Chef の 10.14.0.beta.1 から導入された dry run 機能 "why run" を試す
以前から Puppet と Chef の比較でよく言われていたのが、前者には dry run 機能があるが後者にはないというものだったけど、Chef 10.14.0.beta.1 から dry run っぽい機能 why run が追加された。どんなものか気になったので試してみた。
普通に gem install chef だと安定版がインストールされてしまうので、-v でバージョンを指定するか --pre で「ベータ版をインストールしたい」旨を指定するとよい。
root@ubuntu:~# gem install chef -v 10.14.0.beta.1 root@ubuntu:~# gem install chef --pre
ベータ版 (10.14.0.beta.*) がインストールされて --why-run オプションが追加されているか確認しておく。
root@ubuntu:~# chef-solo -v Chef: 10.14.0.beta.3 root@ubuntu:~# chef-solo -h | grep 'why-run' -W, --why-run Enable whyrun mode
うまく入ったので使ってみる。といっても --why-run をつけるだけ (この記事では chef-solo を使っているけど chef-client でも利用可能)。
root@ubuntu:~# chef-solo -l fatal -c /tmp/chef-solo/solo.rb -j /tmp/chef-solo/nodes/server01.json --why-run
"-l fatal" でログレベルを fatal に上げているのは、debug や info のログが出力されてしまうと普通のログと why run の実行結果が混在して見づらくなってしまうため。
実際に実行すると下記のような出力結果になる (ubuntu サーバに recipe[redis::server] を実行した例)。とりあえず英語が読める人ならなんとなくどんな内容が実行されるか把握できる感じか。なんか中途半端なフォーマットの気がするので、もっと JSON とかで出力して Excel の作業手順書とかに変換できるとおもしろいかなとか思った。
root@ubuntu:~# chef-solo -l fatal -c /tmp/chef-solo/solo.rb -j /tmp/chef-solo/nodes/server01.json --why-run Starting Chef Client, version 10.14.0.beta.3 Compiling Cookbooks... Converging 19 resources Recipe: runit::default * execute[start-runsvdir] action nothing (up to date) * execute[runit-hup-init] action nothing (skipped due to only_if) * package[runit] action installRecipe: <Dynamically Defined Resource> * cookbook_file[/tmp/chef-solo/preseed/runit/runit-2.0.0-1ubuntu4.seed] action create - Would create a new cookbook_file /tmp/chef-solo/preseed/runit/runit-2.0.0-1ubuntu4.seed --- /tmp/chef-solo/preseed/runit/runit-2.0.0-1ubuntu4.seed 1970-01-01 09:00:00.000000000 +0900 +++ /tmp/chef-solo/cookbooks/runit/files/default/runit.seed 2012-08-06 00:56:52.891486874 +0900 @@ -0,0 +1 @@ +runit runit/signalinit boolean true - Would preseed package runit - Would install version 2.0.0-1ubuntu4 of package runit Recipe: runit::default * execute[start-runsvdir] action nothing (up to date) * execute[runit-hup-init] action nothing (skipped due to only_if) Recipe: redis::default * directory[/etc/redis] action create - Would create new directory /etc/redis - Would change mode from '' to '0755' - Would change owner from '' to 'root' - Would change group from '' to 'root' * template[/etc/redis/redis.conf] action create * Parent directory /etc/redis does not exist. * Assuming directory /etc/redis would have been created - Would create template[/etc/redis/redis.conf] --- /etc/redis/redis.conf 1970-01-01 09:00:00.000000000 +0900 +++ /tmp/chef-rendered-template20120806-5275-a2iqcv 2012-08-06 01:19:22.391496611 +0900 @@ -0,0 +1,123 @@ +### +# Generated by Chef for ubuntu +### + +# By default Redis does not run as a daemon. Use 'yes' if you need it. +# Note that Redis will write a pid file in /var/run/redis.pid when daemonized. +# +# Set to no because we're using runit +daemonize no + +# When run as a daemon, Redis write a pid file in /var/run/redis.pid by default. +# You can specify a custom pid file location here. +pidfile /var/run/redis.pid + +# Accept connections on the specified port, default is 6379 +port 6379 + +# If you want you can bind a single interface, if the bind option is not +# specified all the interfaces will listen for connections. +# +bind 0.0.0.0 + +# Close the connection after a client is idle for N seconds (0 to disable) +timeout 300 + +# Save the DB on disk: +# +# save <seconds> <changes> +# +# Will save the DB if both the given number of seconds and the given +# number of write operations against the DB occurred. +# + save 900 1 + save 300 10 + save 60 10000 + +# The filename where to dump the DB +dbfilename dump.rdb + +# For default save/load DB in/from the working directory +# Note that you must specify a directory not a file name. +dir /var/lib/redis + +# Set server verbosity to 'debug' +# it can be one of: +# debug (a lot of information, useful for development/testing) +# notice (moderately verbose, what you want in production probably) +# warning (only very important / critical messages are logged) +loglevel notice + +# Specify the log file name. Also 'stdout' can be used to force +# the demon to log on the standard output. Note that if you use standard +# output for logging but daemonize, logs will be sent to /dev/null +logfile /var/log/redis/redis.log + +# Set the number of databases. The default database is DB 0, you can select +# a different one on a per-connection basis using SELECT <dbid> where +# dbid is a number between 0 and 'databases'-1 +databases 16 + + +################################## SECURITY ################################### + +# Require clients to issue AUTH <PASSWORD> before processing any other +# commands. This might be useful in environments in which you do not trust +# others with access to the host running redis-server. +# +# This should stay commented out for backward compatibility and because most +# people do not need auth (e.g. they run their own servers). + +requirepass slavepass + +################################### LIMITS #################################### + +# Set the max number of connected clients at the same time. By default there +# is no limit, and it's up to the number of file descriptors the Redis process +# is able to open. The special value '0' means no limts. +# Once the limit is reached Redis will close all the new connections sending +# an error 'max number of clients reached'. + +# maxclients 128 + +# Don't use more memory than the specified amount of bytes. +# When the memory limit is reached Redis will try to remove keys with an +# EXPIRE set. It will try to start freeing keys that are going to expire +# in little time and preserve keys with a longer time to live. +# Redis will also try to remove objects from free lists if possible. +# +# If all this fails, Redis will start to reply with errors to commands +# that will use more memory, like SET, LPUSH, and so on, and will continue +# to reply to most read-only commands like GET. +# +# WARNING: maxmemory can be a good idea mainly if you want to use Redis as a +# 'state' server or cache, not as a real DB. When Redis is used as a real +# database the memory usage will grow over the weeks, it will be obvious if +# it is going to use too much memory in the long run, and you'll have the time +# to upgrade. With maxmemory after the limit is reached you'll start to get +# errors for write operations, and this may even lead to DB inconsistency. + +# maxmemory <bytes> + +############################### ADVANCED CONFIG ############################### + +# Glue small output buffers together in order to send small replies in a +# single TCP packet. Uses a bit more CPU but most of the times it is a win +# in terms of number of queries per second. Use 'yes' if unsure. +glueoutputbuf yes + +# Use object sharing. Can save a lot of memory if you have many common +# string in your dataset, but performs lookups against the share objects +# pool so it uses more CPU and can be a bit slower. Usually it's a good +# idea. +# +# When object sharing is enabled (shareobjects yes) you can use +# shareobjectspoolsize to control the size of the pool used in order to try +# object sharing. A bigger pool size will lead to better sharing capabilities. +# In general you want this value to be at least the double of the number of +# very common strings you have in your dataset. +# +# WARNING: object sharing is experimental, don't enable this feature +# in production before of Redis 1.0-stable. Still please try this feature in +# your development environment so that we can test it better. +# shareobjects no Recipe: redis::server * group[redis] action create - Would create group[redis] * user[redis] action create - Would create user user[redis] * user[redis] action manage (up to date) * directory[/etc/redis] action create - Would create new directory /etc/redis - Would change mode from '' to '0755' - Would change owner from '' to 'root' - Would change group from '' to 'root' * directory[/var/log/redis] action create - Would create new directory /var/log/redis - Would change mode from '' to '0775' * directory[/var/lib/redis] action create - Would create new directory /var/lib/redis - Would change mode from '' to '0755' * directory[/etc/sv/redis_server] action create * Parent directory /etc/sv does not exist, cannot create /etc/sv/redis_server * Assuming directory /etc/sv would have been created - Would create new directory /etc/sv/redis_server - Would change mode from '' to '0755' - Would change owner from '' to 'root' - Would change group from '' to 'root' * directory[/etc/sv/redis_server/log] action create * Parent directory /etc/sv/redis_server does not exist, cannot create /etc/sv/redis_server/log * Assuming directory /etc/sv/redis_server would have been created - Would create new directory /etc/sv/redis_server/log - Would change mode from '' to '0755' - Would change owner from '' to 'root' - Would change group from '' to 'root' * directory[/etc/sv/redis_server/log/main] action create * Parent directory /etc/sv/redis_server/log does not exist, cannot create /etc/sv/redis_server/log/main * Assuming directory /etc/sv/redis_server/log would have been created - Would create new directory /etc/sv/redis_server/log/main - Would change mode from '' to '0755' - Would change owner from '' to 'root' - Would change group from '' to 'root' * template[/etc/sv/redis_server/run] action create * Parent directory /etc/sv/redis_server does not exist. * Assuming directory /etc/sv/redis_server would have been created - Would create template[/etc/sv/redis_server/run] --- /etc/sv/redis_server/run 1970-01-01 09:00:00.000000000 +0900 +++ /tmp/chef-rendered-template20120806-5275-v4jnfw 2012-08-06 01:19:22.421492860 +0900 @@ -0,0 +1,6 @@ +#!/bin/bash + +cd /var/lib/redis + +exec 2>&1 +exec chpst -u redis /usr/local/share/redis/redis-server /etc/redis/redis.conf * template[/etc/sv/redis_server/log/run] action create * Parent directory /etc/sv/redis_server/log does not exist. * Assuming directory /etc/sv/redis_server/log would have been created - Would create template[/etc/sv/redis_server/log/run] --- /etc/sv/redis_server/log/run 1970-01-01 09:00:00.000000000 +0900 +++ /tmp/chef-rendered-template20120806-5275-1680hzk 2012-08-06 01:19:22.431494850 +0900 @@ -0,0 +1,2 @@ +#!/bin/sh +exec svlogd -tt /var/log/redis * link[/etc/init.d/redis_server] action create - Would create symlink at /etc/init.d/redis_server to /usr/bin/sv * link[/etc/service/redis_server] action create - Would create symlink at /etc/service/redis_server to /etc/sv/redis_server * ruby_block[supervise_redis_server_sleep] action create - Would execute the ruby block supervise_redis_server_sleep * service[redis_server] action nothing (up to date) * service[redis_server] action restart * Service status not available. Assuming a prior action would have installed the service. * Assuming status of not running. * /etc/init.d/redis_server does not exist! * Init script '/etc/init.d/redis_server' doesn't exist, assuming a prior action would have created it. - Would restart service service[redis_server] Chef Client finished, 18 resources updated