*I wanted to share some significant developments as we progress towards a Puppet Platform 6 release. I encourage you to try out nightly builds available in the puppet6 repos:http://nightlies.puppet.com/yum/puppet6-nightly/ <http://nightlies.puppet.com/yum/puppet6-nightly/>http://nightlies.puppet.com/apt/puppet6-nightly/ <http://nightlies.puppet.com/apt/puppet6-nightly/>http://nightlies.puppet.com/downloads/{mac,windows}/puppet6-nightly/ <http://nightlies.puppet.com/downloads/{mac,windows}/puppet6-nightly/>1. Unvendoring Semantic PuppetPreviously, the puppet repo, puppet-agent and puppetserver vendored/packaged different versions of the semantic_puppet gem. We've untangled that mess so that in Platform 6:* puppet has a runtime gem dependency on the semantic_puppet gem* puppet-agent bundles the semantic_puppet 1.0.2 gem* puppetserver no longer knows about puppet's transitive gem dependencies* we can bump the semantic_puppet version in puppet-agent in the future without breaking puppetserver running on the same host. The same is true for other puppet runtime gem dependencies like fast_gettext and multi_json.See https://tickets.puppetlabs.com/browse/PA-1880 <https://tickets.puppetlabs.com/browse/PA-1880> for more details.2. Puppet Platform 6 requires Ruby 2.3Puppet Platform 6 requires Ruby 2.3 or up, so we can now use modern syntax such as keyword arguments, dig, squiggly heredocs, etc. Puppet will error when running on unsupported ruby versions such as 2.2, which went EOL on March 31, 2018.Since puppetserver runs puppet code in a JRuby interpreter and JRuby 1.7 conforms to the 1.9.3 Ruby language, we first had to move puppetserver from JRuby 1.7 to 9K. In Platform 5, we made it possible to opt into using JRuby 9K. In Platform 6, we will drop JRuby 1.7 and only support JRuby 9.1.x.x, which conforms to Ruby 2.3.To ensure puppet code does not break puppetserver/JRuby, we've started running puppet PRs against JRuby 9K in TravisCI.See https://tickets.puppetlabs.com/browse/PUP-6893 <https://tickets.puppetlabs.com/browse/PUP-6893> and https://tickets.puppetlabs.com/browse/SERVER-2155 <https://tickets.puppetlabs.com/browse/SERVER-2155> for more details.3. Intermediate CA improvementsCurrently, customers can set up Puppet to use an intermediate CA by manually generating and distributing certificates and keys, installing them in the proper locations on disk, for both the master and agent. This is time intensive, error prone, and even once these certs have been put in place, full validation using CRL chains was not possible.For Puppet 6, we we are making both tooling and functionality improvements to this process. In this increment, we have implemented full validation with chained certificates and CRLs, and we have changed the agent-side SSL bootstrapping to automatically download these full chains from the master and store and use them appropriately. It is now no longer necessary for intermediate CA users to manually distribute SSL files to their agents. On the server side, we are working to create a puppetserver CLI for setting up and interacting with the CA. See https://tickets.puppetlabs.com/browse/SERVER-2171 <https://tickets.puppetlabs.com/browse/SERVER-2171>.4. Server-stack containerizationWe’ve been working primarily on the automation and tooling to improve building and shipping updated containers for the Puppet Platform server components (puppetserver, puppetdb, and r10k). The build tooling for these containers has moved into the individual project repos, and we’re getting very close to having containers that will auto-publish to dockerhub.We also have a number of workflow improvements planned for running the server stack in a containerized environment. That work will be beginning in the near future.See https://tickets.puppetlabs.com/browse/CPR-560 <https://tickets.puppetlabs.com/browse/CPR-560> and https://tickets.puppetlabs.com/browse/CPR-592 <https://tickets.puppetlabs.com/browse/CPR-592> for more details on the ongoing and upcoming work.5. MCollective has been removedFor Puppet Enterprise users, we’ve already been recommending the new orchestrator for some time. Last summer, we introduced Bolt and Tasks. We feel these technologies solve most of the problems MCollective did, and are removing it from the puppet-agent so that we can focus on other engineering efforts.While we’d obviously love to see everyone move to Tasks, if you depend strongly on MCollective then it is still maintained by R.I.Pienaar at https://choria.io <https://choria.io>. 6. Includes the Resource APIThe Resource API provides a simple way to create new native resources in the form of types and providers for Puppet. Using a little bit of ruby, you can finally get rid of that brittle exec, or manage that one API that eluded you until now.See https://github.com/puppetlabs/puppet-resource_api <https://github.com/puppetlabs/puppet-resource_api> and https://github.com/puppetlabs/puppet-specifications <https://github.com/puppetlabs/puppet-specifications> for more details on how to use it.*
-- Josh Cooper | Software Engineer j...@puppet.com | @coopjn -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CA%2Bu97u%3D75niK-2BgNanor9p6tHmHOhV1p%2BepLGOvs0rNPaf0Sw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.