- From: Matt Ray <
>
- To:
- Subject: [chef] Re: Compile time order
- Date: Mon, 7 Nov 2011 11:09:19 -0600
If you're using the firewall and ufw cookbooks provided by Opscode,
take a look at using the default ufw recipe. You can just use
attributes in roles and cookbook attribute files to define your
firewall rules and the recipe will merge and apply them. There are
more complicated setups supported by the ufw cookbook as well.
https://github.com/opscode/cookbooks/tree/master/ufw
Thanks,
Matt Ray
Senior Technical Evangelist | Opscode Inc.
| (512) 731-2218
Twitter, IRC, GitHub: mattray
On Mon, Nov 7, 2011 at 9:43 AM,
<
>
wrote:
>
Hi All,
>
>
I'm rather new Chef but already impressed with its power.
>
For my current Chef investigations I need some way to put recipe at the end
>
of recipes list ignoring the real order of it in node's run_list.
>
I'm working on automated firewall configuration and now using attribute
>
files of recipes to declare what ports this recipe needs to be opened.
>
"Firewall" recipe then parses all ports at compile time and creates initial
>
data for a template. But if I declare settings not in attribute file but in
>
recipe itself (via node.default/node.set) - then this change is invisible to
>
"firewall" recipe because it is already compiled. My thoughts were to have
>
some callback at the end of compile time or a way of putting dynamically
>
some code at the end of run_list (without saving it to node state) - so
>
"firewall" recipe declared elsewhere could put callback and read the final
>
attributes state.
>
>
Maybe there is some workaround to do this, or I need to change logic
>
completely to fit to current Chef run model?
>
>
wbr,
>
Dmitry.
>
Archive powered by MHonArc 2.6.16.