Resolved issues

This page describes resolved issues in the latest Puppet Enterprise (PE) release.

For more information about this release, see:

Tip: This PE release contains several components that have additional release notes. Refer to Related release notes for more information.

Resolved issues in PE 2016.1.2

Classifier service showed an error in status monitor

In the Puppet services status monitor, the classifier service showed an error.

Code Manager sometimes crashed Puppet Server on r10k to Code Manager upgrades

If you previously deployed code with r10k and then upgraded from r10k to Code Manager, deploying code with Code Manager could crash Puppet Server. This happened if r10k left Git files behind in the live code directory.

File sync was always disabled on upgrades

In PE 2016.1.1, the file_sync_enabled parameter (on the puppet_enterprise::profile::master class) was always set to false on upgrades. To use file sync, users had to set the parameter to true after upgrading.

Code Manager did not authenticate webhooks

In the previous release, Code Manager did not respect the set value of the authenticate-webhook setting and always assumed this value was false. This meant that the /v1/webhook endpoint did not require or validate authentication tokens for any request.

Vague Code Manager error message improved for all deployment operations

In 2016.1.1, we improved the error message for insufficient private key permissions. However, Code Manager still logged the old vague error message when performing a deployment of all environments.

Code Manager did not deploy modules with long filenames

When installing Forge modules in which the path plus the file name in the module’s tar file is longer than 100 characters, r10k did not copy the modules into the final module path. Because of this, Code Manager silently failed to deploy these modules into the code-staging directory.

Code Manager and r10k could not download PE-only modules with a proxy

Previously, if you accessed Puppet Forge via a proxy, Code Manager and r10k could not install and manage PE-only modules. This change resolves that issue.

Puppet Server restarted when PuppetDB queried compile masters

In PE infrastructures using compile masters, the puppetdb_query, which defines Puppet masters in PuppetDB had different results for each compile master. This caused the pe-puppetserver service to restart on every Puppet run.

Puppet Enterprise’s use of PuppetDB queries returned inactive nodes for active node queries

Previously PE used the puppetdb_query incorrectly when querying nodes assigned as compile masters, and returned results of deactivated nodes alongside active nodes.

PuppetDB sync_ini class caused unnecessary restarts

Previously, in multiple PuppetDB node configurations, the puppet_enterprise::puppetdb::sync_ini class, which queries PuppetDB for all PuppetDB nodes, was misconfigured and caused PuppetDB to restart every time Puppet ran. This occasionally enforced erroneous changes.

After upgrades OS X and Solaris 11 pxp-agents needed restart

After upgrading OS X and Solaris 11 agents, the pxp-agent on those nodes needed a restart to properly perform orchestrator runs.

To restart the PXP agent service, run the following commands:

Orchestration database user not set on upgrade

During upgrades to PE 2016.1.1, the Orchestration database user was not properly set, so pe-orchestration-services could not properly install. This left the service unavailable after upgrading.

Invalid regex rules resulted in a PuppetDB connection error

Entering a matches regex rule with an invalid expression erroneously resulted in a PuppetDB connection error.

Node classifier status endpoint returned an error

The node classifier status endpoint returned an error and an unknown state when queried at the default detail level.

Razor didn’t consistently match MAC addresses

In previous releases, the macaddress fact wasn’t correctly matched to nodes when multiple interfaces on the node reported different MAC addresses. The new has_macaddress operator searches all facts with the macaddress prefix, enabling better matching of tags. We recommend using the has_macaddress operator instead of the macaddress fact alone. (RAZOR-732)

Resolved issues in PE 2016.1.1

AIX agent upgrades failed to restart services

Previously, when you upgraded AIX agents, Puppet services would fail to properly restart.

Classes removed from manifest continued to appear in console after refresh

In previous releases, classes removed from the Puppet server continued to appear in the console after clicking the refresh classes button. With this release, refreshing updates the list of classes to match those available on the server.

Vague error message logged for insufficient Code Manager private key permissions

If, during Code Manager configuration, you specified a private key that didn’t have sufficient permissions for Code Manager to access the file, a vague error message was logged after deployment. In this release, this problem causes failure earlier and gives a more helpful error message.

Setting ‘n’ in answer file to disable file sync on install broke classification

In 2015.3, if you used an answer file to install and wanted to disable file sync, you could not use q_puppetmaster_file_sync_service_enabled=n in the answer file, as doing so created classification failures in the PE node groups.

Formatting of exported CSV files was displayed incorrectly in some Windows editors

In PE 2015.3, use of the line feed (LF) new line delimiter caused CSV files exported to Windows to display line breaks incorrectly in some editors. To correct this issue, the new line delimiter has been changed to carriage return plus line feed (CR+LF), in keeping with CSV standards.

Console data was exported in an inconsistent format

When exporting data from the PE console, it is typically exported in text/csv format. However, when exporting data from Nodes > Inventory > <ANY NODE> > Reports > Export data in PE 2015.3, the data was exported with an application/json MIME type. In PE 2016.1.1, the export format is text/csv for all data exports from the PE GUI.

Node classifier translate endpoint returned an unexpected error on false queries

In previous releases, if you supplied false as a query to the node classifier translate endpoint, the classifier responded with a 500 error. In this release, the same query returns the expected 400 error, indicating a bad request.

Razor exposed unused management ports

In previous releases, the Razor server exposed management ports on the local interface that could deserialize Java objects. In this release, unused management ports are closed by default to minimize the exposure risk to generic Java unserialize vulnerabilities.

Razor protect-new-nodes didn’t match tags to nodes booted into the microkernel

In previous releases, setting protect-new-nodes to true prevented tags from matching nodes that were booted into the microkernel. Without knowing which tags matched a node, it was unclear which policy the node would be eligible for when the reinstall-node command was issued. In this release, protected nodes that are booted into the microkernel are matched with tags. (RAZOR-779)

Razor delete-repo command didn’t remove the repository folder from the server

In previous releases, the delete-repo command removed the repository from the Razor database, but didn’t delete downloaded files on disk. In this release, if you supplied the iso_url property when you created the repository, the repository folder is also deleted from the server. (RAZOR-757)

Puppet agent release notes

This version of PE includes Puppet agent version 1.4.2. Refer to the Puppet agent release notes for more information.

PuppetDB release notes

This version of PE includes PuppetDB version 4.0.1. Refer to the PuppetDB release notes for more information.

Puppet Server release notes

This version of PE includes Puppet Server version 2.3.1. Refer to the Puppet Server release notes for more information.

Puppet release notes

This version of PE includes Puppet version 4.4.2. Refer to the Puppet release notes for more information.

↑ Back to top