[chef] RE: Re: Re: Re: client registered to mulltiple chef servers

["Michael Garrett" < >]

we have a similar situation here, where one team manages system/OS
configs and another team handles application/product configs.  instead
of using two different servers, we create two different chef nodes on
each node.  so we do have two separate config files, but both point at
the same server.  the "system" node only has system related roles and
recipes in its runlist, and the "product" node has those, and product
related roles and recipes.  We run two knife bootstraps per node, one to
create the system node and one to create the product node.

In our knife bootstrap templates we added a step to create a command
alias something like this for the product node:

alias chef-client-product="chef-client -N $HOSTNAME-product -k
/etc/chef/$HOSTNAME-product.pem -c
/etc/chef/client.$HOSTNAME-product.rb"

so the systems team manages their stuff, and the application team
manages the product related attributes, but all are still searchable by
the node since they're on the same server.


-----Original Message-----
From: Bryan McLellan 
[mailto:
 
 
Sent: Wednesday, November 30, 2011 12:44 PM
To: 

 
Cc: 

 
Subject: [chef] Re: Re: Re: client registered to mulltiple chef servers

On Wed, Nov 30, 2011 at 12:35 PM,  
<
 >
 wrote:
> O/s and application are handled by different groups

That's pretty interesting that the two groups would each run their own
server. I presume that both servers would be used to manage the node
over time, which provides an interesting possible conflict situation.
What happens if the OS group removes a package for security reasons
that the application group depends on and reinstalls? How do you
troubleshoot a problem like that?

In any case, as mentioned you certainly can. Create two configuration
files in /etc/chef, one called "os-client.rb" and one called
"app-client.rb" and specify a different client_key in each of them,
such as "/etc/app/os-client.pem" and "/etc/chef/app-client.pem". When
you run chef-client, however you decide to (manually, cron,
daemonized) be sure so specify the "-c" flag and which configuration
file you would like to be used.

Bryan

***CONFIDENTIALITY NOTICE and DISCLAIMER***
This message and any attachment are confidential and may be
privileged or otherwise protected from disclosure and solely for
the use of the person(s) or entity to whom it is intended. If you
have received this message in error and are not the intended
recipient, please notify the sender immediately and delete this
message and any attachment from your system. If you are not the
intended recipient, be advised that any use of this message is
prohibited and may be unlawful, and you must not copy this
message or attachment or disclose the contents to any other person.