I'm new to Chef. I've been using chef-solo
and I really like it so far. One thing that's not clear to me is the best practice on handling software configurations for the same software for different organizations.
e.g:
Let's say that I want to manage a Redis installation for two different organizations. Let's say that one organization needs Redis configured in two separate ways. So, this leaves us with three configurations.
Do I create one kitchen with one Redis cookbook with three Redis recipes? Do I create one kitchen for each organization?
What are the best practices for doing all of this? Thanks.
You can accomplish this by turning your configuration files into templates and making the pieces of the configurations that differ into attributes inside your individual cookbooks. You can then specify those attributes on a node-by-node basis.
The easiest way with Chef solo is too have different run lists for your different machines that specify the attributes right in them.
On another note if you're planning on using a centrally managed Chef repository to manage multiple different customer/clients I would make sure that there isn't anything sensitive in any part of your Chef repository as nodes can almost entirely free query for any cookbook or attribute set unless you're using encrypted data bags and even then depending on how you're distributing the key they may not be safe. Just something to think about in the future.
Use 2 cookbooks in the runlist.
First cookbook contains organization specific parameters as node attributes
default['redis']['data_dir']="/data/company1/redis"
Second cookbook does all the heavy lifting, consuming params from first cookbook as required.
directory "#{node['redis']['data_dir']" do owner myapp mode 0755 action :create end
If you don't want 2 cookbooks you can also supply params using a data bag.