Hi,
I think there's nothing wrong with << operation itself. I just don't
think that it's correct to operate with override in this case.
First you should keep in mind that the attributes are merged between
nodes, roles and environments. In other words, when two cookbooks are
assigning the same default attribute on the node level (doesn't meter in
attribute file or recipe) the later cookbook's value will win.
Say you have run_list of two cookbooks ['foo', 'bar'].
foo/attributes/default.rb
default['foo']['arr'] = ['Array', 'in', 'foo']
bar/recipes/default.rb
default['foo']['arr'] = ['I', 'want', 'foo']
The later value wins, and when template from cookbook foo will render
node['foo']['arr'] attribute. We end up with not that we want. We want
the arrays to be merged but it won't happen.
That's why, in the source cookbook we define array and later cookbooks
can use it on the same level, however we must use << (push) for an
array, because an assignment will overwrite everything.
My shorewall cookbook operates on default level, you can easily use
add_shorewall_rules, add_shorewall_zone definitions right away in any of
your recipes. Further you might want to added some hard-coded rules or
zones use role and environment default attributes.
If you might want to override anything you can use normal, override
attributes in cookbooks, roles or environments.
Everything should work as you expect.
Regards,
Denis
On 19/02/14 16:32, aL. wrote:
Hi!
I have seen that you are appending to the rules array on the rule
definition: node.default['shorewall']['rules'] <<
Shorewall.compute_rule(rule, data)
Im still asking myself if that is the correct way to do things and if
there is any other way of having all rules(even those adde from other
cookbooks) on attributes when you render the template on your
shorewall cookbook.
Im going to ask again ¿Is there any pattern about this?
Thanks for your repply.
--
Si necesitas una máquina para hacer algo y no la compras al final te
darás cuenta de que has pagado lo mismo y no tienes la máquina.--Henry
Ford
Alberto
On Tue, Feb 18, 2014 at 3:27 PM, Denis Barishev
<denis.barishev@gmail.com mailto:denis.barishev@gmail.com> wrote:
Hello,
I didn't like that way node.override[:shorewall][:rules] <<
{<rulehash>}. Have a look at my cookbook with an already formed
view onto attributes and their usage. Long time ago it was based
on community one, but since it has changed a lot.
https://github.com/dennybaa/shorewall
Regards,
Denis
On 18/02/14 22:04, aL. wrote:
Hi, reading the README of shorewall community cookbok[1] it says
that you can declare rules by:
- Doing node.override[:shorewall][:rules] << {<rulehash>} on recipes.
- A library helper method add_shorewal_rules() that wil << on
rules attribute also.
I have tested that doing that "append" on override attributes,
template does not need lazy attributes. I dont know why, but it
works, even if you add a rule later on the runlist, on an
apache2_app recipe to open 8080.
I wanted to make an LWRP to declare rules on an idempotentially
way, but you cant modify attributes on providers. At least those
modifications are not available when template renders..
My questions:
- ¿Is this the right way of defining attributes with that
override << stuff?
- ¿Is there any pattern for that situation where your application
cookbook should open a port on the firewall and you du it by
adding a shorewall rule? Attributes and then render to template
sounds good but that override << is an ungly thing :S
Thanks in advance guys!
[1] - http://community.opscode.com/cookbooks/shorewall
--
Si necesitas una máquina para hacer algo y no la compras al final
te darás cuenta de que has pagado lo mismo y no tienes la
máquina.--Henry Ford
Alberto