KitchenCI Infrastructure Spec on drone.io

Infrastructure test becomes more important. There are several tools for continuous delivery of infrastructure layer.

KitchenCI (test-kitchen) provides a test harness to execute infrastructure code on one or more platforms in isolation.

Although KitchenCI uses Vagrant to operate virtual machines in default, kitchen-docker enables docker driver to operate on docker container.

We can realize automated infrastructure test on drone.io by this plugin.

Docker in Docker

Drone runs a test on docker container. Because KitchenCI builds container and provisions Chef recipes into it, What executing KitchenCI on drone means building container in the container. It is called Docker in Docker (dind).

test-kitchen-on-drone.png

We need a small work to run dind, officially dind images are provided on docker hub. A tag including “dind” is for dind usage.

Firstly, you need to write services section in .drone.yml to enable dind. Port 2375 is docker port. You need to turn on “Trusted” flag on your project because dind image requires the privileged flag.

Because the ChefDK package does not installed kitchen-docker, you must prepare installed docker image. This article uses aberrios85/drone-kitchen.

When using docker socket of dind from other containers, set DOCKER_HOST as follows, turn reference port to what set in the service section.

Kitchen-docker Settings

To use dind docker socket in KitchenCI, change config file .kitchen.yml as follows. Socket section enables to change the docker port.

It will take a long time to create, converge, setup, verify and destroy, however, automated infrastructure test will work well.

Running dind containers without the trusted flag

The trusted flag can be set only administrators, the general user feels pain.
If only reliable users access to the drone, setting the environment variable DRONE_ESCALATE to docker on drone server, drone makes privileged enable automatically.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s