Ohai Chefs!
We have selected 14.2.0 as our Chef v14.2 release candidate which is scheduled for release on Thursday June 7, 2018.
Release Highlights
ssh-agent
support for user keys
You can now use ssh-agent
to hold your user key when using knife. This allows storing your user key in an encrypted form as well as using ssh -A
agent forwarding for running knife commands from remote devices.
You can enable this by adding ssh_agent_signing true
to your knife.rb
or ssh_agent_signing = true
in your credentials
file.
To encrypt your existing user key, you can use OpenSSL:
( openssl rsa -in user.pem -pubout && openssl rsa -in user.pem -aes256 ) > user_enc.pem
chmod 600 user_enc.pem
This will prompt you for a passphrase for to use to encrypt the key. You can then load the key into your ssh-agent
by running ssh-add user_enc.pem
. Make sure you add the ssh_agent_signing
to your configuration, and update your client_key
to point at the new, encrypted key (and once you’ve verified things are working, remember to delete your unencrypted key file).
default_env Property in Execute Resource
The shell_out helper has been extended with a new option default_env
to allow disabling Chef from modifying PATH and LOCALE environmental variables as it shells out. This new option defaults to true (modify the env), preserving the previous behavior of the helper.
The execute resource has also been updated with a new property default_env
that allows utilizing this the ENV sanity functionality in shell_out. The new property defaults to false, but it can be set to true in order to ensure a sane PATH and LOCALE when shelling out. If you find that binaries cannot be found when using the execute resource, default_env
set to true may resolve those issues.
Small Size on Disk
Chef now bundles the inspec-core and train-core gems, which omit many cloud dependencies not needed within the Chef client. This change reduces the install size of a typical system by ~22% and the number of files within that installation by ~20% compared to Chef 14.1. Enjoy the extra disk space.
Virtualization detection on AWS
Ohai now detects the virtualization hypervisor amazonec2
when running on Amazon’s new C5/M5 instances.
Please see the CHANGELOG for the complete list of changes.
Get the Build
As always, you can download binaries directly from downloads.chef.io or by using the new mixlib-install
command line utility available in ChefDK 0.19.6 or greater.
$ mixlib-install download chef -v 14.2.0 -c current
Alternatively, you can install Chef using one of the following command options:
# In Shell
$ curl https://omnitruck.chef.io/install.sh | sudo bash -s -- -P chef -v 14.2.0 -c current
# In Windows Powershell
. { iwr -useb https://omnitruck.chef.io/install.ps1 } | iex; install -project chef -version 14.2.0 -channel current