on a matrix too the same matrix of course so it's pretty easy to use either way so gitlab or github both support this yeah easily basically that's it for today so hope that gives you a good piece of information about molecule i highly suggest to use it both locally which helps you but especially in ci gitlab or github actions that's perfectly so goodbye hope to see you next time

Info

Channel: Robert de Bock

Views: 1,740

Rating: undefined out of 5

Keywords: molecule, ansible, testing

Id: hglpWHMyFHA

Channel Id: undefined

Length: 10min 11sec (611 seconds)

Published: Fri May 14 2021