hello. after many, many years of cfengine, i’m wading thru a learning
phase with chef, and loving it. bear with me while i get a handle on
this. i’m trying to override an attribute in the postfix cookbook using
an environment attribute. which cookbook it is doesn’t matter. it’s
something fundamental i’m trying to grasp, and this is a simple example.
let’s say for my prod environment i want my postfix clients to use a
certain mail relay, and for my dev environment i want them to use
another. in the postfix cookbook attributes (the lowest precedence), i
can set defaults.
it’s not working for me, and i’m wondering what i’m doing wrong. what i
expect to have on my mail client node is a relayhost of
mungbeans.dev.dorqtown.com, but what i’m getting is
mailrelay.dev.dorqtown.com.
first, the prod and dev environments:
[chef-repo]$ knife environment show dev
chef_type: environment
cookbook_versions:
default_attributes:
mail-client:
relayhost: mungbeans.dev.dorqtown.com
mail-server:
relayhost: [smtp.gmail.com]:587
description: Development environment (dev)
json_class: Chef::Environment
name: dev
override_attributes:
[chef-repo]$ knife environment show prod
chef_type: environment
cookbook_versions:
default_attributes:
mail-client:
relayhost: mailrelay.prod.dorqtown.com
mail-server:
relayhost: [smtp.sendgrid.net]:587
smtp_fallback_relay: [smtp.gmail.com]:587
description: Production environment
json_class: Chef::Environment
name: prod
override_attributes:
a test node’s run list:
[chef-repo]$ knife node show sous-chef1.dev.dorqtown.com -r
run_list:
role[base]
role[dns-client]
role[mail-client]
role[syslog-ng-client]
recipe[toolbin]
[chef-repo]$ knife role show mail-client -a run_list
run_list: recipe[postfix]
so, above, we know the “default” recipe is implied. i could’ve written
this as recipe[postfix::default]. i wonder if this is biting me - in my
attributes dir, i only have mail-client.rb and mail-server.rb, not
default.rb. does that matter? i wonder how the chef-client run would
parse either of those if run_list isn’t recipe[postfix::mail-client] or
recipe[postfix::mail-server]. i’m misunderstanding something on the use
of the attributes dir. but let’s get to it:
the relayhost attribute:
[chef-repo]$ grep relayhost cookbooks/postfix/attributes/mail-client.rb
default[:postfix][:relayhost] = "mailrelay.dev.dorqtown.com"
[chef-repo]$ grep relayhost cookbooks/postfix/attributes/mail-server.rb
default[:postfix][:relayhost] = "[smtp.gmail.com]:587"
a relevant portion of the template,
postfix/templates/default/main.cf.erb. do i need to add logic to the
template to first check for attribute coming from an env before the
cookbook attributes file?
<% if node[:postfix][:mail_type] == "mail-server" -%>
relayhost = <%= node[:postfix][:relayhost] %>
smtp_fallback_relay = <%= node[:postfix][:relayhost] %>
mynetworks = <%= node[:postfix][:mail_relay_networks] %>
inet_interfaces = all
<% else -%>
relayhost = <%= node[:postfix][:relayhost] %>
mynetworks = <%= node[:postfix][:mail_relay_networks] %>
inet_interfaces = localhost
<% end -%>
the resulting main.cf on a client:
###
# Generated by Chef for sous-chef1.dev.dorqtown.com
# Configured as mail-client
###
biff = no
append_dot_mydomain = yes
myhostname = sous-chef1.dev.dorqtown.com
mydomain = dev.dorqtown.com
myorigin = $myhostname
smtpd_banner = $myhostname ESMTP $mail_name
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = sous-chef1.dev.dorqtown.com, sous-chef1, localhost.localdomain, localhost
relayhost = mailrelay.dev.dorqtown.com
mynetworks = 127.0.0.0/8
inet_interfaces = localhost
mailbox_size_limit = 0
recipient_delimiter = +
above, i want the dev env attribute for relayhost, not the default one
from cookbooks/postfix/attributes/mail-client.rb.
and hmmm… my test node running the mail-server role kept picking up the
mail-client postfix config UNTIL i removed all attribute files from
cookbooks/postfix/attributes EXCEPT for server.rb. hmmm. clearly i need
to be schooled…
thanks a lot,
kallen