Puppet Server release notes

Released July 2024 and shipped with Puppet 8.8.1.

JRuby is updated to address minor security issues. The JRuby implementation is updated from 9.4.7.0 to 9.4.8.0. With this update, Puppet Server is shipped with Bouncy Castle 1.78.1, which addresses minor security issues.

Issues resolved to improve performance during JRuby initialization. When a JRuby instance is initialized, Puppet compiles and applies a catalog containing resources for the configured directories. When several JRuby instances are initialized in parallel, the catalog processes can impair performance and cause race conditions. This release resolves issues to ensure that you can specify settings_catalog=false to successfully prevent the settings catalog from being applied during initialization.

Released June 2024 and shipped with Puppet 8.7.0.

In this release, Puppet Server supports machines with more than 2 TB of RAM. Additional updates were introduced to reduce Puppet Server startup times. JRuby was upgraded to 9.4.7.0 to improve core functionality.

Puppet Server now supports machines with more than 2 TB of random-access memory (RAM). This update was requested by Puppet Community member level-a.

Puppet Server creates JRuby instances concurrently to reduce startup times. You can specify a concurrency level by setting a value for the jruby-puppet.instance-creation-concurrency option in the puppetserver.conf file. The default value is 3. Puppet Server still creates one instance before other instances, and then creates the other instances concurrently. The concurrency update is designed to reduce the time required for starting Puppet Server and flushing JRuby instances. For more information, see puppetserver.conf.

JRuby is updated to improve core functionality. The JRuby implementation is updated from 9.4.3.0 to 9.4.7.0. The update introduces many minor improvements in JRuby core functionality and provides additional support for Matz’s Ruby Interpreter (Ruby MRI) 3.1.

An update is implemented to help prevent stack overflows. In previous releases, stack overflows could be observed when too many events occurred in the certificate authority directory (cadir). In this release, a defect related to the file-system watcher is resolved to help prevent stack overflows.

An update is implemented to prevent false warnings caused by variable shadowing. In previous releases, after starting Puppet Server, shadowing warnings were sometimes issued. To resolve the issue, the relevant dependencies were updated.

An update is implemented to help ensure that the Puppet::Util::Execution.execute method works as designed. When running in Puppet Server, the method now passes the current working directory as the cwd option.

As an experimental feature to further reduce startup times, Puppet Server can now be started without applying a settings catalog. To test this feature, create all configured paths before starting Puppet Server. Then, disable the settings catalog by specifying settings_catalog=false in the server section of the puppet.conf file. This experimental feature is designed to accelerate creation of JRuby instances and thus shorten Puppet Server startup times.

Released April 2024 and shipped with Puppet 8.6.0.

Include action collection functionality. Added action collection. This feature is only used in Puppet Enterprise.

Released February 2024 and shipped with Puppet 8.5.0.

Bulk signing logging. Adjusted logging for the bulk signing endpoint.

Improved schema validation logging.

Missing gems in JRuby 9.4. Re-bundled the following gems:

• matrix (0.4.2)

• minitest (5.15.0)

• net-ftp (0.1.3)

• net-imap (0.2.3)

• net-pop (0.1.1)

• net-smtp (0.3.1)

• power_assert (2.0.1)

• prime (0.1.2)

• rake (13.0.6)

• rexml (3.2.5)

• rss (0.2.9)

• test-unit (3.5.3)

SERVER-3264

Released January 2024 and shipped with Puppet 8.4.0.

Added bulk signing endpoint.

Update CRL issuer. Updated the issuer for the generated CRL to ensure it has the same value as the original CRL.**

Regenerate CRLs. Ensured CRLs are regenerated when nearing expiration.

Analytics service. Adjusted analytics service to explicitly stop the jobs it is running when shutting down.

Added certname as header for help debugging. PUP-11973

Rubygems. Updated rubygems shipped with puppetserver (concurrent-ruby) to fix memory leak.

Fixed dropsonde configuration option CONFDIR env variable. (SERVER-3263)

Released November 2023 and shipped with Puppet 8.3.1.

Update puppet-infra serial in CA. Ensured infra-serial is up to date. PE-36952

Released August 2023 and shipped independently.

ca's reverse proxy service fails to proxy new renewal endpoints. Puppet Server now supports the use of x-client-cert headers when the requesting server is also in the infrastructure inventory list. This allows agent requests to be proxied through the Puppet Enterprise CA. PE-36761

Released August 2023 and shipped with Puppet 8.2.0.

Operating Systems support. Added support for RHEL 9 and Ubuntu 22.04.

Default values for certificate renewal are changed. The default value of the auto-renewal-cert-ttl and default-auto-ttl-renewal parameters was changed from 60 to 90 days.

Released June 2023 and shipped with Puppet 8.1.0.

No release notes.

Released April 2023 and shipped with Puppet 8.0.0.