Chef Best Practices

I am new to Chef - leaving SCCM behind and trying to learn a new technology. I am struggling to determine what best practices there are in a few areas. We are looking to manage a large web application via chef and the installation process includes a large amount of file copying and unzipping.

1. Is there an advantage or disadvantage to leaving all files (binaries, data, etc) in the Cookbook 'files' directory? We were told by some team members to not utilize the 'files' directory and to place binaries, data, etc. in another location and fetch them from a share while our recipe is running.
2. Is there an advantage to leaving the bookshelf on the Chef server, or should we host it on S3? If we host it on S3, will our clients need access to S3 or will the traffic that delivers file payloads be routed from S3 to Chef Server to Chef Client?

Thanks,

-Andy

1. Having binaries in cookbook files makes it harder to manage and makes code that much larger to download. Since a CB would be published to GIT, Artifactory(or internal supermarkett), chef-server those files are duplicated that many times and for each version of cookbook. Storage use can skyrocket vs binaries living on a file share and pulled in at runtime on each server once. Updating of those Binaries only needs to happen once then on the fileshare and potentially not needing a code update.

2. S3 allows offloading of storage for cookbooks making the servers more ephemeral and less likely to need more storage space added in the future if you have a large volume of Cookbooks. Chef-server fetches them and then forwards on to client when client requests them.

For binary files to be downloaded and used for installations, you can use the S3 open to the internet and AWS can front the bucket with a URL, so you then only need to use the “remote_file” resource in chef to download the binaries.

Otherwise there is also an S3_file resource in the AWS cookbook for fetching s3 files in private buckets. Some form of authentication is required though.