• Hello, Sym

    As you probably know, Friday, January 29 was my last day with Chef/Progress. Many people have asked what I’m going to do next. If the title of this post isn’t obvious, I’m happy to announce that I will start a new position as the Head of Community and Support at Sym on Monday, February 1st.

  • ChefFriends and HugOps

    “It is done,” he tweeted. Today is my last day at Chef/Progress. This is a journey nearly 13 years in the making, and what a journey it has been.

  • New Blog Who Dis?

    Hello there, traveler! It’s been awhile, hasn’t it, since I updated this page?

  • Quick Tip: Alternative Chef Shell With Pry

    This quick tip brought to you by the letters “p,” “r,” and “y.”

  • Quick Tip: Stubbing Library Helpers in ChefSpec

    I’m currently updating my vagrant cookbook, and adding ChefSpec coverage. Each of the different platform recipes results in slightly different resources to download the package file and install it. To support this, I have helper methods that calculate the download URI, the package name, and the SHA256 checksum based on the version of Vagrant (node['vagrant']['version']), and the platform (node['os'], node['platform_family']).

  • Quick Tip: Policyfile Run Lists

    As I indicated on Twitter earlier tonight, I’m working with the new Policyfile feature of ChefDK. While converting my personal systems’ repository to use Policyfile instead of roles, I found myself writing this Policyfile:

  • Quick Tip: ChefDK Provision

    Earlier today, ChefDK 0.6.0 was released. In this post, I will illustrate a fairly simple walkthrough using Amazon EC2, based on information in the document. This example will include Policyfile use, too. Let’s get started.

  • Chef Audit Mode Introduction

    I’ve started working with the audit mode feature introduced in Chef version 12.1.0. Audit mode allows users to write custom rules (controls) in Chef recipes using new DSL helpers. In his ChefConf 2015 talk, “Compliance At Velocity,” James Casey goes into more of the background and reasoning for this. For now, I wanted to share a few tips with users who may be experimenting with this feature on their own, too.

  • Missing Transitive Dependencies

    One of my home projects while I’m on vacation this week is rebuilding my server with Fedora 21 (Server). In order to do this, I needed to add Fedora support to the runit cookbook, since I use runit for a number of services on my system. That’s really neither here nor there, as the topic of this blog post isn’t specific to Fedora, nor runit.

  • Chef Gem Compile Time Compatibility

    TL;DR, if you’re using Chef 11 and chef-sugar, upgrade chef-sugar to version 3.0.1. If you cannot upgrade, use the following in your chef_gem resources in your recipes:

  • Awesome Syntax Highlighting in Keynote

    I am working on my presentation for ChefConf. I plan to have quite a lot of code samples. I’ve found the options for getting code samples with nice syntax highlight a lackluster endeavour, with various GUI editors like TextMate, Sublime, and Atom having “Copy as RTF” plugins, but none of them being easily customizable.

  • Quick Tip: Create a Provisioner Node

    This quick tip is brought to you by my preparation for my ChefConf talk about using Chef Provisioning to build a Chef Server Cluster, which is based on my blog post about the same. In the blog post I used chef-zero as my Chef Server, but for the talk I’m using Hosted Chef.

  • Quick Tip: Define Resources to Notifiy in LWRPs

    In this quick tip, I’ll explain why you may need to create resources to notify in a provider, even if the resource exists in a recipe, when using use_inline_resources in Chef’s LWRP DSL.

  • Quick Tip: Testing Conditionals in ChefSpec

    This tip is brought to you by the homebrew cookbook.

  • Quick Tip: Serverspec spec_helper in Test Kitchen

    Recently, I’ve started refactoring some old cookbooks I wrote ages ago. I’m adding Serverspec coverage that can be run with kitchen verify. In this quicktip, I’ll describe how to create a spec_helper that can be used in all the specs. This is a convention used by many in the Ruby community to add configuration for RSpec.

  • Quick Tip: Chef 12 Homebrew User Mixin

    OS X is an interesting operating system. It is a Unix, but is primarily used for workstations. As such, many system settings can, and should, be done as a non-privileged user. Some tasks, however, require administrative privileges. OS X uses sudo to escalate privileges. This is done by a nice GUI pop-up requesting the user password when done through another GUI element. However, one must use sudo $COMMAND when working at the Terminal.

  • Quick Tip: Deleting Attributes

    I have a new goal for 2015, and that is to write at least one “Quick Tip” per week about Chef. I’ve added the category “quicktips” to make these easier to find.

  • Chef 12: Fix Untrusted Self Sign Certs

    Scenario: You’ve started up a brand new Chef Server using version 12, and you have installed Chef 12 on your local system. You log into the Management Console to create a user and organization (or do this with the command-line chef-server-ctl commands), and you’re ready to rock with this knife.rb:

  • Reflecting on Six Years with Chef

    It actually started a bit over seven years ago. I saw the writing on the wall at IBM; my job was soon to be outsourced. I found an open position with the SANS institute, accepted an offer there, and was due to start work in a couple of weeks. Around the same time, my friends Adam Jacob and Nathan Haneysmith had started HJK Solutions. They invited me to join them then, but it wasn’t the right time for me. Adam told me that at SANS I should at least use the automation tools and general infrastructure management model they planned to use. It turned out this was sage advice, for a number of reasons.

  • Chef Reporting API and Resource Updates

    Have you ever wanted to find a list of nodes that updated a specific resource in a period of time? Such as “show me all the nodes in production that had an application service restart in the last hour”? Or, “which nodes have updated their apt cache recently?” For example,

  • Chef::Node.debug_value

    Update: As mentioned by Dan DeLeo, he discussed this feature on Chef 11 In-Depth: Attributes Changes last year when Chef 11 was released. I somehow never got a chance to use it, and thought this post would be a helpful example.

  • load_current_resource and chef-shell

    This post will illustrate load_current_resource and a basic use of chef-shell.

  • ChefDK and Ruby

    Recently, Chef released ChefDK, the “Chef Development Kit.” This is a self-contained package of everything required to run Chef, work with Chef cookbooks, and includes the best of breed community tools, test frameworks, and other utility programs that are commonly used when working with Chef in infrastructure as code. ChefDK version 0.1.0 was released last week. A new feature mentioned in the README.md is very important, in my opinion.

  • Evolution of Cookbook Development

    In this post, I will explore some development patterns that I’ve seen (and done!) with Chef cookbooks, and then explain how we can evolve to a new level of cookbook development. The examples here come from Chef’s new chef-splunk cookbook, which is a refactored version of an old splunk42 cookbook. While there is a public splunk cookbook on the Chef community site, it shares some of the issues that I saw with our old one, which are partially subject matter of this post.

  • Managing Multiple AWS Account Credentials

    UPDATE: All non-default profiles must have their profile name start with “profile.” Below, this is “profile nondefault.” The ruby code is updated to reflect this.

  • Preview Chef Client Local Mode

    Opscode Developer John Keiser mentioned that a feature for Chef Zero he’s been working on, “local mode,” is now in Chef’s master branch. This means it should be in the next release (11.8). I took the liberty to check this unreleased feature out.

  • Switching MyOpenID to Google OpenID

    You may be aware that MyOpenID is shutting down in February 2014.

  • Managing Secrets With Chef Vault

    Two years ago, I wrote a post about using Chef encrypted data bags for SASL authentication with Postfix. At the time, my ISP didn’t allow non-authenticated SMTP, so I had to find a solution so I could get cronspam and other vital email from my servers at home. I’ve since switched ISPs to one that doesn’t care so much about this, so I’m not using any of that code anymore.

  • Getting Started With Zones on OmniOS

    I’ve become enamored with IllumOS recently. Years ago, I used Solaris (2.5.1 through 8) at IBM. Unfortunately (for me), I stopped using it before Solaris 10 brought all the cool toys to the yard - zones, zfs, dtrace, SMF. Thanks to OmniTI’s excellent IllumOS distribution, OmniOS, I’m getting acclimated with the awesomeness. I plan to write more about my experiences here.

  • Starting ChefSpec Example

    This is a quick post to introduce what I’m starting on testing with ChefSpec. This is from Opscode’s Java cookbook. While the recipe tested is really trivial, it actually has some nuances that require detailed testing.

  • Test Kitchen and Jenkins

    I’ve been working more with test-kitchen 1.0 alpha lately. The most recent thing I’ve done is set up a Jenkins build server to run test-kitchen on cookbooks. This post will describe how I did this for my own environment, and how you can use my new test-kitchen cookbook in yours… if you’re using Jenkins, anyway.

  • TDD Cookbook Ticket

    This post will briefly describe how I did a TDD update to Opscode’s runit to resolve an issue reported last night.

  • Anatomy of a Test Kitchen 1.0 Cookbook (Part 2)

    DISCLAIMER Test Kitchen 1.0 is still in alpha at the time of this post.

  • Anatomy of a Test Kitchen 1.0 Cookbook (Part 1)

    DISCLAIMER Test Kitchen 1.0 is still in alpha at the time of this post.

  • Last Check-in Time for Nodes

    This one liner uses the knife exec sub-command to iterate over all the node objects on the Chef Server, and print out their ohai_time attribute in a human readable format.

  • Install Chef 11 Server on CentOS 6

    A few months ago, I posted briefly on how to install Chef 10 server on CentOS. This post revisits the process for Chef 11.

  • Chef and Net::SSH Dependency Broken

    2nd UPDATE CHEF-3835 was opened by a member of the community; Chef versions 11.2.0 and 10.20.0 have been released by Opscode to resolve the issue.

  • Local-only Knife Configuration

    In this post I want to discuss briefly an approach to setting up a shared Knife configuration file for teams using the same Chef Repository, while supporting customized configuration.

  • Local Templates for Application Configuration

    Today I joined the Food Fight Show for a conversation about Application Deployment. Along the way, the question came up about where to store application specific configuration files. Should they be stored in a Chef cookbook for setting up the system for the application? Or shoud they be stored in the application codebase itself?

  • Process Supervision: Solved Problem

    TL;DR: Use runit; skip to “This is a Solved Problem” and “Additional Resources” sections at the end of this post.

  • Cookbook Integration Testing With Real Examples

    This blog post starts with a gist, and a tweet. However, that isn’t the whole story. Read on…

  • Some Knife Plugins

    I’ve shared my ~/.chef/plugins/knife directory as a Git repository on GitHub. There’s only a few, but I hope you find them useful. They are licensed under the Apache 2.0 software license, but please only use them for awesome.

  • Chef Repository Berkshelf Conversion

    I’ve been managing my personal systems with Chef since Chef was created, though I didn’t always use the same chef-repo for them. For about two years though, I’ve used pretty much the same repository, which has grown and accumulated cruft over time. Fortunately since it’s only me working on it, and I only have a few systems, it is really easy to make drastic changes.

  • Install Chef 10 Server on CentOS

    In addition to capturing the minimal steps required to install a Chef 10 Server on Ubuntu, I also wanted to capture the steps for CentOS. Unfortunately, Ruby 1.9 isn’t available in the default distribution repositories, and almost all third party repositories are quite out of date. As such, I’ll use the Ruby 1.8.7 that comes with CentOS, despite being an EOL version of Ruby.

  • Install Chef 10 Server on Ubuntu With Ruby 1.9

    I wanted to capture the minimal steps required to install a Chef version 10 Server using RubyGems under Ruby 1.9 (1.9.3-p0) on Ubuntu 12.04.

  • Using Multiple Provisioners in Vagrant

    Update Chef 10.14 is released. I removed the “--pre” from the gem install commands but otherwise left this post, since it was written by Past Me.

  • OS X Workstation Management with Chef

    Update: This post is old and outdated. I’ll have another post in 2015 about workstation management with Chef.

  • Mountain Lion Upgrade

    I upgraded my work laptop to Mountain Lion today. It was not as smooth as previous OS X upgrades have been for me, despite my efforts in managing my workstation(s) with Chef.

  • Autostarted Services

    It is quite common in Debian and Ubuntu that when installing a package that provides a daemon, said daemon is started by the init script(s) included in the package. This is a matter of Debian Policy, though I don’t interpret that section to literally mean it is required. However, it is common enough practice that several people have asked (or ranted) about the topic.

  • Knife Config Plugin

    I created a plugin for knife that will display a specified option from Chef’s configuration object, Chef::Config. It operates with the scope of the automatically detected knife configuration file, or by passing the -c option with a configuration file.

  • MultiVM Vagrantfile for Chef

    Most commonly, Vagrant’s Vagrantfile describes only a single VM. That’s fine, but most environments separate functionality to different servers (e.g., database and web app). For this reason, Vagrantfiles can be set up for multi-VM arrangements.

  • Github Is Classy

    Fact: GitHub is classy. This isn’t just because Scott Chacon works there, either. Their handling of a security issue today was very professional. That said, I have some words to say about the issue itself and the aftermath, and things you as an application developer can do to help, and to avoid this kind of problem.

  • Xcode Command Line Tools

    Recently, Apple did the most awesome thing for non-Xcode developers.

  • Recipe for Building Emacs

    It is no secret that I use GNU Emacs as my default text editor. It is perhaps less evident but no less relevant that I use Emacs 24. I really like the built-in color theme support and the package management system for getting the various modes I like to use.

  • Disable AirDrop in Mac OS X Lion

    Mac OS X Lion introduced a new nifty feature called AirDrop. This allows users on a local network to drag and drop files to each other with Finder.

  • Changing Class Names

    If you change a class name in your library, do a major version change! You don’t know who is using your library, even the undocumented parts.

  • Testing with fission

    In this post, I’m going to talk about the fission gem:

  • DNSimple Self Registration Recipe

    Earlier this month, I completed a switch to DNSimple for my domain’s DNS provider. I am still happy with the switch, and finally, just now, got around to writing a recipe to have my systems automatically register themselves in DNS.

  • iTerm2 with tmux

    A new “which tool is best” battle is raging in the internets amongst developers and system administrators. The contestants are screen and tmux, and the jury is still out. This is very much an argument over what color to paint the bikeshed, but with the latest version of iTerm2, I think tmux is even more compelling. Personally, I chose tmux awhile ago.

  • Chef Report Handler for Growl

    A few weeks ago, I listened to the Changelog Podcast episode featuring Chris Forsythe, lead of the Growl project. I actually don’t^Wdidn’t use Growl for a long time, because I really disliked notifications of any kind, as they are distracting. However, I do appreciate the project, and supporting them by purchasing Growl on the App Store seemed totally reasonable.

  • Switching to DNSimple

    Reminder: this blog reflects my opinions and thoughts, and not those of my employer, Chef Software, Inc.
  • Ruby In Ubuntu 11.10

    I was playing around with Ubuntu 11.10 the other day, to explore some of the changes that have happened to Ruby lately, and thought I’d share my findings.

  • Chef on Windows HTPC

    Over the past 20 years, I always had a Windows (or DOS!) PC as the main system I use at home. The primary purpose was for gaming, although building my own systems is also a hobby. In 2007, I wanted to build a new system to use as a home theater PC. Originally, I built it with Windows Vista - Windows Media Center was Vista’s killer app! I painstakingly installed software, tweaked system settings and tuned the registry. Then Windows 7 came along with further improvements. After almost 20 years of reinstalling from scratch for new versions of Windows, I treated this upgrade as no different.

  • Blog Moved to GitHub Pages

    I moved my blog from Posterous to GitHub Pages. Posterous isn’t a bad system and service. It just didn’t fit the way I wanted to manage my site and the content. It was entirely adequate to get going but I was dissatisfied with the web form for creating new posts. It also loaded pages fairly slow.