UPGRADE

The UPGRADE documents is a feature roadmap to the various Puppet versions. It details changes to features, functions, language, configuration and types during the course of Puppet's development. It highlights incompatibilities and specifies when new features were introduced and the extent to which they are backwards-compatible.

If upgrading you should review this document upward from the version you are upgrading from. Please remember that if upgrading through multiple versions some behaviour may change more than once.

There is also a Roadmap document available that details future development plans.

Contents

• 0.24.5
  • Binary and Configuration
  • Environments
  • Types and Providers
  • Functions
  • Language and Facts
  • Modules
  • LDAP
  • Nodes
  • Virtual and Exported/Collected Resources
• 0.24.4
  • Binary and Configuration
  • Types and Providers
  • Documentation
• 0.24.3
  • Languages and Facts
  • Binaries and Configuration
  • External Nodes
  • LDAP Nodes
• 0.24.2
  • Plugins
  • Virtual Resources
  • Tags
  • Binaries and Configuration
  • Language and Facts
  • Types and Providers
• 0.24.1
  • Binaries and Configuration
• 0.24.0 (misspiggy)
  • External Nodes
  • LDAP Nodes
  • Plugins
  • Certificates
  • Mongrel
  • Language and Facts
  • Binaries and Configuration
  • Types and Providers
• 0.23.2
  • Binaries and Configuration
  • Types and Providers
• 0.23.1 (beaker)
  • Language and Facts
  • Exported/Collected Resources
  • Binaries and Configuration
  • Types and Providers
  • Modules
  • Plugins
• 0.23.0
  • Functions
  • Nodes
  • LDAP Nodes
  • External Nodes
  • Stored Configuration
  • File Locations
  • Types and Providers
  • Language and Facts
  • Binaries and Configuration
• 0.22.4
  • Modules
  • Types and Providers
  • Language and Facts
• 0.22.3
  • Binaries and Configuration
  • Types and Providers
• 0.22.2 (grover)
  • Language and Facts
  • File Locations
  • Mongrel
  • Binaries and Configuration
  • Certificate Authorities
  • Functions
  • Types and Providers
• 0.22.1 (kermit)
  • Resource Relationships
  • Language and Facts
  • Types and Providers
• 0.22.0
  • Types and Providers
  • Stored Configuration
  • Language and Facts
• 0.20.0
  • Virtual and Exported/Collected Resources
  • Resource Relationships

0.24.5

Binary and Configuration

Added the catalog_format configuration option which accepts the yaml or marshal options. This option allows you to switch the catalog formatting from YAML to Marshal. Marshal formatting should provide significant performance enhancement over YAML.

The return code from waitpid now right shifted 8 bits.

Added support for the --all option to puppetca --clean. If puppetca --clean --all is issued then all client certificates are removed.

Environments

The default environment is now production.

Types and Providers

The interface type is buggy and has been disabled.

A native type type for managing ssh authorized_keys files is available

The gem package type can now specify source repositories.

The service type now supports HP-UX.

On Red Hat instead of deleting the init scripts (with chkconfig --del) we disable it with chkconfig service off, and do the same for enable => true;

Added LDAP providers for users and groups.

Functions

Added SHA1 function from DavidS to core

Language and Facts

Facts in plugin directories should now be autoloaded, as long as you're using Facter 1.5.

Aliases to titles now work for resources.

Modified the 'factpath' setting to automatically configure Facter to load facts there if a new enough version of Facter is used.

Modules

Templates in the templatedir are preferred to module templates.

LDAP

Removed support for the 'node_name' setting in LDAP and external node lookups.

Nodes

Removed support for 'default' nodes in external nodes. LDAP nodes now use the certificate name, the short name, and 'default', but external nodes just use the certificate name and any custom terminus types will use just the certificate name.

Virtual and Exported/Collected Resources

Exporting or collecting resources no longer raises an exception when no storeconfigs is enabled, it just produces a warning.

0.24.4

Binary and Configuration

The http keep-alive is now disabled by default. There is now a constant in Puppet::Network::HttpPool that will disable or enable this feature but it you enable it you may be at risk of corruption, especially in file serving.

The yamldir is automatically created by the server now that it's in the puppetmasterd section rather than a separate yaml section.

Types and Providers

In the OpenBSD package provider, assume a source ending in a / indicates it is a directory, and pass it to pkg_add via PKG_PATH. Allows pkg_add to resolve dependencies, and make it possible to specify packages without version numbers.

Provider suitability is now checked at resource evaluation time, rather than resource instantiation time. This means that you don't catch your "errors" as early, but it also means you should be able to realistically configure a whole host in one run.

Documentation

Puppet now has man pages available. These are recreated at each release. They are located in the man directory and are installed into mandir.

0.24.3

Languages and Facts

Downloading plugins and facts now ignores noop. Note that this changes the behaviour of a resource's noop setting. The resources noop setting will now alway override the global setting (previously, whichever was true would win).

Host names can now have dashes anywhere.

Binaries and Configuration

The CA serial file will no longer ever be owned by root.

External Nodes

External node commands can specify an environment and Puppet will now use it.

LDAP Nodes

LDAP nodes now support environments, and the schema has been updated accordingly.

0.24.2

Plugins

Autoloading now searches the plugins directory in each module, in addition to the libdir directory. The libdir directory is also deprecated, but supported for now to give people a chance to convert.

Virtual Resources

Virtual defined types are no longer evaluated. This introduces a behaviour change, in that you previously could realize a resource within a virtual defined resource, and now you must realize the entire defined resource, rather than just the contained resource.

Tags

The full name of qualified classes and the class parts are now added as tags. This is supported by the new Tagging module.

Binaries and Configuration

The rundir directory permissions are again set to 1777.

The yamldir setting has been moved to its own yaml section. This should keep the yamldir from being created on clients.

Language and Facts

Classes can once again be included multiple times.

Exec resources must now have unique names, although the commands can still be duplicated. This is easily accomplished by just specifying a unique name with whatever (unique or otherwise) command you need.

There is a change in Puppet's parser - the order of statement evaluation is no longer changed. This means case statements can now set variables that can be used by other variables.

Types and Providers

Added built-in support for Nagios types using Naginator to parse and generate the files.

The package type (and Puppet overall) is now compatible with gems 1.0.1.

You can now copy links using the file type.

Removed the loglevels from the valid values for logoutput in the exec resource type -- the log levels are specified using the loglevel parameter, not logoutput.

0.24.1

Binaries and Configuration

Removed the ability to disable http keep-alive.

Removed warning about deprecated explicit plugins mounts.

0.24.0 (misspiggy)

External Nodes

External node support now requires that you set the node_terminus setting to exec:

node_terminus = exec

External nodes can now co-exist with manifest-based nodes. Previously you had to select one or the other.

LDAP Nodes

LDAP nodes can now co-exist with manifest-based nodes. Previously you had to select one or the other.

Plugins

Added plugins mount - see PluginsInModules on the wiki for information.

Certificates

Certificates now always specify a subjectAltName, but it defaults to *`, meaning that it doesn't require DNS names to match.  You can override that behaviour by specifying a value for the ``certdnsnames configuration option which will then require that hostname as a match.

The behaviour of the certdnsnames setting has changed. It now defaults to an empty string, and will only be used if it is set to something else. If it is set, then the host's FQDN will also be added as an alias. The default behaviour is now to add puppet and puppet.$domain as DNS aliases when the name for the cert being signed is equal to the signing machine's name, which will only be the case for CA servers. This should result in servers always having the alias set up and no one else, but you can still override the aliases if you want.

Mongrel

Changed the behaviour of --debug to include Mongrel client debugging information. Mongrel output will be written to the terminal only, not to the puppet debug log.

Language and Facts

The node scope is now above all other scopes besides the main scope, which should help make its variables visible to other classes, assuming those classes were not included in the node's parent.

Relationship metaparameters :notify, :require, :subscribe, and :before now stack when they are collecting metaparameter values from their containers. For instance, if a resource inside a definition has a value set for require, and you call the definition with require, the resource gets both requires, where before it would only retain its initial value.

Binaries and Configuration

Added the --no-daemonize option to puppetd and puppetmasterd which prevents both binaries from daemonizing. If you use daemontools or runit you must pass the --no-daemonize to puppetd and puppetmasterd. Additionally, the default behavior of --verbose and --debug no longer cause puppetd and puppetmasterd to not daemonize.

The --use-nodes and --no-nodes options are now obsolete. Puppet automatically detects when nodes are defined, and if they are defined it will require that a node be found, else it will not look for a node nor will it fail if it fails to find one.

You now must specify an environment and you are required to specify the valid environments for your site.

The http_enable_post_connection_check added as a configuration option for puppetd. This defaults to true, which validates the server SSL certificate against the requested host name in new versions of Ruby.

Types and Providers

Added k5login type.

Removed type and running as valid attributes from the service types as they are both deprecated.

Modified how services manage their list of paths. Services now default to the paths specified by the provider classes.

0.23.2

Binaries and Configuration

The --gen_config option now generates a configuration with all parameters under a heading that matches the relevant process name, rather than keeping section headings.

Types and Providers

Added support for managing interfaces on Red Hat.

0.23.1 (beaker)

Language and Facts

You can now specify relationships to classes, which work exactly like relationships to defined types:

require => Class[myclass]

This works with qualified classes, too.

Added the +> syntax to resources, so parameter values can be added to.

Hostnames can now be double quoted.

Both class and node names must both now be unique, for example you cannot have a node and class with the same name.

Exported/Collected Resources

You can now do simple queries in a collection of exported resources. You still cannot do multi-condition queries, though.

Binaries and Configuration

Running puppetca with --clean now exits with a non-zero code if it cannot find any host certificates to clean.

The Rails log level can now be set via the rails_loglevel parameter.

Puppet clients now have http proxy support.

Types and Providers

Added the maillist type for managing mailing lists.

Added a mailalias type for managing mail aliases.

Modules

Added autoloading of modules - you can now 'include' classes from modules without ever needing to specifically load them.

Plugins

The configuration client now pulls libraries down to $libdir, and all autoloading is done from there with full support for any reloadable file, such as types and providers. This is not backward compatible -- if you're using pluginsync you'll need to disable it on your clients until you can upgrade them.

0.23.0

Functions

Fixed functions so that they accept most other rvalues as valid values.

Nodes

From 0.23.0 only ONE node source can be used - you can either use LDAP, code, or an external node program, but not more than one.

LDAP Nodes

LDAP node support has two changes, first, the "ldapattrs" attribute is now used for setting the attributes to retrieve from the server (in addition to required attributes), and second, all retrieved attributes are set as variables in the top scope. This means you can set attributes on your LDAP nodes and they will automatically appear as variables in your configurations.

External Nodes

External node support has been completely rewritten - this breaks compatibility with earlier versions and older external node scripts will not work. External node scripts must now generate a YAML dump of a hash, with "classes" and "parameters" keys. The classes should be an array, and the parameters should be a hash. The external node program has no support for parent nodes -- the script must handle that on its own.

Stored Configuration

Reworked the database schema used to store configurations with the --storeconfigs option.

File Locations

Changed the location of the classes.txt to the state directory.

Moved puppetd and puppetmasterd to sbin.

Types and Providers

Added a package provider called appdmg able to install .app packages on .dmg files on OS X.

Added fink package provider (#642), as provided by 'do'.

Marked the dpkg package provider as versionable (#647).

Language and Facts

Added an 'undef' keyword, which will evaluate to "" within strings but when used as a resource parameter value will cause that parameter to be evaluated as undefined.

Tags, definitions, and classes can now be a single character.

Binaries and Configuration

Significantly reworking configuration parsing. Executables all now look for puppet.conf rather than the older configuration binary-specific configuration files. The old-style configuration files will be parsed if they are present, although they throw a deprecation warning.

Transaction summaries are now available with the --summarize option. These are useful for getting a quick idea of what happened in a transaction. Currently only useful on the client or with the puppet interpreter.

Added the dynamicfact configuration option; any facts in a comma-separated list will be ignored when comparing facts to see if they have changed and thus whether a recompile is necessary.

Added a splay option to randomly distribute client connections. The value is random but cached. It defaults to the runinterval but can be tuned with --splaylimit. It's disabled when running under --test in puppetd.

0.22.4

Modules

Modules no longer return directories in the list of found manifests.

Types and Providers

The crontab provider now defaults to root when there is no USER set in the environment.

The useradd provider for the user type can now manage passwords. No other providers can, at this point.

Language and Facts

Added a syntax for referring to variables defined in other classes (e.g., $puppet::server).

0.22.3

Binaries and Configuration

Added a stand-alone filebucket client, named filebucket.

Types and Providers

The -M option is no longer added when home directories are being managed on Red Hat with the user type.

0.22.2 (grover)

Language and Facts

Definitions now support both 'name' and 'title', just like any other resource type.

Import statements can now specify multiple comma-separated arguments:

import apache, mongrel, squid

Changed the servername fact set on the server to use the server's fqdn, instead of the short-name.

File Locations

Changing the location of the configuration cache. It now defaults to being in the state directory, rather than in the configuration directory.

Mongrel

Support for Mongrel added. Currently you need to start each individual process and it requires you setup a proxy in front of the mongrel processes.

Binaries and Configuration

Renamed x2puppet to ralsh.

The bind address for puppetmasterd can now be specified with --bindaddress.

Added the ignorecache option to tell puppetd to ignore the cache and force a recompile.

Certificate Authorities

You can now run seperate Certificate Authorities rather than using the inbuilt CA.

Functions

Added a file() function to read in files with no interpolation. The first found file has its content returned.

Added the generate() function which sets values to the result of an external command.

Functions can now be called with no arguments.

Types and Providers

When doing file recursion, ensure only affects the top-level directory.

Users can now manage their home directories, using the managehome parameter.

Using the package type you can now purge apt and dpkg packages.

Made up2date the default for RHEL < 4 and yum the default for the rest.

The yum provider now supports versions.

Switched apt/aptitide to using "apt-cache policy" instead of "apt-cache showpkg" for determining the latest available version.

States have been renamed to Properties.

0.22.1 (kermit)

Resource Relationships

Explicit relationships now override automatic relationships, allowing you to manually specify deletion order when removing resources.

Resources with dependencies can now be deleted as long as all of their dependencies are also being deleted.

Language and Facts

Downcasing of facts can be selectively disabled.

Types and Providers

The netinfo mounts provider was commented out, because it really doesn't work at all.

0.22.0

Types and Providers

Added the resources type which includes the ability to purge unwanted resources.

All providers now directly execute commands instead of going through a sub-shell - this means arguments don't need to be quoted or escaped.

Stored Configuration

Export and collect updated making the database incompatible with the 0.20 version. You will need to re-create your database.

Language and Facts

Facts are no longer down-cased and the language is case-insensitive.

0.20.0

Virtual and Exported/Collected Resources

Virtual resources are now represented by single sigils, @user, and exported/collected resources are represented by double sigils, @@sshkey.

Resource Relationships

Resources relationships are now identified by capitalizing the resource like so:

File["/etc/passwd"]