It's a competitive world out there. Simplicity is inevitable, just a question of what's going to deliver the simple solution first.

NOTE: This blog is written by a Chef loyalist and is not to be taken as anti-Chef in any respect. There is already solid traction to remedy much of what is written below, so hopefully this blog will become very dated, very quickly! July 25th, 2014.

Fail and Bail

My time is limited. When I have lots of choice, the most important thing to me is to manage my time. Hence the Single Failure & I'm Outa Here rule. I try stuff out, if it fails too early I just try something else.

The solution to Fail and Bail is easy, you just pay attention to what makes your software easy for the novice to fail at, and then address that simply and directly. This is not rocket surgery, but it does require a modest degree of creativity and most especially attention. You have to really not want a Fail and Bail.


Chef is one of 5 major tools Chef, Puppet, Ansible, Salt, CFEngine. It gets a lot of attention locally and is more dev oriented in some respects. Little less declarative than other choices.

So I try Chef out first. Let's pretend I'm not a hardcore Chef zealot, for the rest of this blog.

Quick Failures

Let's be blunt. The Chef novice has got some really easy ways to get frustrated. Sadly, none of them reflects poorly on the platform, which is actually quite usable if you can get past them. But many don't. Nor, should they.

  • .pem file configuration
  • community/supermarket cookbook issues
  • Ruby gem issues
  • Learning issues
  • Too many options issues

For each of the above, you can budget lots of time actually working on the issue, and lots more time not working on the issue but just waiting for the brain to regroup when it seems that something doesn't make sense, but you aren't really sure what.

These are not guaranteed failure points. Some may never be confronted. But for each one, you can guess that a large pool of users simply never get past them, and move on to Ansible, or Puppet, or just bash scripts. That's too bad, because when that happens we all lose.

The .pem file Configuration Problem

On the face of it, this has nothing to do with Chef's core activity. Instead, dear potential Chef user, please understand that this is a bolted on security measure to prevent bad guys from doing bad things.

So here's the skinny: You might have to blow away your configuration files and start over until you get it all going. Expecially if you are trying out Chef in fits and starts over a period of weeks and months, like most of us. Budget for this time. It is pain that must be endured, if it happens. It's actually quite easy, but if it confuses you it may slow you down. 

Or, more likely, since time is short, and Chef is not your main job, you probably just bail. Let's assume that 30% of new Chef users fit this category, and never return.

Community/Supermarket Cookbook Issues

The first thing you may want to do, dear potential Chef user, is download some existing recipes and try the system out. We know that we will lose most of you to this step. But you will try that. 

But what you don't know is that way more than half of the recipes out there are poorly maintained at best. Many will fail. So for the 70% that are still remaining after the .pem files issue above, another 20% drop out here. Chef doesn't work. I tried the xyz recipe and it fails and it's a Saturday morning and it's time to take my kids to soccer practice. I never touch Chef again.

Ruby Gem Issues

Now let's assume that I'm in the 50% that haven't quit chef already, not from an intent to quit but just never progressed beyond the first failures.

I had Chef up and running, it worked, some time passed, I went and got another of Chef's many iterations. Chef is a dynamic project, so there are a lot of new versions of Chef coming out over the months and years.

But wait. That's weird. Now, nothing works. It worked last time. Something about a Ruby gem issue. Hmmm. Oh crap, wife is calling me on cell to pick up Melissa after play practice.

I never touch Chef again. I've been dicking with this thing several times now and it's always something. I tell my boss "we can probably just squeak by with bash scripts for the time being". Let's say that another 15% drop off here. 

Learning Chef Issues

So little time, so much bogus stuff out there. Let's say I'm now part of the 35% that haven't just fallen into oblivion. I'm still trying to use Chef. 

My goodness, there isn't too little stuff out there on how to use Chef, there is too much! So many avenues to pursue, yet a lot of this seems to not work. Hmm I think maybe this youtube was made for a previous version of Chef. Not sure. Oh wait. Sunday football is starting. Never got it working with that one real recipe I wanted to try. Next morning my boss tells me 'I got Puppet working this weekend'.

Another 10% drop off and never come back.

Too Many Options Issues

If I'm still part of the remaining 25% of tire kickers by now, I still might not have a real production run, but at least I haven't bailed. I got one recipe to work, now we need nginx and two other pieces installed on the trial run. 

Wait, I am trying this new ChefDK thing out. What's this about ChefZero vs ChefSolo vs Chef Server by them vs Chef Server that I can run internally. Hmm let me mess with this for a while. Not sure. Dang, needed those recipes to run. No time. 

My boss says 'Ah don't worry, Jamie got the Ansible thing going for all the recipes we need. It's all good." Maybe another 15% drop off about here.

Tone Deaf?

Go to a ChefConf. You won't find a younger, more vibrant, more enthusiastic, more capable group of enthusiasts anywhere. But these guys aren't part of the 90% that just never got Chef working. More to the point, they are pretty nearly tone deaf to the whole set of challenges.

There are lots of really easy solutions to every one of the challenges that beset any of the 90% that never make it through the wall of fire. But that doesn't matter. Because it is heretical to even acknowledge this kind of challenge. That would be like having a bad attitude, and these guys are super positive guys with a great attitude.

So instead, people like me just have to accept the fact that we are in a smaller group than we would wish. I've been through lots of these wall of fire things. Maven was that way in 2001-2003 - a horrible and similar experience. But there weren't any good alternatives to Maven then. Chef has many great alternatives.


The solutions for each of the problems noted above, and others not noted, are really straightforward. We had to figure them out.

Please note that none of the 90% that dropped off did so for any good reason. Chef would have been perfect for them. They just never got a chance to find that out. Lose-lose for everyone.

Updated 2014-07-21 to simplify title to Chef Not Fail and Bail and add the paragraph at top citing the ease of solutions.

Updated 2014-07-21 to place a more careful declaration of loyalty, and make it more obvious that work is already underway to remedy much of what is noted in this blog.