Get Puppet Enterprise First 10 nodes are free!
Try it now
Request a demo
Automate IT and infrastructure, manage complex workflows, and mitigate risk at scale.
Try the full-featured Puppet Enterprise for free on 10 nodes.
Puppet Comply Find and prevent compliance failures
Compliance Enforcement Modules Remediate to stay in compliance
Continuous Delivery for Puppet Enterprise Build, test, and deploy infrastructure as code faster and easier
Content & Modules Pre-built scripts to automate common tasks
CentOS EOL Here’s how to secure your CentOS infrastructure – even after EOL.
Find thousands of component modules built by the community and guidance on using them in your own infrastructure.
Visit Puppet Forge >>
Open Source PuppetPerfect for individuals and small infrastructure
BoltAutomate tasks in orchestration workflows
See all open source projects >>
Contribute to open source projects >>
We’re pleased to introduce updates to Puppet Enterprise that give infrastructure operations teams the insights they need to manage and protect infrastructure and complex workflows in a simple yet powerful way. With Puppet Enterprise 2021.7, teams gain automatic access control and a host of system insights related to runs and events.
Security and stability are the two main aspects of Long-Term Support (LTS) releases. Puppet Enterprise 2021.7 has strengthened and automated the prevention of unauthorized system access within an organization, firstly through automatic synchronization of LDAP user details and group membership, and secondly through group membership requirements.
Prior to this release, user details and group membership for LDAP-based users only refreshed when users logged in. Now, LDAP group bindings, user names, and descriptions update automatically every 30 minutes (by default) for every LDAP user in the system. If a user is no longer present in LDAP or has no group bindings, all user-group associations are removed from the user and all of the user's known tokens are revoked.
This automatic refresh is adjustable via a new parameter and can still be disabled if required, but this low-effort, useful failsafe improves overall security when active. Learn more configuring RBAC and token-based authentication settings.
Similarly, users not assigned to any group can be blocked from logging in until their role has been defined and membership granted. This setting is off by default and will not prevent access upon upgrade, so to enable it or learn more, go to the Require LDAP group membership doc to log in. For additional role-based access control, RBAC endpoints have been added to the API and allow for fine-grained tuning of roles, groups, permissions and users.
Additional security updates are included in the upgrade to Postgres 14 in Puppet Enterprise LTS 2021.7.
Being able to ask for and receive system performance and functional data is the first step to understand change impact, opportunities for efficiency gains, and overall system health. To that end, Puppet Enterprise LTS 2021.7 now includes expanded metrics collection and capabilities that won’t impact performance. The metrics collector and database modules are now included in PE and enabled by default, along with thorough documentation for further Orchestrator data collection via the Metrics API v2.
For keeping your PE installation in an ideal state, the pe_status_check module has been bundled with PE. This powerful logging tool provides detailed system information upon request, including certificate validity and expiration status for all nodes. Read about the pe_status_check module to learn how the module works and how to get the module's reports.
At the jobs and plan level, events have been expanded to allow queries based on start and stop timestamps, while orchestrator agent and task event data now include additional information for start time, end time, duration, and status. In-progress tasks can now be easily stopped, providing additional options for system tuning and remediation.
This release includes a number of enhancements to make it easier for customers to onboard and use Puppet Enterprise. From performance improvements for increased scalability to planning upgrades more efficiently, this release continues to build on customer value by enabling teams with a more streamlined way to automate and manage their infrastructure. Key capabilities include:
In summary, Puppet Enterprise LTS 2021.7 brings access control and operational insights for better, easier system management, along with stability and performance improvements to help you deliver and scale your dev-ops environments.
TRY PUPPET FOR FREE
Manager of PE Product, Puppet by Perforce
David Piekny is Manager of PE Product.