Puppet 3.6.0 发布,系统管理工具

来源: 投稿
作者: fei
2014-05-16 00:00:00

Puppet,是基于Ruby的一个工具,可以集中管理每一个重要方面,使用的是跨平台的规范语言,管理所有单独的元素,通常聚集在不同的文件,如用户, CRON作业,和主机一起的离散元素,如包装,服务和文件。


集中式系统管理工具Puppet发布3.6.0,新的产品系列。经过1个RC.向下完全兼容3其他版本。2014-05-15 上个版本是2013-04-16的3.5.1其他产品线3.4.3 3.2.4 3.1.1 3.0.2 2.7.25。


Puppet 3.6.0

Released May 15, 2014. (RC1: May 6.)

Puppet 3.6.0 兼容 Puppet 3,最大的改进内容包括:

  • Improvements to directory environments, and the deprecation of config file environments

  • Support for purging unmanagedssh_authorized_keyresources

  • Support for installing gems for a custom provider as part of a Puppet run

  • A configurable global logging level

  • A configurable hashing algorithm (for FIPS compliance and other purposes)

  • Improvements to the experimental future parser

Improvements for Directory Environments

Directory environments were introduced in Puppet 3.5 as a partially finished (but good enough for most people) feature. With Puppet 3.6, we consider them completed. We’re pretty sure they can now handle every use case for environments we’ve ever heard of.

The final piece is theenvironment.conffile. This optional file allows any environment to override themanifest,modulepath, andconfig_versionsettings, which is necessary for some people and wasn’t possible in Puppet 3.5. You can now exclude global module directories for some environments, or point all environments at a global main manifest file. For details, see the page on directory environments and the page on environment.conf.

It’s also now possible to tune the cache timeout for environments, to improve performance on your puppet master. See the note on timeout tuning in the directory environments page.

Deprecation: Config-File Environments and the Globalmanifest/modulepath/config_versionSettings

Now that directory environments are completed, config-file environments are deprecated. Defining environment blocks in puppet.conf will cause a deprecation warning, as will any use of themodulepath,manifest, andconfig_versionsettings in puppet.conf.

This also means that using no environments is deprecated. In a future version of Puppet (probably Puppet 4), directory environments will always be enabled, and the defaultproductionenvironment will take the place of the globalmanifest/modulepath/config_versionsettings.

Related issues:

Feature: Purging Unmanaged SSH Authorized Keys

Purging unmanaged ssh_authorized_key resources has been on the most-wanted features list for a very long time, and we haven’t been able to make theresourcesmeta-type accommodate it.

Fortunately, the user type accommodates it very nicely. You can now purge unmanaged SSH keys for a user by setting thepurge_ssh_keysattribute:

user { 'nick':
  ensure         => present,
  purge_ssh_keys => true,

This will purge any keys in~nick/.ssh/authorized_keysthat aren’t being managed as Puppet resources.

Related issues:

Feature: Installing Gems for a Custom Provider During Puppet Runs

Previously, custom providers that required one or more gems would fail if at least one gem was missing before the current puppet run, even if they had been installed by the time the provider was actually called. This release fixes the behavior so that custom providers can rely on gems installed during the same puppet run.

Related issue:

Feature: Globallog_levelSetting

You can now set the global log level using thelog_levelsetting in puppet.conf. It defaults tonotice, and can be set todebug,info,notice,warning,err,alert,emerg, orcrit.

Related issue:


You can now change the hashing algorithm that puppet uses for file digests tosha256using the new digest_algorithmsetting in puppet.conf. This is especially important for FIPS-compliant hosts, which would previously crash when puppet tried to use MD5 for hashing. Changing this setting won’t affect themd5orfqdn_randfunctions.

This setting must be set to the same value on all agents and all masters simultaneously; if they mismatch, you’ll run into two problems:

Related issue:

Improvements to the Future Parser

It’s still experimental, but the future parser has gotten a lot of attention in this release. For example, functions can now accept lambdas as arguments using the new Callable type. There are also a few changes laying the groundwork for the upcoming catalog builder.

OS Support Changes

This release improves compatibility with Solaris 10 and adds support for Ubuntu 14.04 (Trusty Tahr).

Support for Ubuntu 13.04 (Raring Ringtail) has been discontinued; it was EOL’d in January 2014.

Related issues:

Module Tool Changes

The puppet module tool has been updated to deprecate the Modulefile in favor of metadata.json. To help ease the transition, the module tool will automatically generate metadata.json based on a Modulefile if it finds one. If neither Modulefile nor metadata.json is available, it will kick off an interview and generate metadata.json based on your responses.

The new module template has also been updated to include a basic README and spec tests. For more information, see Publishing Modules on the Puppet Forge.

Related issues:

Issues fixed during RC:

Type and Provider Fixes


Several providers were updated to support theinstall_optionsattribute, and the yum provider now has special behavior to make--enablerepoand--disablerepowork well when you set them asinstall_options.




OpenBSD services can now be enabled and disabled, and we fixed some bugs on other platforms.


We fixed a regression from Puppet 3.0 that broke file resources whosesourceURL specified a server other than the default. (That is,puppet://myserver/modules/...instead ofpuppet:///modules/....)


We fixed a few lingering regressions from the big yumrepo cleanup of Puppet 3.5, and added support for theskip_if_unavailableparameter.


We added better control over the way Augeas resources display diffs, for better security and less noise.

General Bug Fixes

All Resolved Issues for 3.6.0

Our ticket tracker has the list of all issues resolved in Puppet 3.6.0.


11 收藏
0 评论
11 收藏