Chef Server 12.3.0 Release Announcement [feedly]

Chef Server 12.3.0 Release Announcement
https://www.chef.io/blog/2015/11/12/chef-server-12-3-0-release-announcement/

-- via my feedly.com reader

Ohai Chefs! 

I'm happy to announce that Chef Server 12.3.0 is now available for download on the Chef Server Downloads Page and via our Apt/RPM repositories. Here are some highlights from this release:

• Node API change to include Policy support. 
• ElasticSearch and external Solr support.
• Object updates can now be posted directly to the search index. 
• Analytics queue monitoring. 
• Security updates to solr4 oc-id, and postgresql.
• Many closed issues. 

Nodes API Change (Policy)

The policy_name and policy_group fields have been added as top-level node attributes. This means: 

• These fields are now returned in node objects retrieved via GET /nodes/$name.
• They are searchable via the node index.
• They are now accepted as optional fields in requests to POST /nodes and PUT /nodes/$name. 

Search Improvements

• It is now possible for Chef Server to post updates directly to the
  search provider for search index updates, bypassing rabbitmq and expander. 
• Elasticsearch is now supported as a search provider. 
• You can now use your own Solr instance instead of using the one bundled with chef-server.

Queue Monitoring

The Analytics queue is now monitored within Chef Server, and the server will stop sending messages to it when it's full. It will also report queue usage details via the Chef Server /_status endpoint. 

Important Note: This changed enables the management interface of RabbitMQ. A new secure password is generated for this interface. This makes it important important to follow the usual upgrade steps to completion in order to ensure that the new credentials are available on all nodes. 

Other Fixes and Updates

Below are some of the other issues addressed in this release. For a complete list, see the Release Notes and Change Log links below. 

• Fixed: Analytics queue monitoring allows Chef Server to stop sending message when the queue is full.
  This resolves issues where a full queue (due to Analytics being offline or uninstalled) would result in failed API calls into Chef Server. 
• Changed: LDAP login is now case-insensitive by default. 
• Fixed: Under sudden and intense load, Chef Server could sometimes leak connections until it eventually refused most connections. 
• Fixed: Under heavy load, clients could receive 500 errors due to connection leaks to bifrost. 

Security Updates

The following security issues are addressed through updates to third party components in Chef Server 12.3.0: 

• CVE-2014-3628
• CVE-2015-1840
• CVE-2015-3165
• CVE-2015-3167
• CVE-2015-5288

Contributors:

Special thanks to the following people for taking some of their own time to help improve the Chef Server project: 

• Joe DeVivo
• Shruthi Venkateswaran
• Phil Oliva
• Ryan Hass

Resources:

• The complete Release Notes and Change Log for Chef Server 12.3.0 
• Download Chef Server 12.3.0
• Chef Server Upgrade Instructions
• Configuration options introduced with 12.3.0