Release: Enterprise Chef 11.2.0 and Chef Analytics 1.0.1

Irving Popovetsky | Posted on August 29, 2014 | announcements | release | Releases

We are pleased to announce the release of the Enterprise Chef 11.2.0 server and Chef Analytics 1.0.1.

Enterprise Chef 11.2.0

oc-id Adds the Chef Identity Service. This enables Supermaket and Analytics authentication against the Enterprise Chef Server.
- For more information on configuring oc-id and Supermarket, see this article: Getting Started with oc-id and Supermarket
Analytics Support
- dark\_launch['actions'] defaults to true. You no longer need to manually set this in the private-chef.rb
- Reconfigure will copy /etc/opscode/webui\_priv.pem into /etc/opscode-analytics if actions is enabled
- This change adds a new ‘oc-id’ key to the private-chef-secrets.json.
private-chef-ctl Add a gather-logs command to create a tarball of important logs and system information.
orgmapper Bump orgmapper to a new minor revision. This enables support for the bifrost/authz API and fixes several bugs.
- Add bifrost\_sql\_database uri to orgmapper.conf
- Upgrade to rel-0.5.1

The following items are the set of bug fixes that have been applied since Enterprise Chef 11.1.8:

[OC-11297] tweak partybus migration-level subscribes for a more reliable workaround
[OC-11585] Allow ['lb']['upstream'] to have a custom setting
[OC-11459] Allow opscode-manage to easily be moved off of 443
[OC-11540] Fix invalid opscode-account config when forcing SSL
[OC-11575] Don’t start services by default on the standby backend node in HA topology
[OC-11601] Fix a race condition that sometimes caused redis\_lb to attempt to reconfigure itself before it was restarted.
- This change causes redis\_lb to restart during every reconfigure. This restart can cause a short period of 500 errors on the on the FE nodes.
[OC-11668] enable ipv6 in standalone mode
[OC-11672] Upgrade PostgreSQL to 9.2.9
[OC-11673] Tune PostgreSQL keepalive timeouts
[OC-11702] Fix bug that prevents ACL and group expansion when containing group that no longer exists
[OC-11708] Fix user association bug when last updater of users group is no longer associated
[OC-11710] Fix couchdb compaction log rotation

The following items are the set of security fixes that have been applied since Enterprise Chef 11.1.8:

OpenSSL 1.0.1i addresses CVE-2014-3512, CVE-2014-3511, CVE-2014-3510, CVE-2014-3507, CVE-2014-3506, CVE-2014-3505, CVE-2014-3509, CVE-2014-5139, and CVE-2014-3508.
PostgreSQL 9.2.9 addresses CVE-2014-0060, CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064, CVE-2014-0065, CVE-2014-0066, CVE-2014-0067

Contact your sales representative for a link to download the patched version of Enterprise Chef.

Follow the upgrade instructions on the Chef Documentation site:

feature(profile): Remove profile URL from web frontend pending redesign of profile page
feature(omnibus): Use latest omnibus-ctl 0.1.0
feature(dateRangePicker): Implemented date range picker
features(tagging) Update consumer to add Chef Manage on actions from UI
feature(actionDetails): Clicking on the remote request id in the details adds a filter for that id.
feature(tooltips): Added tooltips to toggle icons in the search area.

To upgrade to Chef analytics 1.0.1 you do not need to stop your Enterprise Chef . You do need to stop your running Chef analytics 1.0.0 instance.

Install the new package, e.g.:

rpm -Uvh opscode-analytics-1.0.1-1.el6.x86\_64.rpm

You can re-run the preflight-check at this point to check if your Enterprise Chef is configured correctly
```
    opscode-analytics-ctl preflight-check
    Preflight check successful!
```
Reconfigure Chef Analytics
```
opscode-analytics-ctl reconfigure
```
Start Chef Analytics
```
opscode-analytics-ctl start
```

Check it is running

# opscode-analytics-ctl test 
OK: Chef Actions running at 'https://analytics.example.com/'

Chef analytics 1.0.1 is compatible with both Enterprise Chef 11.1.8 and 11.2.0.