Blog-L_News_2_1283x494

Release: Enterprise Chef 11.2.0 and Chef Analytics 1.0.1

We are pleased to announce the release of the Enterprise Chef 11.2.0 server and Chef Analytics 1.0.1.

Enterprise Chef 11.2.0

What’s New

  • oc-id Adds the Chef Identity Service. This enables Supermaket and Analytics authentication against the Enterprise Chef Server.
  • Analytics Support
    • dark\_launch['actions'] defaults to true. You no longer need to manually set this in the private-chef.rb
    • Reconfigure will copy /etc/opscode/webui\_priv.pem into /etc/opscode-analytics if actions is enabled
    • This change adds a new ‘oc-id’ key to the private-chef-secrets.json.
  • private-chef-ctl Add a gather-logs command to create a tarball of important logs and system information.
  • orgmapper Bump orgmapper to a new minor revision. This enables support for the bifrost/authz API and fixes several bugs.
    • Add bifrost\_sql\_database uri to orgmapper.conf
    • Upgrade to rel-0.5.1

Bug Fixes:

The following items are the set of bug fixes that have been applied since Enterprise Chef 11.1.8:

  • [OC-11297] tweak partybus migration-level subscribes for a more reliable workaround
  • [OC-11585] Allow ['lb']['upstream'] to have a custom setting
  • [OC-11459] Allow opscode-manage to easily be moved off of 443
  • [OC-11540] Fix invalid opscode-account config when forcing SSL
  • [OC-11575] Don’t start services by default on the standby backend node in HA topology
  • [OC-11601] Fix a race condition that sometimes caused redis\_lb to attempt to reconfigure itself before it was restarted.
    • This change causes redis\_lb to restart during every reconfigure. This restart can cause a short period of 500 errors on the on the FE nodes.
  • [OC-11668] enable ipv6 in standalone mode
  • [OC-11672] Upgrade PostgreSQL to 9.2.9
  • [OC-11673] Tune PostgreSQL keepalive timeouts
  • [OC-11702] Fix bug that prevents ACL and group expansion when containing group that no longer exists
  • [OC-11708] Fix user association bug when last updater of users group is no longer associated
  • [OC-11710] Fix couchdb compaction log rotation

Security Fixes:

The following items are the set of security fixes that have been applied since Enterprise Chef 11.1.8:

  • OpenSSL 1.0.1i addresses CVE-2014-3512, CVE-2014-3511, CVE-2014-3510, CVE-2014-3507, CVE-2014-3506, CVE-2014-3505, CVE-2014-3509, CVE-2014-5139, and CVE-2014-3508.
  • PostgreSQL 9.2.9 addresses CVE-2014-0060, CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064, CVE-2014-0065, CVE-2014-0066, CVE-2014-0067

Download

Contact your sales representative for a link to download the patched version of Enterprise Chef.

Upgrade Instructions

Follow the upgrade instructions on the Chef Documentation site:

Chef Analytics 1.0.1

Improvements

  • feature(profile): Remove profile URL from web frontend pending redesign of profile page
  • feature(omnibus): Use latest omnibus-ctl 0.1.0
  • feature(dateRangePicker): Implemented date range picker
  • features(tagging) Update consumer to add Chef Manage on actions from UI
  • feature(actionDetails): Clicking on the remote request id in the details adds a filter for that id.
  • feature(tooltips): Added tooltips to toggle icons in the search area.

Bug fixes

  • fix(upgrade): Always start postgres and rabbitmq during upgrade process
  • fix(cursor): fix inconsistent cursor use
  • fix(actions): Added support for organizations named “login”
  • fix(login): Login page shows ‘Signed in as’ when you have an active session
  • fix(export): Can now supply a base filename to exports before downloading
  • fix(savedSearched): Selecting a saved search now populates the date pickers.
  • fix(e2e): Protractor E2E tests should pass reliably.
  • fix(search): Improve fuzzy search
  • fix(saved search): updating existing search throws 500

Security updates

  • Update openssl to 1.0.1i
  • Update rails to 4.1.5

Upgrading Chef Analytics

To upgrade to Chef analytics 1.0.1 you do not need to stop your Enterprise Chef . You do need to stop your running Chef analytics 1.0.0 instance.

  1. Stop Chef analytics
    opscode-analytics-ctl stop
  2. Install the new package, e.g.:
    rpm -Uvh opscode-analytics-1.0.1-1.el6.x86\_64.rpm
  3. You can re-run the preflight-check at this point to check if your Enterprise Chef is configured correctly
        opscode-analytics-ctl preflight-check
        Preflight check successful!
  4. Reconfigure Chef Analytics
    opscode-analytics-ctl reconfigure
  5. Start Chef Analytics
    opscode-analytics-ctl start
  6. Check it is running
    # opscode-analytics-ctl test 
    OK: Chef Actions running at 'https://analytics.example.com/'
    

Compatability

Chef analytics 1.0.1 is compatible with both Enterprise Chef 11.1.8 and 11.2.0.

Irving Popovetsky

Irving leads the Customer Engineering team at Chef

Join Automate for Good hackathon and be eligible to win $60000 in prizes
chefconf-banner
image_334

FOLLOW @CHEF