General discussion about Chef

[chef] Re: deployment and rollback of cookbooks, roles, environments and data bags


Chronological Thread 
  • From: Morgan Blackthorne < >
  • To: " " < >
  • Subject: [chef] Re: deployment and rollback of cookbooks, roles, environments and data bags
  • Date: Mon, 20 May 2013 11:09:20 -0700
It seems to me that that's likely where environment based versioning might come in handy. Assuming the last run succeeded, you would want to freeze an environment (let's call it testing-old) at the last set of cookbooks uploaded before you start uploading more (you could determine if the previous run succeeded by checking whether or not a second environment exists, testing). You then upload more. If any of them fail, you abort out and throw an error (making sure the testing environment is gone). If you succeed in uploading them all, then you create the testing environment, freezing all versions at the new current. You then try these cookbooks out in your cluster on testing nodes, and assuming things go fine, you can then bless that version as dev/prod/whathaveyou.

Just because the cookbook uploaded doesn't mean that everything's copacetic. It just means that the syntax passed. There's a certain amount of automatic testing that will help, but beyond that point, you simply need to work with real world data to see whether or not the code is working right. Automated testing rarely catches edge-case scenarios because the people writing the testing usually don't imagine them-- or they would have been thought about when the code was being developed in the first place.

--
~*~ StormeRider ~*~

"Every world needs its heroes [...] They inspire us to be better than we are. And they protect from the darkness that's just around the corner."

(from Smallville Season 6x1: "Zod")

On why I hate the phrase "that's so lame"... http://bit.ly/Ps3uSS


On Mon, May 20, 2013 at 10:29 AM, Kirill Timofeev < " target="_blank"> > wrote:
Folks,

currently we have all chef stuff (cookbooks) in git repository. Post-commit hook triggers jenkins job, which updates chef using slightly modified version of chef-jenkins synchronization tool. Unfortunately this approach allows submission of broken code, which would be revealed only while pushing changes to chef-server. I want to modify this approach by utilizing update hook and accepting changes only if they would be successfully uploaded to chef server. But in order to do this I also need some rollback mechanism on chef-server side to discard update in case of any issues.

So my question is: do we have in chef server 11.08 any built in mechanism for transactional updates or I need to implement some custom solution?

Thanks,
Kirill.


Archive powered by MHonArc 2.6.16.

§