I installed/removed a package via recipe (´action :install´ and respectively ´action :remove´). In both cases the made changes were not reflected in Chef's management console, but only after a subsequent chef-run.
Further I verified that indeed knife provides the wrong info via:
knife node show -l chef-client -F json
I logged into the chef-client via SSH and verified the wrong status: I ran Ohai on the node and the output was also different than above command.
What could be the reason? Doesn't the node report it's status back to the Chef server? All runs were successful.
Any idea how to debug this? Thanks!
In a normal chef-client <-> chef-server setup a node's state (attributes, etc) are saved back to the chef-server upon a successful run. Anytime you are asking the chef-server about a node, what you're actually getting are the results of the last successful run. When you login to a node and manually run Ohai it's showing you the information at that exact point in time.
As for reasons why, I'd ask/verify how chef-client is being invoked on the nodes in question. Also the specific keys you are looking for can be relevant, some may be coming from Ohai and others from the client run. Just keep in mind that the data is not real-time and is always the cached results of the last good run.
1 Like
Thanks, cheeseplus.
Only reason to this unusual behavior that I could think of is that the chef-client does/can not report back to the chef-server. However, I don't get an error messages, so I assume the run is successful.
The chef-client is invoked on the nodes via
knife ssh -x ubuntu "name:$CHEF_CLIENT" 'sudo chef-client' -a ipaddress in a Gitlab CI pipeline.
I took the example cookbook (learn_chef_apache2) and merely added the installation of the package shellcheck for testing purposes.
If I understood correctly, the node object should usually contain the correct package information.
I'll re-test in a different environment.
TLDR: install package via Chef recipe –> installed package is not listed in node object (under packages)
I tested this in a another environment and it behaved the same.
- installed a (.deb) package via a Chef recipe successfully.
- queried the Chef server if the package is installed on the node
-
No ?!
This is probably by design of chef-client run :
Ohai (collect info about system) -> converge node –> report status back to chef-sever
chef-client does not gather info again (no Ohai run) and thus can not report about newly installed packages to the chef-server (except in the form of the run log, of course).
workaround: I initiate Ohai again after the chef-client run and subsequently query knife node show -l <node_name>
If you want Ohai to reload it's information mid-run, there is a resource for that https://docs.chef.io/resource_ohai.html.