Blog-L_News_1_1283x494

Chef Server 12.3.0 Release Announcement

Ohai Chefs!

I’m happy to announce that Chef Server 12.3.0 is now available for download on the Chef Server Downloads Page and via our Apt/RPM repositories. Here are some highlights from this release:

  • Node API change to include Policy support.
  • ElasticSearch and external Solr support.
  • Object updates can now be posted directly to the search index.
  • Analytics queue monitoring.
  • Security updates to solr4 oc-id, and postgresql.
  • Many closed issues.

Nodes API Change (Policy)

The policy_name and policy_group fields have been added as top-level node attributes. This means:

  • These fields are now returned in node objects retrieved via GET /nodes/$name.
  • They are searchable via the node index.
  • They are now accepted as optional fields in requests to POST /nodes and PUT /nodes/$name.

Search Improvements

  • It is now possible for Chef Server to post updates directly to the
    search provider for search index updates, bypassing rabbitmq
    and expander.
  • Elasticsearch is now supported as a search provider.
  • You can now use your own Solr instance instead of using the one
    bundled with chef-server.

Queue Monitoring

The Analytics queue is now monitored within Chef Server, and the server will stop sending messages to it when it’s full. It will also report queue usage details via the Chef Server /_status endpoint.

Important Note: This changed enables the management interface of RabbitMQ. A new secure password is generated for this interface. This makes it important important to follow the usual upgrade steps to completion in order to ensure that the new credentials are available on all nodes.

Other Fixes and Updates

Below are some of the other issues addressed in this release. For a complete list, see the Release Notes and Change Log links below.

  • Fixed: Analytics queue monitoring allows Chef Server to stop sending message when the queue is full. This resolves issues where a full queue (due to Analytics being offline or uninstalled) would result in failed API calls into Chef Server.
  • Changed: LDAP login is now case-insensitive by default.
  • Fixed: Under sudden and intense load, Chef Server could sometimes leak connections until it eventually refused most connections.
  • Fixed: Under heavy load, clients could receive 500 errors due to connection leaks to bifrost.

Security Updates

The following security issues are addressed through updates to third party components in Chef Server 12.3.0:

Contributors:

Special thanks to the following people for taking some of their own time to help improve the Chef Server project:

  • Joe DeVivo
  • Shruthi Venkateswaran
  • Phil Oliva
  • Ryan Hass

Resources:

Marc Paradise

Marc has over 19 years of experience in software design, development and delivery, and has been with Chef since 2011. Other interests include writing, distributed computing, hardware hacking, container technology, and a myriad of other accumulated pastimes. Marc only talks about himself in the third person when writing biographical blurbs.