[chef] Repo Contents and Synchtonization

[Tom Purcell < >]

Hello

(Sorry for the repost. Failed to add subject on the initial submission.)

I've been using chef-solo to provision development Vagrant VMs for over a year now and now we're looking at managing our full infrastructure (alpha, staging, production) using a locally hosted chef-server. I'm struggling with repo organization and synchronization.

First, what do we manage with git? The Getting Started tar ball leaves you with a chef repo with the following:

• .gitignore
• LICENSE
• README.md
• chefignore
• cookbooks
• data_bags
• environments
• roles   
  

Then if I do a "knife diff --name-only" I'm told the following are missing:

• acls
• clients
• containers
• groups
• invitations.json
• members.json
• nodes
• org.json

Most of these elements are transient in nature and really used to manage chef-server. They do not directly control configuration information for my environment(source code) so I can see why these should not be in git. Am I correct in that assessment?

I say "most" because one of these items is "nodes". A node element describes the runlist for a node. This, like a runlist in a role, is something that is part of my environment (source code) so it seems I should keep it in git. However node also contains the "automatic" element with ohai gathered data which changes. Following a chef-client run "knife diff" will report that a node has diverged from git. The problem is that the diff is in the transient part of the data and not in the environment related elements(source code). Should I have my nodes in git? 

The next issue is keeping git and chef server in-sync. I've googled a good bit. This seems to be an issue with which many have wrestled I cannot seem to discern a consensus. How should this be done?