Augeas support

Working with chef the last few days, I have run into situations where augeas
seems like the right answer, but it’s not supported currently.

Augeas lets you modify config files in-place without over-writing the whole
thing.

The reason it seems preferable, is that if I am facing time constraints and I
am writing recipes quickly, the chef-way of doing things would require me to
clobber the whole config file and manage the whole config file. The
problem with that, is I really want to understand what I am doing before I take
such a major step as to manage an entire file. It is somehow safer and more
minimalistic to say “I will tweak one little setting with augeas, and leave the
rest of the file as it is, at least for the time being.” Maybe eventually I
can go back and manage the whole file, on multiple linux distros, but that
requires more research and time, to be sure I have the right file, all the
right settings, across all platforms.

Maybe I still need to be indoctrinated into the chef way of doing things, and
why its preferable. I could be converted. In the mean time, I wish there
was Augeas. Can someone please add it. :slight_smile:

On Feb 15, 2013, at 2:00 AM, samuel.d.darwin@gmail.com wrote:

Working with chef the last few days, I have run into situations where augeas
seems like the right answer, but it's not supported currently.

Augeas lets you modify config files in-place without over-writing the whole
thing.

The reason it seems preferable, is that if I am facing time constraints and I
am writing recipes quickly, the chef-way of doing things would require me to
clobber the whole config file and manage the whole config file. The
problem with that, is I really want to understand what I am doing before I take
such a major step as to manage an entire file. It is somehow safer and more
minimalistic to say "I will tweak one little setting with augeas, and leave the
rest of the file as it is, at least for the time being." Maybe eventually I
can go back and manage the whole file, on multiple linux distros, but that
requires more research and time, to be sure I have the right file, all the
right settings, across all platforms.

Maybe I still need to be indoctrinated into the chef way of doing things, and
why its preferable. I could be converted. In the mean time, I wish there
was Augeas. Can someone please add it. :slight_smile:

There are Ruby bindings, just make yourself a little LWRP and go nuts. As for why this is bad, expressing desired state as a series of deltas instead of absolute values leads to drift over time, the usual end result being that the set of recipes that worked over time on a bunch of hosts all of a sudden can't be used to provision from scratch or vice versa. For example, if you are depending on deltas from the standard Debian/RHEL config files and they make a change in a point release, you are then screwed (possibly).

--Noah

-----Original message-----
From:Noah Kantrowitz noah@coderanger.net
Sent:Fri 02-15-2013 03:51 am
Subject:[chef] Re: Augeas support

On Feb 15, 2013, at 2:00 AM, samuel.d.darwin@gmail.com wrote:

There are Ruby bindings, just make yourself a little LWRP and go nuts. As for why this is bad, expressing desired state as a series of deltas instead of absolute values leads to drift over time, the usual end result being that the set of recipes that worked over time on a bunch of hosts all of a sudden can’t be used to provision from scratch or vice versa. For example, if you are depending on deltas from the standard Debian/RHEL config files and they make a change in a point release, you are then screwed (possibly).

I find that the drift problem is far worse with the manage-the-whole-config-file approach; it’s one of my biggest peeves with Chef.

You have the same point-release problem you mentioned about deltas, just worse. After all, the only reason deltas would break is if the config file itself has changed - and that means that the one you manage in chef is already broken. You may just not know it. I’ve had a number of problems with that - and more insidiously, these are often things where things don’t obviously break, but rather causes subtle problems.

There is a third approach, and I would like to see that implemented more solidly: editing config files. Right now, you can use Chef:Util:FileEdit. But that has no built-in idempotency, and generally is quite kludgey.

Yet, this is the approach that would continue to work almost no matter what.

In one extreme case, I needed to change one line in php.ini (the time zone) - but now I have to manage 1722 lines of configuration file. And I already know that I will have to revisit this when going from PHP 5.1 to 5.2, 5.3 or 5.4. If I didn’t have to manage the whole php.ini, my recipe for it would work the same for all PHP versions.

In an ideal world, I’d be able to do something like this:

file_edit “date.timezone =” do

value “date.timezone = America/Los Angeles”

end

The idea being that this resource should work somewhat like sed or awk work.

I’ve had similar problems with Apache and mysql recently.

Hey Kevin, Sam,

If you need to change so few things, have you thought about skipping the
community cookbooks?

You could create much simpler cookbooks with as few tunable knobs as you
need.

In the case of php.ini, you can have one version of the cookbook per major
language version.

I agree it’s not ideal development wise, but it makes idempotency simple
and lets you have only one source of truth for your server configs.

Mat


RockSolidRails: development & operations consulting for Ruby on Rails

As a matter of fact, both of your suggestions are exactly how I deal with this situation. I find it less than ideal. Foregoing community cookbooks means not leveraging one of the strengths of chef. And having to have a different cookbook for each major language version is exactly the problem I was referring to.

I hear you on the idempotency issue. It’s a lot more difficult to get idempotency with a file-editing approach. In a way, though, it may be a penny-wise, pound-foolish approach. Maybe it is better in the long run to implement idempotency for file edits, if it reduces the cookbook maintenance by such a large amount.

From: Mathieu Martin [mailto:webmat@gmail.com]
Sent: Saturday, February 16, 2013 3:14 AM
To: chef@lists.opscode.com
Subject: [chef] Augeas support

Hey Kevin, Sam,

If you need to change so few things, have you thought about skipping the community cookbooks?

You could create much simpler cookbooks with as few tunable knobs as you need.

In the case of php.ini, you can have one version of the cookbook per major language version.

I agree it’s not ideal development wise, but it makes idempotency simple and lets you have only one source of truth for your server configs.

Mat


RockSolidRails: development & operations consulting for Ruby on Rails