I might drink this beer

Logo

I am a jack of some trades and definitely a master of none. That doesn't mean I haven't had some experience and a handful of opinions to go with it. All of the opinions expressed here are my own and do not reflect the views of my employer or the voices beamed into my head from the sophons in the sky. For now I'll start with things I like to drink

View My GitHub Profile

Encrypted chat via Keybase markjmenger

summer
sweet
devops
dark
year-round
big-ip
automation
hashicorp
terraform
winter
brewing
yeast
complexity
fragile2agile
lean

29 July 2020

Test your BIG-IPs

by Mark J Menger

Introduction

IT Industry research, such as Accelerate, shows improving a company’s ability to deliver software is critical to their overall success. The following key practices and design principles are cornerstones to that improvement.

What’s the point

All too often infrastructure testing takes the form of I-think-its-done-toss-it-over-the-fence-and-see-if-anyone-shouts. This is wasteful in a variety of ways.

Rigorous manual testing practices are a step in the right direction. However, there are unintentional, though highly impactful, consequences to these approaches.

Testing-focused practices, like TDD, are effective means to improving application and infrastructure development efficiency.
As noted in the Introduction, effective test automation is one of the practices that differentiates high performers from low performers in IT service delivery.

In addition to addressing the negative consequences of minimal testing or primarily manual testing, automation of testing and test data management delivers the following benefits.

Let’s get started

We’re going to focus on test automation in this article to help you integrate your F5 assets with your CI/CD practices. The demonstration resources described below show how tools like HashiCorp Terraform, Test Kitchen, Chef Inspec and F5’s Automation Toolchain can be used to validate that your BIG-IPs and their configuration are fit for purpose. By following along with the README in the demonstration repository, you should be able to run this demonstration and explore the implications for your own environments.

Caveats

Requirements

Setup

Install Terraform

You can follow HashiCorp’s instructions to install Terraform, if you choose. I find being able to arbitrarily switch between versions is of use to me. If you’d like that as well you can follow these steps to install tfenv.

# install Terraform
git clone https://github.com/tfutils/tfenv.git ~/.tfenv
sudo ln -s ~/.tfenv/bin/* /usr/local/bin
sudo apt install unzip -y
tfenv install 0.15.5
tfenv use 0.15.5

Prepare to install Ruby, Bundler, and Kitchen

Create a file named Gemfile in your project directory (unless it’s already there in the repository you’ve cloned), with the following content.

ruby '2.7.4'

source "https://rubygems.org/" do
    gem "kitchen-terraform", "~> 5.7"
end

Install Ruby

# install Ruby
sudo apt-get install software-properties-common
sudo apt-add-repository -y ppa:rael-gc/rvm
sudo apt-get update
sudo apt-get install rvm
sudo usermod -a -G rvm $USER

You will likely need to logout and login again in order for the usermod to take effect. Then you can

rvm install ruby

Install bundler

gem install bundler

Install kitchen

Using the contents of the Gemfile you created earlier, Bundler will make certain that the requirements specified are fulfilled. This includes installing Test Kitchen.

bundle install
driver:
  name: terraform
  root_module_directory: test/fixtures/aws
  parallelism: 4
  command_timeout: 1200

provisioner:
  name: terraform
verifier:
  name: terraform
  systems:
    - name: local
      backend: local
      profile_locations:
        - https://github.com/f5devcentral/big-ip-atc-ready.git
        - test/integration/bigip
      controls:
        - bigip-postbuildconfig-do-self
        - bigip-postbuildconfig-do-dns
        - bigip-postbuildconfig-do-vlan
        - bigip-postbuildconfig-do-provision
        - bigip-connectivity        
        - bigip-declarative-onboarding
        - bigip-declarative-onboarding-version
        - bigip-application-services
        - bigip-application-services-version
        - bigip-telemetry-streaming
        - bigip-telemetry-streaming-version
        - bigip-licensed

platforms:
  - name: aws
    
    driver:
      root_module_directory: test/fixtures/aws
      variable_files:
        - test/assets/aws.tfvars

  - name: azure
    lifecycle:
      post_converge:
        - local: echo 'waiting 200 seconds for Azure to stabilize' && sleep 200
    driver:
      root_module_directory: test/fixtures/azure
      variable_files:
        - test/assets/azure.tfvars

the driver field in each platform provides platform specific values for the driver. In the case of this repository, the root_module_directory sets the location of the platform’s Terraform files. You can explore the Terraform used to create the BIG-IPs in AWS and Azure(test/fixtures/azure) in their respective root_module_directory locations. The variable_files field is a list of tfvars files to use as variable input to Terraform.

That’s an overview of the key configuration elements.

tags: big-ip - automation - hashicorp - terraform - devops