- Our standard bootstrap procedure doesn't work (not that I think many folks on AIX will use it). A couple problems:
- Omnitruck doesn't understand BFFs and has invalid syntax for uname: chef/omnitruck#72
- Bootstrap SSH fails with
SSH debug returns "cipher_init: EVP_CipherInit: set key failed for aes128-cbc
(when running in -VV) -- it will also fail to negotiate other cipher suites like 3des-cbc- Only fix I've found so far is to
installp -u security.pkcs11
. The one suggested by IBM does not work: http://www-01.ibm.com/support/docview.wss?uid=isg3T1019142 - Maybe there's a patch for this. My LPAR is 7100-02-04-1341 which isn't the latest SP.
security.pkcs11
is safe to remove as it has to do with hardware encryption devices (a rare use case). Customers can contact IBM if they have a hardware crypto device and need this package
- Only fix I've found so far is to
- Bootstrap assumes bash is available on the system so you get something like
ksh: bash: not found.
. This also impacts FreeBSD and Solaris: chef/chef#2037 - AIX has no
sudo
built-in, and bootstrap doesn't supportsu -c
- Chef Solo on AIX won't work on compressed tarballs, because the
tar
syntax used by Solo assumes GNU tar (with gzip decoding support, which BSD tar won't have). We're not quite sure we'll fix this; tell users to switch to Chef Client Local Mode (most desirable) or install GNU tar and symlink it totar
in aPATH
location that precedes BSD tar. - Doc bug: Users need to increase system limits before running Chef and reboot the LPAR or you'll see errors about Chef not being able to create Threads. See chef-boneyard/chef-web-docs-2016#420
- IPv6 networks with /0 as subnet aren't correctly detected by Ohai due to a known issue with the
ipaddress
gem that hasn't been released yet. ipaddress-gem/ipaddress#48
Last active
April 7, 2016 18:50
-
-
Save juliandunn/27a4d8874a3310260f10 to your computer and use it in GitHub Desktop.
Currently known issues for Chef Client 12 & AIX.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment