As of April 15, 2015, Open Source Puppet 4.0 is now generally available! Learn more.
It's been a long time coming and we're very excited to announce the availability of Puppet 4. Starting today, we'll be pushing nightly release candidate builds for Red Hat Enterprise Linux 7. Over the next several weeks, we'll fix bugs and expand the OS packaging until there's enough coverage to call 4.0 done and release a production-ready build.
We need your help to get there!
As you might expect from the first major-version-number release since 2012, there are a ton of exciting changes afoot, from performance improvements to new language features. Please read through the rest of this post carefully, give Puppet 4 a try, and send in feedback and bug reports.
What's in this release?
The first thing you'll notice is that the packaging has changed pretty dramatically. Puppet is complex, and the systems it runs on are so diverse that it is difficult to provide the proverbial one-click install through out our Linux-distribution style packaging. For Puppet 4, we've gone to an all-in-one package (which we refer to as "AIO," like a bad hand in Words With Friends), which includes:
- Puppet 4
- Facter 2.4
- CFacter 0.4
- The latest Hiera
- Ruby 2.1.5
- OpenSSL 1.0.0q
- gem dependencies
The package installs into its own area in
/opt/puppetlabs, and because it is named
puppet-agent, it will not auto-upgrade systems that have the
puppet package installed on them. If you choose to upgrade, however, then systems with the
puppet package will be replaced with the new package.
The goal is to provide a great installation experience regardless of which Linux or Unix variant you're running. Windows has already been running in this model for some time. We're starting with Enterprise Linux 7 today, and plan to roll out Windows, EL6, Ubuntu Trusty and Precise, EL5, Debian Wheezy, Fedora 20 and 21, Ubuntu Utopic, Debian Jessie and Squeeze and Mac OS X Mavericks and Yosemite (probably in that order) over the next few weeks. Puppet Enterprise will add agent support for:
- Solaris 10 and 11
- AIX 5, 6, and 7
- SLES 10, 11, 12
- EL 4
- Ubuntu 10.04
There are also new Puppet Server 2.0 RC packages available, which work in conjunction with the puppet-agent package to provide high-performance network communication and encapsulate the puppetmaster process inside a JVM, rather than using Apache or nginx and Passenger. Passenger packages compatible with All-in-One Puppet installations are coming too, but we strongly encourage taking the opportunity of a new major version to upgrade to Puppet Server.
One compatibility note: In the RC phase, Puppet 3 agents will not be able to communicate with Puppet 4 masters, and vice versa. We plan to add a compatibility layer in the coming weeks, but for now we recommend installing a new master and pointing Puppet 4 agents at it with the
By far the most significant user-facing change in Puppet 4 is the completely rewritten parser and evaluator, which take your modules and transform them into a catalog for each node that checks in. The Puppet Language has evolved over the last eight or so years since it stabilized around version 0.22, but the underlying technology has been the same RACC-based parser and lexer that Luke wrote way back then. In Puppet 3.4, we introduced the experimental future parser which uses a cross-platform, model based technology called RGen. Over the last year, community feedback, user research, and engineering time have honed the future parser to the point where it's no longer in the realm of the future — it's here.
There's extensive documentation on the changes in the future parser, both new capabilities like iteration and type-checking for variables, plus deprecations and changed behavior. Most notably, the stricter, more predictable parsing of numbers, empty strings, and "undef"/"nil" comparisons may cause changes to a node's catalog without necessarily producing an error.
Read the release notes to understand the full impact, and use the puppet-lint plugins described in Camptocamp's excellent blog post about Puppet 4 readiness to test your code. Most people we surveyed found the migration pretty painless, but it should go without saying that you'll want to test your own codebase pretty thoroughly before throwing the switch in production.
Of course there are more changes under the hood; 325 of them, according to JIRA. We deleted nearly 60,000 lines of code (and the associated tests), most of which was deprecated or "dead" long before the latest Puppet 3.7 release shipped. One of the drawbacks to having a couple of years between major releases is that small but technically semver-incompatible changes in system behavior can't get out the door, and stack up into a big messy pile on the threshold of the new release. Again, the release notes and preview documentation are going to be your best friends, but there may be things that behave differently on your systems, and in unexpected ways. Check out the "How to provide feedback" section of this post to find the best way to get your environment up and running on Puppet 4.
Speaking of environments, one of the more notable changes that's not about the language or the packaging in Puppet 4 has to do with Puppet environments. Through the second half of the Puppet 3.x series, we've been iterating on a way to make Puppet environments first-class citizens in the Puppet ecosystem. These environments are the basis for many of the awesome continuous delivery infrastructure-as-code pipelines that are driving the cost of running IT infrastructure down by driving its velocity up. Directory environments codify the powerful patterns that deployment tools like r10k and Puppet librarian use, and they're the "one true way" to run environments in Puppet 4. They come with flexible configuration settings, like per-environment cache lifetimes, which are optional but do add some complexity if you choose to use them; read the Puppet environments guide carefully.
Installation and Usage
To get started with the RC, you'll need to add our nightly repositories to your machine's yum configuration. (Remember, this supports 64-bit EL7 variants only for now.) These repositories will automatically get the latest release candidate build that passed all the way through our Jenkins continuous integration testing pipeline, so "nightly" is a slight misnomer. But if you're tracking a bug, once you see that a fix has been merged, it'll show up in a package for validation pretty quickly. Although there are repos for the last couple of weeks of builds on http://nightlies.puppetlabs.com/, using the ones with a
-latest suffix will. You can find the repo configuration at http://nightlies.puppetlabs.com/puppet-agent-latest/repo_configs/rpm/pl-puppet-agent-latest-el-7-x86_64.repo It looks like this:
[pl-puppet-agent-latest] name=PL Repo for puppet-agent at commit latest baseurl=http://nightlies.puppetlabs.com/puppet-agent-latest/repos/el/7/products/x86_64/ enabled=1 gpgcheck=1 gpgkey=http://nightlies.puppetlabs.com/07BB6C57
Put this in
/etc/yum.repos.d/pl-puppet-agent-latest.repo. You should then be able to simply run
sudo yum install puppet-agent and start hacking. For a fully operational Puppet 4 agent/server/PuppetDB setup, also grab the config for
sudo yum install puppetserver. To connect a Puppet 4 server to PuppetDB, just use the newly-released PuppetDB 2.3.0, which is compatible with both Puppet 3 and Puppet 4.
In order to help everyone get the most out of Puppet 4, we need feedback about what's working and what's broken. There are a variety of ways to provide feedback; which one you should use depends on how quickly you need a response.
Ultimately, the Puppet Labs JIRA ticket tracker at https://tickets.puppetlabs.com/ is the source of truth for what's happening in Puppet 4. You'll need to create a free account there if you haven't used JIRA before. Use this saved filter to find issues that have already been filed. If you want to open a new issue, file it in the "PUP" (Puppet) project and make sure to add the component "AIO" to indicate it's an All-in-One-related issue.
For quick, real-time help, or to interact with other people trying out AIO, join #puppet on Freenode IRC. Instructions for first-timers are on our community docs site). If you want to reach a wider audience or need to provide a longer explanation of your issue, use the puppet-users mailing list/google group.
We're really excited to get this goodness out to you, and are looking forward to your feedback. So please go try out the release candidate and let us know what you think!