I would like to stop using Chef nodes as file but use the new chefDK provision command with a special driver that would "pick" a node from the firstboot pool (so basically my "cloud" provider is the pool of firstboot nodes in Chef). Without dealing with concurrent access to Chef provision, this seem doable: to allocate a node I can "tag" a firstboot node and delete it once the machine is ready.The way to do this is to make sure only one agent on your network can move the node between states. A simple design would be to have the node responsible for publishing that its done with firstboot by tagging itself and then the node.save at the end publishes the write. Then write a simple web endpoint which is your API to 'allocate' a new firstboot'ed node. By centralizing it you don't have to worry about race conditions between multiple clients all trying to get the same node at the same time. You can then write command line tools that talk to the endpoint you wrote to get a node, rather than wanting a distributed lock that the CLI commands can grab on the node object itself. If you've already got etcd or something similar that you're using internally you could probably use that instead.
But how to do this with concurrent access? It seems almost impossible. And the way things are going with Policy files will tend towards a separate git repo and provision cookbook per policy, all sharing the same pool of firstboot nodes (for now I don't use Policy files).
I wish I could have a way to "lock" a node or something like that.
Archive powered by MHonArc 2.6.16.