chef - [chef] Re: Re: Should I be using roles?

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] Re: Re: Should I be using roles?

From: Daniel DeLeo < >
To:
Subject: [chef] Re: Re: Should I be using roles?
Date: Mon, 15 Sep 2014 17:35:37 -0700

On Monday, September 15, 2014 at 5:15 PM, AJ Christensen wrote:

> Yo,
>
> Forgive my reply-all!
>
> Roles are fine, use whatever you like. I use them all the time! They're
> awesome.
>
> If you don't use roles you'll end up half ass inventing them with
> application/library/wrapper shenanigan cookbooks, or other external
> stuff -- You could put run lists in a custom API, Consul, or etcd, for
> example.
>
> I semi-expect Chef to offer some more guidance officially soon with
> regard to version-able policy representing the cookbooks, attributes,
> version locks and execution order.
>
> Chef-RFC RFC019 [0] is worth looking at regarding workflows and the
> ChefDK, "the berkshelf way".
>
> I would also urge you to read Dan's proposal regarding Arbitrary
> cookbook identifiers which is used for his (experimental? prototype?)
> Policyfile implementation. It's the way I hope we all choose to
> proceed, personally. [1]
>
> regards,
>
> --aj (fujin)
>
> [0]
> https://github.com/opscode/chef-rfc/blob/6a239ff5dc223290d4488d76fadaeeb6d14f5ab1/rfc019-chef-workflows.md
> [1] https://github.com/opscode/chef-rfc/pull/20

The policyfile stuff is coming along, but definitely not at a point where you
can use it in production unless you’re pretty serious about being able to fix
any bugs that are blocking you. Here’s an overview of what it is, what
problems it solves, and how we expect it to work:

https://github.com/opscode/chef-dk/blob/master/POLICYFILE_README.md

The pertinent part of the feature is that you’ll do the “run list expansion”
step on your workstation while you’re developing your cookbooks, which means
that roles will be baked in to the resulting "policy lock” document.
Therefore any changes to roles will be rolled out gradually as you apply the
policy to sets of nodes.

It’s still too early to say what any timeline will be for the feature to be
useable in a real way. I just merged the first iteration of the command line
interface to chef-dk master today
(https://github.com/opscode/chef-dk/pull/157), but as I wrote in the
aforementioned document, there’s a lot of critical features left to write,
including some new server APIs (also, role support).

Whether that means you should avoid roles, or use them but be careful about
how you update them, depends on your requirements and your team. There’s a
lot of good perspectives in this thread to consider.

--
Daniel DeLeo

[chef] Should I be using roles?, Greg Barker, 09/15/2014
- [chef] Re: Should I be using roles?, JOHN HASTY, 09/15/2014
- [chef] Re: Should I be using roles?, Morgan Blackthorne, 09/15/2014
  - [chef] Re: Re: Should I be using roles?, Kenneth Barry, 09/15/2014
    - [chef] Re: Re: Re: Should I be using roles?, Greg Zapp, 09/15/2014
    - [chef] Re: Re: Re: Should I be using roles?, Ranjib Dey, 09/15/2014
      - [chef] Re: Should I be using roles?, Michael deMan, 09/15/2014
    - [chef] Re: Re: Re: Should I be using roles?, Eric G. Wolfe, 09/15/2014
- [chef] Re: Should I be using roles?, AJ Christensen, 09/15/2014
  - [chef] Re: Re: Should I be using roles?, Daniel DeLeo, 09/15/2014
  - [chef] Re: Re: Should I be using roles?, Lamont Granquist, 09/15/2014
    - [chef] Re: Re: Re: Should I be using roles?, Torben Knerr, 09/17/2014
- [chef] Re: Should I be using roles?, Mark Harrison, 09/15/2014
  - [chef] Re: Re: Should I be using roles?, Greg Barker, 09/16/2014
    - [chef] Re: Re: Re: Should I be using roles?, Mark Harrison, 09/16/2014