General discussion about Chef

[chef] Re: Chef behavior question


Chronological Thread 
  • From: George Miranda < >
  • To: " " < >
  • Subject: [chef] Re: Chef behavior question
  • Date: Mon, 23 Jun 2014 09:05:23 -0700
What you're describing is a situation where Chef is dealing with out-of-band changes.  The idea with any configuration management framework you implement is that it becomes the source of truth for configuration.  If an out-of-band change occurs and it tramples on configuration that Chef is managing, Chef will put it back into the state your code expects it to be in.

It's generally bad practice to either 1) have critical configuration you care about happen out-of-band, or 2) have two automatic configuration processes manage the same thing; one of them will beat up on the other (or worse, they'll constantly revert one another).

So I think your choices here are to either:

- Migrate the logic of that local script into Chef.  Pull that logic into your configuration management policies so there's no ambiguous third-party process doing who knows what and anyone can turn to one source that describes the totality of your system configuration logic in one place.  That becomes grokable and, therefore, maintainable and sustainable.  It also removes the conflict.

- Stop managing the content of the config file for MyService with Chef and let that local script always manage it.  Break up the bits of logic that configure your entire application into separate places that may not be grokable to anyone without tribal knowledge about your stack.  But that also removes the conflict.

You can probably guess which one I'd recommend. :-)

HTH



On Sun, Jun 22, 2014 at 2:24 PM, Justin Franks < " target="_blank"> > wrote:

Let's say...

Chef reads file /etc/somefile which contains a list of IP addresses
(The list of IP addresses in /etc/somefile will change on occasion)
Chef builds a config of MyService and uses the IP addresses in /etc/somefile in the config it builds
The file /etc/somefile changes. It now contains a new list of IP addresses
A local script catches the change and updates the config of MyService to reflect the new IP addresses
Moments later Chef runs again as normally scheduled.
What happens?
Does Chef read the file /etc/somefile, notice the new IP addresses and update the config thus "undoing" what the local script did?
Or will Chef say, "Hey, something changed the config for MyService. I better put it back to its original state by reverting the changes in the config file."



*************************
Justin Franks
Lead Operations Engineer
SaaS, Cloud, Data Centers & Infrastructure
Lithium Technologies, Inc
225 Bush St., 15th Floor
San Francisco, CA 94104
tel: +1 415 757 3100 x3219


Archive powered by MHonArc 2.6.16.

§