Reputation: 185
Chef - git-only cookbook / role management?
I worked with Opscode Chef a couple of years ago, and I'm thinking about using it again at my new company - but I am wondering if some of my issues with Chef have been addressed in the meantime or if I should expect to use the same workarounds.
While I loved many features of the Server flavor, I didn't like the fact that version management of our cookbooks and roles was separate from the actual adding of the items to the chef server. In my mind, having those 2 different steps was just asking for trouble when someone created a run list from a file, and then neglected to commit those changes to version control. I eventually went with chef-solo, running on a cron job and pulling down changes from our repository, and then running from a shell script that pointed to our specific node.json configuration. This way, the only way to get items into Chef was by having them in Git. To be honest, this seems like the only sane way to go about things: you don't use version control for your project but FTP your files to your production server.
Do the newer version of Chef have the capability to only read configuration updates from your version controlled repository? If not, are there any tools that use commit hooks on the repository to update Chef's configuration? Has anyone out there had a similar concern, and how did you address it?
I am also open to using Puppet (or any other pull-based tool), I just don't have any experience with it so it's not my first choice. Ansible / any push-based tool won't work. We are managing machines behind firewalls, sometimes with unpredictable network connections.
Upvotes: 0
Views: 157
Answers (2)
Reputation: 4223
Take a look at chef-guard. It's a middle layer tool that mimics the chef api, but intercepts your knife commands and pulls source control into the mix. So, when you upload a new runlist, or cookbook, or environment, or ANYTHING, it ensures that is in source control (and tagged in the case of cookbooks) before forwarding it on to the chef server. Should do exactly what you're looking for.
Upvotes: 1
Reputation: 37620
Unfortunately, Chef is still not opinionated on any workflows. I'd say the suggested way is implementation of a continuous delivery pipeline somewhere (e.g. in Jenkins) that does the uploads to the chef server.
Upvotes: 0
Related Questions
- How to manage Chef cookbook in Git which has a dependent cookbook
- How to properly use Roles with Chef-solo
- Check out a Git repository with chef?
- How to deploy a git repo to a chef node using chef?
- Is there a quick way to use chef cookbooks on github?
- chef deployment?
- Using Chef/Puppet and managing hand-made changes
- Managing custom cookbooks in a chef repo
- Use Chef with a non-Git VCS/DVCS
- Check out Git with Chef and Vagrant