Manage Environments

[edit on GitHub]

Note

This topic is about using the Chef management console to manage environments.

An environment is a way to map an organization’s real-life workflow to what can be configured and managed when using Chef server. Every organization begins with a single environment called the _default environment, which cannot be modified (or deleted). Additional environments can be created to reflect each organization’s patterns and workflow. For example, creating production, staging, testing, and development environments. Generally, an environment is also associated with one (or more) cookbook versions.

Manage

Environments can be managed from the Chef management console web user interface.

Add Environment

To add an environment:

1. Open the Chef management console.

2. Click Policy.

3. Click Environments.

4. Click Create.

5. In the Create an Environment dialog box, enter the name of the environment and a description.

   

   Click Next.

6. Optional. Set a constraint by choosing a name, an operator, and a version:

   

   Click Add. Continue this process until all constraints are added. When finished, click Next.

7. Optional. Add default attributes as JSON data:

   

   Click Next.

8. Optional. Add override attributes as JSON data:

   

9. Click Create Environment.

Delete Environment

To delete an environment:

1. Open the Chef management console.

2. Click Policy.

3. Click Environments.

4. Select an environment.

5. Click Delete.

   

Edit Details

To edit the details of an environment:

1. Open the Chef management console.
2. Click Policy.
3. Click Environments.
4. Select an environment.
5. Click the Details tab.
6. Click Edit.

Set

To set the environment for a node:

1. Open the Chef management console.

2. Click Nodes.

3. Select a node.

4. Click the Details tab.

5. In the top right, from the Environment drop-down, select the environment:

   

6. Click Save.

View Details

To view environment details:

1. Open the Chef management console.
2. Click Policy.
3. Click Environments.
4. Select an environment.
5. Click the Details tab.

Default Attributes

A default attribute is automatically reset at the start of every chef-client run and has the lowest attribute precedence. Use default attributes as often as possible in cookbooks.

Edit

To edit default attributes for an environment:

1. Open the Chef management console.

2. Click Policy.

3. Click Environments.

4. Select an environment.

5. Click the Attributes tab.

6. Under Default Attributes, click Edit.

7. In the Edit Environment Attributes dialog box, enter the JSON data that defines the attribute (or attributes).

   

8. Click Save.

View

To view default attributes for an environment:

1. Open the Chef management console.
2. Click Policy.
3. Click Environments.
4. Select an environment.
5. Click the Attributes tab.

Override Attributes

An override attribute is automatically reset at the start of every chef-client run and has a higher attribute precedence than default, force_default, and normal attributes. An override attribute is most often specified in a recipe, but can be specified in an attribute file, for a role, and/or for an environment. A cookbook should be authored so that it uses override attributes only when required.

Edit

To edit override attributes for an environment:

1. Open the Chef management console.

2. Click Policy.

3. Click Environments.

4. Select an environment.

5. Click the Attributes tab.

6. Under Override Attributes, click Edit.

7. In the Edit Environment Attributes dialog box, enter the JSON data that defines the attribute (or attributes).

   

8. Click Save Attributes.

View

To view override attributes for an environment:

1. Open the Chef management console.
2. Click Policy.
3. Click Environments.
4. Select an environment.
5. Click the Attributes tab.

Permissions

Permissions are used in the Chef server to define how users and groups can interact with objects on the server. Permissions are configured per-organization.

The Chef server includes the following object permissions:

Permission	Description
Delete	Use the Delete permission to define which users and groups may delete an object. This permission is required for any user who uses the knife [object] delete [object_name] argument to interact with objects on the Chef server.
Grant	Use the Grant permission to define which users and groups may configure permissions on an object. This permission is required for any user who configures permissions using the Administration tab in the Chef management console.
Read	Use the Read permission to define which users and groups may view the details of an object. This permission is required for any user who uses the knife [object] show [object_name] argument to interact with objects on the Chef server.
Update	Use the Update permission to define which users and groups may edit the details of an object. This permission is required for any user who uses the knife [object] edit [object_name] argument to interact with objects on the Chef server and for any chef-client to save node data to the Chef server at the conclusion of a chef-client run.

Set

To set permissions list for an environment object:

1. Open the Chef management console.
2. Click Policy.
3. Click Environments.
4. Select an environment.
5. Click the Permissions tab.
6. For each group listed under Name, select or de-select the Read, Update, Delete, and Grant permissions.

Update

To update the permissions list for an environment object:

1. Open the Chef management console.
2. Click Policy.
3. Click Environments.
4. Select an environment.
5. Click the Permissions tab.
6. Click the + Add button and enter the name of the user or group to be added.
7. Select or de-select Read, Update, Delete, and Grant to update the permissions list for the user or group.

View

To view permissions for an environment object:

1. Open the Chef management console.
2. Click Policy.
3. Click Environments.
4. Select an environment.
5. Click the Permissions tab.
6. Set the appropriate permissions: Read, Update, Delete, and Grant.