Upgrade Chef Compliance¶
Warning
The standalone Chef Compliance server is deprecated. The standalone Chef Compliance server’s end-of-life date is December 31, 2018. Chef Automate 2 has all of the functionality of Chef Compliance Server and also includes newer out-of-the-box compliance profiles, an improved compliance scanner with total cloud scanning functionality, better visualizations, role-based access control and many other features not found in Chef Compliance Server.
The following sections describe the upgrade process for Chef Compliance.
Prerequisites¶
This section describes the prereqs for the upgrade
- Previously installed Chef Compliance software.
sudo
orroot
access to the machine.
Upgrade¶
To upgrade to the latest version of Chef Compliance, do the following:
Stop the services:
chef-compliance-ctl stop
Run dpkg or RPM Package Manager. For dpkg:
dpkg -i /path/to/chef-compliance-<version>.deb
For RPM Package Manager:
rpm -Uvh /path/to/chef-compliance-<version>.rpm
Start the database to allow connections during the
reconfigure
step:chef-compliance-ctl start postgresql
Reconfigure the services:
chef-compliance-ctl reconfigure
Note
Starting with Chef Compliance 1.1.9, the Chef MLSA must be accepted when reconfiguring the product. If the Chef MLSA has not already been accepted, the reconfigure process will prompt for a
yes
to accept it. Or runchef-compliance-ctl reconfigure --accept-license
to automatically accept the license.Start the services:
chef-compliance-ctl start
Check the status of the services:
chef-compliance-ctl status
Logging¶
The default directory where Chef Compliance is saving logs is: /var/log/chef-compliance/
. It contains a directory for each service, but you can follow all the logs with this command:
sudo chef-compliance-ctl tail
This command can also be run for an individual service by specifying the name of the service in the command. For example:
sudo chef-compliance-ctl tail core