Testing Cumulus Linux with Serverspec

Follow

This article introduces the Serverspec testing framework and shows how to use some of its features to test a switch running Cumulus Linux.

Requirements

  • A Cumulus Linux switch
  • A host running Ruby 2.x

Using Serverspec

Serverspec is an RSpec testing framework for checking that servers are configured correctly by testing their actual state. It is commonly used to verify that configuration management tools such as Ansible, Puppet, Chef or Salt have correctly configured a host.

Serverspec can execute its tests on a remote host (such as a Cumulus Linux switch) via SSH. The tests express how the system should be configured and Serverspec will test that the current system configuration meets those expectations.

Installing and Configuring Serverspec on the Ruby Host

  1. On a host with Ruby 2.x installed, install the Serverspec gem:
    $ gem install serverspec
  2. Create a new directory to contain the tests and run serverspec-init. serverspec-init is interactive and will ask you some questions about how you wish to configure Serverspec:
    $ mkdir tests
    $ cd tests
    $ serverspec-init
    Select OS type:
    
    1) UN*X 2) Windows Select number: 1 Select a backend type:
    1) SSH 2) Exec (local)
    Select number: 1 Vagrant instance y/n: n Input target host name: <hostname of switch> + spec/ + spec/example/ + spec/example/sample_spec.rb + spec/spec_helper.rb + Rakefile + .rspec
  3. serverspec-init creates a configuration file, a rakefile and a skeleton directory structure containing some example tests.

Running Serverspec Tests on a Remote Switch

Now that you configured Serverspec to use SSH and you have a valid username and SSH key on the switch you want to test, you can run rake to invoke the default Serverspec tests.

Serverspec runs tests using sudo. This means your remote user must have either:

  • Passwordless sudo or
  • You must supply a sudo password to Serverspec

You can either set the environment variable SUDO_PASSWORD to a valid password, or set ASK_SUDO_PASSWORD to have Serverspec stop and request a password before it runs the tests:

$ SUDO_PASSWORD=mypassword rake

The above runs Serverspec with the sudo password set to mypassword.

Writing Tests

Individual Serverspec tests are short sections of code that express:

  • The resource being tested
  • The configuration to which the resource is expected to conform

Different tests can be applied, depending on which resource type (such as a bridge, route or interface) is being tested.

Testing Interfaces

The interface resource can be used to test the existence of a network interface or switch port, its speed and the IP address(es) associated with it. For example, to check that the switch port swp40 was configured with the IP address 192.168.0.4, run:

describe interface('swp40') do
  it { should exist }
  it { should have_ipv4_address('192.168.0.4') }
end

Testing Bridges

The bridge resource can be used to test that a Linux bridge exists and that the correct interfaces or switch ports belong to it. For example, to check that the bridge br0 exists and the switch ports swp12 and swp13 were both connected to it, run:

describe bridge('br0') do
  it { should exist }
  it { should have_interface('swp12') }
  it { should have_interface('swp13') }
end

Testing Routes

The routing_table resource can be used to test static routing table entries. For example, to check that the routing table contains a route for the 192.168.0.0/24 network on the switch port swp12, run:

describe routing_table do
  it do
    should have_entry(
      :destination => '192.168.0.0/24',
      :interface => 'swp12',
      :gateway => '192.168.0.1'
    )
  }
end

Cumulus Networks cldemo Tests

Cumulus Networks maintains a series of Serverspec tests for the various demos we produce. These tests are a useful source of examples for writing your own tests.

Related Links

Have more questions? Submit a request

Comments

Powered by Zendesk