Hello
(Sorry for the repost. Failed to add subject on the initial submission.)
I’ve been using chef-solo to provision development Vagrant VMs for over a
year now and now we’re looking at managing our full infrastructure (alpha,
staging, production) using a locally hosted chef-server. I’m struggling
with repo organization and synchronization.
First, what do we manage with git? The Getting Started tar ball leaves you
with a chef repo with the following:
- .gitignore
- LICENSE
- README.md
- chefignore
- cookbooks
- data_bags
- environments
- roles
Then if I do a “knife diff --name-only” I’m told the following are missing:
- acls
- clients
- containers
- groups
- invitations.json
- members.json
- nodes
- org.json
Most of these elements are transient in nature and really used to manage
chef-server. They do not directly control configuration information for my
environment(source code) so I can see why these should not be in git. Am I
correct in that assessment?
I say “most” because one of these items is “nodes”. A node element
describes the runlist for a node. This, like a runlist in a role, is
something that is part of my environment (source code) so it seems I should
keep it in git. However node also contains the “automatic” element with
ohai gathered data which changes. Following a chef-client run "knife diff"
will report that a node has diverged from git. The problem is that the diff
is in the transient part of the data and not in the environment related
elements(source code). Should I have my nodes in git?
The next issue is keeping git and chef server in-sync. I’ve googled a good
bit. This seems to be an issue with which many have wrestled I cannot seem
to discern a consensus. How should this be done?