Science and technology

Using Testinfra with Ansible to confirm server state

By design, Ansible expresses the specified state of a machine to make sure that the content material of an Ansible playbook or position is deployed to the focused machines. But what if you want to be sure all of the infrastructure modifications are in Ansible? Or confirm the state of a server at any time?

Testinfra is an infrastructure testing framework that makes it simple to jot down unit checks to confirm the state of a server. It is a Python library and makes use of the highly effective pytest check engine.

Getting began with Testinfra

Testinfra may be simply put in utilizing the Python package deal supervisor (pip) and a Python digital atmosphere.

$ python3 -m venv venv
$ supply venv/bin/activate
(venv) $ pip set up testinfra

Testinfra can also be obtainable within the package deal repositories of Fedora and CentOS utilizing the EPEL repository. For instance, on CentOS 7 you may set up it with the next instructions:

$ yum set up -y epel-release
$ yum set up -y python-testinfra

A easy check script

Writing checks in Testinfra is simple. Using the code editor of your alternative, add the next to a file named test_simple.py:

import testinfra

def test_os_release(host):
    assert host.file("/etc/os-release").accommodates("Fedora")

def test_sshd_inactive(host):
    assert host.service("sshd").is_running is False

By default, Testinfra offers a number object to the check case; this object offers entry to completely different helper modules. For instance, the primary check makes use of the file module to confirm the content material of the file on the host, and the second check case makes use of the service module to verify the state of a systemd service.

To run these checks in your native machine, execute the next command:

(venv)$ pytest test_simple.py
================================ check session begins ================================
platform linux -- Python Three.7.Three, pytest-Four.Four.1, py-1.eight.Zero, pluggy-Zero.9.Zero
rootdir: /dwelling/cverna/Documents/Python/testinfra
plugins: testinfra-Three.Zero.Zero
collected 2 objects
test_simple.py ..

================================ 2 handed in Zero.05 seconds ================================

For a full record of Testinfra’s APIs, you may seek the advice of the documentation.

Testinfra and Ansible

One of Testinfra’s supported backends is Ansible, which suggests Testinfra can straight use Ansible’s stock file and a gaggle of machines outlined within the stock to run checks in opposition to them.

Let’s use the next stock file for instance:

[internet]
app-frontend01
app-frontend02

[database]
db-backend01

We need to make it possible for our Apache internet server service is operating on app-frontend01 and app-frontend02. Let’s write the check in a file known as test_web.py:

def check_httpd_service(host):
    """Check that the httpd service is operating on the host"""
    assert host.service("httpd").is_running

To run this check utilizing Testinfra and Ansible, use the next command:

(venv) $ pip set up ansible
(venv) $ py.check --hosts=internet --ansible-inventory=stock --connection=ansible test_web.py

When invoking the checks, we use the Ansible stock [web] group because the focused machines and likewise specify that we need to use Ansible because the connection backend.

Using the Ansible module

Testinfra additionally offers a pleasant API to Ansible that can be utilized within the checks. The Ansible module permits entry to run Ansible performs inside a check and makes it simple to examine the results of the play.

def check_ansible_play(host):
    """
    Verify package deal is put in utilizing Ansible
    package deal module
    """

    assert not host.ansible("package", "name=httpd state=present")["changed"]

By default, Ansible’s Check Mode is enabled, which signifies that Ansible will report what would change if the play had been executed on the distant host.

Testinfra and Nagios

Now that we are able to simply run checks to validate the state of a machine, we are able to use these checks to set off alerts on a monitoring system. This is an effective way to catch sudden modifications.

Testinfra presents an integration with Nagios, a preferred monitoring resolution. By default, Nagios makes use of the NRPE plugin to execute checks on distant hosts, however utilizing Testinfra lets you run the checks straight from the Nagios grasp.

To get a Testinfra output suitable with Nagios, now we have to make use of the –nagios flag when triggering the check. We additionally use the -qq pytest flag to allow pytest’s quiet mode so all of the check particulars won’t be displayed.

(venv) $ py.check --hosts=internet --ansible-inventory=stock --connection=ansible --nagios -qq line check.py
TESTINFRA OK - 1 handed, Zero failed, Zero skipped in 2.55 seconds

Testinfra is a robust library for writing checks to confirm an infrastructure’s state. Coupled with Ansible and Nagios, it presents a easy resolution to implement infrastructure as code. It can also be a key part of including testing through the growth of your Ansible roles utilizing Molecule.


What to learn subsequent

Most Popular

To Top