Puppet Application Manager 1.62.0 is now available!

9 views
Skip to first unread message

Puppet Product Updates

unread,
Feb 17, 2022, 7:31:44 PM2/17/22
to
Hello All, 

We have released updates to the Puppet Application Manager used by Puppet Comply and Continuous Delivery for PE. This release includes:

  • Prometheus has been enabled in standalone installations. This uses an additional 350m CPU and 500MiB of memory, so ensure the system is properly sized.

  • Upgraded containerd to address GHSA-c72p-9xmj-rx3w and GHSA-c2h3-6mxw-7mvq.

  • Upgraded standalone and HA installs to Kubernetes 1.21.8. This upgrade process upgrades through Kubernetes 1.20, and happens on all nodes. It can take ~1 hour to do for a 3-node cluster, and requires confirmations during that period.

    • Legacy installs are limited to Kubernetes 1.19, and will be upgraded to 1.19.15. See additional information on this below. 

  • Added support for REHL 8.5

  • A couple of bug fixes 

    • The certificates used by contour and envoy will expire after 1 year. This release includes an update to auto-renew those certificates to avoid downtime.

    • CD4PE Customers - Customers will need to upgrade to PAM 1.62.0 before they will be able to upgrade to CD4PE 4.12.0. If they do not, they will get an error when trying to pull the latest version in the PAM UI's "Version History" stating "failed to pull: deployment method for chart vault has changed".

The legacy architecture cannot move to Kubernetes 1.20+ as Rook 1.0 breaks on Kubernetes 1.20+. Kubernetes 1.19 is no longer receiving security updates, which means the legacy architecture will no longer receive security fixes for Kubernetes. We will continue to update other components for the legacy architecture through June 2022. If there are security advisories against Kubernetes 1.19 the remediation will be to migrate to one of the newer architectures. 


Newer architectures can be found here and migration steps can be found here. For a migration from the legacy architecture it needs to be upgraded to the PAM 1.62.0 with the `force-reapply-addons` flag included. 


Legacy architecture can be found here


Note: If you click on the ‘Check for update’ button it will return an error. Re-run the PAM installer to get around this error

*CD4PE customers will run into this when v4.12 comes out, even when running older versions. You need to upgrade to PAM v 1.62.0 by re-running the installer before upgrading to v4.12. 


For full release notes and upgrade instructions, see the documentation below.

 

Continuous Delivery for PE documentation: 

https://puppet.com/docs/continuous-delivery/4.x/cd-pam-index.html 

 

Puppet Comply documentation: 

https://puppet.com/docs/comply/latest/comply-pam-index.html

Thank you!
Reply all
Reply to author
Forward
0 new messages