• To create a roles in chef DSL we need to create a folder named roles inside the repo directory (sysfoo/roles).
  • A sample role file consist of the following,
  • Name
  • Description
  • Run_list
  • Attributes

  • A sample role file is as follows roles/sample.rb

name "starter"
description "An example Chef role"
run_list "recipe[starter]"
  "starter_name" => "starter",

Creating Roles for sysfoo

  • Now create a roles for application and load_balancer.
  • sysfoo/roles/app.rb
  • sysfoo/roles/lb.rb

  • Add the following content to app.rb

name "app"
description "Tomcat Application Server"
run_list "recipe[base]", "recipe[tomcat]", "recipe[chef-client]", "recipe[sysfoo::deploy]"
  "chef_client" => { "interval" => 120,
                     "splay" => 30
  • Add the following content to lb.rb
name "lb"
description "Load Balancer"
run_list "recipe[base]", "recipe[myhaproxy]", "recipe[chef-client]"
  "chef_client" => { "interval" => 60,
                     "splay" => 20

Uploading Roles to Chef Server

  • From the sysfoo directory using knife command upload the roles from file app.rb and lb.rb
knife role from file app.rb lb.rb

Applying Roles to Run_list

  • Now replace the existing run_list of nodes with roles.
  • Add run_list to node1
knife node run_list set app1 "role[app]"
  • Add run_list to node2
knife node run_list set app2 "role[app]"
  • Add run_list to node4
knife node run_list set lb "role[lb]"

Run chef-client on all nodes

  • Now we need to run chef-client on all nodes.
  • We can do this by passing a sudo chef-client command to all nodes using knife as follows
knife ssh "*:*" -x devops -a ipaddress "sudo chef-client"
  • Verify the changes using ps aux | grep chef-client on all nodes to find the time interval.
knife ssh "*:*" -x devops -a ipaddress "ps aux | grep chef-client"