In this post, I will show how to test a CHEF recipe with kitchen-wpar. I will also use the AIX cookbook to make more advanced recipes.
It’s not happening very often to be able to write a CHEF recipe well on the first try. For example, if you made a typo in your filesystem name and tried it directly on a server you will still need to do a manual cleanup before retrying again. It’s not too troublesome for small recipes but on complex ones it become a real problem. kitchen provision temporary systems to run recipes on it. You have multiple modules to use AWS, vagrant, KVM and so on to choose how to provision it. I made a small module named kitchen-wpar to make possible to test recipes on AIX.
I will start from where I left in my previous post introducing chef on aix. So I already have CHEF client installed on AIX and I am still not using a CHEF server.
To have a good CHEF development environment it’s recommended to install chefdk. It’s not mandatory here but it’s a good practice. It’s one package containing all dependencies needed to develop CHEF recipes(and other resources). It’s available for multiple platforms(ubuntu/redhat/windows/macos).
Here, I will use an vanilla Ubuntu 16.04 system for my development workstation.
Let’s create a dedicated user for chef development:
useradd -m chefdev
I will use the latest chefdk version available at the time I write this article: 1.1.16. Let’s download the package and install it:
$ wget https://packages.chef.io/files/stable/chefdk/1.1.16/ubuntu/16.04/chefdk_1.1.16-1_amd64.deb $ apt install ~chefdev/chefdk_1.1.16-1_amd64.deb apt Reading package lists... Done Building dependency tree Reading state information... Done Note, selecting 'chefdk' instead of '/home/chefdev/chefdk_1.1.16-1_amd64.deb' The following NEW packages will be installed: chefdk 0 upgraded, 1 newly installed, 0 to remove and 115 not upgraded. Need to get 0 B/103 MB of archives. After this operation, 428 MB of additional disk space will be used. Get:1 /home/chefdev/chefdk_1.1.16-1_amd64.deb chefdk amd64 1.1.16-1 [103 MB] Selecting previously unselected package chefdk. (Reading database ... 283855 files and directories currently installed.) Preparing to unpack .../chefdk_1.1.16-1_amd64.deb ... Unpacking chefdk (1.1.16-1) ... Setting up chefdk (1.1.16-1) ... Thank you for installing Chef Development Kit!
Everything is installed in /opt/chefdk. Let’s add it in the path of chefdev user by adding this line in .bashrc:
From here, we are ready to test recipes but instead of going from scratch, I will use the aix cookbook which add a lot of features to manage AIX with CHEF.
Let’s clone it with git. It’s also possible to download it in archive format from github.
chefdev:~$ git clone https://github.com/chef-cookbooks/aix.git Cloning into 'aix'... remote: Counting objects: 1609, done. remote: Total 1609 (delta 0), reused 0 (delta 0), pack-reused 1609 Receiving objects: 100% (1609/1609), 396.81 KiB | 0 bytes/s, done. Resolving deltas: 100% (1015/1015), done. Checking connectivity... done.
Everything is in the aix directory. The next step is to install the gem dependencies:
chefdev:~/aix$ chef exec bundle install Fetching gem metadata from https://rubygems.org/ Fetching version metadata from https://rubygems.org/ Fetching dependency metadata from https://rubygems.org/ Resolving dependencies... Using rake 12.0.0 Installing public_suffix 2.0.5 Using artifactory 2.5.1 Installing logify 0.2.0 Using mime-types-data 3.2016.0521 Using multipart-post 2.0.0 Using mixlib-shellout 2.2.7 Using mixlib-versioning 1.1.0 Using thor 0.19.4 Using net-ssh 3.2.0 Using safe_yaml 1.0.4 Installing tomlrb 1.2.3 Using bundler 1.12.5 Using addressable 2.5.0 Using mime-types 3.1 Installing faraday 0.10.1 Using mixlib-install 2.1.9 Using net-scp 1.2.1 Using net-ssh-gateway 1.2.0 Installing chef-api 0.7.0 Using sawyer 0.8.1 Using test-kitchen 1.14.2 Installing stove 4.1.1 Using octokit 4.6.2 Installing kitchen-wpar 0.1.1 Installing community_cookbook_releaser 0.1.2 Bundle complete! 5 Gemfile dependencies, 26 gems now installed. Use `bundle show [gemname]` to see where a bundled gem is installed.
Now we have an environment ready to test recipes or improve the AIX cookbook itself :)
kitchen-wpar is a gem I made to be able to test recipes inside a WPAR. My main purpose here was to be able to test application deployment. You cannot test everything inside but it’s pretty handy if you don’t have a PowerVC environment. If you have one, you should check kitchen-powervc from chmod666. It will allow you to test more different configurations.
The kitchen configuration file is named .kitchen.yml. The cookbook includes a default one ready for kitchen-wpar:
--- driver: name: wpar aix_host: aixlpar2 aix_user: root wpar_address: 10.10.10.10 provisioner: name: chef_solo chef_solo_path: /opt/chef/bin/chef-solo require_chef_omnibus: false platforms: - name: wpar suites: - name: default run_list: - recipe[aix::default] attributes:
At minimum, it’s needed to change this parameters:
aix_host is the AIX partition where the WPAR will be created.
wpar_address is the IP address used by the WPAR.
If you want to test filesystem creation it’s better to create a rootvg wpar by adding the wpar_rootvg parameter in the driver section:
driver: name: wpar aix_host: aixlpar2 aix_user: root wpar_address: 10.10.10.10 wpar_rootvg: "hdisk2"
SSH key authentication needs to be enabled between the workstation and the AIX partition.
To test if everything is working well, it’s better to try to create this test wpar with the command kitchen create:
kitchen create -----> Starting Kitchen (v1.14.2) -----> Creating <default-wpar>... lswpar: 0960-419 Could not find a workload partition called kitchenwpar. Creating workload partition's rootvg. Please wait... mkwpar: Creating file systems... / /admin /home /opt /proc /tmp /usr /var Mounting all workload partition file systems.
By default, you will see the full output of the wpar creation. It’s because wpar creation can take minutes and I think it’s better to see what happens.
Note: unfortunately OpenSSH is not immediately available after the wpar creation, it need 30 seconds to be up. So you can have errors when running the full stack command kitchen setup.
At the end of the output, you should see the kitchenwpar started properly:
Verifying workload partition startup. Name State Type Hostname Directory RootVG WPAR ----------------------------------------------------------------------- kitchenwpar A S kitchenwpar /wpars/kitchenwpar yes Finished creating <default-wpar> (6m27.23s). -----> Kitchen is finished. (6m27.57s)
It took 6m27 to have it ready on my small test environment.
kitchen login create a login session directly on the lpar.
chefdev@adejoux-VirtualBox:~/aix$ kitchen login ******************************************************************************* * * * * * Welcome to AIX Version 7.2! * * * * * * Please see the README file in /usr/lpp/bos for information pertinent to * * this release of the AIX Operating System. * * * * * ******************************************************************************* # df Filesystem 512-blocks Free %Used Iused %Iused Mounted on Global 196608 126384 36% 2597 16% / /dev/hd4 196608 126384 36% 2597 16% / Global 3932160 376744 91% 35804 41% /usr Global 2097152 1044448 51% 29931 21% /opt /dev/hd11admin 65536 61896 6% 151 3% /admin /dev/hd1 65536 63768 3% 7 1% /home /dev/hd3 196608 193312 2% 22 1% /tmp /dev/hd9var 393216 351008 11% 424 2% /var Global 65536 63608 3% 28 1% /etc/objrepos/wboot Global - - - - - /proc
It’s possible to delete the WPAR with kitchen destroy.
To see the status in kitchen, just run kitchen list:
kitchen list Instance Driver Provisioner Verifier Transport Last Action Last Error default-wpar Wpar ChefSolo Busser Ssh Created <None>
The recipes directory need to be created:
The default recipe is named recipes/default.rb. It’s possible to change the name of the recipe to run in the suites section:
suites: - name: default run_list: - recipe[aix::default]
The recipe just needs to be in the recipes directory. Here aix::default means the suite need to use the recipe named default.rb in aix cookbook.
Let’s use some of the resources of the AIX cookbook to write a simple recipe but with a pretty common scenario.
aix_logical_volume 'lvapp' do group 'rootvg' size 1024 copies 1 action :create end aix_filesystem '/app' do logical 'lvapp' size '1024M' action :create end mount '/app' do device '/dev/lvapp' fstype 'jfs2' end
The AIX cookbook add logical volume and filesystem management. It’s a great improvement on running the command resource to make it manually :) I invite you to check this cookbook to see all resources available in it.
To run this recipe on the test wpar, use kitchen converge:
kitchen converge -----> Starting Kitchen (v1.14.2) -----> Converging <default-wpar>... Preparing files for transfer Preparing dna.json Resolving cookbook dependencies with Berkshelf 5.2.0... Removing non-cookbook files before transfer Preparing solo.rb Transferring files to <default-wpar> Starting Chef Client, version 12.8.1 Installing Cookbook Gems: Compiling Cookbooks... Converging 3 resources Recipe: aix::default * aix_logical_volume[lvapp] action create - Create logical volume 'lvapp' on volume groupe 'rootvg' * aix_filesystem[/app] action create - Create file system '/app' on logical volume 'lvapp' * mount[/app] action mount - mount /dev/lvapp to /app Running handlers: Running handlers complete Chef Client finished, 3/3 resources updated in 08 seconds Finished converging <default-wpar> (0m47.45s). -----> Kitchen is finished. (0m47.79s)
It’s copying the cookbook on the test wpar and run the recipe. We see in the log the filesystem is created and mounted properly:
Recipe: aix::default * aix_logical_volume[lvapp] action create - Create logical volume 'lvapp' on volume groupe 'rootvg' * aix_filesystem[/app] action create - Create file system '/app' on logical volume 'lvapp' * mount[/app] action mount - mount /dev/lvapp to /app
I will finish here this article. I hope you will want to test CHEF on AIX. It’s working pretty well. A part I didn’t cover in this article is testing the recipes results. I am thinking about writing an article about ServerSpec testing on AIX. We will see :)