How to Share Code Across Chef Cookbooks in a Chef-Repo

How do I share code across Chef cookbooks in a chef-repo?

You can use a library defined function from another cookbook but you must teach Chef that your cookbook depends on the providing cookbook.

So, for example, if in cookbook A, you have a libraries/default.rb that provides some function f, you can access it from cookbook B so long as B's metadata.rb file includes the line:

depends "A"

See the Chef documentation on metadata and libraries for more details.

How to share code between recipes

The simplest thing would be is moving this do stuff to library.

my_cookbook/libraries/myhelper.rb:

module Myhelper
  def do_stuff( repo, data )
    [...you can use all kinds of resources here as in recipe...]
  end
end

Then you can use this module in recipes like that:

another_cookbook/recipes/some_recipe.rb:

extend Myhelper
do_stuff( node[:attribute1], node[:attribute2] )

Just make sure you add a dependency on my_cookbook in metadata:

another_cookbook/metadata.rb:

depends 'my_cookbook'

Managing custom cookbooks in a chef repo

Keeping cookbooks in a GIT chef repository doesn't scale well. I keep my cookbooks in an instance of Chef server, acting as a cookbook repository (I don't connect VMs to this chef server). It is designed to fulfil the same purpose as Nexus (or artifactory) in Java development, a place to hold my development dependencies.

When loading a new chef server I download my cookbook's dependencies using Berkshelf, referencing this chef server using an "chef_api" directive:

  • Provision developer environment with chef server and vagrant without registering node

This will all change with Berkshelf 3.0 (Just released). I want to check out berkshelf-api which I'm hoping will simplify my work-flow. Reportedly Berkshelf-api can serve up cookbooks from:

  • Community cookbook site
  • An instance of chef server (like I do)
  • Cookbooks stored on file-system (This might suit you better)

Hope this helps.

Auto-uploading cookbooks to chef server

once you push your cookbook changes to the repository, the build server should be triggered to pull the changes and test your cookbook (checkout kitchen, chefspec, inspec, foodcritic, cookstyle).

when the tests are passing, use use knife or berkshelf to upload your cookbook to chef server

Chef: can a node be shared across multiple organizations?

Short answer nothing: a node belong to one org only.

You may tweak the config file used and key used but that's likely you'll get a conflict between teams on one file someday (for example)

FWIW my position is that multiple organization is likely to become a pain very quickly if there's no well defined workflow around them to tell which node belong to which organization.

To answer the comment under the question:

Not sure if this is an actual design flaw in Chef. Might be a good
idea to allow multiple teams at a company to have their own separate
Chef orgs where they can manage their own nodes and custom cookbooks
that they can use across shared servers.

It is not a flaw of Chef design and allowing this would result on crazy things, let's say:

  • Team A has specific needs for X11 forwarding through ssh and makes it's cookbook to configure sshd this way
  • Team B has specific need to enforce mfa use on ssh, and part of hardening disallow X11 forwarding.

Share the server, then each chef run on org A or org B will reconfigure SSH, never being compliant for both team.

Chef: create cookbooks into repo

Cookbooks can be created using chef, berks or knife. Since knife is deprecated using chef is preferred way. As a note even if you created cookbook using knife it doesn't upload to your chef sever unless you do knife cookbook upload cookbookname. You can verify it using knife cookbook list which will list latest version of cookbook in server or add -a in list command so that all versions in server are displayed. So you can create cookbook using chef generate cookbookname, update with your changes and upload to chef using knife cookbook upload cookbookname itself

When using open source Chef cookbooks - should we clone or reference in Berksfile?

Quoting the Berkshelf documentation:

GitHub Location

As of version 1.0.0, you may now use GitHub shorthand to specify a
location.

cookbook "artifact", github: "RiotGames/artifact-cookbook", tag:
"0.9.8" Given this example, the artifact cookbook from the RiotGames
organization in the artifact-cookbook repository with a tag of 0.9.8
will be cloned to the berkshelf.

I assume this remove the disadvantage of github, and then you just have no reason to refrain using it now.


Related Topics

Indent Multiline String in Erb

How to Resize Image Only If Width Exceeds with Graphics/Image Magick

How Do Erlang Actors Differ from Oop Objects

Can't Install Debugger Gem - Rails - MAC Osx Mavericks

Without Converting to a String, How Many Digits Does a Fixnum Have

Why Does The Ruby Module Kernel Exist

Jpg to Png Using Rmagick

Error Installing Gems: Cannot Load Such File - Zlib

How to Programmatically Remove "Singleton Information" on an Instance to Make It Marshal

Having Problems with Railsinstaller

Rails: Before Process_Action Callback: Authenticate_User! Has Not Been Defined

Ruby on Rails Path Helpers

Ruby/Rails 3.1: Given a Url String, Remove Path

Rails Has_Many Through Form with Additional Attributes

Define_Method with Predefined Keyword Arguments

How to Interact with a Caldav Server from Ruby

Mongodb Server Doesn't Start at Gitlab Runner Using Gitlab-Ci

Ruby/Active Record: Custom Sorting Order


Leave a reply



Submit