I’m looking at the bind and bind9
cookbooks, and realizing that they don’t check for certain
types of invalid configurations that would cause the BIND
daemon to fail to restart. In particular, for bind9, multiple
data bags that have the same ‘domain’ setup are accepted
without error, but break /etc/named.conf.local.
The BIND published command
‘named-checkconf’ can be used check the configurations before
the recipe comletes and prevent BIND from being restarted in a
broken state. But I’ve been asked to let those BIND related
cookbooks report errors, and not actually cause the rest of
the chef run to fail.
So I’ve tried various approaches, trying to
tie “rescue” operations to the necessary shell command, simply
wrapping the whole recipe in a “rescue”, and others. I seem
unable to get the right balance of runingn the check, allowing
the cookbook to succeed, and getting a visible error report.
Has anyone in the community done this, or
other “run this shell script, end this recipe, report the
error, and allow other cookbooks to continue”
--
Nico Kadel-Garcia
Senior Systems Consultant
Email:
">
Cell Phone: +1.339.368.2428