Всем привет!
Ou te galue o se DevOps enisinia mo se faletalimalo booking service. . I lenei tusiga ou te fia talanoa e uiga i lo matou poto masani i le suʻeina o matafaioi Ansible.
I Ostrovok.ru matou te faʻaaogaina le ansible e fai ma pule faʻatulagaina. Talu ai nei na matou oʻo mai ai i le manaʻoga e suʻe matafaioi, ae, e pei ona aliali mai, e le tele ni meafaigaluega mo lenei mea - o le sili ona lauiloa, masalo, o le Molecule framework, o lea na matou filifili ai e faʻaaogaina. Ae na aliali mai o ana faʻamaumauga e le leoa e uiga i le tele o faʻalavelave. Matou te leʻi mauaina se faʻamatalaga auiliili i le gagana Rusia, o lea na matou filifili ai e tusi lenei tusiga.
Molekula
— se auivi e fesoasoani e su'e ai matafaioi Ansible.
Fa'amatalaga faigofie: Molecule e faia se fa'ata'ita'iga i luga o le fa'avae e te fa'ailoaina (cloud, virtual machine, container; mo nisi fa'amatalaga, va'ai vaega ), fa'atino lau matafaioi i luga, ona fai lea o su'ega ma tape le fa'ata'ita'iga. Afai e i ai se faaletonu i se tasi o laasaga, o le a logoina oe e le Molecule e uiga i ai.
Ua sili atu nei.
O se vaega o teori
Sei o tatou iloiloina ni vaega autu se lua o le Molecule: Scenario ma Avetaavale.
Faataʻitaʻiga
O le tusitusiga o loʻo i ai se faʻamatalaga o le a, o fea, faʻafefea ma le faʻasologa o le a faia. E tasi le matafaioi e mafai ona i ai ni tusitusiga se tele, ma e tofu ma se lisi i luga o le ala <role>/molecule/<scenario>, o loʻo i ai faʻamatalaga o gaioiga e manaʻomia mo le suʻega. E tatau ona i ai se tusitusiga default, lea o le a otometi lava ona fatuina pe afai e te amataina le matafaioi e faʻaaoga ai le Molecule. O igoa o fa'amaumauga nei e i lau pule faitalia.
O le fa'asologa o gaioiga fa'ata'ita'iga i totonu o se tusitusiga e ta'ua Numera, ma e fa'aletonu e pei o lenei:
(Laasaga ua faailogaina ?, e fa'ase'e ona o le faaletonu pe a le fa'amaoti mai e le tagata fa'aoga)
lint- tamo'e liters. Ona o le faaletonuyamllintиflake8,destroy- tapeina faʻataʻitaʻiga mai le faʻalauiloaina mulimuli o Molecule (pe a iai se mea e totoe),dependency? - faʻapipiʻiina le faʻalagolago faʻalagolago o le matafaioi faʻataʻitaʻi,syntax- siaki le syntax matafaioi fa'aaogaansible-playbook --syntax-check,create- faia se faʻataʻitaʻiga,prepare? - saunia le fa'ata'ita'iga; mo se faʻataʻitaʻiga siaki / faʻapipiʻi python2converge- faʻalauiloa le tusi taʻaloga faʻataʻitaʻiina,idempotence- toe taʻavale le tusi taʻavale mo le suʻega o le tino,side_effect? - gaioiga e le o fesoʻotaʻi saʻo i le matafaioi, ae e manaʻomia mo suʻega,verify- fa'atautaia su'ega o le fa'aogaina o le fa'aogainatestinfra(tauaga) /goss/inspec,cleanup? - (i fa'aliliuga fou) - fa'ata'atia, "fa'amamāina" atina'e fafo o lo'o a'afia i le Molecule,destroy- tapeina o se fa'ata'ita'iga.
O lenei fa'asologa e aofia ai le tele o mataupu, ae mafai ona suia pe a mana'omia.
O laasaga taʻitasi o loʻo i luga e mafai ona taʻavale eseese e faʻaaoga ai molecule <command>. Ae e tatau ona e malamalama o ia poloaiga cli e mafai ona i ai lana lava faasologa o gaioiga, lea e mafai ona e mauaina e ala i le tamoe. molecule matrix <command>. Mo se faʻataʻitaʻiga, pe a faʻatautaia le poloaiga converge (fa'ata'ita'iina le tusita'alo fa'ata'ita'i) o gaioiga nei o le a fa'atinoina:
$ molecule matrix converge
...
└── default # название сценария
├── dependency # установка зависимостей
├── create # создание инстанса
├── prepare # преднастройка инстанса
└── converge # прогон плейбукаE mafai ona fa'asa'o le fa'asologa o nei gaioiga. Afai o se mea mai le lisi ua uma ona maeʻa, o le a faaseʻe. O le tulaga o iai nei, faʻapea foʻi ma le faʻataʻitaʻiga config, o loʻo teuina i totonu o le Molecule directory $TMPDIR/molecule/<role>/<scenario>.
Faaopoopo laasaga ma ? E mafai ona e fa'amatalaina gaioiga e mana'omia ile fa'asologa o le tusi ta'alo Ansible, ma fai le igoa faila e tusa ai ma le la'asaga: prepare.yml/side_effect.yml. Fa'atalitali nei faila Molecule o lo'o i totonu o le faila fa'amaumauga.
avetaʻavale
O le aveta'avale ose fa'alapotopotoga e faia ai fa'ata'ita'iga mo su'ega.
O le lisi o aveta'avale masani lea ua saunia e Molecule faʻataʻitaʻiga: Azure, Docker, EC2, GCE, LXC, LXD, OpenStack, Vagrant, Delegated.
I le tele o tulaga, o mamanu o faila create.yml и destroy.yml i totonu o le faila faila, lea e faʻamatalaina ai le fatuina ma le tapeina o le faʻataʻitaʻiga, i le faasologa.
O tuusaunoaga o Docker ma Vagrant, talu ai o fegalegaleaiga ma a latou modules e mafai ona tupu e aunoa ma faila o loʻo i luga.
E taua le faʻailogaina o le avetaʻavale Faʻatagaina, talu ai afai e faʻaaogaina, naʻo le galuega faʻatasi ma le faʻatulagaina o faʻataʻitaʻiga o loʻo faʻamatalaina i le faʻataʻitaʻiga o le fatuina ma le tapeina o faila; o le isi e tatau ona faʻamatalaina e le inisinia.
Ole ta'avale fa'aletonu ole Docker.
Se'i o tatou aga'i atu e fa'ata'ita'i ma mafaufau i nisi fa'ailoga iina.
Amataina
I le avea ai o se "alofa lalolagi" o le a matou suʻeina se galuega faʻapipiʻi nginx faigofie. Se'i o tatou filifilia le faifa'ato'aga e fai ma aveta'avale - Ou te manatu o le to'atele o 'outou na fa'apipi'iina (ma manatua o le ta'avale le fa'aletonu).
Saunia virtualenv ma faapipii i totonu molecule:
> pip install virtualenv
> virtualenv -p `which python2` venv
> source venv/bin/activate
> pip install molecule docker # molecule установит ansible как зависимость; docker для драйвераO le isi laasaga o le amataina o se matafaioi fou.
O le amataina o se matafaioi fou, faʻapea foʻi ma se tusitusiga fou, o loʻo faʻatinoina i le faʻaaogaina o le poloaiga molecule init <params>:
> molecule init role -r nginx
--> Initializing new role nginx...
Initialized role in <path>/nginx successfully.
> cd nginx
> tree -L 1
.
├── README.md
├── defaults
├── handlers
├── meta
├── molecule
├── tasks
└── vars
6 directories, 1 fileO le taunuuga o se matafaioi masani masani. E le gata i lea, o fegalegaleaiga uma ma le Molecules CLI e faia mai le aʻa.
Se'i tatou va'ai po'o le a le mea o lo'o i totonu o le lisi o matafaioi:
> tree molecule/default/
molecule/default/
├── Dockerfile.j2 # Jinja-шаблон для Dockerfile
├── INSTALL.rst. # Немного информации об установке зависимостей сценария
├── molecule.yml # Файл конфигурации
├── playbook.yml # Плейбук запуска роли
└── tests # Директория с тестами стадии verify
└── test_default.py
1 directory, 6 filesSei o tatou tilotilo i le config molecule/default/molecule.yml (o le a matou suia naʻo le ata faʻailoga):
---
dependency:
name: galaxy
driver:
name: docker
lint:
name: yamllint
platforms:
- name: instance
image: centos:7
provisioner:
name: ansible
lint:
name: ansible-lint
scenario:
name: default
verifier:
name: testinfra
lint:
name: flake8faalagolago
O lenei vaega o loʻo faʻamatalaina le puna o faʻalagolago.
avanoa e mafai ai: , , atigi.
O le atigi e na'o se atigi fa'atonu e fa'aoga pe a le fa'aofuina ou mana'oga i le galaxy ma le gilt.
O le a ou le nofo umi iinei, ua lava le faamatalaina i totonu .
avetaʻavale
Igoa avetaavale. Mo i matou o le docker lea.
lint
Yamllint e faʻaaogaina e fai ma linter.
O filifiliga aoga i lenei vaega o le config o le mafai lea ona faʻamaonia se faila faʻatulagaina mo yamllint, suiga o le siosiomaga i luma, pe faʻamalo le linter:
lint:
name: yamllint
options:
config-file: foo/bar
env:
FOO: bar
enabled: Falsefausaga opea
Fa'amatala le fa'atulagaina o fa'ata'ita'iga.
I le tulaga o le docker o se avetaʻavale, o le Molecule e faʻaalia i luga o lenei vaega, ma o elemene taʻitasi o le lisi o loʻo avanoa i totonu. Dockerfile.j2 o se fesuiaiga item.
I le tulaga o se avetaavale lea create.yml и destroy.yml, o loʻo maua le vaega i totonu ia i latou e pei o molecule_yml.platforms, ma fa'asologa i luga o lea ua uma ona fa'amatalaina i nei faila.
Talu ai o le Molecule o loʻo tuʻuina atu ai faʻataʻitaʻiga pulega i Ansible modules, e tatau ona e suʻeina le lisi o tulaga talafeagai iina. Mo Docker, mo se faʻataʻitaʻiga, o loʻo faʻaaogaina le module . O fea modules o loʻo faʻaaogaina i isi avetaavale e mafai ona maua i totonu .
E mafai foʻi ona e mauaina faʻataʻitaʻiga o le faʻaaogaina o avetaavale eseese .
Sei o tatou sui iinei centos:7 i ubuntu.
foa'i
"Fa'aola" o le fa'alapotopotoga e fa'afoeina fa'asologa. I le tulaga o Molecule, o le mea lea e mafai; lagolago mo isi e le o fuafuaina, o lea e mafai ai e lenei vaega, ma le faʻasao, ona taʻua o se faʻaopoopoga faʻaopoopo.
E tele naua mea e mafai ona e faʻasino atu iinei, ae o le a ou faʻamalamalamaina manatu autu, i loʻu manatu:
- tusita'alo: E mafai ona e fa'amaonia po'o fea tusita'alo e tatau ona fa'aoga i nisi la'asaga.
provisioner:
name: ansible
playbooks:
create: create.yml
destroy: ../default/destroy.yml
converge: playbook.yml
side_effect: side_effect.yml
cleanup: cleanup.yml- config_options:
provisioner:
name: ansible
config_options:
defaults:
fact_caching: jsonfile
ssh_connection:
scp_if_ssh: True- connection_options: filifiliga
provisioner:
name: ansible
connection_options:
ansible_ssh_common_args: "-o 'UserKnownHostsFile=/dev/null' -o 'ForwardAgent=yes'"- filifiliga: Fa'amaufa'ailoga fa'apitoa ma fesuiaiga o le si'osi'omaga
provisioner:
name: ansible
options:
vvv: true
diff: true
env:
FOO: BARo tupu
Ulutala ma fa'amatalaga o fa'asologa o tusitusiga.
E mafai ona e suia le fa'asologa o gaioiga o se fa'atonuga e ala i le fa'aopoopoina o le ki <command>_sequence ma o se tau mo lena mea, faʻamalamalamaina le lisi o laasaga tatou te manaʻomia.
Seʻi tatou fai atu tatou te mananaʻo e sui le faasologa o gaioiga pe a faʻatautaia le faʻatonuga o le tusi taʻavale: molecule converge
# изначально:
# - dependency
# - create
# - prepare
# - converge
scenario:
name: default
converge_sequence:
- create
- convergesiaki
Fa'atulaga se auivi mo su'ega ma se linter mo ia. Ona o le faaletonu, o le linter e faʻaaogaina testinfra и flake8. O filifiliga e mafai e tutusa ma mea o loʻo i luga:
verifier:
name: testinfra
additional_files_or_dirs:
- ../path/to/test_1.py
- ../path/to/test_2.py
- ../path/to/directory/*
options:
n: 1
enabled: False
env:
FOO: bar
lint:
name: flake8
options:
benchmark: True
enabled: False
env:
FOO: barTatou toe foi i la tatou matafaioi. Tatou faasa'o le faila tasks/main.yml i lenei fomu:
---
- name: Install nginx
apt:
name: nginx
state: present
- name: Start nginx
service:
name: nginx
state: started
Ma fa'aopoopo su'ega i molecule/default/tests/test_default.py
def test_nginx_is_installed(host):
nginx = host.package("nginx")
assert nginx.is_installed
def test_nginx_running_and_enabled(host):
nginx = host.service("nginx")
assert nginx.is_running
assert nginx.is_enabled
def test_nginx_config(host):
host.run("nginx -t")
Ua uma, pau lava le mea e totoe o le tamoe (mai le aʻa o le matafaioi, sei ou faamanatu atu ia te oe):
> molecule testUsu umi i lalo ole spoiler:
--> Validating schema <path>/nginx/molecule/default/molecule.yml.
Validation completed successfully.
--> Test matrix
└── default
├── lint
├── destroy
├── dependency
├── syntax
├── create
├── prepare
├── converge
├── idempotence
├── side_effect
├── verify
└── destroy
--> Scenario: 'default'
--> Action: 'lint'
--> Executing Yamllint on files found in <path>/nginx/...
Lint completed successfully.
--> Executing Flake8 on files found in <path>/nginx/molecule/default/tests/...
Lint completed successfully.
--> Executing Ansible Lint on <path>/nginx/molecule/default/playbook.yml...
Lint completed successfully.
--> Scenario: 'default'
--> Action: 'destroy'
PLAY [Destroy] *****************************************************************
TASK [Destroy molecule instance(s)] ********************************************
changed: [localhost] => (item=None)
changed: [localhost]
TASK [Wait for instance(s) deletion to complete] *******************************
ok: [localhost] => (item=None)
ok: [localhost]
TASK [Delete docker network(s)] ************************************************
PLAY RECAP *********************************************************************
localhost : ok=2 changed=1 unreachable=0 failed=0
--> Scenario: 'default'
--> Action: 'dependency'
Skipping, missing the requirements file.
--> Scenario: 'default'
--> Action: 'syntax'
playbook: <path>/nginx/molecule/default/playbook.yml
--> Scenario: 'default'
--> Action: 'create'
PLAY [Create] ******************************************************************
TASK [Log into a Docker registry] **********************************************
skipping: [localhost] => (item=None)
TASK [Create Dockerfiles from image names] *************************************
changed: [localhost] => (item=None)
changed: [localhost]
TASK [Discover local Docker images] ********************************************
ok: [localhost] => (item=None)
ok: [localhost]
TASK [Build an Ansible compatible image] ***************************************
changed: [localhost] => (item=None)
changed: [localhost]
TASK [Create docker network(s)] ************************************************
TASK [Create molecule instance(s)] *********************************************
changed: [localhost] => (item=None)
changed: [localhost]
TASK [Wait for instance(s) creation to complete] *******************************
changed: [localhost] => (item=None)
changed: [localhost]
PLAY RECAP *********************************************************************
localhost : ok=5 changed=4 unreachable=0 failed=0
--> Scenario: 'default'
--> Action: 'prepare'
Skipping, prepare playbook not configured.
--> Scenario: 'default'
--> Action: 'converge'
PLAY [Converge] ****************************************************************
TASK [Gathering Facts] *********************************************************
ok: [instance]
TASK [nginx : Install nginx] ***************************************************
changed: [instance]
TASK [nginx : Start nginx] *****************************************************
changed: [instance]
PLAY RECAP *********************************************************************
instance : ok=3 changed=2 unreachable=0 failed=0
--> Scenario: 'default'
--> Action: 'idempotence'
Idempotence completed successfully.
--> Scenario: 'default'
--> Action: 'side_effect'
Skipping, side effect playbook not configured.
--> Scenario: 'default'
--> Action: 'verify'
--> Executing Testinfra tests found in <path>/nginx/molecule/default/tests/...
============================= test session starts ==============================
platform darwin -- Python 2.7.15, pytest-4.3.0, py-1.8.0, pluggy-0.9.0
rootdir: <path>/nginx/molecule/default, inifile:
plugins: testinfra-1.16.0
collected 4 items
tests/test_default.py .... [100%]
========================== 4 passed in 27.23 seconds ===========================
Verifier completed successfully.
--> Scenario: 'default'
--> Action: 'destroy'
PLAY [Destroy] *****************************************************************
TASK [Destroy molecule instance(s)] ********************************************
changed: [localhost] => (item=None)
changed: [localhost]
TASK [Wait for instance(s) deletion to complete] *******************************
changed: [localhost] => (item=None)
changed: [localhost]
TASK [Delete docker network(s)] ************************************************
PLAY RECAP *********************************************************************
localhost : ok=2 changed=2 unreachable=0 failed=0
Sa tofotofoina la matou matafaioi faigofie e aunoa ma ni faafitauli.
E taua le manatuaina pe a tulaʻi faʻafitauli i le taimi o le taotoga molecule test, ma afai e te leʻi suia le faʻasologa masani, o le a tape e Molecule le faʻataʻitaʻiga.
O tulafono nei e aoga mo le faʻapipiʻiina:
> molecule --debug <command> # debug info. При обычном запуске Молекула скрывает логи.
> molecule converge # Оставляет инстанс после прогона тестируемой роли.
> molecule login # Зайти в созданный инстанс.
> molecule --help # Полный список команд.Matafaioi o iai nei
O le fa'aopoopoina o se tusitusiga fou i se matafaioi o lo'o iai e tupu mai le lisi o matafaioi faatasi ai ma poloaiga nei:
# полный список доступных параметров
> molecule init scenarion --help
# создание нового сценария
> molecule init scenario -r <role_name> -s <scenario_name>Afai o le tusitusiga muamua lea i le matafaioi, o le parakalafa -s e mafai ona aveese talu ai o le a faia se tusitusiga default.
iʻuga
E pei ona mafai ona e vaʻai, Molecule e le faigata tele, ma pe a faʻaaogaina au oe lava faʻataʻitaʻiga, e mafai ona e faʻaitiitia le faʻapipiʻiina o se tusitusiga fou e faʻasaʻo ai fesuiaiga i totonu o tusi taʻaloga mo le fatuina ma le tapeina o taimi. O le mole mole e fesoʻotaʻi faʻatasi ma faiga CI, lea e mafai ai ona e faʻateleina le saoasaoa o le atinaʻe e ala i le faʻaitiitia o le taimi mo suʻega tusi taʻavale.
Faafetai mo lou gauai mai. Afai ei ai sou poto masani i le suʻeina o matafaioi, ma e le fesoʻotaʻi ma Molecule, taʻu mai ia i matou i faʻamatalaga!
puna: www.habr.com