Chef Client 11.8.0 : local mode and new SSL verification settings

Chef logo

The 11.8.0 version of the infrastructure automation tool written in Ruby has been released. The main new features are the introduction of a local mode and new SSL verification settings.

The editor of the solution, Opscode, announced that Chef Client 11.8.0 has a local mode that allows it to operate 100% locally using a Chef repository. In order to use chef in local mode, you must download and install the following Chef package, write a recipe and then converge the recipe locally using: chef-client - local-mode - o cookbook_name.

"The local mode is interesting for two reasons. On the one hand, it facilitates the discovery of the solution since it is necessary to install a server to test the basic functionalities. On the other hand, it allows Chef to be used in cases when a new client-server architecture is not adapted, including highly distributed architectures. This new method thus fills an important gap, allow the tool to better compete with its main competitor Puppet" explained Maxime Besson, Networks and Systems Expert at Smile.

In addition, Chef finally acquires an essential feature, also obtained by Puppet: SSL validation. The configuration of the 11.8.0 version includes the setting: verify_api_cert that allows it to verify the identity of the Chef server it is communicating with. The 11.8.0 release also manages a directory on the client for SSL certificates of Chef servers.

Opscode indicates that these features lay the foundations for the default activation of the SSL verification, planned for a future release, which will optimise the security of Chef's client / server communication.


comments powered by Disqus