🚀 DevOps & SRE Certification Program 📅 Starting: 1st of Every Month 🤝 +91 8409492687 🔍 Contact@DevOpsSchool.com

Upgrade & Secure Your Future with DevOps, SRE, DevSecOps, MLOps!

We spend hours on Instagram and YouTube and waste money on coffee and fast food, but won’t spend 30 minutes a day learning skills to boost our careers.
Master in DevOps, SRE, DevSecOps & MLOps!

Learn from Guru Rajesh Kumar and double your salary in just one year.


Get Started Now!

Uncategorised

Chef Tutorials: How to set Conditions in Chef Cookbooks recipe using Guard?

November 24, 2022 Leave a Comment

Guards

A guard property can be used to evaluate the state of a node during the execution phase of a Chef Infra Client run. Based on the results of this evaluation, a guard property is then used to tell Chef Infra Client if it should continue executing a resource. A guard property accepts either a string value or a Ruby block value:

A string is executed as a shell command. If the command returns 0, the guard is applied. If the command returns any other value, then the guard property is not applied.

String guards in a powershell_script run Windows PowerShell commands and may return true in addition to 0.

A block is executed as Ruby code that must return either true or false. If the block returns true, the guard property is applied. If the block returns false, the guard property is not applied.

# Condistions Based on if-else statement with Chef Attributes attribute? A useful method that is related to attributes is the attribute? method. This method will check for the existence of an attribute, so that processing can be done in an attributes file or recipe, but only if a specific attribute exists. Using attribute?() in an attributes file: if attribute?('ec2') # ... set stuff related to EC2 end Using attribute?() in a recipe: if node.attribute?('ec2') # ... do stuff on EC2 nodes end Condistions Based on if statement if node[:platform_family].include?("rhel") ... end Condistions Based on if statement
if node['platform'] == 'debian' || node['platform'] == 'ubuntu'
execute "apt-get update" do
command "apt-get update"
end
end
# Condistions Based on include_recipe
include_recipe 'python::repository' if node['python']['installrepo']
# Condistions Based on if-else and include_recipe
if node['platform_family'] == 'windows'
include_recipe 'python::install-windows'
else
include_recipe 'python::install-linux'
end
# Condistions Based on Attributes
if node['platform'] == 'debian' || node['platform'] == 'ubuntu'
execute "apt-get update" do
command "apt-get update"
end
end
if node['platform'] == 'redhat'
execute "yum git" do
command "yum install git -y"
end
end
# ==========================================================================
# not_if
# ==========================================================================
apt_package "apache2" do
action :install
not_if { node['platform'] == 'redhat' }
end
file '/tmp/somefile.txt' do
mode '0755'
not_if { File.exist?('/etc/passwd' )}
end
execute 'bundle install' do
cwd '/myapp'
not_if 'bundle check' # This is run from /myapp
end
template '/tmp/somefile' do
mode '0755'
source 'somefile.erb'
not_if { node[:some_value] }
end
template '/tmp/somefile' do
mode '0755'
source 'somefile.erb'
not_if do
File.exist?('/etc/passwd')
end
end
template '/tmp/somefile' do
mode '0755'
source 'somefile.erb'
not_if { File.exist?('/etc/passwd' )}
end
template '/tmp/somefile' do
mode '0755'
source 'somefile.erb'
not_if 'test -f /etc/passwd'
end
Example
:user
Specify the user that a command will run as. For example:
not_if 'grep adam /etc/passwd', :user => 'adam'
:group
Specify the group that a command will run as. For example:
not_if 'grep adam /etc/passwd', :group => 'adam'
:environment
Specify a Hash of environment variables to be set. For example:
not_if 'grep adam /etc/passwd', :environment => {
'HOME' => '/home/adam'
}
:cwd
Set the current working directory before running a command. For example:
not_if 'grep adam passwd', :cwd => '/etc'
:timeout
Set a timeout for a command. For example:
not_if 'sleep 10000', :timeout => 10
apt_package "php5" do
action :install
not_if { node['platform'] == 'centos' }
end
# want to ensure that we have the right JAVA_HOME path set before we go about
triggering the command to start the app or check the status.
bash "some_app" do
environment { "JAVA_HOME" => "/usr/java/default" }
code "java /apps/some_app/app start"
not_if "java /apps/some_app/app status"
end
# However, this isn't the right way to go about handling our situation because the environment variable JAVA_HOME isn't available to the java some_app status
command. One way to do it correctly is this:
bash "some_app" do
environment { "JAVA_HOME" => "/usr/java/default" }
code "java /apps/some_app/app start"
not_if "java /apps/some_app/app status", :environment => {
'JAVA_HOME' => '/usr/java/default' }
end
bash "some_app" do
guard_interpreter :bash
environment { "JAVA_HOME" => "/usr/java/default" }
code "java /apps/some_app/app start"
not_if "java /apps/some_app/app status"
end
# we are installing a package called package_name and we want to install it only on systems running RHEL 6.x.
package "package_name" do
action :install
not_if { platform_family?('rhel') && node['platform_version'].to_f < 6.0 }
end
# ==========================================================================
# only_if
# ==========================================================================
only_if
Allow a resource to execute only if the condition returns true.
file '/tmp/infy.txt' do
only_if { File.exist?('/etc/passwd2' ) }
end
package "httpd" do
action :install
only_if { platform_family?('rhel') && node['platform_version'].to_f >= 6.0 }
end
template '/tmp/somefile' do
mode '0755'
source 'somefile.erb'
only_if { node[:some_value] }
end
template '/tmp/somefile' do
mode '0755'
source 'somefile.erb'
only_if do ! File.exist?('/etc/passwd') end
end
template '/tmp/somefile' do
mode '0755'
source 'somefile.erb'
only_if 'test -f /etc/passwd'
end
file '/var/www/html/login.php' do
only_if { ::File.exist?('/var/www/html/login.php') }
action :touch
end
file '/path/foo' do
action :delete
only_if { File.exist? '/path/foo' }
end
apt_package "php-pear" do
action :install
only_if "which php"
end
# we are installing a package called package_name and
we want to install it only on systems running RHEL 6.x.
package "package_name" do
action :install
only_if { platform_family?('rhel') && node['platform_version'].to_f >= 6.0 }
end
include_recipe "postfix::server" do
only_if node["defaults"]["postfix_server"] = true
end
view raw chef-guards.rb hosted with ❤ by GitHub
Subscribe
Notify of
guest


0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments

Certification Courses

DevOpsSchool has introduced a series of professional certification courses designed to enhance your skills and expertise in cutting-edge technologies and methodologies. Whether you are aiming to excel in development, security, or operations, these certifications provide a comprehensive learning experience. Explore the following programs:

DevOps Certification, SRE Certification, and DevSecOps Certification by DevOpsSchool

Explore our DevOps Certification, SRE Certification, and DevSecOps Certification programs at DevOpsSchool. Gain the expertise needed to excel in your career with hands-on training and globally recognized certifications.

0
Would love your thoughts, please comment.x
()
x