Test Salt States Locally with KitchenSalt

Updated by Linode Written by Linode

Contribute on GitHub

Report an Issue | View File | Edit File

KitchenSalt allows you to use Test Kitchen to test your Salt configurations locally without a Salt master or minions. In this guide you will install KitchenSalt and use Docker to test a Salt state. This guide was created using a system running Ubuntu 18.04.

Before You Begin

  • You will need root access to your computer, or a user account with sudo privilege. For more information on privileges, see our Users and Groups guide.
  • Install Git on your local computer, if it is not already installed.
  • Update your system packages.

Install rbenv and Ruby

Kitchen runs on Ruby. The following commands will install the Ruby version controller rbenv, set rbenv in your PATH, and install Ruby via rbenv.

  1. Install the packages necessary for rbenv:

    sudo apt install libssl-dev libreadline-dev zlib1g-dev bzip2 gcc make git ruby-dev
    
  2. Clone the rbenv git repository and set up your PATH:

    sudo git clone git://github.com/rbenv/rbenv.git /usr/local/rbenv
    sudo mkdir /usr/local/rbenv/plugins
    sudo git clone git://github.com/rbenv/ruby-build.git /usr/local/rbenv/plugins/ruby-build
    sudo tee /etc/profile.d/rbenv.sh <<< 'export PATH="/usr/local/rbenv/plugins/ruby-build/bin:/usr/local/rbenv/bin:$PATH"'
    sudo tee -a /etc/profile.d/rbenv.sh <<< 'source <(rbenv init -)'
    
  3. Reload your system’s profile so that the rbenv commands are added to your PATH:

    source /etc/profile
    

    You can also restart your shell session so the PATH changes take effect.

  4. Install Ruby:

    rbenv install 2.5.1
    

Install Docker

These steps install Docker Community Edition (CE) using the official Ubuntu repositories. To install on another distribution, see the official installation page.

  1. Remove any older installations of Docker that may be on your system:

    sudo apt remove docker docker-engine docker.io
    
  2. Make sure you have the necessary packages to allow the use of Docker’s repository:

    sudo apt install apt-transport-https ca-certificates curl software-properties-common
    
  3. Add Docker’s GPG key:

    curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
    
  4. Verify the fingerprint of the GPG key:

    sudo apt-key fingerprint 0EBFCD88
    

    You should see output similar to the following:

    pub   4096R/0EBFCD88 2017-02-22
          Key fingerprint = 9DC8 5822 9FC7 DD38 854A  E2D8 8D81 803C 0EBF CD88
    uid                  Docker Release (CE deb) <docker@docker.com>
    sub   4096R/F273FCD8 2017-02-22
    
  5. Add the stable Docker repository:

    sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
    
  6. Update your package index and install Docker CE:

    sudo apt update
    sudo apt install docker-ce
    
  7. Add your limited Linux user account to the docker group:

    sudo usermod -aG docker exampleuser
    

    You will need to restart your shell session for this change to take effect.

  8. Check that the installation was successful by running the built-in “Hello World” program:

    docker run hello-world
    

Install KitchenSalt

  1. Install the bundler gem:

    sudo gem install bundler
    
  2. Create a Gemfile in your working directory and add the kitchen-salt, kitchen-docker, and kitchen-sync gems:

    Gemfile
    1
    2
    3
    4
    5
    6
    
    #Gemfile
    source 'https://rubygems.org'
    
    gem 'kitchen-salt'
    gem 'kitchen-docker'
    gem 'kitchen-sync'

    kitchen-sync is used to copy files to Docker containers more quickly.

  3. Install the gems with bundler:

    sudo bundle install
    

Create a Sample .sls File

For testing purposes, create a Salt state file that installs NGINX and ensures that it is running. In a text editor, create an nginx.sls file in your working directory and add the following lines:

nginx.sls
1
2
3
4
5
6
7
8
nginx:
  pkg:
    - installed
  service.running:
    - enable: True
    - reload: True
    - watch:
      - pkg: nginx

Configure kitchen.yml

  1. Now, write the Kitchen configuration file, beginning with the provisioner section. Copy the following lines into a kitchen.yml file in your working directory.

    kitchen.yml
     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    
    provisioner:
      name: salt_solo
      salt_install: bootstrap
      is_file_root: true
      require_chef: false
      state_top:
        base:
          "*":
            - nginx
    
    ...

    This section defines salt_solo as the provisioner, which will allow Kitchen to use Salt without a Salt master. In this section Salt is installed via the bootstrap script by setting salt_install: bootstrap, the Salt file root is mapped to the directory where .kitchen.yml is located by setting is_file_root: true, and Chef is disabled by setting require_chef: false. Instead of providing a top file for Salt states, the top file is declared inline. This section is also where Salt pillar files are added. For reference, they are added under the provisioner block:

    kitchen.yml
    1
    2
    3
    4
    5
    6
    7
    8
    9
    
    provisioner:
    ...
      pillars:
        top.sls:
          base:
            "*":
              - nginx_pillar
      pillars_from_files:
        nginx_pillar.sls: nginx.pillar
  2. Next, configure the driver section:

    kitchen.yml
     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    
    ...
    
    driver:
      name: docker
      user_sudo: false
      privileged: true
      forward:
        - 80
    
    ...

    This section declares Docker as the driver, though you could also use Vagrant. Kitchen does not need to use sudo to build the Docker containers, so user_sudo is set to false. privileged is set to true to ensure that the containers run systemd as the exec command. The Docker container will forward traffic to the host on port 80.

  3. Configure the platforms section:

    kitchen.yml
    1
    2
    3
    4
    5
    6
    7
    8
    
    ...
    
    platforms:
      - name: ubuntu
        driver_config:
          run_command: /lib/systemd/systemd
    
    ...

    This section defines which platform Docker will run. By default Docker will run the latest version of that platform. Because different platforms place systemd in different locations, the driver_config section is used to point to the systemd install path of that platform. More than one platform can be defined.

  4. Configure the suites section:

    kitchen.yml
    1
    2
    3
    4
    5
    6
    7
    8
    
    ...
    
    suites:
      - name: oxygen
        provisioner:
          salt_bootstrap_options: -X -p git stable 2018.3
    
    ...

    suites defines which software suite Kitchen will test against. In this context, Kitchen will test against the Oxygen release of Salt. More than one suite can be defined.

  5. Lastly, the transport section allows us to specify the use of kitchen-sync for transferring files:

    kitchen.yml
    1
    2
    3
    4
    
    ...
    
    transport:
      name: sftp
  6. You can now test your Salt configuration with Kitchen. Type the following command to run the test:

    kitchen test
    

    This command will create, converge, and then destroy the test instance. If completed successfully, the final terminal output will be:

      
    -----> Kitchen is finished. (13m32.13s)
    
    

    For a more granular approach to running your test, you can use the individual commands in series:

    kitchen list
    kitchen create
    kitchen converge
    kitchen destroy
    

Using a Verifier and Next Steps

Though it is beyond the scope of this article, Kitchen allows for more robust testing than just checking a Salt configuration. You can write tests in bash using Bats, in Ruby using Minitest, Rspec, Serverspec and Inspec, or if you’re more familiar with Python you can use pytest.

As an example, you can add the following code to your kitchen.yaml to verify your tests using the Inspec gem:

kitchen.yml
1
2
3
4
...

verifier:
  name: inspec

For more information on writing tests, visit the links in the More Information section below.

More Information

You may wish to consult the following resources for additional information on this topic. While these are provided in the hope that they will be useful, please note that we cannot vouch for the accuracy or timeliness of externally hosted materials.

Join our Community

Find answers, ask questions, and help others.

comments powered by Disqus

This guide is published under a CC BY-ND 4.0 license.