Updating role environment


#1

How I can tie a role to a specific environment?

I tried to edit role using knife role edit command and added

“environments”: [ “prod” ],

But that didn’t change anything. I evern tried to create a role from file using above syntax but still the roles environment shows _default

Thanks

M


#2

You could check the env_run_lists (roles documentation)

Optional. A list of environments, each specifying a recipe or a role to be applied to that environment. This setting must specify the _default environment. If the _default environment is set to [] or nil, then the run-list is empty. For example:

env_run_lists 'prod' => ['recipe[apache2]'],
              'staging' => ['recipe[apache2::staging]'

Using env_run_lists with roles is discouraged as it can be difficult to maintain over time. Instead, consider using multiple roles to define the required behavior.

It would worth while to use Policyfiles


#3

Thanks simark,

I can use that, but if I have a specific role just for an environment, I should able to just have that role tied to environment, correct? That way that role will not be available for any other environment.

Thanks again

M


#4

To be honest I do not know the answer for that… I am not a fan of roles :slight_smile:
I really encourage you to check policyfiles because:

When running Chef without Policyfile roles are global objects. Changes to roles are applied immediately to any node that contains that role in its run-list. This can make it hard to update roles and in some use cases discourages using roles at all.
Policyfile effectively replaces roles. Policyfile files are versioned automatically and new versions are applied to systems only when promoted.


#5

Thanks

That sounds interesting and will certainly take a look. I am a newbie so appreciate your help.

M


#6

There is a good blog post regarding policyfiles