Upgrade cautions
These are the major changes to PE since the previous long-term support release, 2019.8. Review these recommendations and plan accordingly before upgrading to this version.
FIPS-enabled PE 2021.7 and later can't use the default system cert store
PE 2021.7 and later FIPS builds can't use the default
system cert store, which is used automatically with some reporting services. This
setting is configured by the report_include_system_store
Puppet parameter that ships with PE.
Removing the puppet-cacerts file (located at /opt/puppetlabs/puppet/ssl/puppet-cacerts) can allow a
report processor that eagerly loads the system store to continue with a warning that
the file is missing.
If HTTP clients require external certs, we recommend using a custom cert store
containing only the necessary certs. You can create this cert store by concatenating
existing pem files and configuring the ssl_trust_store
Puppet parameter to point to the new cert
store.
Update puppet_agent module to support AIX
If you use the puppet_agent module and have the agent
installed on any AIX nodes, then before you
upgrade to PE 2021.7.z, you must ensure
that you are using puppet_agent module version
4.18.0 or later. This ensures that the puppet_agent
module identifies the correct directory for AIX resources and your AIX agents
function as expected.
Logback upgrade in PE 2021.7.7 and later
In PE 2021.7.7, logback is upgraded to version 1.3.14.
Using a Java argument, the logappender variable is
now set by default to F1 for all projects. If you
customize this setting, to avoid disruptions in logging, ensure that all logappender variable references are correctly defined.
Using invalid appender references or omitting to use a reference will cause logback
version 1.3.14 to stop logging.
PostgreSQL 14 upgrade in PE 2021.6
PE 2021.6.0 upgrades pe-postgresql
from version 11 to version 14. This upgrade involves a datastore migration that requires
extra disk space (110% of the current PostgreSQL 11
datastore) and extra time to upgrade (roughly two to four minutes of additional time per
10GB of datastore size). The installer issues a warning and cancels the upgrade if there is
insufficient space.
To check your PostgreSQL installation size and the size
and number of bytes available for the partition, run facter -p
pe_postgresql_info on the node that runs the pe-postgresql
service (this is either your primary server or a separate node that manages your PostgreSQL database).
To speed the migration and optimize queries, clean up the PE-PostgreSQL database prior to upgrading by applying
the pe_databases module to nodes running the
pe-postgresql service. This module is installed with PE versions 2021.3 and later, but you must enable it by
setting the puppet_enterprise::enable_database_maintenance parameter to true. For best results, apply the module at least one week
prior to upgrade to allow the module's maintenance schedule enough time to clean all
databases.
Optionally, after upgrading, you can remove packages and directories from older PostgreSQL versions by running puppet
infrastructure run remove_old_postgresql_versions. If applicable, the
installer prompts you to complete the cleanup.
CONCURRENTLY with PostgreSQL 14.0 through 14.3. If you do, make sure to
REINDEX without using CONCURRENTLY.Platforms removed in 2021.0 and later
Several agent platforms that were previously deprecated have been removed in PE 2021.0 and later.
pe_repo::platform class for these operating systems from the
PE Master node group in the console, and from your code and
Hiera. - Platforms removed in 2021.0
- Removed agent platforms
- AIX 6.1
- Platforms removed in 2021.7.5
- Removed agent platforms
- CentOS 7 aarch64
Puppet upgrade in 2021.0
PE 2021.0 includes a new major version of Puppet, with several changes that might impact your upgrade. For details, see Upgrading from Puppet 6 to Puppet 7.