Chef Backend 3.0.0 is now released and available on the downloads site
Updated Elasticsearch from 5.6.16 to 6.8.23. This new version of Elasticsearch improves performance, reliability, and adds many new capabilities. Additionally, the 5.6.16 release of Elasticsearch is no longer supported by Elastic and does not receive security updates.
Elasticsearch 6.8.23 resolves multiple CVEs and updates Log4j to 2.17.1, which resolves CVE-2021-44832, CVE-2021-45105, CVE-2021-45046, and CVE-2021-44228. While Elastic has stated that Elasticsearch is not vulnerable to these CVEs, we realize many organizations have internal requirements to upgrade legacy Log4j installations.
You can upgrade to Chef Backend 3.0.0 directly from version 2.1.0 or later using a rolling upgrade where one Chef Backend node is upgraded at a time. It does not require a complete cluster shutdown to perform the upgrade. See the upgrade matrix below and our Chef Backend upgrade documentation for additional information.
|1.x -> 2.x||Major version upgrade|
|2.0.x -> 2.x||Rolling upgrade|
|2.1 and later -> 3.0||Rolling upgrade|
|2.0 -> 3.0||Direct upgrades are not supported at this time. You can upgrade to an intermediate version and then to 3.0.0. For example, 2.0.1 -> 2.3.16 -> 3.0.0. Both of these steps would be rolling upgrades that do not require downtime.|