6 Kubernetes Testing Tools to Use in Your DevSecOps Pipelines

in Kubernetes , DevSecOps

DevSecOps Tools to Use in Your DevSecOps Pipelines

Kubernetes testing keeps operations in check in case there are irregularities. In this article, we are discussing some tools used in Kubernetes-based environments for testing.


    K6

    K6 is a popular Kubernetes testing tool. It has 11.1k stars and 550 forks on GitHub. It is a modern load testing tool and it uses Golang and Javascript. It provides a scripting API, local and cloud execution and a flexible configuration structure.

    Some of its features include the following:

    Test-Infra

    The Testinfra tool is a collection of other tools and result verification. It has several dashboards that display different metrics and results like history, failures, PRs to be merged, trigger tests, running jobs, and other things.

    Mainly Testinfra allows developers to write unit tests in Python to test the actual state of their servers configured by management tools like Salt, Ansible, Puppet, and Chef..etc Testinfra comes with several Kubernetes (and non-Kubernetes) connection backends for remote command execution like Docker, Podman, Kubectl.

    The kubectl backend, for instance, can be used to test containers running in Kubernetes. It uses the kubectl exec command and support connecting to a given container name within a pod and using a given namespace:

    # will use the default namespace and default container
    $ py.test --hosts='kubectl://mypod-a1b2c3'
    # specify container name and namespace
    $ py.test --hosts='kubectl://somepod-2536ab?container=nginx&namespace=web'
    # specify the kubeconfig context to use
    $ py.test --hosts='kubectl://somepod-2536ab?context=k8s-cluster-a&container=nginx'
    # you can specify kubeconfig either from KUBECONFIG environment variable
    # or when working with multiple configuration with the "kubeconfig" option
    $ py.test --hosts='kubectl://somepod-123?kubeconfig=/path/kubeconfig,kubectl://otherpod-123?kubeconfig=/other/kubeconfig'

    Other examples are available on the official documentation.

    Test-Infra can perform end-to-end testing for full Kubernetes lifecycle emulation on different providers.

    It has 2.5k stars and 1.7 forks on GitHub.

    Kube-Monkey

    In dealing with Kubernetes clusters, Kube-monkey is a testing tool that involves the implementation of Netflix’s Chaos Monkey. Meanwhile, a chaos monkey is a resiliency tool that helps applications tolerate random instance failures in the production environment. Kube-Monkey has 1.9k stars and 176 forks on GitHub.

    What the Kube-Monkey tool does is to randomly delete some K8s pods in the cluster which will foster the development of services that are resistant to failures.

    The testing tool runs with some certain configurations, for instance, a pre-configured hour for weekdays, scheduling of deployments that will face random death sometime during the day then finally the time that the pod destruction will occur can be set.

    Litmus

    Litmus is another Chaos Engineering tool.

    Developers can use this tool to find weaknesses and loopholes in their deployments. It can be used in staging environments to experiment and in a production environment to find bugs and vulnerabilities and make Kubernetes more secure and resilient.

    Litmus can be easily installed using Helm and is a Cloud Native Computing Foundation sandbox project. The project is mainly developed by MayaData, organizer of Chaos Carnival.

    Litmus has 1.4k stars and 303 forks on GitHub.

    Kube-Score

    KubeScore is used for object analysis to foster improved reliability and security in Kubernetes clusters.

    The tool is used to perform static code analysis of Kubernetes Object definitions and the output is usually a list of recommendations that will tell the engineers how to improve the security and resiliency of the application.

    KubeScore has 1.1k stars and 63 forks on GitHub. It can be installed using some distributions like Docker, pre-built binaries for Windows, macOS and Linux, Homebrew, and Krew. It can also be used online.

    KubeLibrary

    KubeLibrary is built based on the official python Kubernetes Client that connects to the Kubernetes cluster while executing any Kubernetes API command.

    Generally, in running end to end test, there is a need to ensure the system under test is readily available and runs on the latest deployed version. With KubeLibrary, tests could be built to perform this activity.

    Also, KubeLibrary helps users to easily verify running objects in any cluster by building tests. Some examples of such tests can be found in the GitHub repository. On GitHub, it has 54 stars and 8 forks.

    kubernetes Banner. Image Courtesy: https://kubernetes.io/ kubernetes Banner. Image Courtesy: https://kubernetes.io/

    All the tools that have been detailed above are free and open-source. Testing in general and specifically in complex and distributed systems like Kubernetes is critical and enables teams to set up a continuous learning process and a DevOps feedback loop.


    Get similar stories in your inbox weekly, for free



    Share this story with your friends
    editorial
    The Chief I/O

    The team behind this website. We help IT leaders, decision-makers and IT professionals understand topics like Distributed Computing, AIOps & Cloud Native

    Latest stories


    DevOps and Downed Systems: How to Prepare

    Downed systems can cost thousands of dollars in immediate losses and more in reputation damage …

    Cloud: AWS Improves the Trigger Functions for Amazon SQS

    The improved AWS feature allows users to trigger Lambda functions from an SQS queue.

    Google Takes Security up a Notch for CI/CD With ClusterFuzzLite

    Google makes fuzzing easier and faster with ClusterFuzzLite

    HashiCorp Announces Vault 1.9

    Vault 1.9 released into general availability with new features

    Azure Container Apps: This Is What You Need to Know

    HTTP-based autoscaling and scale to zero capability on a serverless platform