Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

node attributes not being saved with 'ufw' cookbook #110

Open
mipearson opened this issue Oct 11, 2012 · 2 comments
Open

node attributes not being saved with 'ufw' cookbook #110

mipearson opened this issue Oct 11, 2012 · 2 comments
Labels
enhancement

Comments

@mipearson
Copy link

I'm unsure whether this is a 'bug' or my misunderstanding of how littlechef works.

I'm using the 'ufw' cookbook to manage firewall rules on a machine I'm provisioning with littlechef.

The cookbook's recipe contains this stanza:

old_state = node['firewall']['state']
new_state = node['firewall']['rules'].to_s
Chef::Log.debug "Old firewall state:#{old_state}"
Chef::Log.debug "New firewall state:#{new_state}"

#check to see if the firewall rules changed.
#the rules are always changed the first run
if old_state == new_state
  Chef::Log.info "Firewall rules unchanged."
else
  Chef::Log.info "Firewall rules updated."
  node['firewall']['state'] = new_state

  #drop rules and re-enable
  execute "ufw --force reset"

  # ... rest of recipe to add rules again ...

The problem I have is the firewall 'state' is never saved to the my node's .json, and therefore the firewall is reset every time this recipe is run.

Should the state be saved? If so, when/where in littlechef does this happen?

I'm assuming this cookbook works as advertised when run with knife/chef server.
@tobami
Copy link
Owner

tobami commented Oct 12, 2012

You assumption is correct, though this cookbook's case is a bit confusing.

There are a couple of cookbooks that use node.save, at which point the current node attributes (well, everything) is saved. That only works with a Chef Server. For obvious reasons, Chef Solo cannot save the new info anywhere, so LittleChef by design cannot support that. It could be argued that it is a Chef anti-patern...

What I don't quite understand is why it is a problem in the ufw cookbook, because they don't call node.save in any of the recipes. Reassigning attribute values mid-cookbook should only affect the current run as long as they are not saved.

@tobami
Copy link
Owner

tobami commented Oct 12, 2012

In any case I marked this issue as "enhancement". We can add a list of cookbooks that use node.save to the documentation so that users are aware of which cookbooks can break when using Chef Solo. A preliminary one:

$ grep -r "node.save" opscode-cookbooks
./wordpress/recipes/default.rb: node.save
./drbd/recipes/default.rb:node.save unless Chef::Config[:solo]
./database/recipes/master.rb: node.save
./zenoss/recipes/server.rb: node.save
./aws/providers/ebs_volume.rb: node.save unless Chef::Config[:solo]
./rsyslog/recipes/server.rb:node.save unless Chef::Config[:solo]
./ossec/recipes/server.rb:node.save
./ossec/recipes/client.rb:node.save
./sql_server/recipes/server.rb:node.save unless Chef::Config[:solo]
./postgresql/recipes/server.rb:node.save unless Chef::Config[:solo]
./mysql/recipes/server.rb

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mipearson @tobami