How to query cookbook versions on a node?

Question

Usage case: The DevOps team launched a node sometime ago, and my team would like to know what's the version(s) of one/several cookbook(s) being used in the run_list. Our DevOps team is firefighting so we'd like to find a way to be self-sufficient.

Commands Tried: knife cookbook show COOKBOOK give all possible versions, but does not specify which one being used.

knife node show NODE shows all cookbooks, but there's no version info attached.

Question: Is there a command (something similar to knife search, ohai) to query the chef-server for the versions deployed on the node?

Answer 1

If you can ssh into the box you can look under /var/chef/cache/cookbooks/<cookbook name>/metadata.json to find the version.

Also, you can access it during a chef run by looking at @run_context.cookbook_collection, but that probably doesn't help.

Generally the cookbook version is defined by the environment, but since environments change over time, you can't really trust that to be the same set that was used when this node last converged (especially if it's been a while).

By far your safest option will be to look at the chef cache.

Answer 2

I can think of a two steps solution.

Step 1: knife node show <%node-name%>. The output should include the Environment being used on the node.

Step 2: knife environment show <%environment-name%>. This output should detail all the cookbooks being deployed on the node with their versions

Answer 3

In our organisation we use a base cookbook to set an attribute on the node with the cookbook versions.

run_context.cookbook_collection.each do |key, cookbook|
  node.set['base_cookbook']['cookbook_versions'][cookbook.name] = cookbook.version
end

Then we can query the versions used by a node with

knife node show <node-name> -a base_cookbook.cookbook_versions

Answer 4

This worked for me:

knife search node '*:*' -a 'cookbook_versions.<cookbook_name>'

Answer 5

If you're using ohai (you probably are), you can do something like this:

knife search -i 'cookbooks:your-cookbook' -a cookbooks.your-cookbook.version

This will give you output that shows the hostname and the cookbook version:

1 items found

server.name.example:
  cookbooks.cs-redis.version: 0.3.2

Answer 6

I am using this (and versions of) for Windows clients

Invoke-Command -ComputerName $nodename -ScriptBlock { gci "c:\chef\cache\cookbooks\*\metadata.rb"  | % { select-string $_ -pattern '^version.*$' } | % { $_.Path.replace('\metadata.rb','') } } -Credential $creds

Answer 7

I'm unsure of a way via knife, but you can log into your Managed Chef at https://manage.chef.io and navigate to the nodes section for your organization. Click on the node name in question, and at the bottom right, under Run List, click the Expand All link. That will show you the versions of the cookbook each recipe is run as.

Answer 8

Uses -a cookbooks, which works for me perfectly.

knife search node '<node_search-*>' -a cookbooks

<node-123.server.example.com>:
  cookbooks:
    <a_sample_item>:
      version: <7.5.17>
    <but_another-one>:
      version: <6.0.27>
...

Or eliminate other cookbooks by using -a cookbooks.<cookbook> as below:

knife search node "name:<node_search-*>" -a cookbooks.<cookbook>

<node-123.server.example.com>:
  cookbooks:
    <cookbook>:
    version: <7.5.17>
<node-456.server.example.com>:
  cookbooks:
    <cookbook>:
    version: <1.2.3>

Answer 9

Came across this post and ended up working out a grep command to do this.

sudo grep -o -e '\"version\"\:\"[a-zA-Z0-9.]*\"' -e '\"version\"\: \"[a-zA-Z0-9.]*\"' /var/chef/cache/cookbooks/*/metadata.json

Answer 10

I had a similar requirement where I published a new version of cookbook and wanted to find which nodes were using the latest version of my cookbook. The below knife commands worked for me.

knife search -i node "cookbooks:<cookbook-name> AND cookbooks_<cookbook-name>_version:100.1.0"