Chef comes with a handy package resource that helps to manage packages
on the target machine. In this post I’m going to focus on the two major actions
:upgrade. While the difference is obvious it is not
always easy to consider which one is better when writing your first recipe.
So, let’s figure out when to use one or the other :)
Here is quick reminder of what the syntax of package resource looks like:
1 2 3
identifies which steps the chef-client will take to bring the node into the desired state
So, whenever we need to install certain package we simply put the following into the recipe file:
1 2 3
which will be converted into the proper command on the target system, for example on a Debian based system it will result in something like:
apt-get install wget
While on the Red Hat based system we’ll get:
yum install wget
Alternatively we could use
install a package and/or to ensure that a package is the latest version
While we might tend to always use
:upgrade action and let Chef do the all dirty
work for us, it is not always good decision especially when our package does a
restart of the services it manages. There is always a risk an unattended
upgrade could lead to the system failing, so, it’s best to avoid using it!
So, when should we use
:upgradewhen you have packages that always need to be kept up-to-date;
:upgradewhen you are confident in the package repository, i.e. you are the maintainer or managing your own repository.
And in other cases we better use
:install action :)
The rule of thumb
Know your infrastructure! ;)
Thank you very much for reading those far I really appreciate it!
Please let me know if I’m missing any use case where
:upgrade would be