Information Technology Reference
In-Depth Information
knife search node role:<role_name>
When you
do not
want the search to include the expanded set of role references
knife search node "roles:<role_name>"
When you
do
want the search to expand role references
Role Cookbook
Another issue related to the expansion of roles is that when a change gets made to a role, it
gets reflected immediately across your entire infrastructure. Roles are not versioned in any
way.
This usually has the most impact with run lists. Say, for example, one of your Chef infra-
structure developers decided to remove the
recipe[apache]
role from the
webserver
role
we have been using in this chapter. We'll say this developer made the change because she
didn't want web servers to default to using the Apache web server, but instead wanted to of-
fer cookbook developers the choice of using the Apache or Nginx web servers for their apps:
{
"name"
:
"webserver"
,
"description"
:
"Web Server"
,
"json_class"
:
"Chef::Role"
,
"chef_type"
:
"role"
,
"run_list"
:
[
"recipe[motd]"
,
"recipe[users]"
]
}
If the
webserver
role were used widely across your infrastructure, this could have uninten-
ded consequences for cookbooks that assumed the old behavior where the
recipe[apache]
was included in the role. Or conversely, if developers are careful not to make changes to the
run lists of existing roles, it can result in a proliferation of differently named roles with simil-
ar functions. For example, that Chef developer might have instead chosen to create two new
roles—
webserver-apache
and
webserver-nginx
—to make her intention to complement
the existing
webserver
role more clear.