Devising a Test Strategy for Containers

Devising a Test Strategy for Containers

2019 / 10 / 22

Testing, Containers

Containers, Containers everywhere. Why are Containers so popular? What are they exactly? Can we use them for testing?
In this blog post, our aim is to get you familiar with Containers and answer all your questions.
Thanks to Docker, an open-source tool that makes building, shipping, and running applications via container easier than ever. If you are new to Containers, you just need to get familiar with Docker and you are done.
Gone are the times when we used to ask the question, “Does it run on Windows or Linux?”, now has come a time when we ask, “Does it run on Docker?”.
Containers are your friends if you have an effective testing strategy. Containers have been around for so many years But the testing strategy has not evolved so rapidly as the Containers have evolved.

What are Containers?

Containers are standalone packages that include everything that is required to run an application, including code, setting, libraries, runtime environment, etc.
Containers have a special feature. They isolate the software from the environment and the infrastructure of the machine on which they are running. This ensures that the software will always run consistently, regardless of the choice of infrastructure.
After reading this, you might be thinking that Docker Containers have similar benefits like Virtual Machines. But they have one more advantage, Docker Containers are much more efficient and portable. Unlike Docker Engine Layer, they don't require automation of an entire operating system.

How Containers Are Being Used In Testing

Software Testing is evolving Day by Day. Gone are the days when Software Testing was done at the end of the Software Development Lifecycle, as the last stage before delivering the software to the customer. Now it is an era of Continuous Delivery, where testing is integrated into every stage, to facilitate early delivery of the software and designed specially as per the user requirements. Earlier software testing used to take weeks to months to test the software. Now, It's just a matter of hours and minutes to test software.
Because of all these issues, QA teams have now upgraded to automation and parallelization to help alleviate time bottlenecks.
With the advent of Docker, the game of Software Testing is remarkably changed. You don't need a tower of infrastructure, you can simply spin up different containers at your will. All you need is a local laptop or a cloud instance.

Before entering into the world of containers, we need to ask ourselves the following questions:

  1. Are there any security concerns while using Docker Containers?
  2. How do we scan Docker container images for security vulnerabilities?
  3. How to run static analysis on Docker container images?
  4. How to run existing application tests such as unit, Selenium and many more?
  5. Will my CI Solution work with containers?

There are many more questions that will probably come to your mind when you hear terms Testing and Containers together.
There are 3 steps that we will be discussing for devising a testing strategy for Containers:

  1. Create Test Docker Images
  2. Server Validation
  3. Garbage Collection

Let's start discussing these steps in detail.

  1. Create Test Docker Images: Docker Testing setup involves the following steps:
    Create a test docker image during build time based on the application docker image.
    Running all the tests inside the test container that you have created.
    Now, what is the benefit of creating a Test Container?

    a. Creating a test container allows all dependency management to be moved inside the existing Docker Container. Thus, the tests are self-contained and independent of the infrastructure.

    Security Concerns
    We need to check Dockerfiles for Security Vulnerabilities definitely. We want to verify and report if there are any security exposures and security vulnerabilities. Security scanning services like Clair and Dockscan are possible open-source options that provide an opt-in option for private repos.
  1. Application Server Validation: The next step after containerization of the application is to verify application server configuration. This is done by running an application container to run server integration tests. Testing makes us confident about the proper installation and configuration of the correct packages.
    There are a variety of tools available in the market for Server Testing like Goss, Dockerspec, ServerSpec and many more.
  1. Garbage Collection: Cleaning up after successful test completion is very important. Your Continuous Integration/ Continuous Delivery testing strategy with containers should include a standard or some practice to clean up the test containers after they are no longer required.
    Use the following command to clean up the container-
    'docker run --rm -u root ${testImageTag} acceptance-test'

Are Containers a replacement for Existing Test Workflows?
Containers can improve your existing test workflow, but they are not a replacement for your testing workflow. You must be wondering, WHY I am saying this? Why can't we use Containers as a full-time option? Using Containers exclusively for testing needs to set up the test grid, which requires time and investment.

We should always test our Dockerfiles and applications as described in the above 3 steps. These steps help to remove the dependencies from the build server to the container.

In this blog post, we made you familiar with the concept of Container. Now, it’s time for you guys to get started with Containers and see what difference you can achieve with Containers.

You might also like