Freezing cookbooks
Uploading broken cookbooks that override your working ones is a major pain and can result in widespread outage throughout your infrastructure. If you have a cookbook version that is known to work, it's a good idea to freeze this version so that no one can overwrite the same version with broken code. When used together with version constraints that are specified in your environment manifests, freezing cookbooks can keep your production servers safe from accidental changes.
Getting ready
Make sure you have at least one cookbook (I'll use the ntp
cookbook) registered with your Chef server.
How to do it...
Let's see what happens if we freeze a cookbook.
- Upload a cookbook and freeze it:
mma@laptop:~/chef-repo $ knife cookbook upload ntp --freeze
Uploading ntp [1.6.8] Uploaded 1 cookbook.
- Try to upload the same cookbook version again:
mma@laptop:~/chef-repo $ knife cookbook upload ntp
Uploading ntp [1.6.8] ERROR: Version 1.6.8 of cookbook ntp is frozen. Use --force to override. WARNING: Not updating version constraints for ntp in the environment as the cookbook is frozen. ERROR: Failed to upload 1 cookbook.
- Change the cookbook version:
mma@laptop:~/chef-repo $ subl cookbooks/ntp/metadata.rb
… version "1.6.9"
- Upload the cookbook again:
mma@laptop:~/chef-repo $ knife cookbook upload ntp
Uploading ntp [1.6.9] Uploaded 1 cookbook.
How it works...
By using the --freeze
option when uploading a cookbook, you tell the Chef server that it should not accept any changes to the same version of the cookbook anymore. This is important if you're using environments and want to make sure that your production environment cannot be broken by uploading a corrupted cookbook.
By changing the version number of your cookbook, you can upload the new version. Then you can make, for example, your staging environment use that new cookbook version.
There's more...
To support a more elaborate workflow, you can use the knife-spork knife
plugin. It helps multiple developers work on the same Chef server and repository without treading on each other's toes. You can find more information about it at https://github.com/jonlives/knife-spork.
See also
- Check out Seth Vargo's talk about Chef + Environments = Safer Infrastructure at https://speakerdeck.com/sethvargo/chef-plus-environments-equals-safer-infrastructure