chef-solo (executable)

chef-solo is an open source version of the chef-client that allows using cookbooks with nodes without requiring access to a Chef server. chef-solo uses Chef local mode, and does not support the following:

• Centralized distribution of cookbooks
• A centralized API that interacts with and integrates infrastructure components
• Authentication or authorization

The chef-solo executable is run as a command-line tool.

Options

This command has the following syntax:

chef-solo OPTION VALUE OPTION VALUE ...

This command has the following options:

-c CONFIG, --config CONFIG

The configuration file to use.

-d, --daemonize

Run the executable as a daemon.

This option is only available on machines that run in UNIX or Linux environments. For machines that are running Microsoft Windows that require similar functionality, use the chef-client::service recipe in the chef-client cookbook: https://supermarket.chef.io/cookbooks/chef-client. This will install a chef-client service under Microsoft Windows using the Windows Service Wrapper.

-E ENVIRONMENT_NAME, --environment ENVIRONMENT_NAME

The name of the environment.

-f, --[no-]fork

Contain the chef-client run in a secondary process with dedicated RAM. When the chef-client run is complete, the RAM is returned to the master process. This option helps ensure that a chef-client uses a steady amount of RAM over time because the master process does not run recipes. This option also helps prevent memory leaks such as those that can be introduced by the code contained within a poorly designed cookbook. Use --no-fork to disable running the chef-client in fork node. Default value: --fork.

-F FORMAT, --format FORMAT

The output format: doc (default) or min.

• Use doc to print the progress of the chef-client run using full strings that display a summary of updates as they occur.
• Use min to print the progress of the chef-client run using single characters.

A summary of updates is printed at the end of the chef-client run. A dot (.) is printed for events that do not have meaningful status information, such as loading a file or synchronizing a cookbook. For resources, a dot (.) is printed when the resource is up to date, an S is printed when the resource is skipped by not_if or only_if, and a U is printed when the resource is updated.

Other formatting options are available when those formatters are configured in the client.rb file using the add_formatter option.

--force-formatter

Show formatter output instead of logger output.

--force-logger

Show logger output instead of formatter output.

-g GROUP, --group GROUP

The name of the group that owns a process. This is required when starting any executable as a daemon.

-h, --help

Show help for the command.

-i SECONDS, --interval SECONDS

The frequency (in seconds) at which the chef-client runs. When the chef-client is run at intervals, --splay values are applied first, then the chef-client run occurs, and then --interval values are applied.

-j PATH, --json-attributes PATH

The path to a file that contains JSON data.

Use this option to define a run_list object. For example, a JSON file similar to:

"run_list": [
  "recipe[base]",
  "recipe[foo]",
  "recipe[bar]",
  "role[webserver]"
],

may be used by running chef-client -j path/to/file.json.

In certain situations this option may be used to update normal attributes.

Warning

Any other attribute type that is contained in this JSON file will be treated as a normal attribute. For example, attempting to update override attributes using the -j option:

{
  "name": "dev-99",
  "description": "Install some stuff",
  "override_attributes": {
    "apptastic": {
      "enable_apptastic": "false",
      "apptastic_tier_name": "dev-99.bomb.com"
    }
  }
}

will result in a node object similar to:

{
  "name": "maybe-dev-99",
  "normal": {
  "name": "dev-99",
    "description": "Install some stuff",
    "override_attributes": {
      "apptastic": {
        "enable_apptastic": "false",
        "apptastic_tier_name": "dev-99.bomb.com"
      }
    }
  }
}

-l LEVEL, --log_level LEVEL

The level of logging to be stored in a log file.

-L LOGLOCATION, --logfile c

The location of the log file. This is recommended when starting any executable as a daemon.

--[no-]color

View colored output. Default setting: --color.

-N NODE_NAME, --node-name NODE_NAME

The name of the node.

-o RUN_LIST_ITEM, --override-runlist RUN_LIST_ITEM

Replace the current run-list with the specified items.

-r RECIPE_URL, --recipe-url RECIPE_URL

The URL location from which a remote cookbook tar.gz is to be downloaded.

--run-lock-timeout SECONDS

The amount of time (in seconds) to wait for a chef-client lock file to be deleted. Default value: not set (indefinite). Set to 0 to cause a second chef-client to exit immediately.

-s SECONDS, --splay SECONDS

A random number between zero and splay that is added to interval. Use splay to help balance the load on the Chef server by ensuring that many chef-client runs are not occuring at the same interval. When the chef-client is run at intervals, --splay values are applied first, then the chef-client run occurs, and then --interval values are applied.

-u USER, --user USER

The user that owns a process. This is required when starting any executable as a daemon.

-v, --version

The version of the chef-client.

-W, --why-run

Run the executable in why-run mode, which is a type of chef-client run that does everything except modify the system. Use why-run mode to understand why the chef-client makes the decisions that it makes and to learn more about the current and proposed state of the system.

Run as Non-root User

chef-solo may be run as a non-root user. For example, the sudoers file can be updated similar to:

# chef-solo privilege specification
chef ALL=(ALL) NOPASSWD: /usr/bin/chef-solo

where chef is the name of the non-root user. This would allow chef-solo to run any command on the node without requiring a password.

Examples

Run chef-solo using solo.rb settings

$ chef-solo -c ~/chef/solo.rb

Use a URL

$ chef-solo -c ~/solo.rb -j ~/node.json -r http://www.example.com/chef-solo.tar.gz

The tar.gz is archived into the file_cache_path, and then extracted to cookbooks_path.

Use a directory

$ chef-solo -c ~/solo.rb -j ~/node.json

chef-solo will look in the solo.rb file to determine the directory in which cookbooks are located.

Use a URL for cookbook and JSON data

$ chef-solo -c ~/solo.rb -j http://www.example.com/node.json -r http://www.example.com/chef-solo.tar.gz

where -r corresponds to recipe_url and -j corresponds to json_attribs, both of which are configuration options in solo.rb.