Chef Supermarket - The New Community Site


#1

Chef is awesome. Our existing community site experience…OK, but not
awesome. We announced plans to revamp and open source the community
site at the Community Summit in November and now were making good
progress on that with Supermarket [0].

It’s time to update you on our progress and ask for your help!

Check out today’s blog post, Chef Supermarket - The New Community
Site [1], for more information on the new site and for some ways that
you can help.

Join us at #ChefConf [2] to discuss the future of the Supermarket and
help us make the new site even more awesome!

We’ve also started a new mailing list that is dedicated to the
Supermarket project [3].

Thanks!
Nathen
@nathenharvey

[0] - https://github.com/opscode/supermarket
[1] - http://www.getchef.com/blog/?p=9897
[2] - http://chefconf.com
[3] - https://groups.google.com/d/forum/chef-supermarket


#2

Folks,

Any pointers on which ports used by chef infrastructure (443 for PEM-chat…for starters)? Or, related, on advice to how to set/manage firewalls around Chef usage?

Does ohai authenticate/operate solely on 443? Do any Chef Server searches ever use other ports? (Especially higher ports?)

Pointers to RTFM most welcome…just looking for a leg up on which FM to R.

Thanks,
Ross


#3

Only 443 is used for Chef, though the server listens on 80 by default as a convenience redirect. Everything is done via a REST API, so its all over a single port. More stuff is used internally, but those all only listen on localhost unless you are building a multi-server cluster for your Chef server.

–Noah

On Mar 24, 2014, at 6:51 PM, Ross Mohan mohanr@five9group.com wrote:

Folks,

Any pointers on which ports used by chef infrastructure (443 for PEM-chat…for starters)? Or, related, on advice to how to set/manage firewalls around Chef usage?

Does ohai authenticate/operate solely on 443? Do any Chef Server searches ever use other ports? (Especially higher ports?)

Pointers to RTFM most welcome…just looking for a leg up on which FM to R.

Thanks,
Ross


#4

Thanks, appreciate that.

I found this doc, which helps:

http://docs.opscode.com/server_firewalls_and_ports.html

But the postgresql, couched, etc ports may be ‘internal’ as you describe – localhost only.

Did read somewhere that push jobs (if built and in use…) use high order ports, but can’t find a good doc on this…

-Ross


From: Noah Kantrowitz noah@coderanger.net
Sent: Monday, March 24, 2014 9:54 PM
To: chef@lists.opscode.com
Subject: [chef] Re: Ports used…

Only 443 is used for Chef, though the server listens on 80 by default as a convenience redirect. Everything is done via a REST API, so its all over a single port. More stuff is used internally, but those all only listen on localhost unless you are building a multi-server cluster for your Chef server.

–Noah

On Mar 24, 2014, at 6:51 PM, Ross Mohan mohanr@five9group.com wrote:

Folks,

Any pointers on which ports used by chef infrastructure (443 for PEM-chat…for starters)? Or, related, on advice to how to set/manage firewalls around Chef usage?

Does ohai authenticate/operate solely on 443? Do any Chef Server searches ever use other ports? (Especially higher ports?)

Pointers to RTFM most welcome…just looking for a leg up on which FM to R.

Thanks,
Ross


#5

Hi Ross,

The ports for Push Jobs (10000-100003) are covered here:

http://docs.opscode.com/push_jobs.html#requirements

James

On Mon, Mar 24, 2014 at 7:13 PM, Ross Mohan mohanr@five9group.com wrote:

Thanks, appreciate that.

I found this doc, which helps:

http://docs.opscode.com/server_firewalls_and_ports.html

But the postgresql, couched, etc ports may be ‘internal’ as you describe
– localhost only.

Did read somewhere that push jobs (if built and in use…) use high order
ports, but can’t find a good doc on this…

-Ross


From: Noah Kantrowitz noah@coderanger.net
Sent: Monday, March 24, 2014 9:54 PM
To: chef@lists.opscode.com
Subject: [chef] Re: Ports used…

Only 443 is used for Chef, though the server listens on 80 by default as a
convenience redirect. Everything is done via a REST API, so its all over a
single port. More stuff is used internally, but those all only listen on
localhost unless you are building a multi-server cluster for your Chef
server.

–Noah

On Mar 24, 2014, at 6:51 PM, Ross Mohan mohanr@five9group.com wrote:

Folks,

Any pointers on which ports used by chef infrastructure (443 for
PEM-chat…for starters)? Or, related, on advice to how to set/manage
firewalls around Chef usage?

Does ohai authenticate/operate solely on 443? Do any Chef Server
searches ever use other ports? (Especially higher ports?)

Pointers to RTFM most welcome…just looking for a leg up on which FM to
R.

Thanks,
Ross