Skip to main content

Upgrade Chef Infra Server

[edit on GitHub]

Chef Infra Server Upgrade Matrix

Running VersionUpgrade VersionLicenseVersion Support
1314YesYes
12.17.1514YesYes
12.3.012.17.15NoNo
1112.3.0NoNo
License
Chef Infra Server 13 and 14 are governed by the Chef License. You will be required to accept these terms when using Chef Infra Server 13 or 14 for the first time by entering Yes when prompted.
Version Support
Chef Infra Server 13 and 14 are supported Chef Software distributions. Earlier versions are no longer supported. For more information about supported Chef Software see the Supported Versions documentation.

Upgrading to Chef Infra Server

Three upgrade scenarios exist for upgrades from Chef Infra Server 12.17.15 to Chef Infra Server 13 or 14:

Chef Infra Server 14

Warning

Do not upgrade your production server. First, upgrade in your test server, and then upgrade your production server.

Chef Infra Server 14 uses Elasticsearch as its search index. The Chef Infra Server 14 upgrade process requires downtime for stopping the server, installing the new package, and then upgrading the server, which will include an automatic Elasticsearch reindexing operation for existing Solr users. We estimate the reindexing operation will take 2 minutes for each 1000 nodes, but the it could take more time, depending on your server hardware and the complexity of your Chef data.

The Chef Infra Server 14 upgrade does not reindex existing external Elasticsearch installations.

Chef Infra Server 12.17.15 or Later

Warning

Upgrade Chef Infra Server and any add-ons to compatible versions before setting insecure_addon_compat to false.

As of version 12.14, Chef Infra Server renders passwords inside of the /etc/opscode directory by default. If you are using Chef Infra Server without add-ons, or if you are using the latest add-ons versions, you can set insecure_addon_compat to false in `/etc/opscode/chef-server.rb. and Chef Infra Server will write all credentials to a single location.

For more information on password generation, including a list of supported add-on versions, see Chef Infra Server Credentials Management.

Standalone Upgrade

The Chef Infra Server 14 upgrade process requires downtime for stopping the server, installing the new package, and then upgrading the server, which will include an automatic Elasticsearch reindexing operation for existing Solr users. We estimate the reindexing operation will take 2 minutes for each 1000 nodes, but the it could take more time, depending on your server hardware and the complexity of your Chef data.

Standalone Upgrade Steps

  1. Back up your Chef Infra Server data before starting the upgrade process using knife-ec-backup.

  2. Confirm that the Chef Infra Server services are operational:

    chef-server-ctl reconfigure
    
  3. Download the desired Chef Infra Server version from the Chef Infra Server Downloads page.

  4. Stop the server:

    chef-server-ctl stop
    
  5. Install the Chef Infra Server package:

    To install with dpkg:

    dpkg -i /path/to/chef-server-core-<version>.deb
    

    To install with the RPM Package Manager:

    rpm -Uvh --nopostun /path/to/chef-server-core-<version>.rpm
    
  6. Upgrade the server and accept the Chef Software license by entering Yes at the prompt:

    chef-server-ctl upgrade
    

    To accept the license and upgrade in one command:

    CHEF_LICENSE='accept' chef-server-ctl upgrade
    
  7. Start Chef Infra Server:

    chef-server-ctl start
    
  8. Upgrade any Chef Infra Server add-ons.

  9. After the upgrade process is complete, test and verify that the server works properly.

  10. Clean up the server by removing the old data:

    chef-server-ctl cleanup
    

Chef Backend Upgrade

The Chef Infra Server can operate in a high availability configuration that provides automated load balancing and failover for stateful components in the system architecture.

To upgrade your Chef Backend installation, see High Availability: Upgrade to Chef Backend 2.

Tiered Upgrade

This section describes the upgrade process from a tiered server configuration.

The Chef Infra Server 14 upgrade process requires downtime for stopping the server, installing the new package, and then upgrading the server, which will include an automatic Elasticsearch reindexing operation for existing Solr users. We estimate the reindexing operation will take 2 minutes for each 1000 nodes, but the it could take more time, depending on your server hardware and the complexity of your Chef data.

Note

These instructions are intended for users of the Chef Infra Server tier topology. For the latest information on setting up a highly-available server cluster, see High Availability: Backend Cluster.

Tiered Upgrade Steps

To upgrade to Chef Infra Server on a tiered Chef Infra Server configuration, do the following:

  1. Back up the Chef Infra Server data before starting the upgrade process using knife-ec-backup.

  2. Confirm that the Chef Infra Server services are operational:

    chef-server-ctl reconfigure
    
  3. Download the desired Chef Infra Server version from the Chef Infra Server Downloads page, then copy it to each server.

  4. Stop all front end servers:

    chef-server-ctl stop
    
  5. Install the Chef Infra Server package on all servers:

    To install with dpkg:

    dpkg -i /path/to/chef-server-core-<version>.deb
    

    To install with the RPM Package Manager:

    rpm -Uvh --nopostun /path/to/chef-server-core-<version>.rpm
    
  6. Stop the back end server:

    chef-server-ctl stop
    
  7. Upgrade the server and accept the Chef Software license by entering Yes at the prompt:

    chef-server-ctl upgrade
    

    To accept the license and upgrade in one command:

    CHEF_LICENSE='accept' chef-server-ctl upgrade
    
  8. Copy the entire /etc/opscode directory from the back end server to all front end servers:

    scp -r /etc/opscode <each server's IP>:/etc
    
  9. Upgrade each of the front end servers:

    chef-server-ctl upgrade
    
  10. Run the following command on both the front end, and back end servers:

    chef-server-ctl start
    
  11. Upgrade any Chef Infra Server add-ons.

  12. After the upgrade process is complete, test and verify that the server works properly.

  13. Clean up the server by removing the old data:

    chef-server-ctl cleanup
    

Upgrading Add-ons

Chef Infra Server 13 and 14 supports Chef Manage and Push Jobs. Both of these add-ons are deprecated. Push Jobs will reach EOL on December 31, 2020 and Chef Manage will reach EOL on December 31, 2021. After upgrading Chef Infra Server, reinstall the add-on and then reconfigure Chef Infra Server and the add-on.

Chef Manage
Chef Manage is deprecated and will reach EOL on December 31, 2021. Chef Manage is a management console for data bags, attributes, run-lists, roles, environments, and cookbooks from a web user interface
Push Jobs
Push Jobs deprecated and will reach EOL on December 31, 2020. Chef Push Jobs is an extension of the Chef Infra Server that allows for running jobs against nodes independently of a Chef Infra Client run.

Use Downloads

The install subcommand downloads packages from https://downloads.chef.io by default. For systems that are not behind a firewall (and have connectivity to https://downloads.chef.io), these packages can be installed as described below.

  1. Install add-ons

    Install Chef Manage with:

    sudo chef-server-ctl install chef-manage
    

    Install Push Jobs with:

    sudo chef-server-ctl install opscode-push-jobs-server-ctl
    
  2. Reconfigure the server

    sudo chef-server-ctl reconfigure
    
  3. Reconfigure add-ons

    Reconfigure Chef Manage with:

    sudo chef-manage-ctl reconfigure
    

    Reconfigure Push Jobs with:

    sudo opscode-push-jobs-server reconfigure
    

Finally, accept the Chef License:

sudo chef-manage-ctl reconfigure --accept-license

Use Local Packages

Use the install subcommand with the --path option to install the Chef Manage (chef-manage) and Push Jobs(opscode-push-jobs-server) add-ons for Chef Infra Server.

sudo chef-server-ctl install PACKAGE_NAME --path /path/to/package/directory

For example:

sudo chef-server-ctl install chef-manage --path /root/packages

The chef-server-ctl command will install the first chef-manage package found in the /root/packages directory.