Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage

Chef Node Role

The chef_node role verifies that it is a valid Chef server for which to execute on, creates a .json backup of the node object that it is taking action on, issues the desired command against the node, and creates a cron job to cleanup the backup .json files.

The --tags chef_node option is required to execute this role.

main.yml 

---
# tasks file for chef_node

- import_tasks: chef_node.yml
  tags:
    - chef_node

...

chef_node.yml 

---

# There are many chef servers, but only the ones with the chef_user are relevant.
  - name: "Check if the {{ chef_user }} user directory exists."
    become: True
    stat:
      path: "{{ chef_home }}"
    register: p

# This is to allow multiple node objects into the play.
  - name: Loop through each node to validate and execute.
    include_tasks: check_and_execute.yml
    loop: "{{ query('items', chef_node.split()) | lower }}"
    when:
      - p.stat.isdir is defined
      - p.stat.isdir

# Create a cronjob to cleanup the backup node objects.
  - name: Create a cronjob to cleanup the backup node objects.
    cron:
      name: "{{ ansible_play_name }}: node object backup cleanup"
      minute: "0"
      hour: "24"
      user: root
      job: "PATH=/bin:/usr/bin; find {{ chef_home }}/node_backups -iname *.json -type f -mtime +30 -delete"
      cron_file: node_object_cleanup
    become: True
    when:
      - p.stat.isdir is defined
      - p.stat.isdir

...

check_and_execute.yml 

---

# Creating a backup dir for node objects in case it is accidentally deleted.
- name: Create a directory for node object backups.
  file:
    path: "{{ chef_home }}/node_backups"
    state: directory
    owner: "{{ chef_user }}"
    group: "{{ chef_user }}"
    mode: '0755'
  become: True

# Creating backup node object and registering an attribute to determine if the node exists on that server or not.
- name: Verify if node exists on chef server.
  shell:
    cmd: "knife node show -Fjson {{ item }} > {{ chef_home }}/node_backups/{{ item }}-{{ time_stamp }}.json"
    chdir: "{{ chef_home }}"
  become: True
  become_user: "{{ chef_user }}"
  become_flags: "-i"
  ignore_errors: True
  register: node_check

# Collecting stats on the node backup file.
- name: "Collecting stats on {{ item }}.json."
  become: True
  stat:
    path: "{{ chef_home }}/node_backups/{{ item }}-{{ time_stamp }}.json"
  register: node_bkup_stats

# Delete any empty backups as this happens when the node doesn't exist on a server.
- name: Delete any empty node object backups.
  file:
    path: "{{ chef_home }}/node_backups/{{ item }}-{{ time_stamp }}.json"
    state: absent
  become: True
  when: node_bkup_stats.stat.size == 0

# Execute the specified chef command only if the node exists on that chef server.
- name: Execute Chef command.
  shell:
    cmd: "{{ command }} {{ item }}"
    chdir: "{{ chef_home }}"
  become: True
  become_user: "{{ chef_user }}"
  become_flags: "-i"
  register: output
  when: node_check.rc == 0

- name: Print output.
  debug:
    msg: "{{ command }}: {{ output.stdout | default('NO OUTPUT') }}"
  when: node_check.rc == 0

...
gdoc_arrow_left_alt Chef Commands Chef Vault Role gdoc_arrow_right_alt