How to delete persistent node attributes in Chef
Did you accidentally set node.normal[:foo][:bar] = 'something bad' in your chef recipe?
Then you found that the node's normal attributes persisted between chef runs, and you really wanted to use the default attribute precedence level in your cookbook's attributes/default.rb file?
Knife exec is your friend:
knife exec -E "nodes.transform(:all) {|n| n.normal_attrs[:foo].delete(:bar) rescue nil }"Example:
I needed to delete some default, normal, and override attributes for the sudo cookbook on all nodes, so I used:
knife exec -E "nodes.transform(:all) {|n| n.default_attrs['authorization']['sudo'].delete('groups') rescue nil }"
knife exec -E "nodes.transform(:all) {|n| n.normal_attrs['authorization']['sudo'].delete('groups') rescue nil }"
knife exec -E "nodes.transform(:all) {|n| n.override_attrs['authorization']['sudo'].delete('groups') rescue nil }"If I only wanted to do that on a certain node, I would pass a Solr query to node.transform():
knife exec -E "nodes.transform('name:dfw-mynode-01') {|n| n.default_attrs['authorization']['sudo'].delete('groups') rescue nil }"Note: Knife exec is powerful... with great power comes great responsibility
Written by James Cuzella
Related protips
2 Responses
Will this also work for and automatic attribute (that OHAI sets)? Would you format like [:etc].delete(:passwd) ?
update: This model should work for automatic attributes
knife exec -E "nodes.transform(:all) { |n| n.automatic_attrs[:etc].delete(:passwd) rescue nil }"
Do we know if this runs the embedded script in parallel across all the nodes, similar to knife winrm?
Have a fresh tip? Share with Coderwall community!
