読者です 読者をやめる 読者になる 読者になる

test-kitchenでserverspecを使ってみる

今日はtest-kitchenをsshで実行しつつserverspecを実行する検証をしてみたので、そのメモ。


レシピとテストケースを置く環境は以下の通りです。

  • CentOS6.5(64bit版)
  • ChefDK(0.2.0-2.el6.x86_64)
    • kitchen-ssh(0.0.4)

きっかけ


Chefのrecipeを流した後に、serverspecのテストをそのまま流したいというのを楽にしたい。
かつ、最初から仮想サーバを作るのではなく、SSH経由でいろいろやるための手段を探していました。

調べる


何か使えそうなものがないかとリストアップ、、、「kitchen-ssh」!?

# kitchen driver discover                                              
    Gem Name                          Latest Stable Release
    kitchen-all                       0.2.0
    kitchen-ansible                   0.0.1
    kitchen-azure                     0.1.0
    kitchen-bluebox                   0.6.2
    kitchen-cabinet                   3.0.0
    kitchen-cloudstack                0.9.2
    kitchen-digitalocean              0.7.1
    kitchen-docker                    1.5.0
    kitchen-docker-api                0.4.0
    kitchen-driver-vagrant_provision  1.0.0
    kitchen-ec2                       0.8.0
    kitchen-fifo                      0.1.0
    kitchen-fog                       0.7.3
    kitchen-gce                       0.1.2
    kitchen-goiardi                   0.1.1
    kitchen-inspector                 1.3.0
    kitchen-joyent                    0.1.1
    kitchen-libvirtlxc                0.4.0
    kitchen-local                     0.0.1
    kitchen-lxc                       0.0.1
    kitchen-openstack                 1.5.2
    kitchen-puppet                    0.0.12
    kitchen-rackspace                 0.7.0
    kitchen-rightscale                0.1.0
    kitchen-salt                      0.0.19
    kitchen-scribe                    0.3.1
    kitchen-sharedtests               0.2.0
    kitchen-ssh                       0.0.4
    kitchen-sshgzip                   0.0.3
    kitchen-sync                      1.0.1
    kitchen-vagrant                   0.15.0
    kitchen-vagrant_sandbox           0.1.1
    kitchen-zcloudjp                  0.4.0
    test-kitchen-provisioners         0.1

使ってみよう


とりあえず、gemでインストールしてみます。

# /opt/chefdk/embedded/bin/gem install kitchen-ssh
WARNING:  You don't have /root/.chefdk/gem/ruby/2.1.0/bin in your PATH,
          gem executables will not run.
Successfully installed kitchen-ssh-0.0.4
Parsing documentation for kitchen-ssh-0.0.4
Done installing documentation for kitchen-ssh after 0 seconds
1 gem installed

レシピを作る


で、ntpをインストールして、テンプレートの設定ファイルを適用する簡単なレシピを適用します。
レシピはこんな感じです。

package "ntp" do
    action :install
end

service "ntpd" do
    supports :status => true, :restart => true
    action [ :enable, :start ]
end

template "/etc/ntp.conf" do
    source "ntp.conf.erb"
    owner  "root"
    group  "root"
    mode   0644
    notifies :restart, 'service[ntpd]'
end


設定ファイルはこんな感じです。

restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
restrict 127.0.0.1 
restrict -6 ::1
server ntp.nict.jp
server ntp.jst.mfeed.ad.jp
server ntp.nc.u-tokyo.ac.jp
server  127.127.1.0     # local clock
fudge   127.127.1.0 stratum 10  
driftfile /var/lib/ntp/drift
keys /etc/ntp/keys
disable monitor

テストケースを作る


次にテストケースを作成します。


テストケースはこんな感じです。

require 'spec_helper'

describe file('/etc/init.d/ntpd') do
  it { should be_executable }
  it { should be_mode 755 }
  it { should be_owned_by 'root' }
  it { should be_grouped_into 'root' }
end

describe service('ntpd') do
  it { should be_running }
end

# ntpd
describe service('ntpd') do
  it { should be_enabled }
  it { should be_running }
end

describe file('/etc/ntp.conf') do
  it { should contain 'server ntp.nict.jp' }
  it { should contain 'server ntp.jst.mfeed.ad.jp' }
  it { should contain 'server ntp.nc.u-tokyo.ac.jp' }
end

# User
describe user('ntp') do
  it { should exist }
  it { should belong_to_group 'ntp' }
  it { should have_uid 38 }
  it { should have_home_directory '/etc/ntp' }
  it { should have_login_shell '/sbin/nologin' }
end

describe group('ntp') do
  it { should exist }
  it { should have_gid 38 }
end

describe port(123) do
  it { should be_listening.with('udp') }
end

test-kitchen環境を整備する

まず、「.kitchen.yml」を作ります。


今回の環境は、Virtualbox環境のVMですが、OS起動した状態かつ、
kitchenコマンドを発行するノードからsshでrootユーザに対してノーパスログインできることを前提として、以下の定義をします。

  • CentOS5(32bit版) -> IP: xxx.xxx.xxx.211
  • CentOS5(64bit版) -> IP: xxx.xxx.xxx.212
  • CentOS6(32bit版) -> IP: xxx.xxx.xxx.213
  • CentOS6(64bit版) -> IP: xxx.xxx.xxx.214

「.kitchen.yml」の定義は以下のような感じです。

---
driver:
  name: ssh
  username: root
  ssh_key: /<your_user>/.ssh/id_rsa
  sudo: true

provisioner:
  name: chef_solo

platforms:
  - name: centos

suites:
  - name: centos5_32_base
    driver:
      hostname: xxx.xxx.xxx.211
    run_list:
      - recipe[ntp::default]
    attributes:

  - name: centos5_64_base
    driver:
      hostname: xxx.xxx.xxx.212
    run_list:
      - recipe[ntp::default]
    attributes:

  - name: centos6_32_base
    driver:
      hostname: xxx.xxx.xxx.213
    run_list:
      - recipe[ntp::default]
    attributes:

  - name: centos6_64_base
    driver:
      hostname: xxx.xxx.xxx.214
    run_list:
      - recipe[ntp::default]
    attributes:

busser:
  sudo: true

テストケースの整備


参考サイトを参照しつつ、テストケースを整備します。
先の「.kitchen.yml」の「suite」でノード定義をした関係で、
ノードごとのテストケースを定義します。

# ls -laR test/integration/
test/integration/:
合計 28
drwxr-xr-x. 7 root root 4096  7月 23 02:03 2014 .
drwxr-xr-x. 3 root root 4096  7月 21 14:36 2014 ..
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 centos5_32_base
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 centos5_64_base
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 centos6_32_base
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 centos6_64_base

test/integration/centos5_32_base:
合計 12
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 .
drwxr-xr-x. 7 root root 4096  7月 23 02:03 2014 ..
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 serverspec

test/integration/centos5_32_base/serverspec:
合計 16
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 .
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 ..
drwxr-xr-x. 4 root root 4096  7月 23 02:03 2014 localhost
-rw-r--r--. 1 root root  308  7月 23 00:48 2014 spec_helper.rb

test/integration/centos5_32_base/serverspec/localhost:
合計 16
drwxr-xr-x. 4 root root 4096  7月 23 02:03 2014 .
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 ..
drwxr-xr-x. 3 root root 4096  7月 23 01:03 2014 .kitchen
drwxr-xr-x. 2 root root 4096  7月 23 01:06 2014 ntp

test/integration/centos5_32_base/serverspec/localhost/.kitchen:
合計 12
drwxr-xr-x. 3 root root 4096  7月 23 01:03 2014 .
drwxr-xr-x. 4 root root 4096  7月 23 02:03 2014 ..
drwxr-xr-x. 2 root root 4096  7月 23 01:03 2014 logs

test/integration/centos5_32_base/serverspec/localhost/.kitchen/logs:
合計 12
drwxr-xr-x. 2 root root 4096  7月 23 01:03 2014 .
drwxr-xr-x. 3 root root 4096  7月 23 01:03 2014 ..
-rw-r--r--. 1 root root 3690  7月 23 01:03 2014 kitchen.log

test/integration/centos5_32_base/serverspec/localhost/ntp:
合計 12
drwxr-xr-x. 2 root root 4096  7月 23 01:06 2014 .
drwxr-xr-x. 4 root root 4096  7月 23 02:03 2014 ..
-rw-r--r--. 1 root root  909  7月 23 01:01 2014 default_spec.rb

test/integration/centos5_64_base:
合計 12
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 .
drwxr-xr-x. 7 root root 4096  7月 23 02:03 2014 ..
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 serverspec

test/integration/centos5_64_base/serverspec:
合計 16
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 .
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 ..
drwxr-xr-x. 4 root root 4096  7月 23 02:03 2014 localhost
-rw-r--r--. 1 root root  308  7月 23 00:48 2014 spec_helper.rb

test/integration/centos5_64_base/serverspec/localhost:
合計 16
drwxr-xr-x. 4 root root 4096  7月 23 02:03 2014 .
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 ..
drwxr-xr-x. 3 root root 4096  7月 23 01:03 2014 .kitchen
drwxr-xr-x. 2 root root 4096  7月 23 01:06 2014 ntp

test/integration/centos5_64_base/serverspec/localhost/.kitchen:
合計 12
drwxr-xr-x. 3 root root 4096  7月 23 01:03 2014 .
drwxr-xr-x. 4 root root 4096  7月 23 02:03 2014 ..
drwxr-xr-x. 2 root root 4096  7月 23 01:03 2014 logs

test/integration/centos5_64_base/serverspec/localhost/.kitchen/logs:
合計 12
drwxr-xr-x. 2 root root 4096  7月 23 01:03 2014 .
drwxr-xr-x. 3 root root 4096  7月 23 01:03 2014 ..
-rw-r--r--. 1 root root 3690  7月 23 01:03 2014 kitchen.log

test/integration/centos5_64_base/serverspec/localhost/ntp:
合計 12
drwxr-xr-x. 2 root root 4096  7月 23 01:06 2014 .
drwxr-xr-x. 4 root root 4096  7月 23 02:03 2014 ..
-rw-r--r--. 1 root root  909  7月 23 01:01 2014 default_spec.rb

test/integration/centos6_32_base:
合計 12
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 .
drwxr-xr-x. 7 root root 4096  7月 23 02:03 2014 ..
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 serverspec

test/integration/centos6_32_base/serverspec:
合計 16
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 .
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 ..
drwxr-xr-x. 4 root root 4096  7月 23 02:03 2014 localhost
-rw-r--r--. 1 root root  308  7月 23 00:48 2014 spec_helper.rb

test/integration/centos6_32_base/serverspec/localhost:
合計 16
drwxr-xr-x. 4 root root 4096  7月 23 02:03 2014 .
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 ..
drwxr-xr-x. 3 root root 4096  7月 23 01:03 2014 .kitchen
drwxr-xr-x. 2 root root 4096  7月 23 01:06 2014 ntp

test/integration/centos6_32_base/serverspec/localhost/.kitchen:
合計 12
drwxr-xr-x. 3 root root 4096  7月 23 01:03 2014 .
drwxr-xr-x. 4 root root 4096  7月 23 02:03 2014 ..
drwxr-xr-x. 2 root root 4096  7月 23 01:03 2014 logs

test/integration/centos6_32_base/serverspec/localhost/.kitchen/logs:
合計 12
drwxr-xr-x. 2 root root 4096  7月 23 01:03 2014 .
drwxr-xr-x. 3 root root 4096  7月 23 01:03 2014 ..
-rw-r--r--. 1 root root 3690  7月 23 01:03 2014 kitchen.log

test/integration/centos6_32_base/serverspec/localhost/ntp:
合計 12
drwxr-xr-x. 2 root root 4096  7月 23 01:06 2014 .
drwxr-xr-x. 4 root root 4096  7月 23 02:03 2014 ..
-rw-r--r--. 1 root root  909  7月 23 01:01 2014 default_spec.rb

test/integration/centos6_64_base:
合計 12
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 .
drwxr-xr-x. 7 root root 4096  7月 23 02:03 2014 ..
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 serverspec

test/integration/centos6_64_base/serverspec:
合計 16
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 .
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 ..
drwxr-xr-x. 4 root root 4096  7月 23 02:03 2014 localhost
-rw-r--r--. 1 root root  308  7月 23 00:48 2014 spec_helper.rb

test/integration/centos6_64_base/serverspec/localhost:
合計 16
drwxr-xr-x. 4 root root 4096  7月 23 02:03 2014 .
drwxr-xr-x. 3 root root 4096  7月 23 00:48 2014 ..
drwxr-xr-x. 3 root root 4096  7月 23 01:03 2014 .kitchen
drwxr-xr-x. 2 root root 4096  7月 23 01:06 2014 ntp

test/integration/centos6_64_base/serverspec/localhost/.kitchen:
合計 12
drwxr-xr-x. 3 root root 4096  7月 23 01:03 2014 .
drwxr-xr-x. 4 root root 4096  7月 23 02:03 2014 ..
drwxr-xr-x. 2 root root 4096  7月 23 01:03 2014 logs

test/integration/centos6_64_base/serverspec/localhost/.kitchen/logs:
合計 12
drwxr-xr-x. 2 root root 4096  7月 23 01:03 2014 .
drwxr-xr-x. 3 root root 4096  7月 23 01:03 2014 ..
-rw-r--r--. 1 root root 3690  7月 23 01:03 2014 kitchen.log

test/integration/centos6_64_base/serverspec/localhost/ntp:
合計 12
drwxr-xr-x. 2 root root 4096  7月 23 01:06 2014 .
drwxr-xr-x. 4 root root 4096  7月 23 02:03 2014 ..
-rw-r--r--. 1 root root  909  7月 23 01:01 2014 default_spec.rb

test/integration/default:
合計 12
drwxr-xr-x. 3 root root 4096  7月 22 23:59 2014 .
drwxr-xr-x. 7 root root 4096  7月 23 02:03 2014 ..
drwxr-xr-x. 3 root root 4096  7月 22 23:59 2014 serverspec

test/integration/default/serverspec:
合計 16
drwxr-xr-x. 3 root root 4096  7月 22 23:59 2014 .
drwxr-xr-x. 3 root root 4096  7月 22 23:59 2014 ..
drwxr-xr-x. 2 root root 4096  7月 22 23:59 2014 localhost
-rw-r--r--. 1 root root  308  7月 22 23:59 2014 spec_helper.rb

test/integration/default/serverspec/localhost:
合計 12
drwxr-xr-x. 2 root root 4096  7月 22 23:59 2014 .
drwxr-xr-x. 3 root root 4096  7月 22 23:59 2014 ..
-rw-r--r--. 1 root root  909  7月 21 15:26 2014 ntp_spec.rb

環境構築+テスト


テストしてみます。今回は全パターン試していますが、ログが長大なので、CentOS6(64bit版)を例として挙げました。

$ kitchen test


こんな感じで実行されました。

-----> Cleaning up any prior instances of <centos6-64-base-centos-65>
-----> Destroying <centos6-64-base-centos-65>...
       Kitchen-ssh does not destroy your server '' by shutting it down...
       Shutdown your server '' natively with user ''
       in your cloud or virtualisation console etc.\n
       Finished destroying <centos6-64-base-centos-65> (0m0.00s).
-----> Testing <centos6-64-base-centos-65>
-----> Creating <centos6-64-base-centos-65>...
       Kitchen-ssh does not start your server 'xxx.xxx.xxx.214' but will look for an ssh connection with user 'root'
       Kitchen-ssh found ssh ready on host 'xxx.xxx.xxx.214' with user 'root'

       Finished creating <centos6-64-base-centos-65> (0m0.01s).
-----> Converging <centos6-64-base-centos-65>...
       Preparing files for transfer
       Resolving cookbook dependencies with Berkshelf 3.1.3...
       Removing non-cookbook files before transfer
       Preparing data bags
       Preparing environments
       Preparing nodes
       Preparing roles
-----> Installing Chef Omnibus (true)
       downloading https://www.getchef.com/chef/install.sh
         to file /tmp/install.sh
       trying wget...
       trying curl...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Cur       rent
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:--  0:00:05 --:--:--     0
100 15934  100 15934    0     0   2586      0  0:00:06  0:00:06 --:--:-- 31490
       Downloading Chef  for el...
       downloading https://www.getchef.com/chef/metadata?v=&prerelease=false&nightlies=false&p=el&pv=6&m=x86_64
         to file /tmp/install.sh.1969/metadata.txt
       trying wget...
       trying curl...
       url      https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-11.12.8-2.el6.x86_64.rpm
       md5      3dfacef6e6640adefc12bf6956a3a4e2
       sha256   ee45e0f226ffd503a949c1b10944064a4655d0255e03a16b073bed85eac83e95
       downloaded metadata file looks valid...
       downloading https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-11.12.8-2.el6.x86_64.rpm
         to file /tmp/install.sh.1969/chef-11.12.8-2.el6.x86_64.rpm
       trying wget...
       Comparing checksum with sha256sum...
       Installing Chef 
       installing with rpm...
       警告: /tmp/install.sh.1969/chef-11.12.8-2.el6.x86_64.rpm: ヘッダ V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY
準備中...                #####  ########################################### [100%]
   1:chef                          ########################################### [100%]
       Thank you for installing Chef!
       Transferring files to <centos6-64-base-centos-65>
       [2014-07-23T02:33:29+09:00] INFO: Forking chef instance to converge...
       [2014-07-23T02:33:29+09:00] WARN: 
       * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * 
       SSL validation of HTTPS requests is disabled. HTTPS connections are still
       encrypted, but chef is not able to detect forged replies or man in the middle
       attacks.
       
       To fix this issue add an entry like this to your configuration file:
       
       ```
         # Verify all HTTPS connections (recommended)
         ssl_verify_mode :verify_peer
       
         # OR, Verify only connections to chef-server
         verify_api_cert true
       ```
       
       To check your SSL configuration, or troubleshoot errors, you can use the
       `knife ssl check` command like so:
       
       ```
         knife ssl check -c /tmp/kitchen/solo.rb
       ```
       
       * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * 
       
       Starting Chef Client, version 11.12.8
       [2014-07-23T02:33:29+09:00] INFO: *** Chef 11.12.8 ***
       [2014-07-23T02:33:29+09:00] INFO: Chef-client pid: 2047
       [2014-07-23T02:33:36+09:00] INFO: Setting the run_list to ["recipe[ntp::default]"] from CLI options
       [2014-07-23T02:33:36+09:00] INFO: Run List is [recipe[ntp::default]]
       [2014-07-23T02:33:36+09:00] INFO: Run List expands to [ntp::default]
       [2014-07-23T02:33:36+09:00] INFO: Starting Chef Run for centos6-64-base-centos-65
       [2014-07-23T02:33:36+09:00] INFO: Running start handlers
       [2014-07-23T02:33:36+09:00] INFO: Start handlers complete.
       Compiling Cookbooks...
       Converging 3 resources
       Recipe: ntp::default
         * package[ntp] action install[2014-07-23T02:33:36+09:00] INFO: Processing package[ntp] action install (ntp::default line 9)
       [2014-07-23T02:34:02+09:00] INFO: package[ntp] installing ntp-4.2.6p5-1.el6.centos from base repository
       
           - install version 4.2.6p5-1.el6.centos of package ntp
       
         * service[ntpd] action enable[2014-07-23T02:34:16+09:00] INFO: Processing service[ntpd] action enable (ntp::default line 13)
       [2014-07-23T02:34:16+09:00] INFO: service[ntpd] enabled
       
           - enable service service[ntpd]
       
         * service[ntpd] action start[2014-07-23T02:34:16+09:00] INFO: Processing service[ntpd] action start (ntp::default line 13)
       [2014-07-23T02:34:16+09:00] INFO: service[ntpd] started
       
           - start service service[ntpd]
       
         * template[/etc/ntp.conf] action create[2014-07-23T02:34:16+09:00] INFO: Processing template[/etc/ntp.conf] action create (ntp::default line 18)
       [2014-07-23T02:34:16+09:00] INFO: template[/etc/ntp.conf] backed up to /tmp/kitchen/backup/etc/ntp.conf.chef-20140723023416.880102
       [2014-07-23T02:34:16+09:00] INFO: template[/etc/ntp.conf] updated file contents /etc/ntp.conf
       
           - update content in file /etc/ntp.conf from 484c85 to db7e53
        --- /etc/ntp.conf       2013-07-15 18:18:47.000000000 +0900
        +++ /tmp/chef-rendered-template20140723-2047-17sn2v4    2014-07-23 02:34:16.875024290 +0900
        @@ -1,54 +1,13 @@
        -# For more information about this file, see the man pages
        -# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
        -
        -driftfile /var/lib/ntp/drift
        -
        -# Permit time synchronization with our time source, but do not
        -# permit the source to query or modify the service on this system.
         restrict default kod nomodify notrap nopeer noquery
         restrict -6 default kod nomodify notrap nopeer noquery
        -
        -# Permit all access over the loopback interface.  This could
        -# be tightened as well, but to do so would effect some of
        -# the administrative functions.
         restrict 127.0.0.1 
         restrict -6 ::1
        -
        -# Hosts on local network are less restricted.
        -#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
        -
        -# Use public servers from the pool.ntp.org project.
        -# Please consider joining the pool (http://www.pool.ntp.org/join.html).
        -server 0.centos.pool.ntp.org iburst
        -server 1.centos.pool.ntp.org iburst
        -server 2.centos.pool.ntp.org iburst
        -server 3.centos.pool.ntp.org iburst
        -
        -#broadcast 192.168.1.255 autokey       # broadcast server
        -#broadcastclient                       # broadcast client
        -#broadcast 224.0.1.1 autokey           # multicast server
        -#multicastclient 224.0.1.1             # multicast client
        -#manycastserver 239.255.254.254                # manycast server
        -#manycastclient 239.255.254.254 autokey # manycast client
        -
        -# Enable public key cryptography.
        -#crypto
        -
        -includefile /etc/ntp/crypto/pw
        -
        -# Key file containing the keys and key identifiers used when operating
        -# with symmetric key cryptography. 
        +server ntp.nict.jp
        +server ntp.jst.mfeed.ad.jp
        +server ntp.nc.u-tokyo.ac.jp
        +server  127.127.1.0     # local clock
        +fudge   127.127.1.0 stratum 10  
        +driftfile /var/lib/ntp/drift
         keys /etc/ntp/keys
        -
        -# Specify the key identifiers which are trusted.
        -#trustedkey 4 8 42
        -
        -# Specify the key identifier to use with the ntpdc utility.
       
        -#requestkey 8
        -
        -# Specify the key identifier to use with the ntpq utility.
        -#controlkey 8
        -
        -# Enable writing of statistics records.
        -#statistics clockstats cryptostats loopstats peerstats
        +disable monitor
       
           - restore selinux security context
       
       [2014-07-23T02:34:17+09:00] INFO: template[/etc/ntp.conf] sending restart action to service[ntpd] (delayed)
         * service[ntpd] action restart[2014-07-23T02:34:17+09:00] INFO: Processing service[ntpd] action restart (ntp::default line 13)
       [2014-07-23T02:34:17+09:00] INFO: service[ntpd] restarted
       
           - restart service service[ntpd]
       
       [2014-07-23T02:34:17+09:00] INFO: Chef Run complete in 40.404579408 seconds
       
       Running handlers:
       [2014-07-23T02:34:17+09:00] INFO: Running report handlers
       Running handlers complete
       
       [2014-07-23T02:34:17+09:00] INFO: Report handlers complete
       Chef Client finished, 5/5 resources updated in 48.019536561 seconds
       Finished converging <centos6-64-base-centos-65> (2m5.92s).
-----> Setting up <centos6-64-base-centos-65>...
Fetching: thor-0.19.0.gem (100%)       
Fetching: busser-0.6.2.gem (100%)       
       Successfully installed thor-0.19.0
       Successfully installed busser-0.6.2
       2 gems installed
-----> Setting up Busser
       Creating BUSSER_ROOT in /tmp/busser
       Creating busser binstub
       Plugin serverspec installed (version 0.2.6)
-----> Running postinstall for serverspec plugin
       Finished setting up <centos6-64-base-centos-65> (1m27.35s).
-----> Verifying <centos6-64-base-centos-65>...
       Suite path directory /tmp/busser/suites does not exist, skipping.
       Uploading /tmp/busser/suites/serverspec/localhost/ntp/default_spec.rb (mode=0644)
       Uploading /tmp/busser/suites/serverspec/spec_helper.rb (mode=0644)
-----> Running serverspec test suite
       /opt/chef/embedded/bin/ruby -I/tmp/busser/suites/serverspec -S /opt/chef/embedded/bin/rspec /tmp/busser/suites/serverspec/localhost/ntp/default_spec.rb --color --format documentation
       
       File "/etc/init.d/ntpd"
         should be executable
         should be mode 755
         should be owned by "root"
         should be grouped into "root"
       
       Service "ntpd"
         should be running
       
       Service "ntpd"
         should be enabled
         should be running
       
       File "/etc/ntp.conf"
         should contain "server ntp.nict.jp"
         should contain "server ntp.jst.mfeed.ad.jp"
         should contain "server ntp.nc.u-tokyo.ac.jp"
       
       User "ntp"
         should exist []
         should belong to group "ntp"
         should have uid 38
         should have home directory "/etc/ntp"
         should have login shell "/sbin/nologin"
       
       Group "ntp"
         should exist []
         should have gid 38
       
       Port "123"
         should be listening
       
       Finished in 0.26781 seconds
       18 examples, 0 failures
       Finished verifying <centos6-64-base-centos-65> (0m2.54s).
-----> Destroying <centos6-64-base-centos-65>...
       Kitchen-ssh does not destroy your server 'xxx.xxx.xxxx.214' by shutting it down...
       Shutdown your server 'xxx.xxx.xxx.214' natively with user 'root'
       in your cloud or virtualisation console etc.\n
       Finished destroying <centos6-64-base-centos-65> (0m0.00s).
       Finished testing <centos6-64-base-centos-65> (3m35.83s).
-----> Cleaning up any prior instances of <centos6-64-base-centos-510>
-----> Destroying <centos6-64-base-centos-510>...
       Kitchen-ssh does not destroy your server '' by shutting it down...
       Shutdown your server '' natively with user ''
       in your cloud or virtualisation console etc.\n
       Finished destroying <centos6-64-base-centos-510> (0m0.00s).
-----> Testing <centos6-64-base-centos-510>
-----> Creating <centos6-64-base-centos-510>...
       Kitchen-ssh does not start your server 'xxx.xxx.xxx.214' but will look for an ssh connection with user 'root'
       Kitchen-ssh found ssh ready on host 'xxx.xxx.xxx.214' with user 'root'

       Finished creating <centos6-64-base-centos-510> (0m0.01s).
-----> Converging <centos6-64-base-centos-510>...
       Preparing files for transfer
       Resolving cookbook dependencies with Berkshelf 3.1.3...
       Removing non-cookbook files before transfer
       Preparing data bags
       Preparing environments
       Preparing nodes
       Preparing roles
       Transferring files to <centos6-64-base-centos-510>
       [2014-07-23T02:35:49+09:00] INFO: Forking chef instance to converge...
       [2014-07-23T02:35:49+09:00] WARN: 
       * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * 
       SSL validation of HTTPS requests is disabled. HTTPS connections are still
       encrypted, but chef is not able to detect forged replies or man in the middle
       attacks.
       
       To fix this issue add an entry like this to your configuration file:
       
       ```
         # Verify all HTTPS connections (recommended)
         ssl_verify_mode :verify_peer
       
         # OR, Verify only connections to chef-server
         verify_api_cert true
       ```
       
       To check your SSL configuration, or troubleshoot errors, you can use the
       `knife ssl check` command like so:
       
       ```
         knife ssl check -c /tmp/kitchen/solo.rb
       ```
       
       * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * 
       
       Starting Chef Client, version 11.12.8
       [2014-07-23T02:35:49+09:00] INFO: *** Chef 11.12.8 ***
       [2014-07-23T02:35:49+09:00] INFO: Chef-client pid: 2522
       [2014-07-23T02:35:56+09:00] INFO: Setting the run_list to ["recipe[ntp::default]"] from CLI options
       [2014-07-23T02:35:56+09:00] INFO: Run List is [recipe[ntp::default]]
       [2014-07-23T02:35:56+09:00] INFO: Run List expands to [ntp::default]
       [2014-07-23T02:35:56+09:00] INFO: Starting Chef Run for centos6-64-base-centos-510
       [2014-07-23T02:35:56+09:00] INFO: Running start handlers
       [2014-07-23T02:35:56+09:00] INFO: Start handlers complete.
       Compiling Cookbooks...
       Converging 3 resources
       Recipe: ntp::default
         * package[ntp] action install[2014-07-23T02:35:56+09:00] INFO: Processing package[ntp] action install (ntp::default line 9)
        (up to date)
         * service[ntpd] action enable[2014-07-23T02:35:58+09:00] INFO: Processing service[ntpd] action enable (ntp::default line 13)
        (up to date)
         * service[ntpd] action start[2014-07-23T02:35:58+09:00] INFO: Processing service[ntpd] action start (ntp::default line 13)
        (up to date)
         * template[/etc/ntp.conf] action create[2014-07-23T02:35:58+09:00] INFO: Processing template[/etc/ntp.conf] action create (ntp::default line 18)
        (up to date)
       [2014-07-23T02:35:58+09:00] INFO: Chef Run complete in 1.846600443 seconds
       
       Running handlers:
       [2014-07-23T02:35:58+09:00] INFO: Running report handlers
       Running handlers complete
       
       [2014-07-23T02:35:58+09:00] INFO: Report handlers complete
       Chef Client finished, 0/4 resources updated in 9.401452106 seconds
       Finished converging <centos6-64-base-centos-510> (0m11.32s).
-----> Setting up <centos6-64-base-centos-510>...
-----> Setting up Busser
       Creating BUSSER_ROOT in /tmp/busser
       Creating busser binstub
       Plugin serverspec already installed
       Finished setting up <centos6-64-base-centos-510> (0m11.70s).
-----> Verifying <centos6-64-base-centos-510>...
       Removing /tmp/busser/suites/serverspec
       Uploading /tmp/busser/suites/serverspec/localhost/ntp/default_spec.rb (mode=0644)
       Uploading /tmp/busser/suites/serverspec/spec_helper.rb (mode=0644)
-----> Running serverspec test suite
       /opt/chef/embedded/bin/ruby -I/tmp/busser/suites/serverspec -S /opt/chef/embedded/bin/rspec /tmp/busser/suites/serverspec/localhost/ntp/default_spec.rb --color --format documentation
       
       File "/etc/init.d/ntpd"
         should be executable
         should be mode 755
         should be owned by "root"
         should be grouped into "root"
       
       Service "ntpd"
         should be running
       
       Service "ntpd"
         should be enabled
         should be running
       
       File "/etc/ntp.conf"
         should contain "server ntp.nict.jp"
         should contain "server ntp.jst.mfeed.ad.jp"
         should contain "server ntp.nc.u-tokyo.ac.jp"
       
       User "ntp"
         should exist []
         should belong to group "ntp"
         should have uid 38
         should have home directory "/etc/ntp"
         should have login shell "/sbin/nologin"
       
       Group "ntp"
         should exist []
         should have gid 38
       
       Port "123"
         should be listening
       
       Finished in 0.22377 seconds
       18 examples, 0 failures
       Finished verifying <centos6-64-base-centos-510> (0m2.52s).
-----> Destroying <centos6-64-base-centos-510>...
       Kitchen-ssh does not destroy your server 'xxx.xxx.xxx.214' by shutting it down...
       Shutdown your server'xxx.xxx.xxx.214' natively with user 'root'
       in your cloud or virtualisation console etc.\n
       Finished destroying <centos6-64-base-centos-510> (0m0.00s).
       Finished testing <centos6-64-base-centos-510> (0m25.57s).
-----> Kitchen is finished. (13m8.72s)


今回の環境だと、テストケースは全部テスト実行される挙動だったので、レシピに対応するテストケースの整備は要検討でした。



といいつつ、これでいろいろはかどりそうで幸せ!
今日はこんなところで。