Skip to end of metadata
Go to start of metadata

There are three disaster recovery strategies for Chef

  1. Manage Chef objects as code in source control
  2. Export objects from the Chef Server
  3. Backup and restore CouchDB (database)


Which method you chose depends on your existing infrastructure. For instance, if your team is familiar with Chef and development practices then using the source control method is more flexible and less susceptible to data corruption. On the other hand, backing up the database and associated files on disk fits better into organizations with traditional disaster recovery systems with centralized backup.

Manage Chef objects in Source Control

Chef enables the reconstruction of your business from nothing but a source code repository, an application data backup, and bare metal machines. With Chef, you define in source code how each part of your infrastructure is built. Cookbooks, roles, data bags and environments should be created as JSON files in source control, and then uploaded to the Chef Server.

Disaster recovery then becomes:

  1. Create new Chef Server using preferred method
  2. Load objects from source control using knife

Using source control also means that previous versions are always available for restoration and provides a log for auditing changes.

Export objects from the Chef server

  • Use this Knife Exec script to perform a backup of an existing Chef Server:
  • Run the knife exec script

This will export your data bags, roles, and nodes stored on the chef server as JSON files within the .chef/chef_server_backup directory. Simply copy that directory and all files within to your backup location, and you'll have all of the objects that you use within Chef available to you as JSON files. These files can be uploaded to a new Chef server using knife.

CouchDB Backup

As indicated in CouchDB Administration for Chef Server, the CouchDB database can become quite large over time, so you may want to use Compaction on the database prior to backup. Please review the Compaction section of CouchDB Administration for Chef Server for details if you desire to pursue this prior to backup, and ensure that you compact the views as well.

A minimal backup consists of configuration files and a dump of the CouchDB database. For all platforms, locate your database, configuration, and log files and perform a filesystem copy. Be careful to preserve file permissions, too. Archive these files to wherever you want-- ideally on a different machine in a different physical location – with appropriate security limiting access.

For example, here are the directories to backup for a CouchDB install on Ubuntu:

  • Configuration: /etc/couchdb/
  • Database files: /var/lib/couchdb/
  • Logs: /var/log/couchdb/

You'll want to backup both the .couch database file (which contains many objects, including the index to the cookbooks) and the directory in 'checksum_path' specified in your server.rb, which contains the file contents. One possible example:

The SOLR Search index the RabbitMQ queue Chef Indexer should be rebuilt upon restoration.


CouchDB Administration for Chef Server


Hosted Chef



Labels:
None
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.

7 Comments

comments.show.hide

  1. Dec 08, 2009

    Joshua Timberman

    There's a python-based couchdb dump tool available in Karmic, too.

  2. Jan 05, 2011

    Bich Le

    Where does chef-server store the repo (cookbooks uploaded by clients?)

    On my CentOS installation, /etc/chef/server.rb has this line:
    cookbook_path [ "/var/lib/chef/cookbooks" ]

    But that directory is empty on the server.

    Does the server store cookbooks in couchdb?

    1. Jan 06, 2011

      Joshua Timberman

      The cookbooks are stored in the directory location specified by the checksum_path setting in the config, which would go in /etc/chef/server.rb.

      The default location is /var/chef/checksums, because the filenames are by the actual checksums of the file. We'll update this page and the Chef Configuration Settings.

      1. Aug 12, 2011

        Bryan McLellan

        Parts of the cookbooks, such as the metadata, are stored in the couchdb database. These objects contain checksums for individual files in the cookbook such as recipes, where are stored in checksum_path. You can find this checksum from 'knife cookbook show COOKBOOK_NAME COOKBOOK_VERSION in the checksum field for the file, and then find it in the filesystem.

  3. Feb 17, 2012

    Kevin Duane

    Is there a documented process for reloading couchdb from the couchdb-dump?

  4. Mar 02, 2012

    Ian D. Rossi

    Thank you for Chef!

    Of the three strategies mentioned at the top of this page, are all three necessary?

    The way I am taking it is that you can do complete backup and recovery by managing Chef objects in a source code repository and backup up that repository.

    I understand that data bags, roles, etc can be created from source code. But what about nodes and node attributes? Aren't those stored in chef-server and not in source code? How, then, does that data get restored?

    Some node attributes would be restored when certain roles or cookbooks are applied, but what about attributes that are assigned to nodes with the "knife node edit NODE" command? I don't believe those are stored in source code. It seems that when you would try to restore everything from source code, node attributes applied by roles would be preserved but attributes applied directly to roles by "knife node edit NODE" would be lost. Is that correct?

    If it IS possible to backup and restore chef-server only using a source code repository, is it still necessary to backup and restore CouchDB as described here?

    Thanks again.

    Warmest regards,

    Ian D. Rossi

    1. Mar 08, 2012

      Ian D. Rossi

      bump