Nyob zoo txhua leej txhua tus!

Kuv ua hauj lwm ua ib tug DevOps engineer rau lub tsev so booking service. Ostrovok.ru. Hauv tsab xov xwm no kuv xav tham txog peb cov kev paub dhau los hauv kev sim Ansible lub luag haujlwm.

Ntawm Ostrovok.ru peb siv ansible ua tus tswj hwm kev teeb tsa. Tsis ntev los no peb tuaj rau qhov yuav tsum tau kuaj lub luag haujlwm, tab sis, raws li nws tau muab tawm, tsis muaj ntau yam cuab yeej rau qhov no - qhov nrov tshaj plaws, tej zaum, yog Molecule molecule, yog li peb txiav txim siab siv nws. Tab sis nws tau muab tawm tias nws cov ntaub ntawv yog ntsiag to txog ntau qhov kev poob siab. Peb tsis tuaj yeem pom cov lus qhia ntxaws ntxaws hauv Lavxias, yog li peb txiav txim siab sau tsab xov xwm no.

molecule

Molecule - lub moj khaum los pab sim Ansible lub luag haujlwm.

Cov lus piav qhia yooj yim: Molecule tsim ib qho piv txwv ntawm lub platform uas koj tau teev tseg (huab, tshuab virtual, thawv; kom paub meej ntxiv, saib ntu Tsav), khiav koj lub luag haujlwm ntawm nws, tom qab ntawd khiav cov kev sim thiab tshem tawm qhov piv txwv. Yog tias muaj qhov ua tsis tiav ntawm ib qho ntawm cov kauj ruam, Molecule yuav ceeb toom koj txog nws.

Tam sim no ntxiv.

Ib qho kev xav ntawm me ntsis

Cia peb xav txog ob qhov tseem ceeb ntawm Molecule: Scenario thiab Tsav Tsheb.

Zaam Txaj

Tsab ntawv muaj cov lus piav qhia txog dab tsi, qhov twg, yuav ua li cas thiab nyob rau hauv dab tsi ua ntu zus. Ib lub luag haujlwm tuaj yeem muaj ntau cov ntawv sau, thiab txhua tus yog cov npe ntawm txoj kev <role>/molecule/<scenario>, muaj cov lus piav qhia txog cov kev ua uas yuav tsum tau ua rau kev xeem. Yuav tsum muaj ib tsab ntawv default, uas yuav raug tsim yog tias koj pib lub luag haujlwm siv Molecule. Cov npe ntawm cov ntawv sau hauv qab no yog nyob ntawm koj qhov kev txiav txim siab.

Cov kab ke ntawm kev sim ua hauv ib tsab ntawv hu ua Matrix, thiab los ntawm lub neej ntawd nws zoo li no:

(cov kauj ruam cim ?, raug hla los ntawm lub neej ntawd yog tias tsis tau teev los ntawm tus neeg siv)

lint - khiav linters. Raws li lub neej ntawd yamllint и flake8,
destroy - rho tawm cov xwm txheej los ntawm kev tso tawm kawg ntawm Molecule (yog tias muaj),
dependency? - txhim kho lub ansible dependency ntawm lub luag hauj lwm kuaj,
syntax - tshawb xyuas lub luag haujlwm syntax siv ansible-playbook --syntax-check,
create - tsim ib qho piv txwv,
prepare? - npaj qhov piv txwv; Piv txwv li xyuas / txhim kho python2
converge - tso tawm phau ntawv sim ua si,
idempotence - rov ua dua phau ntawv ua si rau qhov kev xeem ideempotency,
side_effect? - kev ua tsis ncaj qha rau lub luag haujlwm, tab sis tsim nyog rau kev sim,
verify - khiav kev ntsuam xyuas ntawm qhov tshwm sim configuration siv testinfra(default) /goss/inspec,
cleanup? - (hauv cov ntawv tshiab) - hais lus ntxhib, "ntxuav" cov txheej txheem sab nraud cuam tshuam los ntawm Molecule,
destroy - rho tawm ib qho piv txwv.

Cov kab ke no suav nrog feem ntau, tab sis tuaj yeem hloov kho yog tias tsim nyog.

Txhua yam ntawm cov kauj ruam saum toj no tuaj yeem khiav nyias siv molecule <command>. Tab sis koj yuav tsum nkag siab tias rau txhua qhov kev hais kom ua cli no yuav muaj nws tus kheej ua ntu zus, uas koj tuaj yeem paub los ntawm kev khiav. molecule matrix <command>. Piv txwv li, thaum khiav cov lus txib converge (khiav phau ntawv sim ua si) cov haujlwm hauv qab no yuav ua:

$ molecule matrix converge
...
└── default         # название сценария
    ├── dependency  # установка зависимостей
    ├── create      # создание инстанса
    ├── prepare     # преднастройка инстанса
    └── converge    # прогон плейбука

Cov kab ke ntawm cov kev ua no tuaj yeem hloov kho. Yog tias ib yam dab tsi los ntawm cov npe tau ua tiav lawm, nws yuav raug hla. Lub xeev tam sim no, nrog rau qhov piv txwv config, yog khaws cia hauv Molecule directory $TMPDIR/molecule/<role>/<scenario>.

Ntxiv cov kauj ruam nrog ? Koj tuaj yeem piav qhia txog qhov xav tau ua hauv Ansible playbook hom, thiab ua cov ntaub ntawv npe raws li cov kauj ruam: prepare.yml/side_effect.yml. Cia siab tias cov ntaub ntawv Molecule no yuav tsum nyob rau hauv daim ntawv tais ceev tseg.

Tsav

Tus tsav tsheb yog ib qho chaw uas tsim cov qauv rau kev xeem.
Cov npe ntawm cov qauv tsav tsheb uas Molecule muaj cov qauv npaj ua ntej yog: Azure, Docker, EC2, GCE, LXC, LXD, OpenStack, Vagrant, Delegated.

Feem ntau, cov qauv yog cov ntaub ntawv create.yml и destroy.yml nyob rau hauv cov ntawv tais ceev tseg, uas piav qhia txog kev tsim thiab tshem tawm ntawm qhov piv txwv, raws li.
Qhov kev zam yog Docker thiab Vagrant, txij li kev cuam tshuam nrog lawv cov modules tuaj yeem tshwm sim yam tsis muaj cov ntaub ntawv saum toj no.

Nws yog tsim nyog hais txog tus neeg tsav tsheb Delegated, txij li yog tias nws siv, tsuas yog kev ua haujlwm nrog cov qauv teeb tsa tau piav qhia hauv cov qauv tsim thiab tshem tawm cov ntaub ntawv; tus so yuav tsum tau piav qhia los ntawm tus engineer.

Lub neej ntawd tsav tsheb yog Docker.

Tam sim no cia peb mus rau kev xyaum thiab xav txog cov yam ntxwv ntxiv nyob ntawd.

Pib

Raws li "nyob zoo ntiaj teb" peb yuav sim lub luag haujlwm yooj yim nginx installation. Cia peb xaiv docker ua tus tsav tsheb - Kuv xav tias koj feem ntau muaj nws nruab (thiab nco ntsoov tias docker yog tus tsav tsheb tsis raug).

Wb npaj virtualenv thiab nruab rau hauv nws molecule:

> pip install virtualenv
> virtualenv -p `which python2` venv
> source venv/bin/activate
> pip install molecule docker  # molecule установит ansible как зависимость; docker для драйвера

Cov kauj ruam tom ntej yog pib lub luag haujlwm tshiab.
Initialization ntawm lub luag haujlwm tshiab, nrog rau cov ntawv tshiab, yog ua tiav siv cov lus txib molecule init <params>:

> molecule init role -r nginx
--> Initializing new role nginx...
Initialized role in <path>/nginx successfully.
> cd nginx
> tree -L 1
.
├── README.md
├── defaults
├── handlers
├── meta
├── molecule
├── tasks
└── vars

6 directories, 1 file

Qhov tshwm sim yog lub luag haujlwm ansible ib txwm. Tsis tas li ntawd, txhua qhov kev cuam tshuam nrog Molecules CLI yog tsim los ntawm lub luag haujlwm hauv paus.

Cia peb saib dab tsi nyob rau hauv lub luag hauj lwm directory:

> tree molecule/default/
molecule/default/
├── Dockerfile.j2  # Jinja-шаблон для Dockerfile
├── INSTALL.rst.   # Немного информации об установке зависимостей сценария
├── molecule.yml   # Файл конфигурации
├── playbook.yml   # Плейбук запуска роли
└── tests          # Директория с тестами стадии verify
    └── test_default.py

1 directory, 6 files

Cia peb saib ntawm lub config molecule/default/molecule.yml (peb yuav hloov tsuas yog cov duab docker):

---
dependency:
  name: galaxy
driver:
  name: docker
lint:
  name: yamllint
platforms:
  - name: instance
    image: centos:7
provisioner:
  name: ansible
  lint:
    name: ansible-lint
scenario:
  name: default
verifier:
  name: testinfra
  lint:
    name: flake8

vam khom

Tshooj lus no piav qhia txog lub hauv paus ntawm kev vam meej.

Cov kev xaiv ua tau: galaxy, siv, cev.

Plhaub tsuas yog lub plhaub hais kom siv yog tias galaxy thiab gilt tsis npog koj cov kev xav tau.

Kuv yuav tsis nyob ntawm no ntev, nws txaus piav nyob rau hauv cov ntaub ntawv.

neeg tsav tsheb

Lub npe tsav tsheb. Rau peb qhov no yog docker.

daim

Yamllint yog siv los ua linter.

Cov kev xaiv muaj txiaj ntsig hauv qhov no ntawm kev teeb tsa yog lub peev xwm los qhia cov ntaub ntawv teeb tsa rau yamllint, xa mus rau ib puag ncig hloov pauv, lossis lov tes taw linter:

lint:
  name: yamllint
  options:
    config-file: foo/bar
  env:
    FOO: bar
  enabled: False

Platforms

Piav qhia txog kev teeb tsa ntawm cov xwm txheej.
Nyob rau hauv rooj plaub ntawm docker ua tus tsav tsheb, Molecule iterates hla ntu no, thiab txhua lub ntsiab lus ntawm cov npe muaj nyob hauv Dockerfile.j2 raws li qhov sib txawv item.

Nyob rau hauv cov ntaub ntawv ntawm ib tug tsav tsheb nyob rau hauv uas create.yml и destroy.yml, seem yog muaj nyob rau hauv lawv li molecule_yml.platforms, thiab iterations ntawm nws twb tau piav nyob rau hauv cov ntaub ntawv no.

Txij li thaum Molecule muab kev tswj hwm piv txwv rau Ansible modules, koj yuav tsum nrhiav cov npe ntawm cov teeb tsa tau nyob ntawd. Rau Docker, piv txwv li, lub module yog siv docker_container_module. Cov modules twg siv rau lwm tus tsav tsheb tuaj yeem pom hauv cov ntaub ntawv.

Koj tuaj yeem pom cov piv txwv ntawm kev siv ntau yam tsav tsheb Hauv kev sim ntawm Molecule nws tus kheej.

Cia peb hloov ntawm no xus: 7 rau ubuntu.

tus muab

"Tus muab" yog lub koom haum uas tswj cov xwm txheej. Nyob rau hauv rooj plaub ntawm Molecule, qhov no yog ansible; kev txhawb nqa rau lwm tus tsis tau npaj, yog li tshooj no tuaj yeem, nrog kev tshwj tseg, hu ua qhov txuas ntxiv ansible configuration.
Muaj ntau yam koj tuaj yeem taw qhia ntawm no, tab sis kuv yuav qhia cov ntsiab lus tseem ceeb, hauv kuv lub tswv yim:

phau ntawv ua si: Koj tuaj yeem hais qhia cov phau ntawv uas yuav tsum tau siv ntawm qee theem.

provisioner:
  name: ansible
  playbooks:
    create: create.yml
    destroy: ../default/destroy.yml
    converge: playbook.yml
    side_effect: side_effect.yml
    cleanup: cleanup.yml

config_options: ansible config

provisioner:
  name: ansible
  config_options:
    defaults:
      fact_caching: jsonfile
    ssh_connection:
      scp_if_ssh: True

kev sib txuas_options: kev xaiv txuas

provisioner:
  name: ansible  
  connection_options:
    ansible_ssh_common_args: "-o 'UserKnownHostsFile=/dev/null' -o 'ForwardAgent=yes'"

xaiv: Ansible parameters thiab ib puag ncig variables

provisioner:
  name: ansible  
  options:
    vvv: true
    diff: true
  env:
    FOO: BAR

scenario

Lub npe thiab cov lus piav qhia ntawm tsab ntawv ua ntu zus.
Koj tuaj yeem hloov lub neej ntawd matrix ntawm kev hais kom ua los ntawm kev ntxiv tus yuam sij <command>_sequence thiab raws li tus nqi rau nws, txhais cov npe ntawm cov kauj ruam peb xav tau.
Cia peb hais tias peb xav hloov qhov sib lawv liag ntawm kev ua thaum khiav playbook khiav hais kom ua: molecule converge

# изначально:
# - dependency
# - create
# - prepare
# - converge
scenario:
  name: default
  converge_sequence:
    - create
    - converge

xyuas

Teem ib lub moj khaum rau kev xeem thiab ib lub linter rau nws. Los ntawm lub neej ntawd, lub linter yog siv testinfra и flake8. Cov kev xaiv tau zoo ib yam li cov saum toj no:

verifier:
  name: testinfra
  additional_files_or_dirs:
    - ../path/to/test_1.py
    - ../path/to/test_2.py
    - ../path/to/directory/*
  options:
    n: 1
  enabled: False
  env:
    FOO: bar
  lint:
    name: flake8
    options:
      benchmark: True
    enabled: False
    env:
      FOO: bar

Cia peb rov qab los rau peb lub luag haujlwm. Cia peb kho cov ntaub ntawv tasks/main.yml rau daim ntawv no:

---
- name: Install nginx
  apt:
    name: nginx
    state: present

- name: Start nginx
  service:
    name: nginx
    state: started

Thiab ntxiv cov kev xeem rau molecule/default/tests/test_default.py

def test_nginx_is_installed(host):
    nginx = host.package("nginx")
    assert nginx.is_installed

def test_nginx_running_and_enabled(host):
    nginx = host.service("nginx")
    assert nginx.is_running
    assert nginx.is_enabled

def test_nginx_config(host):
    host.run("nginx -t")

Ua tiav, txhua yam uas tseem tshuav yog khiav (los ntawm lub hauv paus ntawm lub luag haujlwm, cia kuv nco koj):

> molecule test

Ntev tso rau hauv qab spoiler:

--> Validating schema <path>/nginx/molecule/default/molecule.yml.
Validation completed successfully.
--> Test matrix

└── default
    ├── lint
    ├── destroy
    ├── dependency
    ├── syntax
    ├── create
    ├── prepare
    ├── converge
    ├── idempotence
    ├── side_effect
    ├── verify
    └── destroy

--> Scenario: 'default'
--> Action: 'lint'
--> Executing Yamllint on files found in <path>/nginx/...
Lint completed successfully.
--> Executing Flake8 on files found in <path>/nginx/molecule/default/tests/...
Lint completed successfully.
--> Executing Ansible Lint on <path>/nginx/molecule/default/playbook.yml...
Lint completed successfully.
--> Scenario: 'default'
--> Action: 'destroy'

    PLAY [Destroy] *****************************************************************

    TASK [Destroy molecule instance(s)] ********************************************
    changed: [localhost] => (item=None)
    changed: [localhost]

    TASK [Wait for instance(s) deletion to complete] *******************************
    ok: [localhost] => (item=None)
    ok: [localhost]

    TASK [Delete docker network(s)] ************************************************

    PLAY RECAP *********************************************************************
    localhost                  : ok=2    changed=1    unreachable=0    failed=0

--> Scenario: 'default'
--> Action: 'dependency'
Skipping, missing the requirements file.
--> Scenario: 'default'
--> Action: 'syntax'

    playbook: <path>/nginx/molecule/default/playbook.yml

--> Scenario: 'default'
--> Action: 'create'

    PLAY [Create] ******************************************************************

    TASK [Log into a Docker registry] **********************************************
    skipping: [localhost] => (item=None)

    TASK [Create Dockerfiles from image names] *************************************
    changed: [localhost] => (item=None)
    changed: [localhost]

    TASK [Discover local Docker images] ********************************************
    ok: [localhost] => (item=None)
    ok: [localhost]

    TASK [Build an Ansible compatible image] ***************************************
    changed: [localhost] => (item=None)
    changed: [localhost]

    TASK [Create docker network(s)] ************************************************

    TASK [Create molecule instance(s)] *********************************************
    changed: [localhost] => (item=None)
    changed: [localhost]

    TASK [Wait for instance(s) creation to complete] *******************************
    changed: [localhost] => (item=None)
    changed: [localhost]

    PLAY RECAP *********************************************************************
    localhost                  : ok=5    changed=4    unreachable=0    failed=0

--> Scenario: 'default'
--> Action: 'prepare'
Skipping, prepare playbook not configured.
--> Scenario: 'default'
--> Action: 'converge'

    PLAY [Converge] ****************************************************************

    TASK [Gathering Facts] *********************************************************
    ok: [instance]

    TASK [nginx : Install nginx] ***************************************************
    changed: [instance]

    TASK [nginx : Start nginx] *****************************************************
    changed: [instance]

    PLAY RECAP *********************************************************************
    instance                   : ok=3    changed=2    unreachable=0    failed=0

--> Scenario: 'default'
--> Action: 'idempotence'
Idempotence completed successfully.
--> Scenario: 'default'
--> Action: 'side_effect'
Skipping, side effect playbook not configured.
--> Scenario: 'default'
--> Action: 'verify'
--> Executing Testinfra tests found in <path>/nginx/molecule/default/tests/...
    ============================= test session starts ==============================
    platform darwin -- Python 2.7.15, pytest-4.3.0, py-1.8.0, pluggy-0.9.0
    rootdir: <path>/nginx/molecule/default, inifile:
    plugins: testinfra-1.16.0
collected 4 items

    tests/test_default.py ....                                               [100%]

    ========================== 4 passed in 27.23 seconds ===========================
Verifier completed successfully.
--> Scenario: 'default'
--> Action: 'destroy'

    PLAY [Destroy] *****************************************************************

    TASK [Destroy molecule instance(s)] ********************************************
    changed: [localhost] => (item=None)
    changed: [localhost]

    TASK [Wait for instance(s) deletion to complete] *******************************
    changed: [localhost] => (item=None)
    changed: [localhost]

    TASK [Delete docker network(s)] ************************************************

    PLAY RECAP *********************************************************************
    localhost                  : ok=2    changed=2    unreachable=0    failed=0

Peb lub luag haujlwm yooj yim sim tsis muaj teeb meem.
Nws tsim nyog nco ntsoov tias yog tias muaj teeb meem tshwm sim thaum lub sijhawm ua haujlwm molecule test, ces yog tias koj tsis tau hloov cov txheej txheem ib ntus, Molecule yuav rho tawm qhov piv txwv.

Cov lus txib hauv qab no muaj txiaj ntsig zoo rau kev debugging:

> molecule --debug <command> # debug info. При обычном запуске Молекула скрывает логи.
> molecule converge          # Оставляет инстанс после прогона тестируемой роли.
> molecule login             # Зайти в созданный инстанс.
> molecule --help            # Полный список команд.

Lub luag haujlwm uas twb muaj lawm

Ntxiv ib tsab ntawv tshiab rau lub luag haujlwm uas twb muaj lawm tshwm sim los ntawm lub luag hauj lwm directory nrog cov lus txib hauv qab no:

# полный список доступных параметров
> molecule init scenarion --help
# создание нового сценария
> molecule init scenario -r <role_name> -s <scenario_name>

Yog hais tias qhov no yog thawj tsab ntawv nyob rau hauv lub luag hauj lwm, ces tus parameter -s tuaj yeem raug tshem tawm vim tias tsab ntawv yuav raug tsim default.

xaus

Raws li koj tuaj yeem pom, Molecule tsis nyuaj heev, thiab thaum siv koj tus kheej cov qauv, koj tuaj yeem txo qhov kev xa tawm ntawm tsab ntawv tshiab los kho cov hloov pauv hauv cov ntawv ua si rau kev tsim thiab tshem tawm cov xwm txheej. Cov molecule seamlessly integrates nrog CI systems, uas tso cai rau koj mus nce qhov ceev ntawm txoj kev loj hlob los ntawm kev txo lub sij hawm rau phau ntawv ntsuas ntawm playbooks.

Ua tsaug rau koj mloog. Yog tias koj muaj kev sim ntsuas lub luag haujlwm, thiab nws tsis cuam tshuam nrog Molecule, qhia peb txog nws hauv cov lus!

Tau qhov twg los: www.hab.com

Cov lus qhia: yuav ua li cas kuaj Ansible lub luag haujlwm thiab paub txog cov teeb meem ua ntej kev tsim khoom