Puppet Enterprise 2019.0

These are the enhancements added to PE 2019.0.

Platform support (2019.0.1)

This version adds support for these platforms.


  • Windows Server 2019

Improved usability for agent installation from the console (2019.0.1)

Agent installation from the console has been enhanced to improve its usability. Now when you start agent installation, a link directs you to its corresponding job details page. And when the installation task completes, the list of unsigned certificates is updated with new targets.

Transport options for remotely run tasks (2019.0.1)

Multiple transport options are available for running tasks over the communication protocols SSH and WinRM. When you set up a task to run on nodes that do not have the Puppet agent installed, you can define additional target options such as port number, connection timeout duration, and temporary directory.

Setting console admin password during text mode installation (2019.0.1)

When installing using text mode, if you don't specify a console admin password in pe.conf, you're now prompted to specify the password during installation.

Uninstall script on *nix nodes (2019.0.1)

By default, the uninstall script is now copied to all *nix nodes, including infrastructure nodes. You no longer have to manually copy the script from your master when you want to uninstall a *nix node. Nodes installed on macOS are an exception not covered by the uninstall script. 

Certificate architecture and handling (2019.0.0)

PE, courtesy of Puppet Server, now uses an intermediate certificate authority architecture by default. This architecture enhances the security of your installation by injecting an additional layer of certification between your root certificate authority and agent nodes. If you're upgrading to this version of PE, you can optionally regenerate certificates to adopt the intermediate certificate architecture.

Additionally, the puppet cert subcommands that formerly controlled certificates have been replaced with puppetserver ca commands, which leverage a new Puppet Server CA API and client tool. The new API allows for cleaner handling of certificates and, because the client tool is delivered as a gem alonside Puppet Server, it can be updated out-of-band to incorporate improvements or bug fixes.

For details about the new certificate architecture and client tool see the Puppet Server 6.0 documentation about the CA subcommand, intermediate CA, certificate authority service, and ca.conf. For details about the CA API, see the Puppet 6.0 HTTP API docs.

*nix bulk plugin sync with the install script (2019.0.0)

For *nix agents, the agent install script now downloads a tarball of plugins from the master before the agent runs for the first time. Depending on how many modules you have installed, bulk plugin sync can speed agent installation significantly.
Note: If your master runs in a different environment from your agent nodes, you might see some reduced benefit from bulk plugin sync. The plugin tarball is created based on the plugins running on the master agent, which might not match the plugins required for agents in a different environment.

This feature is controlled by the setting pe_repo::enable_bulk_pluginsync which you can configure in Hiera or in the console. Bulk plugin-sync is set to true (enabled) by default.  

pe.conf synched to high availability replicas (2019.0.0) 

The enterprise/conf.d directory, including the pe.conf file, is now automatically synched from masters to replicas in high availability installations. This expands the available methods for specifying configuration parameters in HA configurations. Previously, we recommended using only Hiera to specify configuration parameters. With this addition, you can now use Hiera or pe.conf.  

Platform support (2019.0.0)

This version adds support for these platforms.


  • SUSE Linux Enterprise Server 15

Back to top