Chef has different execution phases. Especially the compile and converge phase are important when writing cookbooks: the resources are collected in the compile phase and are executed in the converge phase.

In some special cases you might want to have dynamic resources, which are created and executed in the converge phase. The main background is that you want to react on something you known in the execution phase only.

Given a situation where you want to cleanup configuration files, which get installed by some package during a chef run (real examples might be apache on debian or freeradius on RHEL). You can try to solve this situation like this:

package 'freeradius'

# Our module configuration
template '/etc/raddb/mods-available/eap-tls' do

Dir.glob('/etc/raddb/mods-available/*').each do |mod_path|
  file_name = File.basename(mod_path)
  next if file_name == 'eap-tls'

  file mod_path do
    action :delete

However this will not work: you try to glob over /etc/raddb/mods-available in the compile phase, but this path doesn’t exist as freeradius gets installed in the converge phase.

Read more →

Inspec is a modern framework for infrastructure testing. It can be used as replacement for Serverspec.

Usually the inspec tests are describing a particial resource:

describe file('/etc/passwd') do
  its('mode') { should cmp '0644' }

However in some case it might be useful to use the common RSpec style with nested describe-context-it statements.

Read more →

Sometimes you might need some generic functions, which are used in several cookbooks in your environment. In this case it makes sense to create a cookbook, which contains this functions.

Read more →

Configuring chefdk


Chef Development Kit contains a chef-dk gem with chef executable. chef generate is a pretty usefull command for generation of skelettons. Per default the information like author, license or email looks like this:

$ cat testcookbook/metadata.rb
name 'testcookbook'
maintainer 'The Authors'
maintainer_email ''
license 'all_rights'

How to get your own data instead of this defaults?

Read more →

Hybrid suspend is a suspend mode, where suspend-to-disk and suspend-to-ram are executed together in the same time. Its a quite usefull mode for notebooks:

  • fast wake up because of suspend-to-ram
  • no data loss in case of empty battery during the suspend

Read more →

Docker docs and ACI docs decsribe the steps how to create base images from existing tarballs/folders with root file systems of distribution. If you make a deeper look, you will probably find the CentOS tarballs which are used by docker for creation of centos base images.

But how to get this root file system tree? This blogpost covers the creation of this root file system tree for CentOS and the creation of base images for Docker and Rkt.

Read more →

Chef is building omnibus packages only for x86. But probably you want to run chef on raspberry pi 3 with ARM. There is a blogpost, which describes the chef installation on Raspbian. This blogpost covers the steps for chef installation on raspberry pi with centos.

Read more →

As I already mentioned in the previous blog post, initially I wanted to use OpenBuild Service from openSUSE (OBS) to build packages of CoreOS rkt. OBS allows you to build packages for different platforms, e.g. RPMs for CentOS, RH, Fedora, OpenSUSE and in the same time DEBs for Ubuntu, Debian. Another positive thing: OpenBuild Service provides yum and apt repositories, which allow easy distribution and updates of packages.

CoreOS rkt provides the tgz archives with compiled software. The idea is to package this archives to RPMs/DEBs with help of OBS.

This blog post covers the required steps in order to achieve this goal with this simple use case. However you should keep in mind, the packaging instructions (e.g. spec or rules files) are representing a simple example only: they have low quiality claim compared to the distributions.

Read more →

I’m playing with coreos rkt, and I was missing rkt DEB packages for Ubuntu systems. CoreOS rkt provides the tgz archives with compiled software. My idea was just to package this archives to DEBs in order to get easy distribution or updates of rkt on my systems.

The easy way is to use fpm for this, but I wanted to use OpenBuild Service of OpenSuse in order to build RPMs and DEBs in the same time (this is covered in the next blogpost). This was the main reason to go more or less the Debian packaging way.

Debian packaging way is powerful, really. On the other hand, this power and the amount of possible solution ways are a bit confusing for beginners: actually you have to read the big amount of debian packaging resources in order to get a picture about all existing use cases, different tools and sometimes different information sources you need.

My situation was quite similar: I was missing a guide or some tutorial for my simple use case and I didn’t want to invest so much time for a simple “repackaging” from tgz to deb, but I had to. This blog post provides a such tutorial, based on my simple use case. But keep in mind, this short post doesn’t replace the debian packaging resources like Debian New Maintainers Guide or Debian Policy Manual and has low quality claim then usual packages provided by distributions.

Read more →

Since couple of months the Aquaris X5 from BQ is available in Germany. Its a pretty cool device, besides the fair price it has Dual-SIM and MicroSD support and a battery run-time up to several days. Another interesting thing is this smartphone is offered in two editions: with Android or with CyanogenOS software flashed. CyanogenOS is the commercial version of CynanogenMod and its quite promising especially from the view on software updates and security patches with a stock software.

This post will describe the (re-)flash procedure of Aquaris X5 with stock Android, CyanogenOS or CyanogenMod. So still if you want to stay on the stock software, but want to switch from Android to CyanogenOS or back, this post might be useful for you.

This guide covers the steps required on Linux, but it should work on the similar way on Windows. Hoewever I can’t verify it as I do not have any Windows system.

Read more →