Blacklist attributes sent to the Chef server

784 Views Asked by georgthebub At 19 April 2025 at 10:46

Due to the fact that i have a large volume of users and groups present on my chef nodes, running chef-client sends all that information to the chef server, causing performance issues.

I can whitelist attributes easily by adding something like this on client.rb :automatic_attribute_whitelist ["etc/group"]

Is there any way to blacklist a specific set of attributes from being sent to the Chef server?

Original Q&A

There are 1 best solutions below

sethvargo On 27 August 2014 at 16:15 BEST ANSWER

All my comments, as an answer (plus an actual answer).

You can disable the Ohai plugin for passwd if you aren't using those attributes or are connected to an AD.

If you want the attributes available on the node object, but not persisted back to the server, you can do something like this in a cookbook:

class Chef
  class Node
    alias_method :old_save, :save

    def save
      self.default_attrs.delete(:key)
      self.normal_attrs.delete(:other_key)
      self.override_attrs.delete('...')
      self.automatic_attrs.delete('...')
      old_save
    end
  end
end

This would get rather annoying for long lists of attributes, so IRCCloud make a cookbook for it:

https://github.com/irccloud/blacklist-node-attrs

Blacklist attributes sent to the Chef server

There are 1 best solutions below

Related Questions in CHEF-INFRA

Related Questions in OHAI-GEM

Trending Questions

Popular # Hahtags

Popular Questions