Using roles
Roles group nodes with similar configurations. Typical cases are using roles for web servers, database servers, and so on.
You can set custom run lists for all the nodes in your roles and override attribute values from within your roles.
Let's see how to create a simple role.
Getting ready
For the following examples, I assume that you have a node named server and that you have at least one cookbook (I'll use the ntp cookbook) registered with your Chef server.
How to do it…
Let's create a role and see what we can do with it:
- Create a role:
mma@laptop:~/chef-repo $ subl roles/web_servers.rb name "web_servers" description "This role contains nodes, which act as web servers" run_list "recipe[ntp]" default_attributes 'ntp' => { 'ntpdate' => { 'disable' => true } }
- Upload the role on the Chef server:
mma@laptop:~/chef-repo $ knife role from file web_servers.rb Updated Role web_servers
- Assign the role to a node called
server:mma@laptop:~/chef-repo $ knife node run_list add server 'role[web_servers]' server: run_list: role[web_servers]
- Log in to your node and run the Chef client:
user@server:~$ sudo chef-client ...TRUNCATED OUTPUT... [2016-10-03T18:52:10+00:00] INFO: Run List is [role[web_servers]] [2016-10-03T18:52:10+00:00] INFO: Run List expands to [ntp] [2016-10-03T18:52:10+00:00] INFO: Starting Chef Run for server ...TRUNCATED OUTPUT...
How it works...
You define a role in a Ruby (or a JSON) file inside the roles folder of your Chef repository. A role consists of a name attribute and a description attribute. Additionally, a role usually contains a role-specific run list and role-specific attribute settings.
Every node with a role in its run list will have the role's run list expanded into its own. This means that all the recipes (and roles) that are in the role's run list will be executed on your nodes.
You need to upload your role to your Chef server by using the knife role from file command.
Only then should you add the role to your node's run list.
Running the Chef client on a node having your role in its run list will execute all the recipes listed in the role.
The attributes you define in your role will be merged with attributes from environments and cookbooks, according to the precedence rules described at https://docs.chef.io/roles.html#attribute-precedence.
See also
- Find out how roles can help you find nodes in the Using search to find nodes recipe in Chapter 4, Writing Better Cookbooks
- Learn more about in the Overriding attributes recipe in Chapter 4, Writing Better Cookbooks
- Read everything about roles at https://docs.chef.io/roles.html
