Reporting use cases


We’re developing the requirements for reporting and we’d like to know
what use cases would be required or desired. We’ll talk about the
architecture design at a later date.

  1. Chef-client run success/failure [1]
  • State of the client on run
    • Log of run
    • Expanded run list?
    • How was the run initiated?
      • User name
  • Integrate with node status page
  • Tracking run length (time)
  1. Auditing access control
  • Authentication
    • Client creation / deletion
  • Authorization
    • Privileges (Admin on Open Source / ACLs on Hosted Chef)
  • Ability to label run logging events or hook into reporting
    • User cookbook
    • Sudoers cookbook
  1. Auditing object/resource changes
  • Changes (creation/deletion/modification) to cookbooks, roles, nodes, etc.
  • API Hooks for notification (HipChat, IRC Bot, Email)
  • Full diffs of changes?
  • Metrics regarding resource change
    • Top 10 changing resources
  1. Metrics
  • API endpoint for applications like munin, graphite, ganglia
    • Number of nodes, runs, clients, etc.
    • API endpoint calls, e.g. /cookbook/
    • Length of endpoint calls, e.g. /search/

How long would you want or need access to this data? Why?

How much data would you need, e.g. a cookbook changed or a diff of
what changed in the cookbook? Why?

I’d appreciate any use case suggestions to be fairly descriptive and
include what needs to be logged, who wants it, and why they need it.
For instance “as the SOX compliance officer, I need to know that Chef
is configured to manage user accounts on all systems and be able to
confirm that it is actively doing so.”

Bryan McLellan | opscode | senior systems administrator
© 206.607.7108 | (t) @btmspox | (b)