Meeting notes for April 16th, 2020

Below are the meeting notes for this week's meeting.


bennyVasquez shared

This week’s releases

Chef Automate

tas50 shared

The Automate team completed a major milestone (2 actually) this week with the release of Automate 20200408145843. This release completes the migration to IAMv2 and will automatically upgrade you to use the new permissions model. This completes probably 18 months of work to redesign the permissions model of Automate and it’s great to see it wrapped up. This release also adds the ability to change your data lifecycle preferences in the UI and gives you waiver information on all compliance reports. Very nice stuff shipping there.

Chef Habitat

tas50 shared

Habitat 1.5.86 was released with new CLI and supervisor options for keeping around old packages.

Chef Infra Server

tas50 shared

We released Chef Infra Server 13.2, which makes a huge amount of progress under the hood for our eventual migration from Solar to Elasticsearch in the server package. This release adds the ability to use external Azure PostgreSQL with Infra Server, updates our HAProxy configuration for additional responsiveness, allows for using Elasticsearch 6, resolves a 13.1 regression on FIPS hosts, and greatly improves our integration pipeline.

That release also bumps us from Erlang 18 to 20, which removes a HUGE amount of tech debt in the project. I’m really looking forward to the upcoming work to get us onto ES exclusively. There’s a lot of great stuff happening in Infra Server

Other Releases

tas50 shared

Just a few minutes ago we made the release of knife-ec2 1.0.36. This release will now use private IP to make connections if no public IP is found. Previously we’d try to connect to private DNS which would not be available for many users. This should make it much easier to connect to your hosts without using r53 internally

Earlier this week released the chef_client_updater cookbook version 3.9.0. This includes a much more robust set of logic in the Windows upgrade script to restart dependent services post upgrade. That way post upgrade the event log and other services will be running again.

The Habitat cookbook 1.7.0 was also released with improvements for the Windows service setup:

Other updates

Chef Automate

Alex Pop shared

For the past week, we focused on these main epics: EAS Dashboard, IAM, Compliance waivers UI, automated documentation, refactoring and cleanup.

We also made changes to Automate and the audit cookbook to reduce the compliance reports being ingested. We are exploring further improvements to reduce the report size, which in some cases exceed 10MB.

Chef Inspec

Stocksy shared

kitchen-inspec 1.3.2 was pushed to Rubygems - this includes an improvement made back in February to allow loading of InSpec plugins.

There’s a few PRs awaiting attention - we’ll review these in the next couple of days; and we’ve set up a weekly internal meeting to make sure InSpec issues and PRs are reviewed frequently.

Chef Habitat

sdmacfarlane shared

This week:

  • FIx an issue with the event stream on Windows
  • Continued work on config file for the supervisor
  • Added support for studio_profile.ps1 , .studiorc for Windows
  • UI Fix to integrations modal on plan connection
  • Adding cache hit/miss metrics for builder operations
  • Gather additional db query metrics
  • Query optimizations, 20sec -> 4sec -> 45ms -> <1ms for our worst performing query

Chef Workstation

tball shared

Morning! This week the Chef Workstation team has been:

  • Preping ChefDK 3 and 4 for a release. This will fix some CVEs that came out since we last released
  • Started testing the major version changes to Chef Workstation that I mentioned last week. We found an issue with how our tools parse a date-semver (2020.04.160900) that we are fixing now.
  • Added support to the Golang Chef Infra Server API library (go-chef) for Policyfile endpoints. This is still in progress and will enable chef-analyze to report on cookbooks that were uploaded to the server as part of a Policyfile.
  • Added support to our Golang generators for more constants, enabling the Cinc team to continue work on preparing the open source Chef Workstation release
  • Forked the docker-api gem and fixed a warning it printed when running under Ruby 2.7.
  • Started working on adding better support for Chocolatey and Homebrew into our build pipeline. Right now it is a manual process to get those updated when Workstation releases. We are going to automate that into our release process as much as possible.

Chef Infra Server

tas50 shared

Prajakta is out today so she asked me to give an update for Chef Infra Server. They made the release of Chef Infra Server 13.2 this week and they’re focusing on adding the AWS sigv4 support next so keep an eye out for 13.3 in the coming months

Chef Infra Client

tas50 shared

We’re busy getting the last bits of goodness into Infra Client 16 before we ship it next week

  • We now have Amazon Linux 2 packages for Chef Infra Client 15 and 16
  • Merged in fixes for msu_package that will let folks apply MS cumulative updates via Chef
  • Lamont continues a table flip on how config works in Knife that is going to greatly simplify plugin code and resolve a large number of very old config bugs that have piled up
  • New DMI plugin for Windows will probably get merged in today which gives us some DMI parity between windows and Linux. This is also going to let us reduce the number of times we query WMI to speed up Ohai on Windows
  • Merged in the plist resource from the macos cookbook into core
  • Merged chef_client_systemd_timer resource into core

For anyone curious about what’s new in the release here are my ridiculously rough draft notes: There’s a lot of placeholders there that will get filled in over the next few days

Sous Chefs

john shared

Sous Chefs had a busy week - in large part thanks to @Xorima who has been hard at work automating everything.

We released some cookbooks:

  • vim 2.1.0 @tas50 cleaning up!
  • apache 8.1.1 @ramereth fixed the libexec dir issue & added testing for Centos 8 & Debian 10
  • keepalived 5.1.0 @Sebastian Riese made the property authentication of keepalived_vrrp_instance optional

We have written a few bots to manage our cookbooks, one to manage the static files, one to manage our labels and one to run cookstyle against all our repos automatically. see more on our blog:

And per usual, we have our weekly meeting right after this over in #sous-chefs

ramereth shared

I'm also taking a look at fixing and refactoring the nagios cookbook. and @bmhughes has a nice refactor PR in the works for the dhcp cookbook

Cinc Updates

ramereth shared

@BobChaos has been working on a variety of website updates that should be published soon which will be nice. He also reorganized all of our gitlab repos to fall into either distribution or upstream subgroups

jgitlin shared

I have been having a difficult time with getting a reliable build env for chef-server ... and just for the Wordmarks branch which is still "Chef" branded, not even for anything cinc related. I have recently made some good progress thanks to @BobChaos and @ramereth ’s advice, and am much closer to having an easy and reliable way to test my changes. Currently I am trying to make sure the new dict.rb file containing Wordmarks like "Chef Server" and "chef-server-ctl" is properly included everywhere it needs to be, because otherwise tools like chef-server-ctl complain that things like Chef::Dist::Server::CTL are undefined. We also have a new member interested in helping with Chef Server. @atrull has recently joined and is eager to help out with the cinc project, and has started working on a kitchen based env. Welcome, Alex!

See you next week!

This topic was automatically closed after 30 days. New replies are no longer allowed.