Currently known issues for Chef Client 12 & AIX.

aix-chef-client-known-issues.md

Known Issues in Chef Client 12.0 & AIX

• Our standard bootstrap procedure doesn't work (not that I think many folks on AIX will use it). A couple problems:
  • Omnitruck doesn't understand BFFs and has invalid syntax for uname: chef/omnitruck#72
  • Bootstrap SSH fails with SSH debug returns "cipher_init: EVP_CipherInit: set key failed for aes128-cbc (when running in -VV) -- it will also fail to negotiate other cipher suites like 3des-cbc
    • Only fix I've found so far is to installp -u security.pkcs11. The one suggested by IBM does not work: http://www-01.ibm.com/support/docview.wss?uid=isg3T1019142
    • Maybe there's a patch for this. My LPAR is 7100-02-04-1341 which isn't the latest SP.
    • security.pkcs11 is safe to remove as it has to do with hardware encryption devices (a rare use case). Customers can contact IBM if they have a hardware crypto device and need this package
  • Bootstrap assumes bash is available on the system so you get something like ksh: bash: not found.. This also impacts FreeBSD and Solaris: chef/chef#2037
  • AIX has no sudo built-in, and bootstrap doesn't support su -c
• Chef Solo on AIX won't work on compressed tarballs, because the tar syntax used by Solo assumes GNU tar (with gzip decoding support, which BSD tar won't have). We're not quite sure we'll fix this; tell users to switch to Chef Client Local Mode (most desirable) or install GNU tar and symlink it to tar in a PATH location that precedes BSD tar.
• Doc bug: Users need to increase system limits before running Chef and reboot the LPAR or you'll see errors about Chef not being able to create Threads. See chef-boneyard/chef-web-docs-2016#420
• IPv6 networks with /0 as subnet aren't correctly detected by Ohai due to a known issue with the ipaddress gem that hasn't been released yet. ipaddress-gem/ipaddress#48