[chef] Re: can Chef be used to alert manual changes?


Chronological Thread 
  • From: "Julian C. Dunn" < >
  • To:
  • Subject: [chef] Re: can Chef be used to alert manual changes?
  • Date: Thu, 13 Aug 2015 16:03:54 +0000

I'd suggest you start with the "Audit a node for compliance" tutorial on LearnChef (https://learn.chef.io/).

- Julian

On Thu, Aug 13, 2015 at 11:04 AM Medya < "> > wrote:
Julian, any example of Chef Audit mode?

On Wed, Aug 12, 2015 at 6:16 PM, Julian C. Dunn < " target="_blank"> > wrote:

You could also use Chef Audit Mode and write a test that does something like expect "java -version" to return 6.x and if it returns 7, it would alert you.

- Julian

If you re-run chef-client on a node that has had a previously-successful chef-client run, it will re-converge the necessary cookbook(s) to put the node into the desired state. In you example, the original cookbook that installed java will detect that a different java has been (manually) installed, and re-install its java version. You can write report handlers to send a notification (email?) if a cookbook converged.

 

Chris

 

From: Medya [mailto: " target="_blank"> ]
Sent: Wednesday, August 12, 2015 1:20 PM
To: " target="_blank">
Subject: [chef] Re: Re: can Chef be used to alert manual changes?

 

I meant if someone goes and install a different java manualy (not through a chef run) can that be detected ?

 

On Wed, Aug 12, 2015 at 12:12 PM, niristotle okram < " target="_blank"> > wrote:

Haven't done it yet, but the report handler can tell you what are the resources that were updated in the chef run. The chef-run will bring back to java6 in your case and will show up in the report. 

 

On Wed, Aug 12, 2015 at 10:08 AM, Medya < " target="_blank"> > wrote:

Let say I install Java 6 on a node using chef, 

if someone goes and install java 7 on it, can chef alert me and tell me?

or is there a tool on the top of Chef that can help me do that?



 

--

Regards
nirish okram

 





Archive powered by MHonArc 2.6.16.

§