Blog-Icon_1_100x385

Chef Server 12.2.0 Release Announcement

Ohai Chefs!

I’m happy to announce that Chef Server 12.2.0 is now live on Hosted Chef, and is also available for download on the Chef Downloads Page and via our Apt/RPM repositories. Here are some of this release’s highlights:

  • External PostgreSQL: we now support using a PostgreSQL server other than the one shipped with Chef Server, including Amazon RDS.
  • Policyfile API enhancements.
  • Organization policy changes.
  • New chef-server-ctl commands and enhancements.
  • Several bug fixes.

Organization Policy Changes

  • An organization’s users can now see the information about other users in the same organization. This access includes name, email address, public key, and organizations that are shared between the user making the request and the user being viewed. Organizations that are not shared will not be visible. This is applicable in Hosted Chef as well as Chef Server. This allows an organization’s users to encrypt data bag items for each other using knife-vault without granting these users admin access.
  • By default, it is no longer permitted to remove the “admins” group’s grant ACE from a group’s ACL. This prevents a number of issues in which customers were locked out of updating group permissions. If you have need to do this, it is still possible in your Chef Server 12 installation by authenticating as the superuser. For Hosted Chef, there is no way to do this without contacting support.

External PostgreSQL

It is now possible to configure a new Chef Server with an externally managed PostgreSQL database, including one hosted on Amazon RDS. For more information, see the details here.

Important Note: the reporting and analytics add-ons are not compatible with external PostgreSQL.  If you’re using either of these add-ons, please continue to use the managed PostgreSQL that ships with Chef Server until updated add-ons are released.

Editor’s Note (12/16/2015): To clarify the above: Chef analytics uses its own internal PostgreSQL database and does not interact with the Chef server’s PostgreSQL database. It is currently not possible to have Chef analytics make use of an external PostgreSQL database. It is possible to have Chef analytics working as-is in conjunction with Chef server with an externally managed PostgreSQL database. Chef reporting uses the same PostgreSQL database as the Chef server. When this blog post went live, it was not possible to use Chef reporting and use an external PostgreSQL database with the Chef server. However, this was changed with the release of Chef reporting 1.5.5, as detailed here

Policyfile API enhancements

Further additions have been made to the Policyfile endpoints to round out support for them. For more information, reference API Changes and Additions in the release notes. These endpoints will be utilized in further Policyfile support scheduled for the upcoming ChefDK 0.8 release.

chef-server-ctl

chef-server-ctl has received several additions and enhancements:

  • New commands backup and restore to back up/restore your Chef Server installation’s data from the local file system. Note that you must have rsync installed locally for this, and that by default it will take Chef Server offline to perform the backup to ensure data consistency.
  • The reindex command now supports server-wide reindexing.
  • Improvements to error output. When errors exist in chef-server.rb or we detect errors in an external PostgreSQL configuration, we will now provide a detailed error message and — where appropriate — a link to further documentation.
  • Additional improvements can be found in the chef-server-ctl section of the release notes.

Further Reading

For further details about this release please reference the Release Notes, and for even more information you can take a look at the ChangeLog.

Tags:

Marc Paradise

Marc has over 19 years of experience in software design, development and delivery, and has been with Chef since 2011. Other interests include writing, distributed computing, hardware hacking, container technology, and a myriad of other accumulated pastimes. Marc only talks about himself in the third person when writing biographical blurbs.