Xabier de Zuazo | 25 Oct 16:37 2014

ZooKeeper Bridge Cookbook v0.2.0 Released

Ohai ZooKeeper Chefs!

I uploaded the 0.2.0 version of our zookeeper_bridge cookbook to the Chef


We are using this cookbook to integrate clients Chef Run with ZooKeeper. You
can use locks, semaphores, save the Chef Run status, read node attributes from
ZooKeeper and so on.

Maybe someone interested in ZooKeeper find it useful.

Xabier de Zuazo

Kamesh Sampath | 25 Oct 13:29 2014

Sharing Variables across Recipies

I have situation in my cookbook where i extract some values form data_bags and put them onto local variables
on recipes after some manipulation of them.  I am running on to a situation where i need to repeat this logic
across many cookbooks as i see that when i do it in “default.rb” and then use them in
include_recipe’s I see chef complaining that the variable is undefined, am not sure why so ideally when
if I understand correctly all the recipes are compiled on to a single class by chef during converge so
conceptually they should be visible.

Is there a way how i can share the variables declared in a recipe?

Fouts, Chris | 24 Oct 22:59 2014

Jenkins and Chef

I’m trying to setup my existing RHEL Jenkins build slaves to orchestrate deploying and installing our product on multiple servers. I have a set of Jenkins jobs that deploy ProdA, and then a different, but similar, set of Jenkins jobs deploy ProdB. Both Jenkins job sets “can” be running on the “same” build slave. However, ProdA may require a different set of cookbooks that ProdB. Therefore, my solution is to checkout the corresponding set of cookbooks for ProdA and ProdB, and since each job set runs on a different Jenkins $WORKSPACE directory, my cookbooks directory locations do not clash. I can then have the Jenkins jobs upload their cookbooks to the server – so far so good.


However, how do I orchestrate my knife.rb file to point to the corresponding cookbook_path? Remember I’m doing two Jenkins job sets on the “same” build slave, meaning I’ll have one .chef/knife.rb file at any one time. I’m aware of the knife block plugin


Make sense?




Joshua Timberman | 24 Oct 22:55 2014

chef-splunk cookbook version 1.3.0 released!

Ohai Chefs!

Today I released version 1.3.0 of our chef-splunk cookbook. Below is the changelog entry, plus 1.2.2 which was missing from the previous cookbook.

v1.3.0 (2014-10-24)

- Implement dynamic inputs.conf and outputs.conf configuration based on attributes in client recipe.

v1.2.2 (2014-08-25)

- Implement capability to run Splunk as a non-root user
- Allow web port to be specified
Hofmann, David | 24 Oct 22:05 2014

Chef Client and Attribs

I have a role setup for several of my servers and they share a set of cookbooks. However I'd like to pass in an
attribute that contains the nodes name to one of the recipes. I'm using cloudformation in AWS for the
servers so I've scripted it to provided me the instances name on creation, but can't seem to get the
attribute to pass when the node check in with the chef server. I thought that using the -j option and passing
the information in an attribute file would work, but it doesn't seem to be. I'm not sure if I have to format
wrong and can't find a good example. Does anyone have one they can share with me?

Zhenkai Jiang | 24 Oct 05:26 2014

Still hitting same problem of COOK-1172 after applying hotfix from Microsoft


I've been trying to install SQL Server Express on HPCS using chef client local mode through Powershell Remoting (trying to avoid using Chef Server)  but so far 
with no success.

I have had exact same (at least looks identical to me) as ticket COOK-1172 described.


I am able to run the cookbook from local Powershell window and install SQL Server without any error. Once I switched to execute from remote machine. It fails just like that ticket.


I am able to work around with similar trick setting up schedule task in windows.


But I am not able to get this over by applying Microsoft hotfix which closed that ticket.


Anybody had experience can help me?  Thanks Not sure what I missed.



eric | 23 Oct 20:36 2014


Some time in the recent past, couchbase appears to have made some changes to
their http://packages.couchbase.com server, which broke the supermarket
couchbase cookbook (https://supermarket.getchef.com/cookbooks/couchbase).

I've been seeing 403 errors and chef throws this when running the client

==> default: STDERR:
http://packages.couchbase.com/rpm/couchbase-rpm.key/repodata/repomd.xml: [Errno
14] PYCURL ERROR 22 - "The requested URL returned error: 403 Forbidden"

Here's the debug output from a failed couchbase::client run.  FYI, it was run
against a slightly modified version of the cookbook that simply replaces :

==> default: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* * * * * * *
==> default: [2014-10-23T18:12:16+00:00] INFO: *** Chef 11.16.4 ***
==> default: [2014-10-23T18:12:16+00:00] INFO: Chef-client pid: 16014
==> default: [2014-10-23T18:12:22+00:00] INFO: Setting the run_list to
["recipe[couchbase::client]"] from CLI options
==> default: [2014-10-23T18:12:22+00:00] INFO: Run List is
==> default: [2014-10-23T18:12:22+00:00] INFO: Run List expands to
==> default: [2014-10-23T18:12:22+00:00] INFO: Starting Chef Run for
==> default: [2014-10-23T18:12:22+00:00] INFO: Running start handlers
==> default: [2014-10-23T18:12:22+00:00] INFO: Start handlers complete.
==> default: [2014-10-23T18:12:22+00:00] INFO: WindowsPackage lightweight
resource already initialized -- overriding!
==> default:
==> default: Error executing action `install` on resource
==> default:
==> default: Mixlib::ShellOut::ShellCommandFailed
==> default: ------------------------------------
==> default: Expected process to exit with [0], but received '1'
==> default: ---- Begin output of /usr/bin/python
--options --installed-provides --yum-lock-timeout 30 ----
==> default: STDOUT: [option installonlypkgs] kernel kernel-bigmem
installonlypkg(kernel-module) installonlypkg(vm) kernel-enterprise kernel-smp
kernel-debug kernel-unsupported kernel-source kernel-devel kernel-PAE
==> default: STDERR: yum-dump Repository Error: Cannot retrieve repository
metadata (repomd.xml) for repository: couchbase-rpm.key. Please verify its path
and try again
==> default: ---- End output of /usr/bin/python
--options --installed-provides --yum-lock-timeout 30 ----
==> default: Ran /usr/bin/python
--options --installed-provides --yum-lock-timeout 30 returned 1
==> default:
==> default: Resource Declaration:
==> default: ---------------------
==> default: # In
==> default:
==> default:  65:     package p do
==> default:  66:	action :install
==> default:  67:     end
==> default:  68:   end
==> default:
==> default: Compiled Resource:
==> default: ------------------
==> default: # Declared in
`block in from_file'
==> default:
==> default: package("libcouchbase2") do
==> default:   action [:install]
==> default:   retries 0
==> default:   retry_delay 2
==> default:   guard_interpreter :default
==> default:   package_name "libcouchbase2"
==> default:   timeout 900
==> default:   cookbook_name :couchbase
==> default:   recipe_name "client"
==> default: end
==> default:
==> default: [2014-10-23T18:12:35+00:00] INFO: Running queued delayed
notifications before re-raising exception
==> default: [2014-10-23T18:12:35+00:00] ERROR: Running exception handlers
==> default: [2014-10-23T18:12:35+00:00] ERROR: Exception handlers complete
==> default: [2014-10-23T18:12:35+00:00] FATAL: Stacktrace dumped to
==> default: [2014-10-23T18:12:35+00:00] ERROR: package[libcouchbase2]
(couchbase::client line 65) had an error: Mixlib::ShellOut::ShellCommandFailed:
Expected process to exit with [0], but received '1'
==> default: ---- Begin output of /usr/bin/python
--options --installed-provides --yum-lock-timeout 30 ----
==> default: STDOUT: [option installonlypkgs] kernel kernel-bigmem
installonlypkg(kernel-module) installonlypkg(vm) kernel-enterprise kernel-smp
kernel-debug kernel-unsupported kernel-source kernel-devel kernel-PAE
==> default: STDERR: yum-dump Repository Error: Cannot retrieve repository
metadata (repomd.xml) for repository: couchbase-rpm.key. Please verify its path
and try again
==> default: ---- End output of /usr/bin/python
--options --installed-provides --yum-lock-timeout 30 ----
==> default: Ran /usr/bin/python
--options --installed-provides --yum-lock-timeout 30 returned 1
==> default: [2014-10-23T18:12:35+00:00] FATAL:
Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully
(exit code 1)
Chef never successfully completed! Any errors should be visible in the
output above. Please fix your recipes so that they properly complete.

Justin Dossey | 23 Oct 18:17 2014

Ruby, Chef, proxies

Hi all,

I work at a place that requires that I use a proxy to access the Internet. 

Support for proxies in Ruby stuff is uneven, probably because most people don't have to support proxies.

I wrote a script to test different methods of GETting a public page in Ruby.  It addresses the questions:
  • Does this method respect the http_proxy (or HTTP_PROXY) environment variable?
  • If it does, does it respect the no_proxy (or NO_PROXY) environment variable?

Here's a gist of the code:


The output on my system is posted as a comment.

I'd love to see other clients in here! I tried to stick to stuff that was installed via ChefDK.

A couple of things I want to highlight about the test:
  • In ruby's standard Net::HTTP, the way you perform the request strongly influences whether your proxy is respected.  Net::HTTP.get_request and Net::HTTP.get do not honor proxies.  Even Net::HTTP.start() doesn't honor your proxy.  You have to do Net::HTTP.new().start in order to get proxy support.
  • open-uri is proxy-friendly (but you give up a bit of control of request headers, etc)
  • Ruby doesn't honor wildcards in the no_proxy or NO_PROXY environment variable.  Chef, however, does (in Chef::HTTP::BasicClient).
  • I didn't test Chef::HTTP::BasicClient because my test runs outside of Chef, but I'm pretty sure it does the right thing.

If you want to run this, you need:

  1. ChefDK, or have the HTTP and Faraday gems installed;
  2. A Proxy server to use

Justin Dossey
Practice Owner
New Context Services, Inc
Jeff Blaine | 23 Oct 16:24 2014

"Last release: 11.14.2"

I don't think I understand Chef releases, or the current CHANGELOG.md
on master is incorrect.

The master branch CHANGELOG.md currently states:

   Unreleased: 12.0.0
   Last release: 11.14.2

Yet there were no less than 4 official Chef releases between those.

Do I just not know how your process works?


Jeff Blaine
PGP/GnuPG Key ID: 0x0C8EDD02

Varun Shankar | 23 Oct 12:01 2014

Not able to use IAM role with knife ec2 command

I am using following version:
Chef: 11.16.0

Use the Identity and Access Management (IAM) that is assigned to the current machine. Default value: false.

But I don't see this option available in knife ec2 command.

[ec2-user <at> ip-10-1-0-30 ~]$ knife ec2 server list --use-iam-profile
Error: invalid option: --use-iam-profile
USAGE: knife ec2 server list (options)
    -A, --aws-access-key-id KEY      Your AWS Access Key ID
        --aws-credential-file FILE   File containing AWS credentials as used by aws cmdline tools
    -K SECRET,                       Your AWS API Secret Access Key
        --availability-zone          Show availability zones
    -s, --server-url URL             Chef Server URL
        --chef-zero-host HOST        Host to start chef-zero on
        --chef-zero-port PORT        Port to start chef-zero on
    -k, --key KEY                    API Client Key
        --[no-]color                 Use colored output, defaults to false on Windows, true otherwise
    -c, --config CONFIG              The configuration file to use
        --defaults                   Accept default values for all questions
    -d, --disable-editing            Do not open EDITOR, just accept the data as is
    -e, --editor EDITOR              Set the editor to use for interactive commands
    -E, --environment ENVIRONMENT    Set the Chef environment (except for in searches, where this will be flagrantly ignored)
    -F, --format FORMAT              Which format to use for output
    -z, --local-mode                 Point knife commands at local repository instead of server
    -n, --no-name                    Do not display name tag in output
    -u, --user USER                  API Client Username
        --print-after                Show the data after a destructive operation
        --region REGION              Your AWS region
    -t, --tags TAG1,TAG2             List of tags to output
    -V, --verbose                    More verbose output. Use twice for max verbosity
    -v, --version                    Show chef version
    -y, --yes                        Say yes to all prompts for confirmation
    -h, --help                       Show this message
Fouts, Chris | 22 Oct 22:51 2014

Single chef server vs. multiple chef servers - pros and cons?

We have a product comprised of 12-25 nodes with a combination of RHEL and Windows OS’s. Each node has its identity dictated by the set *.msi and *.rpms we install onto it. We can have several deployments of these products throughout our lab, say 5 in the dev lab, 9 in the QA lab, 4 in the Perf lab, etc.  So if at one time we have 20 deployed products, that makes 240-500 nodes we may configure at any given time.


We have been exploring two approaches to use Chef to configure our nodes


Option 1

We have a single Chef server that contains all our cookbooks that all nodes talk to. I understand the need to segregate cookbooks under development, vs. ones for test or production. I also understand that we may need provision to make this highly-available, etc., so if one server fails we have a standby server.


Option 2

Each product is configured with its own chef server, such that the deployment of the product involves first the creation of a chef server, and then the nodes on THIS product can be deployed via this chef server. IOW, if we had 20 products deployed currently, we’ll need 20 chef servers – 1 chef server per product


Currently we orchestrate our product deployment via Jenkins


Any pros/cons to each approach?