Skip to main content

9 months ago

Conf managed resource to recipe

In a real-world conf managed box the run_list can be pretty long.
Is there a systematic way to deduct the cookbook, or even better the recipe, from a local resource (for instance /etc/hosts file)?

Said in other words, how do I know which piece of the run_list configured /etc/hosts? 

Image of keiththomps
9 months ago
I can't think of a great way to do this out of the box on a live node. You could try something like piping `chef-client --why-run` output into grep to see what you can find. Since Chef isn't responsible for creating every file on your system, it's entirely possible that no resource interacted with a given file so it makes this sort of thing touch to gauge. Some alternative solutions you might look into though:

* Run your run-list on a fresh VM/container using kitchen and read through the full output (redirect output in a file and then find resources that touch /etc/hosts)
* Using InSpec for remote compliance testing to ensure that the file contains what you think it should contain.
* Write small recipes that are well tested (then ideally you'd just grep through your cookbooks to find /etc/hosts).
* Find or create a Chef Handler to do some reporting for you to send a message when a particular file is modified (doesn't exactly work for a machine that's already configured).

Hopefully, this is helpful.
Image of matteb2
9 months ago
Thank you Keith. Grepping the why run is the solution I came up with also. No frills and does the job :)