chef-solo¶
chef-solo is a command that executes chef-client in a way that does not require the Chef server in order to converge cookbooks. chef-solo uses chef-client’s Chef local mode, and does not support the following functionality present in chef-client / server configurations:
- Centralized distribution of cookbooks
- A centralized API that interacts with and integrates infrastructure components
- Authentication or authorization
Note
chef-solo can be run as a daemon.
Cookbooks¶
chef-solo supports two locations from which cookbooks can be run:
- A local directory.
- A URL at which a tar.gz archive is located.
Using a tar.gz archive is the more common approach, but requires that cookbooks be added to an archive. For example:
$ tar zcvf chef-solo.tar.gz ./cookbooks
If multiple cookbook directories are being used, chef-solo expects the tar.gz archive to have a directory structure similar to the following:
cookbooks/
|---- cbname1/
|--attributes/ ... etc
...
|---- cbname2/
|--attributes/
The cookbook_path
variable in the solo.rb file must include both directories. For example:
$ tar zcvf chef-solo.tar.gz ./cookbooks ./site-cookbooks
When the tar.gz archive contains all of the cookbooks required by chef-solo, upload it to the web server from which chef-solo will access the archive.
Nodes¶
Unlike chef-client, where the node object is stored on the Chef server, chef-solo stores its node objects as JSON files on local disk. By default, chef-solo stores these files in a nodes
folder in the same directory as your cookbooks
directory. You can control the location of this directory via the node_path
value in your configuration file.
Attributes¶
chef-solo does not interact with the Chef server. Consequently, node-specific attributes must be located in a JSON file on the target system, a remote location (such as Amazon Simple Storage Service (S3)), or a web server on the local network.
The JSON file must also specify the recipes that are part of the run-list. For example:
{
"resolver": {
"nameservers": [ "10.0.0.1" ],
"search":"int.example.com"
},
"run_list": [ "recipe[resolver]" ]
}
Data Bags¶
A data bag is defined using JSON. chef-solo will look for data bags in /var/chef/data_bags
, but this location can be modified by changing the setting in solo.rb. For example, the following setting in solo.rb:
data_bag_path '/var/chef-solo/data_bags'
Create a data bag by creating folders. For example:
mkdir /var/chef-solo/data_bags
and:
mkdir /var/chef-solo/data_bags/admins
and then create a JSON file in that location:
{
"id": "ITEM_NAME"
}
where the name of the file is the ITEM_NAME
, for example:
/var/chef-solo/data_bags/admins/ITEM_NAME.json
Roles¶
A role is defined using JSON or the Ruby DSL. chef-solo will look for roles in /var/chef/roles
, but this location can be modified by changing the setting for role_path
in solo.rb. For example, the following setting in solo.rb:
role_path '/var/chef-solo/roles'
Role data looks like the following in JSON:
{
"name": "test",
"default_attributes": { },
"override_attributes": { },
"json_class": "Chef::Role",
"description": "This is just a test role, no big deal.",
"chef_type": "role",
"run_list": [ "recipe[test]" ]
}
and like the following in the Ruby DSL:
name 'test'
description 'This is just a test role, no big deal.'
run_list 'recipe[test]'
and finally, JSON data passed to chef-solo:
{ 'run_list': 'role[test]' }
Environments¶
An environment is defined using JSON or the Ruby DSL. chef-solo will look for environments in /var/chef/environments
, but this location can be modified by changing the setting for environment_path
in solo.rb. For example, the following setting in solo.rb:
environment_path '/var/chef-solo/environments'
Environment data looks like the following in JSON:
{
"name": "dev",
"default_attributes": {
"apache2": {
"listen_ports": [
"80",
"443"
]
}
},
"json_class": "Chef::Environment",
"description": "",
"cookbook_versions": {
"couchdb": "= 11.0.0"
},
"chef_type": "environment"
}
and like the following in the Ruby DSL:
name 'environment_name'
description 'environment_description'
cookbook OR cookbook_versions 'cookbook' OR 'cookbook' => 'cookbook_version'
default_attributes 'node' => { 'attribute' => [ 'value', 'value', 'etc.' ] }
override_attributes 'node' => { 'attribute' => [ 'value', 'value', 'etc.' ] }
chef-solo (executable)¶
The chef-solo executable is run as a command-line tool.
Options¶
This command has the following syntax:
chef-solo OPTION VALUE OPTION VALUE ...
This command has the following options:
-c CONFIG
,--config CONFIG
- The configuration file to use.
-d
,--daemonize
Run the executable as a daemon. This option may not be used in the same command with the
--[no-]fork
option.This option is only available on machines that run in UNIX or Linux environments. For machines that are running Microsoft Windows that require similar functionality, use the
chef-client::service
recipe in thechef-client
cookbook: https://supermarket.chef.io/cookbooks/chef-client. This will install a chef-client service under Microsoft Windows using the Windows Service Wrapper.-E ENVIRONMENT_NAME
,--environment ENVIRONMENT_NAME
- The name of the environment.
-f
,--[no-]fork
- Contain the chef-client run in a secondary process with dedicated RAM. When the chef-client run is complete, the RAM is returned to the master process. This option helps ensure that a chef-client uses a steady amount of RAM over time because the master process does not run recipes. This option also helps prevent memory leaks such as those that can be introduced by the code contained within a poorly designed cookbook. Use
--no-fork
to disable running the chef-client in fork node. Default value:--fork
. This option may not be used in the same command with the--daemonize
and--interval
options. -F FORMAT
,--format FORMAT
The output format:
doc
(default) ormin
.- Use
doc
to print the progress of the chef-client run using full strings that display a summary of updates as they occur. - Use
min
to print the progress of the chef-client run using single characters.
A summary of updates is printed at the end of the chef-client run. A dot (
.
) is printed for events that do not have meaningful status information, such as loading a file or synchronizing a cookbook. For resources, a dot (.
) is printed when the resource is up to date, anS
is printed when the resource is skipped bynot_if
oronly_if
, and aU
is printed when the resource is updated.Other formatting options are available when those formatters are configured in the client.rb file using the
add_formatter
option.- Use
--force-formatter
- Show formatter output instead of logger output.
--force-logger
- Show logger output instead of formatter output.
-g GROUP
,--group GROUP
- The name of the group that owns a process. This is required when starting any executable as a daemon.
-h
,--help
- Show help for the command.
-i SECONDS
,--interval SECONDS
- The frequency (in seconds) at which the chef-client runs. When the chef-client is run at intervals,
--splay
and--interval
values are applied before the chef-client run. This option may not be used in the same command with the--[no-]fork
option. -j PATH
,--json-attributes PATH
The path to a file that contains JSON data.
Use this option to define a
run_list
object. For example, a JSON file similar to:"run_list": [ "recipe[base]", "recipe[foo]", "recipe[bar]", "role[webserver]" ],
may be used by running
chef-client -j path/to/file.json
.In certain situations this option may be used to update
normal
attributes.Warning
Any other attribute type that is contained in this JSON file will be treated as a
normal
attribute. Setting attributes at other precedence levels is not possible. For example, attempting to updateoverride
attributes using the-j
option:{ "name": "dev-99", "description": "Install some stuff", "override_attributes": { "apptastic": { "enable_apptastic": "false", "apptastic_tier_name": "dev-99.bomb.com" } } }
will result in a node object similar to:
{ "name": "maybe-dev-99", "normal": { "name": "dev-99", "description": "Install some stuff", "override_attributes": { "apptastic": { "enable_apptastic": "false", "apptastic_tier_name": "dev-99.bomb.com" } } } }
-l LEVEL
,--log_level LEVEL
- The level of logging to be stored in a log file.
-L LOGLOCATION
,--logfile c
- The location of the log file. This is recommended when starting any executable as a daemon.
--legacy-mode
Cause the chef-client to not use chef local mode, but rather the original chef-solo mode. This is not recommended unless really required.
Removed in Chef Client 14.
--minimal-ohai
- Run the Ohai plugins for name detection and resource/provider selection and no other Ohai plugins. Set to
true
during integration testing to speed up test cycles. --[no-]color
- View colored output. Default setting:
--color
. -N NODE_NAME
,--node-name NODE_NAME
- The name of the node.
-o RUN_LIST_ITEM
,--override-runlist RUN_LIST_ITEM
- Replace the current run-list with the specified items.
-r RECIPE_URL
,--recipe-url RECIPE_URL
The URL of the remote cookbook
tar.gz
file that you want to download.In Chef Client 14, the short
-r
form will be removed, as it conflicts with the ability to specify a run list.--run-lock-timeout SECONDS
- The amount of time (in seconds) to wait for a chef-client lock file to be deleted. Default value: not set (indefinite). Set to
0
to cause a second chef-client to exit immediately. -s SECONDS
,--splay SECONDS
- A random number between zero and
splay
that is added tointerval
. Use splay to help balance the load on the Chef server by ensuring that many chef-client runs are not occurring at the same interval. When the chef-client is run at intervals,--splay
and--interval
values are applied before the chef-client run. -u USER
,--user USER
- The user that owns a process. This is required when starting any executable as a daemon.
-v
,--version
- The version of the chef-client.
-W
,--why-run
- Run the executable in why-run mode, which is a type of chef-client run that does everything except modify the system. Use why-run mode to understand why the chef-client makes the decisions that it makes and to learn more about the current and proposed state of the system.
Examples¶
Run chef-solo using solo.rb settings
$ chef-solo -c ~/chef/solo.rb
Use a URL
$ chef-solo -c ~/solo.rb -j ~/node.json -r http://www.example.com/chef-solo.tar.gz
The tar.gz is archived into the file_cache_path
, and then extracted to cookbooks_path
.
Use a directory
$ chef-solo -c ~/solo.rb -j ~/node.json
chef-solo will look in the solo.rb file to determine the directory in which cookbooks are located.
Use a URL for cookbook and JSON data
$ chef-solo -c ~/solo.rb -j http://www.example.com/node.json --recipe-url http://www.example.com/chef-solo.tar.gz
where --recipe-url
corresponds to recipe_url
and -j
corresponds to json_attribs
, both of which are configuration options in solo.rb
.