This document describes the steps required to prepare for updating from 0.7.x Debian/Ubuntu packages to 0.9.
 | Coming Soon The apt.opscode.com repository will be updated soon with the new packages! |
First, be aware of Breaking Changes from 0.7.x to 0.8.x; For more information about Chef version 0.9, see the 0.9.0 release post on the Opscode Blog.
Pin Package Versions
First, pin the package versions of the installed Chef packages so you don't accidentally get upgraded. On systems where Chef 0.7.x is installed, add the following to /etc/apt/preferences.
Or use dpkg to hold packages.
Important Changes
- chef-server-slices is deprecated, replaced by chef-server-api and chef-server-webui.
- chef-indexer is deprecated, replaced by chef-solr.
- The server API, webui and SOLR daemons run as chef user/group.
- init scripts are configured with /etc/default/chef* like many other Debian packages.
- chef-server-webui is optional.
- The webui daemon process runs on port 4040.
- The webui no longer uses openid. You will be prompted for a password for the admin user during chef-server-webui installation.
- Registrations are now called clients.
- Clients are validated with a certificate, /etc/chef/validation.pem. This is created when chef-server starts. Clients are no longer validated through the webui. See [LEG:Authentication].
Upgrading
When ready to upgrade the server, remove the pin entries from /etc/apt/preferences and install the new version.
| RubyGems You should have RubyGems installed either from source or from package, or merb will fail to launch the chef-server and chef-server-webui daemons. Add it to the packages list here if it is not currently installed, or install from source. |
If you run into issues, see the troubleshooting section below.
After the server is up and running again, configure Knife.
Then in your Chef Repository, run rake install.
Your client systems will need to have the validation.pem copied to their /etc/chef/validation.pem, and chef-client run, or you will need to create clients using "knife client create".
Upgrade Troubleshooting
Debian packages preserve existing configuration files. When configuring the chef-server package, amqp_pass may not be set, preventing the chef-server from starting. The installation prompts for this setting, and it gets written to /etc/chef/solr.rb but not an existing /etc/chef/server.rb. Add the value to /etc/chef/server.rb and restart the server.
If the webui is installed, restart it, because when the API failed to start, the webui doesn't get initialized and create the admin user with the password specified.
Because the daemon processes now run as the unprivileged chef user, some paths may be unwritable.
When opening the webui (now on port 4040), the server may toss a "Tampered with Cookie" error page. Clear out the cookie _chef_server_session_id and reload the page.