Recently with the CVE-2014-0160 (“Heartbleed”) vulnerability in certain versions of OpenSSL, I had to upgrade my Open Source Chef Server and Nodes. Below are some notes on how I went about the upgrade to the latest version.
*Obviously you should test this for yourself on non production if possible
To upgrade the Open Source Chef Server
*I found the appropriate version at http://www.getchef.com/chef/install/ for myself in this case 11.0.12 the latest
*The tar was just to backup the old chef files as a precaution
bash-$ wget https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-server-11.0.12-1.el6.x86_64.rpm bash-$ tar -czf ~/"chef-server-`date +%F`.backup.tar.gz" /etc/chef-server bash-$ yum remove chef-server bash-$ yum install chef-server-11.0.12-1.el6.x86_64.rpm bash-$ chef-server-ctl reconfigure bash-$ chef-server-ctl restart |
To upgrade the Chef Client on my Nodes
*This is to go to the latest in this case 11.12.2
bash-$ chef-client -version Chef: 11.8.0 bash-$ curl -L https://www.opscode.com/chef/install.sh | sudo bash bash-$ chef-client -version Chef: 11.12.2 |