I do something that sounds similar enough in one of my cookbooks, but with
I have the following resource:
execute ‘test nginx config’ do
command ‘nginx -t’
notifies :reload, ‘service[nginx]’, :delayed
When a template is modified, you can tell it to notify the execute resource
immediately to test the config (you can do this with action :nothing; I use
this as-is at the end of a recipe so a reload happens at the end of each
good run). At the end, nginx is then reloaded if all tests pass.
Otherwise, the Chef run will fail when the test fails. If you pair this
with “ignore_failure true” like Julian suggested, you could probably
achieve what you’re looking for. I don’t believe that the execute resource
will trigger the notification on a failure with “ignore_failure true”, but
I have not tried myself.
I hope that helps, even if just a little.
On Wed, Jun 25, 2014 at 3:54 PM, Kadel-Garcia, Nico <
The “execute” part is easy, I’ve done some tests with that. I can even
wrap the service commands in an “if” statement to use different
start_command and restart_command when the verification tools is available,
and when it’s not.
The difficulty I’m having is getting it to run immediately before the
delayed notification based service restarts, reloads, or starts, without
also running before all of any modified configuration files have been
deployed. I’d originally just stuck it into the start_command,
reload_command, etc. as part of the execution string, but that seems less
Once it’s working, then yes, an LWRP or enhancement to the basic "service"
toolkit might be in order. I’d love to see it for other daemons, such as
HTTPD, that have configuration testers.
Senior Systems Consultant
Cell Phone: +1.339.368.2428
From: Daniel DeLeo [mailto:firstname.lastname@example.org] On Behalf Of Daniel DeLeo
Sent: Wednesday, June 25, 2014 3:13 PM
Subject: [chef] Re: RE: Re: RE: Re: Keeping DNS configuration eerrors from
breaking working server with bind cookboks
On Wednesday, June 25, 2014 at 11:21 AM, Kadel-Garcia, Nico wrote:
The extent to which I do not want to re-invent RFC compliant BIND
verification, in ruby, from scratch, cannot be overstated.
“named-checkconf” and “named-checkzone” do a pretty good job.
No one was suggesting you do that.
Maybe you could set up your file/template resources to notify an execute
resource which will run the config checker, which in turn will fail if the
config is invalid. That could be wrapped up in a LWRP to make it easy to