Skip to main content

chef-solo (executable)

chef-solo is a command that executes Chef Infra Client in a way that doesn’t require the Chef Infra Server to converge cookbooks. chef-solo uses Chef Infra Client’s Chef local mode, and doesn’t support the following functionality present in Chef Infra Client / server configurations:

  • Centralized distribution of cookbooks
  • A centralized API that interacts with and integrates infrastructure components
  • Authentication or authorization

Note

chef-solo can be run as a daemon.

The chef-solo executable is run as a command-line tool.

Options

This command has the following syntax:

chef-solo OPTION VALUE OPTION VALUE ...

This command has the following options:

-c CONFIG, --config CONFIG

The configuration file to use.

-d, --daemonize

Run the executable as a daemon. This option may not be used in the same command with the --[no-]fork option. This option is only available on machines that run in UNIX or Linux environments. For machines that are running Windows that require similar functionality, use the chef-client::service recipe in the chef-client cookbook: https://supermarket.chef.io/cookbooks/chef-client. This will install a Chef Infra Client service under Windows using the Windows Service Wrapper.

-E ENVIRONMENT_NAME, --environment ENVIRONMENT_NAME

The name of the environment.

-f, --[no-]fork

Contains Chef Infra Client runs in a secondary process with dedicated RAM. When a Chef Infra Client run is complete, the RAM is returned to the master process. This option helps ensure that a Chef Infra Client uses a steady amount of RAM over time because the master process doesn’t run recipes. This option also helps prevent memory leaks such as those that can be introduced by the code contained within a poorly designed cookbook. Use --no-fork to disable running Chef Infra Client in fork node. Default value: --fork. This option may not be used in the same command with the --daemonize and --interval options.

-F FORMAT, --format FORMAT

The output format: doc (default) or min.

  • Use doc to print the progress of a Chef Infra Client run using full strings that display a summary of updates as they occur.
  • Use min to print the progress of a Chef Infra Client run using single characters.

A summary of updates is printed at the end of a Chef Infra Client run. A dot (.) is printed for events that do not have meaningful status information, such as loading a file or synchronizing a cookbook. For resources, a dot (.) is printed when the resource is up to date, an S is printed when the resource is skipped by not_if or only_if, and a U is printed when the resource is updated.

Other formatting options are available when those formatters are configured in the client.rb file using the add_formatter option.

--force-formatter

Show formatter output instead of logger output.

--force-logger

Show logger output instead of formatter output.

-g GROUP, --group GROUP

The name of the group that owns a process. This is required when starting any executable as a daemon.

-h, --help

Show help for the command.

-i SECONDS, --interval SECONDS

The frequency (in seconds) at which Chef Infra Client runs. When running Chef Infra Client at intervals, apply --splay and --interval values before a Chef Infra Client run. This option may not be used in the same command with the --[no-]fork option.

-j PATH, --json-attributes PATH

The path to a file that contains JSON data.

Use this option to define a run_list object. For example, a JSON file similar to:

"run_list": [
      "recipe[base]",
      "recipe[foo]",
      "recipe[bar]",
      "role[webserver]"
    ],

may be used by running chef-client -j path/to/file.json.

In certain situations this option may be used to update normal attributes.

Warning

Any other attribute type that’s contained in this JSON file will be treated as a normal attribute. Setting attributes at other precedence levels isn’t possible. For example, attempting to update override attributes using the -j option:

{
  "name": "dev-99",
  "description": "Install some stuff",
  "override_attributes": {
    "apptastic": {
      "enable_apptastic": "false",
      "apptastic_tier_name": "dev-99.bomb.com"
    }
  }
}

will result in a node object similar to:

{
  "name": "maybe-dev-99",
  "normal": {
    "name": "dev-99",
    "description": "Install some stuff",
    "override_attributes": {
      "apptastic": {
        "enable_apptastic": "false",
        "apptastic_tier_name": "dev-99.bomb.com"
      }
    }
  }
}
-l LEVEL, --log_level LEVEL

The level of logging to be stored in a log file. Possible levels: auto (default), debug, error, fatal, info, trace, or warn. Default value: warn (when a terminal is available) or info (when a terminal isn’t available).

-L LOGLOCATION, --logfile c

The location of the log file. This is recommended when starting any executable as a daemon.

--legacy-mode

Cause Chef Infra Client to use the original chef-solo mode instead of chef local mode. This isn’t recommended. Removed in Chef Infra Client 14.

--minimal-ohai

Run the Ohai plugins for name detection and resource/provider selection and no other Ohai plugins. Set to true during integration testing to speed up test cycles.

--[no-]color

View colored output. Default setting: --color.

-N NODE_NAME, --node-name NODE_NAME

The unique identifier of the node.

-o RUN_LIST_ITEM, --override-runlist RUN_LIST_ITEM

Replace the current run-list with the specified items.

-r RECIPE_URL, --recipe-url RECIPE_URL

The URL of the remote cookbook tar.gz file that you want to download.

In Chef Infra Client 14, the short -r form will be removed, as it conflicts with the ability to specify a run list.

--run-lock-timeout SECONDS

The amount of time (in seconds) to wait for a Chef Infra Client lock file to be deleted. Default value: not set (indefinite). Set to 0 to cause a second Chef Infra Client to exit immediately.

-s SECONDS, --splay SECONDS

A random number between zero and splay that’s added to interval. Use splay to help balance the load on the Chef Infra Server by ensuring that many Chef Infra Client runs aren’t occurring at the same interval. When running Chef Infra Client at intervals, apply --splay and --interval values before a Chef Infra Client run.

-u USER, --user USER

The user that owns a process. This is required when starting any executable as a daemon.

-v, --version

The Chef Infra Client version.

-W, --why-run

Run the executable in why-run mode, which is a type of Chef Infra Client run that does everything except modify the system. Use why-run mode to understand the decisions that Chef Infra Client makes during a run and to learn more about the current and proposed state of the system.

Run as Non-root User

Warning

This configuration for the chef user provides root-level access through Chef script files that call system commands with sudo privileges.

Use an alternative approach if your security profile forbids the chef user from having built-in root level access.

chef-solo may be run as a non-root user. For example, you can update the sudoers file:

# chef-solo privilege specification
chef ALL=(ALL) NOPASSWD: /usr/bin/chef-solo

where chef is the name of the non-root user. This would allow chef-solo to run any command on the node without requiring a password.

Examples

Run chef-solo using solo.rb settings

chef-solo -c ~/chef/solo.rb

Use a URL

chef-solo -c ~/solo.rb -j ~/node.json -r http://www.example.com/chef-solo.tar.gz

The tar.gz is archived into the file_cache_path, and then extracted to cookbooks_path.

Use a directory

chef-solo -c ~/solo.rb -j ~/node.json

chef-solo will look in the solo.rb file to determine the directory in which cookbooks are located.

Use a URL for cookbook and JSON data

chef-solo -c ~/solo.rb -j http://www.example.com/node.json --recipe-url http://www.example.com/chef-solo.tar.gz

where --recipe-url corresponds to recipe_url and -j corresponds to json_attribs, both of which are configuration options in solo.rb.

Edit this page on GitHub

Thank you for your feedback!

×