Chef Ideas

Currently, to use Event Stream functionality with Habitat to feed data to the Applications tab of Chef Automate communications from clients are sent to target port 4222 on the Chef Automate server.

All other communications from clients to Chef Automate leverage connectivity over the default port of 443 (or the port where automate-load-balancer is bound) except for client communications from the Habitat Supervisor to Automate for Event Stream. This presents complications in environments where non-standard ports are restricted heavily by network security teams or where Chef Automate instances are located behind an application load balancer, requiring additional load balancer configurations to be deployed or enabled to allow client connectivity.

In an ideal scenario, the Event Stream capabilities from the Habitat Supervisor would communicate with the standard published external bindings for Chef Automate as other services do rather than requiring additional configurations to expose and enable secure communications to port 4222 .

Connections to port 4222 also communicate directly with the event-gateway service, bypassing the automate-load-balancer service. This could potentially lead to scaling issues or accidental breakage to the event-gateway communication data since it is connecting over a unique entry point.