This page describes new features, enhancements, and deprecations in this Puppet Enterprise (PE) release.
For more information about this release, see:
Tip: This PE release contains several components that have additional release notes. Refer to Related release notes for more information.
High availability for Puppet Enterprise ensures that your system remains operational even if certain infrastructure components become unreachable. With high availability enabled, Puppet runs fail over to a replica if your master or master of masters is unreachable. If your master is permanently disabled, you can promote the replica to serve as the new master.
Note: In this release, we don’t support high availability for split installations – where the master, console, and PuppetDB components are installed on separate machines. Only monolithic installations - with or without compile masters and a master of masters - is supported.
For more information about high availability, see:
--no-enforce-environment, ensures the orchestrator will ignore the environment set by the
--environmentflag for agent runs. When you use this flag with the
puppet job runcommand, agents run in the environment specified by the PE Node Manager or their
The Run Puppet on agent nodes permission now includes the ability to trigger a Puppet run from the PE console or orchestrator. See RBAC available permissions.
The activity service event reporting now includes agent runs that are part of orchestration jobs.
status action in the
puppet code command verifies from the command line that Code Manager and file sync are responding.
Code Manager now provides environment isolation for your resource types. Generated metadata files ensure that each environment uses the correct version of the resource type. For more information, see Code Manager documentation.
Corrective change reporting has been added to the node graph and the Events page in the PE console. PE differentiates between changes driven by updates to Puppet code (“intentional changes”) and changes made by Puppet to return a system to the desired state as defined by Puppet code (“corrective changes”). Corrective change reporting is available only for Puppet agents running PE 2016.4 or later.
The node graph and Events page now provide information regarding whether a Puppet run was completed in enforcement or no-op mode, and whether changes were enforced or simulated. No-op mode reporting is available only for Puppet agents running PE 2016.4 or later.
Most of PE’s services (including pe-puppetserver, pe-puppetdb, pe-console-services, and pe-orchestration-services) now have a
reload action, which acts like a restart but is significantly faster. If you need to refresh a service after changing its configuration, you can almost always reload it instead of restarting.
To reload a service, run
service <NAME> reload instead of
service <NAME> restart.
reload action restarts a service without restarting its underlying Java Virtual Machine (JVM) process. Since starting the JVM is the most time-consuming part of a restart, the speed improvement is very noticeable.
However, some configuration changes require a full restart. These are:
ca.cfgfile, or anything else in a
All other config changes are reload-safe.
certregenmodule, available on the Puppet Forge, to regenerate and redistribute Puppet CA certificates that are expiring soon, as the Puppet CA cert expires after five years. Refer to the module’s README for full instructions.
puppet infrastructure statuscommand displays errors and alerts from PE services, including the activity, classifier, and RBAC services, Puppet Server, and PuppetDB.
node_metadataattribute to specify a locale.
noopbroker, or switch to the
puppet-pebroker when you upgrade to Puppet Enterprise.
create-brokercommand, a new
ntpdate_serverproperty in the
configurationattribute lets you specify an NTP server. The server is used to synchronize the date and time before installing the agent, which prevents certificate errors.
modify-node-metadatacommand, a new
forceattribute lets you bypass errors in a batch operation with
no_replace. Existing keys aren’t modified.
Puppet is ending support for the following Puppet Enterprise versions on 31 December 2016:
Puppet Enterprise 2016.2 will no longer be supported after 30 April 2017.
If you’re still using one of these versions, you must move to a supported version, preferably the most recent release.
Support soon ends for some platforms, as described in the system requirements.
This version of PE includes Puppet version 4.8.1. Refer to the Puppet release notes for more information.
This version of PE includes Puppet agent version 1.8.2. Refer to the Puppet agent release notes for more information.
This version of PE includes PuppetDB version 4.2.5. Refer to the PuppetDB release notes for more information.
This version of PE includes Puppet Server version 2.7.2. Refer to the Puppet Server release notes for more information.