Ohai Chefs,
I have downloaded the monit and firewall cookbooks, and I can see that
they use various strategies to allow other cookbooks to configure
monitoring or setup firewall rules.
That is the monit cookbooks, typically define a monitrc resource which
can be used in other cookbooks such as mysql; so
monitrc “mysql” do
port 3306
pid /some/path/to/pid.file
end
or the fire wall offers a rule like so;
firewall_rule “mysql” do
port 3306
networks 10.0.0.0/8
end
But wouldn’t it make sense to offer that abstraction at a higher level,
and promote Process and Ports to the resource level, and rather than
couple your app to monit as above, just have your mysql::server recipe
declare the resources that monit might use.
port “mysql” do
port 3306
networks 10.0.0.0/8
end
process “mysql” do
pidfile /some/path/to/pid.file
end
And monit can come and enumerate any ports and pids that it should be
monitoring from the node in its monit::install recipe… The same
applies to the firewall cookbook. Its not like there are not some very
well used common abstractions in monitoring and fire-walling
applications already…
Any suggestions on whether someone has done this already, and why it
might not make sense to do this would be appreciated…?
Thanks,
Tom