Тестирование ансибл плейбуков с помощью vagrant и molecula

.gitignore

@@ -7,3 +7,11 @@
 *.retry
 jdauphant.nginx
 vault.key
+# Vagrant & molecule
+.vagrant/
+*.log
+*.pyc
+.molecule
+.cache
+.pytest_cache
+venv

README.md

@@ -61,3 +61,6 @@ yc compute instance create \
 
 # Дз 12
 Плейбуки организованы в соответствие с бестпрактисами
+
+# Дз 13
+Тестирование ансибл плейбуков с помощью vagrant и molecula

ansible/Pipfile

@@ -0,0 +1,11 @@
+[[source]]
+url = "https://pypi.org/simple"
+verify_ssl = true
+name = "pypi"
+
+[packages]
+
+[dev-packages]
+
+[requires]
+python_version = "3.8"

ansible/Vagrantfile

@@ -0,0 +1,42 @@
+Vagrant.configure("2") do |config|
+
+  config.vm.provider :virtualbox do |v|
+    v.memory = 1024
+    v.customize [ "modifyvm", :id, "--uartmode1", "disconnected" ]
+    v.gui = true
+    v.boot_timeout = 1800
+  end
+
+  config.vm.define "dbserver" do |db|
+    db.vm.box = "ubuntu/xenial64"
+#    db.vm.box = 'generic/ubuntu2004'
+    db.vm.hostname = "dbserver"
+    db.vm.network :private_network, ip: "10.10.10.10"
+
+    db.vm.provision "ansible" do |ansible|
+      ansible.playbook = "playbooks/site.yml"
+      ansible.groups = {
+      "db" => ["dbserver"],
+      "db:vars" => {"mongo_bind_ip" => "0.0.0.0"}
+      }
+    end
+  end
+
+  config.vm.define "appserver" do |app|
+    app.vm.box = "ubuntu/xenial64"
+#    app.vm.box = 'generic/ubuntu2004'
+    app.vm.hostname = "appserver"
+    app.vm.network :private_network, ip: "10.10.10.20"
+
+    app.vm.provision "ansible" do |ansible|
+      ansible.playbook = "playbooks/site.yml"
+      ansible.groups = {
+      "app" => ["appserver"],
+      "app:vars" => { "db_host" => "10.10.10.10"}
+      }
+      ansible.extra_vars = {
+        "deploy_user" => "ubuntu"
+      }
+    end
+  end
+end

ansible/playbooks/base.yml

@@ -0,0 +1,10 @@
+---
+- name: Check && install python
+  hosts: all
+  become: true
+  gather_facts: False
+
+  tasks:
+    - name: Install python for Ansible
+      raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal)
+      changed_when: False

ansible/playbooks/deploy.yml

@@ -17,14 +17,14 @@
     - name: Fetch the latest version of application code
       git:
         repo: 'https://github.com/express42/reddit.git'
-        dest: /home/ubuntu/reddit
+        dest: "/home/{{ deploy_user }}/reddit"
         version: monolith  # <-- Указываем нужную ветку
       notify: reload puma
 
     - name: Bundle install
       bundler:
         state: present
-        chdir: /home/ubuntu/reddit  # <-- В какой директории выполнить команду bundle
+        chdir: "/home/{{ deploy_user }}/reddit"  # <-- В какой директории выполнить команду bundle
 
   handlers:
     - name: reload puma

ansible/playbooks/packer_app.yml

@@ -1,16 +1,6 @@
 ---
-- name: Install packages
+- name: Configure app
   hosts: all
   become: true
-  tasks:
-  - name: install
-    become: true
-    apt:
-      name: "{{ packages }}"
-      state: present
-      update_cache: yes
-    vars:
-      packages:
-        - ruby-full
-        - ruby-bundler
-        - build-essential
+  roles:
+    - app

ansible/playbooks/packer_db.yml

@@ -1,27 +1,6 @@
 ---
-- name: Install MongoDB
+- name: Configure MongoDB
   hosts: all
   become: true
-  tasks:
-  - name: Import public key
-    apt_key:
-      url: 'https://www.mongodb.org/static/pgp/server-4.2.asc'
-      state: present
-
-  # Подключаем репозиторий с пакетами mongodb
-  - name: Add APT repository
-    apt_repository:
-      repo: deb [ arch=amd64,arm64 ] http://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/4.2 multiverse
-      state: present
-
-  # Выполним установку пакета
-  - name: Install mongodb package
-    apt:
-      name: mongodb-org
-      state: present
-
-  # Включаем сервис
-  - name: Configure service supervisor
-    systemd:
-      name: mongod
-      enabled: yes
+  roles:
+    - db

ansible/playbooks/site.yml

@@ -1,5 +1,5 @@
----
-- import_playbook: db.yml
-- import_playbook: app.yml
-- import_playbook: deploy.yml
-- import_playbook: users.yml
+---
+- import_playbook: base.yml
+- import_playbook: db.yml
+- import_playbook: app.yml
+- import_playbook: deploy.yml

ansible/requirements.txt

@@ -1 +1,4 @@
 ansible>=2.4
+molecule==2.22
+testinfra>=1.10
+python-vagrant>=0.5.15

ansible/roles/app/defaults/main.yml

@@ -1,3 +1,4 @@
 ---
 db_host: 127.0.0.1
 env: local
+deploy_user: ubuntu

ansible/roles/app/tasks/main.yml

@@ -3,24 +3,5 @@
   debug:
     msg: "This host is in {{ env }} environment!!!"
 
-- name: Add unit file for Puma
-  become: true
-  copy:
-    src: puma.service
-    dest: /etc/systemd/system/puma.service
-    mode: 0644  # <-- Права на файл, которые нужно установить
-  notify: reload puma
-
-- name: Add config for DB connection
-  template:
-    src: db_config.j2
-    dest: /home/ubuntu/db_config
-    mode: 0644  # <-- Права на файл, которые нужно установить
-  notify: reload puma
-
-- name: enable puma
-  become: true
-  systemd:
-    daemon_reload: true
-    name: puma
-    enabled: true
+- include: ruby.yml
+- include: puma.yml

ansible/roles/app/tasks/puma.yml

@@ -0,0 +1,23 @@
+- name: Add unit file for Puma
+  become: true
+  template:
+    src: puma.service.j2
+    dest: /etc/systemd/system/puma.service
+    mode: 0644  # <-- Права на файл, которые нужно установить
+  notify: reload puma
+
+- name: Add config for DB connection
+  template:
+    src: db_config.j2
+    dest: "/home/{{ deploy_user }}/db_config"
+    mode: 0644  # <-- Права на файл, которые нужно установить
+    owner: "{{ deploy_user }}"
+    group: "{{ deploy_user }}"
+  notify: reload puma
+
+- name: enable puma
+  become: true
+  systemd:
+    daemon_reload: true
+    name: puma
+    enabled: true

ansible/roles/app/tasks/ruby.yml

@@ -0,0 +1,12 @@
+- name: install
+  become: true
+  tags: ruby
+  apt:
+    name: "{{ packages }}"
+    state: present
+    update_cache: yes
+  vars:
+    packages:
+      - ruby-full
+      - ruby-bundler
+      - build-essential

ansible/roles/app/files/puma.service → ansible/roles/app/templates/puma.service.j2

@@ -4,9 +4,9 @@ After=network.target
 
 [Service]
 Type=simple
-EnvironmentFile=/home/ubuntu/db_config
-User=ubuntu
-WorkingDirectory=/home/ubuntu/reddit
+EnvironmentFile=/home/{{ deploy_user }}/db_config
+User={{ deploy_user }}
+WorkingDirectory=/home/{{ deploy_user }}/reddit
 ExecStart=/bin/bash -lc 'puma'
 Restart=always
 

ansible/roles/db/.yamllint

@@ -0,0 +1,33 @@
+---
+# Based on ansible-lint config
+extends: default
+
+rules:
+  braces:
+    max-spaces-inside: 1
+    level: error
+  brackets:
+    max-spaces-inside: 1
+    level: error
+  colons:
+    max-spaces-after: -1
+    level: error
+  commas:
+    max-spaces-after: -1
+    level: error
+  comments: disable
+  comments-indentation: disable
+  document-start: disable
+  empty-lines:
+    max: 3
+    level: error
+  hyphens:
+    level: error
+  indentation: disable
+  key-duplicates: enable
+  line-length: disable
+  new-line-at-end-of-file: disable
+  new-lines:
+    type: unix
+  trailing-spaces: disable
+  truthy: disable

ansible/roles/db/molecule/default/INSTALL.rst

@@ -0,0 +1,23 @@
+*******
+Vagrant driver installation guide
+*******
+
+Requirements
+============
+
+* Vagrant
+* Virtualbox, Parallels, VMware Fusion, VMware Workstation or VMware Desktop
+
+Install
+=======
+
+Please refer to the `Virtual environment`_ documentation for installation best
+practices. If not using a virtual environment, please consider passing the
+widely recommended `'--user' flag`_ when invoking ``pip``.
+
+.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
+.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
+
+.. code-block:: bash
+
+    $ pip install 'molecule[vagrant]'

ansible/roles/db/molecule/default/molecule.yml

@@ -0,0 +1,25 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: vagrant
+  provider:
+    name: virtualbox
+lint:
+  name: yamllint
+platforms:
+  - name: instance
+    box: ubuntu/xenial64
+    provider_raw_config_args:
+      - "customize ['modifyvm', :id, '--uartmode1', 'disconnected']"
+    provider_options:
+      gui: true
+      boot_timeout: 1800
+provisioner:
+  name: ansible
+  lint:
+    name: ansible-lint
+verifier:
+  name: testinfra
+  lint:
+    name: flake8

ansible/roles/db/molecule/default/playbook.yml

@@ -0,0 +1,8 @@
+---
+- name: Converge
+  become: true
+  hosts: all
+  vars:
+    mongo_bind_ip: 0.0.0.0
+  roles:
+    - role: db

ansible/roles/db/molecule/default/prepare.yml

@@ -0,0 +1,9 @@
+---
+- name: Prepare
+  hosts: all
+  gather_facts: false
+  tasks:
+    - name: Install python for Ansible
+      raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal)
+      become: true
+      changed_when: false

ansible/roles/db/molecule/default/tests/test_default.py

@@ -0,0 +1,23 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
+
+# check if MongoDB is enabled and running
+def test_mongo_running_and_enabled(host):
+    mongo = host.service("mongod")
+    assert mongo.is_running
+    assert mongo.is_enabled
+
+# check if configuration file contains the required line
+def test_config_file(host):
+    config_file = host.file('/etc/mongod.conf')
+    assert config_file.contains('bindIp: 0.0.0.0')
+    assert config_file.is_file
+
+# check if configuration file contains the required line
+def test_mongo_port(host):
+    socket = host.socket('tcp://0.0.0.0:27017')
+    assert socket.is_listening