Chef Ideas

We believe that the best way to build software is to do it in close collaboration with the people who use it. We invite you to submit your ideas using the form below. Please be sure to include the problem for which you are solving and the benefits of implementing the idea.

We do our best to implement as many Ideas as we can. Our Product team will evaluate all submitted ideas in a timely manner and will disposition each into one of the following categories: will integrate into the product roadmap, further research is needed, unlikely to implement.

Thanks for collaborating with us!

Allow nodes to be assigned multiple policies, and let chef-client pick between them, similar to its -n flag for named run lists

This idea has been brought up before, I'm aware, but I don't think this use case has come up.


The goal: have defined separation between a base set of cookbooks and an app/db/host-specific set.


The way things are now, you need to bake the base into an app cookbook's policy. If one of the base cookbooks gets updated, the app cookbook must also be updated in order to see it. This does not scale well.


Imagine if a node could have one default policy but other available policies assigned to it. If a security cookbook gets an update—it's part of base, let's say—and the base policy update is pushed, all the nodes can see it. Being able to target which policy to run with chef-client allows (in this example) base to run normally (every 30 mins) and an app cookbook to run when needed to update the hosts' app. Complete separation of duties.

  • Steve Abatangle
  • Jun 16 2021
  • New
  • Attach files