General discussion about Chef

[chef] Re: Re: managing system files with Chef


Chronological Thread 
  • From: Rob Guttman < >
  • To:
  • Subject: [chef] Re: Re: managing system files with Chef
  • Date: Thu, 5 May 2011 13:54:12 -0400
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:reply-to:in-reply-to:references:date:message-id :subject:from:to:content-type; b=F0SYZezo27SRkoDwN1O2N8BUWJSu4srNAP4WfHOQJPH9YskrZtBf72qLu0s4rnR+Cn CbdOEOTRdF+Zl6JBf2cgDEl34/MiEFwNmxvtL+PhiJ8jiteXdT0CebePq5SVik1Qzcvq qyUjFpUlU3IZWzbdXliLIozmS2o3ZJ62042Tg=
> The ideal situation is that your applications support config.d/ directories ..

Bingo.  Nagios uses such directories aplenty - they work very well for us.

- Rob


On Thu, May 5, 2011 at 1:34 PM, Jason J. W. Williams < "> > wrote:
Hi Sasha

> The first has pitfalls.  We shouldn't be managing system files at that
> level.  Patching should be an automated process, and trying to keep an eye
> on system files during the patch process is not something I'm interested in.
>   Also it means that only one recipe can ever manage that file.  In most
> cases that's fine, but in others, it won't work.  Example: I have two
> different cookbooks that add keys to the root authorized_keys file in some
> cases.  Or what if two different things want to insert things in the
> modprobe.conf?  I have a system config recipe that inserts lines into the
> modprobe.conf to disable IPv6 and a KVM recipe that inserts the kvm module
> lines.

We're in the same boat on things like Nagios NRPE configs where
depending on the role of the server different checks need to be
present or not. We're planning to handle it with templates and
conditional Ruby blocks. Our plan is to use the roles the server
belongs to activate particular blocks for checks specific to those
roles. I would imagine a similar solution might work in your scenario.
That would be much cleaner than patching I would imagine.

-J


Archive powered by MHonArc 2.6.16.

§