Puppet 2.7.16 is a maintenance release for Puppet in the
2.7.x series. (Puppet 2.7.15 died in the thunderdome). The release notes below
include notes from the 2.7.15 series, so you may see some changes repeated
from previous emails.
Downloads are available at:
* Source https://downloads.puppetlabs.com/puppet/puppet-2.7.16.tar.gz
Windows package is available at
https://downloads.puppetlabs.com/windows/puppet-2.7.16.msi
RPMs are available at https://yum.puppetlabs.com/el or /fedora
Debs are available at https://apt.puppetlabs.com
Mac package is available at
https://downloads.puppetlabs.com/mac/puppet-2.7.16.dmg
See the Verifying Puppet Download section at:
https://projects.puppetlabs.com/projects/puppet/wiki/Downloading_Puppet
Please report feedback via the Puppet Labs Redmine site, using an
affected puppet version of 2.7.16:
http://projects.puppetlabs.com/projects/puppet/
## Puppet 2.7.16 Release Notes ##
(#8858) Explicitly set SSL peer verification mode.
In Ruby 1.8 the Net::HTTP library defaults to skipping peer
verification when
no mode is explicitly set. Ruby 1.9, on the other hand, does not:
it defaults
to verification of the peer certificate - leading to failure when
we depended
on the default value in our HTTP setup.
This changes to explicitly set the verification mode, ensuring we get
consistent results across all Ruby versions.
*Significantly improve compilation performance when using modules
When autoloading classes/defines, the typeloader constructs a set of
possible locations for the class, based on its name. Effectively, it
will look in the canonical locations corresponding to each namespace in
the fully-qualified name. So for each namespace, it will ask the
environment for a Puppet::Module instance for that module, to ask it
which of the module's potentially manifests match the class it's looking
for. To answer that request, the environment instantiates a
Puppet::Module.
This amounts to potentially thousands of Puppet::Module instances being
created, because it does this many times (based on nesting of the class
name) per include/autoload/import. When Puppet::Module instances are
created, they parse and load their metadata.json file, in part to
validate their use. This implies that each compilation results in
metadata.json being parsed thousands of times, which is extremely slow
(and obviously provides no actual benefit).
Fortunately, the environment object already keeps a list of
Puppet::Module instances for every module in its modulepath. The fix
applied here is simply to change the environment such that it provides
modules by looking them up in its cached list, resulting in up to an
order of magnitude improvement in compilation time.
*Colorize console output on Windows
Previously, `Puppet[:color]` was false on Windows, because the Windows
console does not support ANSI escape sequences.
The win32console gem converts ANSI color escape sequences into Win32
console API calls to change the foreground color, etc. If the output
stream has been redirected to a file, then the gem does not translate
the sequences, instead preserving them in the stream, as is done on
Unix.
To disable colorized output specify `color=false` or `--color=false` on
the command line.
This commit adds a `Puppet.features.ansicolor?` feature that defines
whether ANSI color escape sequences are supported. On Windows, this is
only true if the win32console gem can be loaded. On other platforms, the
value is always true.
The win32console gem will be packaged into the Windows installer, and
so, `Puppet[:color]` now defaults to true. If the gem can't be loaded,
then puppet will revert to its previous behavior.
(#8174) Allow defines to reference topscope
Because the compiler re-assigned the topscope, looking up topscope vars
or facts from a defined resource type was causing deprecation warnings
when it should not be. By cherry-picking commits
b02aa930a03a282588e81f65e14f47a138a4b9f0 and
c995be16bc9e3ad8dbad9d21b49df76de5b72ea9 the topscope is no longer
re-assigned and so defined resource types can now lookup these kinds of
variables without problem.
Evaluate node classes either in top or node scope
Classes that are tied to a node should be preferred to be evaluated in
the node scope, but if we don't have one then they should be in the top
scope
(#14297) Handle upstart services better
The previous changes to the upstart provider didn't take into
account services
that may have upstart jobs in /etc/init with no corresponding symlink to
upstart-job in /etc/init.d. This fix adds /etc/init/$service.conf
to the search
path in the upstart provider.
In order to allow upstart to use debian as its parent, this commit
adds methods
for enabled?, enable and disable. Without this fix, using a debian
style init
script on ubuntu requires manually