## Bug Fixes

- Resolved log rotation failures introduced in Chef Infra Server 14.10.

## Improvements

### chef-server-ctl MTLS Support

We improved the `chef-server-ctl` command to support communication with the underlying Chef Infra Server API when MTLS is enabled. 

### Limiting Maximum Requests to the opscode-authz Service

You can now limit the maximum number of requests per connection in the `opscode-authz` service with the new `chef-server.rb` attribute `oc_chef_authz['max_connection_request_limit']`. This value defaults to 100.

### ibrowse Logging in the opscode_erchef Service

You can now enable ibrowse logging in the `opscode_erchef` service with the with the new `chef-server.rb` attribute `opscode_erchef['enable_ibrowse_traces']`. This value defaults to false.

## Performance

### cookbook_versions API caching

You can now enable optional caching in the `cookbook_versions` API endpoint used during each non-Policyfile Chef Infra Client check-in to assemble the cookbooks to be run by the node. Enabling this new caching can greatly improve the performance of Chef Infra Servers with a large number of nodes performing frequent check-ins. In artificial benchmarking we have observed up to a 10x reduction in system load when enabling this caching. As always, we highly recommend Policyfiles for users running a large number of Chef Infra Client nodes on their server, as this entirely removes the need to depsolve on the Chef Infra Server.

To enable this new caching layer, set `opscode_erchef['cbv_cache_enabled'] = true` in your `chef-server.rb` config file and run `chef-server-ctl reconfigure`.

### chef-server-ctl reconfigure

We improved the `chef-server-ctl reconfigure` command to execute faster by skipping unnecessary upgrade steps.

## Security

### Ruby 2.7.5

Ruby has been updated from 2.7.4 to 2.7.5 to resolve the following CVEs:

- CVE-2021-41817
- CVE-2021-41816
- CVE-2021-41819