Chef Backend 3.0.0 Released!

Hello Chefs!

Chef Backend 3.0.0 is now released and available on the downloads site


Elasticsearch 6.8.23

Updated Elasticsearch from 5.6.16 to 6.8.23. This new version of Elasticsearch improves performance, reliability, and adds many new capabilities. Additionally, the 5.6.16 release of Elasticsearch is no longer supported by Elastic and does not receive security updates.

Elasticsearch 6.8.23 resolves multiple CVEs and updates Log4j to 2.17.1, which resolves CVE-2021-44832, CVE-2021-45105, CVE-2021-45046, and CVE-2021-44228. While Elastic has stated that Elasticsearch is not vulnerable to these CVEs, we realize many organizations have internal requirements to upgrade legacy Log4j installations.


You can upgrade to Chef Backend 3.0.0 directly from version 2.1.0 or later using a rolling upgrade where one Chef Backend node is upgraded at a time. It does not require a complete cluster shutdown to perform the upgrade. See the upgrade matrix below and our Chef Backend upgrade documentation for additional information.

Upgrade Workflow Method
1.x -> 2.x Major version upgrade
2.0.x -> 2.x Rolling upgrade
2.1 and later -> 3.0 Rolling upgrade
2.0 -> 3.0 Direct upgrades are not supported at this time. You can upgrade to an intermediate version and then to 3.0.0. For example, 2.0.1 -> 2.3.16 -> 3.0.0. Both of these steps would be rolling upgrades that do not require downtime.

Hold off for now. There are updates to the upgrade docs coming which allow the upgrade to proceed smoothly, depending on your starting point. Having Chef Backend 2.1.0 or higher is not enough.

To follow along, see Update Chef Backend upgrade to 3.0 instructions by PrajaktaPurohit · Pull Request #3143 · chef/chef-server · GitHub