- From: Daniel DeLeo <
>
- To:
- Subject: [chef] Re: chef-server containers
- Date: Wed, 30 Sep 2015 16:46:38 -0700
On Wednesday, September 30, 2015 at 4:17 PM, Phil Oliva wrote:
>
Ohai chefs,
>
>
I’ve been reviewing the following document ChefServerPermissions_v1.3.pdf
>
(https://github.com/chef/chef-server/blob/master/doc/ChefServerPermissions_v1.3.pdf)
>
and have a few questions around the purpose of some chef objects (and
>
their related containers) on the chef server.
>
>
The document lists all the default containers (which relate to chef
>
objects) that exist today:
>
>
clients
>
containers
>
cookbooks
>
data
>
environments
>
groups
>
nodes
>
roles
>
sandboxes
>
policies
>
policy_groups
>
cookbook_artifacts
>
>
Most chef object seem pretty obvious but except for data, sandboxes, and
>
cookbook_artifacts objects.
>
>
Is data object simply a data bag?
Yes
>
What are sandboxes and cookbook_artifacts objects? If an user only had read
>
access to these type of objects what wouldn’t they be able to do when using
>
knife commands?
Sandboxes keep track of state during cookbook uploads, since the actual files
are uploaded to S3 or an S3-alike service (bookshelf).
Cookbook artifacts are cookbooks that are used by policyfiles. These are
stored as a separate object type so we didn’t have to introduce any behavior
changes to the existing cookbooks APIs.
>
>
-Phil
>
>
Philip Oliva
>
Senior Infrastructure Software Developer
>
BlackBerry Ltd.
>
“Fail quick, fail often, recover quickly”
>
http://ca.linkedin.com/pub/philip-oliva/67/74/10
>
--
Daniel DeLeo
Archive powered by MHonArc 2.6.16.