From c5e6654c0b797efb9d3c630bbfdf9b15896e66b7 Mon Sep 17 00:00:00 2001 From: Chef Expeditor Date: Thu, 9 Jan 2025 15:34:16 +0000 Subject: [PATCH] Bump Hugo module automate to latest current release (0c4aab636f6587711356f9db8bb9047fb6860b54). This pull request was triggered automatically via Expeditor. This change falls under the obvious fix policy so no Developer Certificate of Origin (DCO) sign-off is required. --- .../automate/chef_infra_in_chef_automate.md | 1 + .../content/automate/create_amazon_rds.md | 2 +- .../ha_aws_deployment_prerequisites.md | 2 +- .../content/automate/ha_cert_rotation.md | 1 + .../content/automate/ha_cert_selfsign.md | 3 +- ...ha_on_premises_deployment_prerequisites.md | 2 +- .../automate/invalid_login_attempts.md | 4 +- .../docs-chef-io/content/automate/restore.md | 10 +++-- .../content/automate/troubleshooting.md | 43 +++++++++++++++++++ _vendor/modules.txt | 2 +- go.mod | 2 +- go.sum | 4 +- 12 files changed, 62 insertions(+), 14 deletions(-) diff --git a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/chef_infra_in_chef_automate.md b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/chef_infra_in_chef_automate.md index 65ada718a1..b5ea4489be 100644 --- a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/chef_infra_in_chef_automate.md +++ b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/chef_infra_in_chef_automate.md @@ -52,6 +52,7 @@ The list of parameters are as follows: | opscode_erchef['reindex_sleep_min_ms'] | 500 | 500 | ```[erchef.v1.sys.index]```
```reindex_sleep_min_ms=500``` | | opscode_erchef['reindex_sleep_max_ms'] | 2000 | 2000 | ```[erchef.v1.sys.index]```
```reindex_sleep_max_ms=2000``` | | opscode_erchef['reindex_item_retries'] | 3 | 3 | ```[erchef.v1.sys.index]```
```reindex_item_retries=3``` | +| opscode_erchef['track_total_hits'] | FALSE | FALSE | ```[erchef.v1.sys.index]```
```track_total_hits=false``` | | opscode_erchef['cbv_cache_enabled'] | FALSE | FALSE | ```[erchef.v1.sys.api]```
```cbv_cache_enabled=false``` | | opscode_erchef['search_queue_mode'] | batch | batch | ```[erchef.v1.sys.index]```
```search_queue_mode="batch"``` | | opscode_erchef['s3_enabled'] | FALSE | FALSE | ```[erchef.v1.sys.api]```
```s3_enabled="true"``` | diff --git a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/create_amazon_rds.md b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/create_amazon_rds.md index 0947de179b..4e63baf037 100644 --- a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/create_amazon_rds.md +++ b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/create_amazon_rds.md @@ -42,7 +42,7 @@ Before proceeding, make sure you have the following prerequisites in place: 1. Click on **Create database** button in the Amazon RDS dashboard. 1. On the **Choose a database creation method** page, select the **Standard Create** option. 1. Under the **Engine options** section, select **PostgreSQL** as the database engine. -1. Choose **PostgreSQL 13.5-R1**. +1. Choose **PostgreSQL 13.18-R1**. 1. Under the **Templates** section, select the template that suits your needs or choose the default template. 1. In the **Settings** section, provide the following information: - **DB instance identifier**: Enter a unique identifier for your RDS instance. diff --git a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_aws_deployment_prerequisites.md b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_aws_deployment_prerequisites.md index 58474b3c17..8178b64ce2 100644 --- a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_aws_deployment_prerequisites.md +++ b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_aws_deployment_prerequisites.md @@ -78,7 +78,7 @@ Current Automate HA integrates with the following non-Chef tools: **In AWS Managed Services** -- **SQL Database:** AWS RDS PostgreSQL: 13.14 +- **SQL Database:** AWS RDS PostgreSQL: 13.18 - **NoSQL Database:** AWS OpenSearch: 1.3 - **Load Balancer:** External not supported diff --git a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_cert_rotation.md b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_cert_rotation.md index e20a656992..241017de69 100644 --- a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_cert_rotation.md +++ b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_cert_rotation.md @@ -41,6 +41,7 @@ To understand how to generate certificates, refer to the [Certificate Generation - If you want to use certificates stored in another node of the HA cluster, you can provide the remote path to the certificates using the `:` format instead of the local path. - `--wait-timeout` This flag sets the operation timeout duration (in seconds) for each individual node during the certificate rotation process. - Certificate rotation should be done in down-time window as service will restart. +- CN (Common Name) should be the same for all certificates in Opensearch nodes. {{< /note >}} ### Rotate Cluster Certificates diff --git a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_cert_selfsign.md b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_cert_selfsign.md index 8ac155e664..73f009c190 100644 --- a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_cert_selfsign.md +++ b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_cert_selfsign.md @@ -82,7 +82,8 @@ You can create a self-signed key and certificate pair with the **OpenSSL** utili {{< note >}} -To create self-signed certificate for FQDN make sure to provide proper DNS and CN value. The DNS in Subject Alternative Name should match with the CN (Comman Name) +- To create self-signed certificate for FQDN make sure to provide proper DNS and CN value. The DNS in Subject Alternative Name should match with the CN (Common Name). +- CN (Common Name) should be the same for all certificates in Opensearch nodes. {{< /note >}} diff --git a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_on_premises_deployment_prerequisites.md b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_on_premises_deployment_prerequisites.md index 401294facd..23a177d036 100644 --- a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_on_premises_deployment_prerequisites.md +++ b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_on_premises_deployment_prerequisites.md @@ -76,7 +76,7 @@ We do not support **Chef Manage** integration in the ongoing Automate version. Current Automate HA integrates with the following non-Chef tools: -- **SQL Database:** PostgreSQL: 13.14 +- **SQL Database:** PostgreSQL: 13.18 - **NoSQL Database:** OpenSearch: 1.3.7 - **Load Balancer:** NGINX: 1.21.3 or HA Proxy: 2.2.18 or AWS Application Load Balancer diff --git a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/invalid_login_attempts.md b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/invalid_login_attempts.md index 13349b7d86..52eb92beb3 100644 --- a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/invalid_login_attempts.md +++ b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/invalid_login_attempts.md @@ -16,11 +16,11 @@ Invalid Login Attempts is available only in case of local or LDAP users. Chef Automate shows error message for invalid login attempts for local or LDAP user as shown below. -![Chef Automate Invalid Login Attempts](/images/automate/invalid_login_attempts_error_msg.png) +{{< figure src="/images/automate/invalid_login_attempts_error_msg.png" width="500" alt="Chef Automate Invalid Login Attempts">}} Chef Automate shows error message for blocked local or LDAP user as shown below. -![Chef Automate Blocked User](/images/automate/blockd_user_login_error_msg.png) +{{< figure src="/images/automate/blockd_user_login_error_msg.png" width="500" alt="Chef Automate Blocked User">}} Chef Automate lets you configure **Invalid Login Attempts**, which is enabled (by default) to avoid multiple failed login attempts in a shorter time. Chef Automate also blocks the user for a specified duration (in minutes) once the maximum allowed number of invalid login attempts reached diff --git a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/restore.md b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/restore.md index d1ca6e2849..be7126bb51 100644 --- a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/restore.md +++ b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/restore.md @@ -207,11 +207,13 @@ Success: Restored backup 20180517223558 ## Troubleshooting -Set the log level to `debug` before re-running a failed restore to output debug info to the Chef Automate log: +1. Set the log level to `debug` before re-running a failed restore to output debug info to the Chef Automate log: -```shell -chef-automate debug set-log-level deployment-service debug -``` + ```shell + chef-automate debug set-log-level deployment-service debug + ``` + +1. If you have already deployed Chef Automate and are getting this error in the logs while restoring: `The Access Key ID you provided does not exist in our records`. Before proceeding, delete the `.tmp` folder in the configured backup directory (the default directory is `/var/opt/chef-automate/backups`). ## References diff --git a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/troubleshooting.md b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/troubleshooting.md index c2a557520d..8d8b70797e 100644 --- a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/troubleshooting.md +++ b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/troubleshooting.md @@ -180,3 +180,46 @@ max_shards_per_node = 1000 ``` Once done, run the chef-automate config patch `` to deploy your change. + +## Issue: Knife search limits at 10000 records + +### Details + +The knife node list and knife node search commands are inconsistent in the number of records they return. By default, knife search returns a maximum of 10,000 records. + +### Fixes + +This issue occurs because OpenSearch, by default, limits the maximum number of records (or documents) returned in a single query to 10,000. This safeguard prevents large queries from overloading the system. This approach will do that if you try to retrieve more than 10,000 records. + +#### Step 1: Increase the max_result_window to retrieve more than **10000** records. + +In the case of embedded opensearch: + +```bash +curl -XPUT "http://127.0.0.1:10144/chef/_settings" \ + -d '{ + "index": { + "max_result_window": 50000 + } + }' \ + -H "Content-Type: application/json" +``` + +Changes can be verified by doing the following: + +```bash +curl http://127.0.0.1:10144/_settings?pretty +``` + +For external OpenSearch, ensure the `max_result_window` is also increased accordingly. + +#### Step 2: Patch the config in Automate + +To set the value of tracking total hits in OpenSearch, patch the following configuration in the `.toml` file. + +```bash +[erchef.v1.sys.index] + track_total_hits = true +``` + +Once done, run the chef-automate config patch `` to deploy your change. diff --git a/_vendor/modules.txt b/_vendor/modules.txt index 305eabdc12..90ee7f1b55 100644 --- a/_vendor/modules.txt +++ b/_vendor/modules.txt @@ -1,4 +1,4 @@ -# github.com/chef/automate/components/docs-chef-io v0.0.0-20241202053455-d6fa3db8941a +# github.com/chef/automate/components/docs-chef-io v0.0.0-20250109084654-0c4aab636f65 # github.com/chef/desktop-config/docs-chef-io v0.0.0-20240814044820-5af667d41a43 # github.com/habitat-sh/habitat/components/docs-chef-io v0.0.0-20241227173243-de19b906a228 # github.com/chef/chef-server/docs-chef-io v0.0.0-20250102024827-cf7f6c08943f diff --git a/go.mod b/go.mod index ceae4915c6..544bde8d83 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/chef/chef-web-docs go 1.22 require ( - github.com/chef/automate/components/docs-chef-io v0.0.0-20241202053455-d6fa3db8941a // indirect + github.com/chef/automate/components/docs-chef-io v0.0.0-20250109084654-0c4aab636f65 // indirect github.com/chef/chef-docs-theme v0.0.0-20241206202643-d5ef90c514a1 // indirect github.com/chef/chef-server/docs-chef-io v0.0.0-20250102024827-cf7f6c08943f // indirect github.com/chef/chef-workstation/docs-chef-io v0.0.0-20241218133915-0bcc26e757cc // indirect diff --git a/go.sum b/go.sum index c1c743c4c8..7e532bea75 100644 --- a/go.sum +++ b/go.sum @@ -1,5 +1,5 @@ -github.com/chef/automate/components/docs-chef-io v0.0.0-20241202053455-d6fa3db8941a h1:EzM6PeCHWg2y1XcXr4axYo/tXmfaYHWjTBX6cAiCaJI= -github.com/chef/automate/components/docs-chef-io v0.0.0-20241202053455-d6fa3db8941a/go.mod h1:juvLC7Rt33YOCgJ5nnfl4rWZRAbSwqjTbWmcAoA0LtU= +github.com/chef/automate/components/docs-chef-io v0.0.0-20250109084654-0c4aab636f65 h1:9B9FOW9UjPo2jG0KkqWzzW9fDv0fVMJ/mTdiHuUfGEA= +github.com/chef/automate/components/docs-chef-io v0.0.0-20250109084654-0c4aab636f65/go.mod h1:juvLC7Rt33YOCgJ5nnfl4rWZRAbSwqjTbWmcAoA0LtU= github.com/chef/chef-docs-theme v0.0.0-20241206202643-d5ef90c514a1 h1:1ASUjeDFUBsmMX6mMlqxYN4mGtsS4lJ7AkyYiw3FOd4= github.com/chef/chef-docs-theme v0.0.0-20241206202643-d5ef90c514a1/go.mod h1:+Jpnv+LXE6dXu2xDcMzMc0RxRGuCPAoFxq5tJ/X6QpQ= github.com/chef/chef-server/docs-chef-io v0.0.0-20250102024827-cf7f6c08943f h1:LjlFqIxJ0XgVlL91LvEjLwY2NHqsYK0vAlIOqd9HWzA=