We’re happy to announce the maintenance release 3.10.2 LTS and the new 3.11.0 non-LTS release today! 3.10.2 LTS, being a maintenance (aka patch) release, the goal is to increase stability and reliability for CFEngine users and enable a safe upgrade-path. As such, the release primarily includes bugfixes and low-risk changes that do not impact the compatibility between previous patch releases. 3.11.0 non-LTS includes new features and is not covered under the CFEngine Enterprise support contract. Looking at the CFEngine release schedule, we can see that
- 3.10 LTS is maintained (and supported for Enterprise customers) until December 27th 2019
- 3.11 non-LTS is maintained (but unsupported for Enterprise customers) until December 2017
If you are planning to contribute features to the next feature release (thank you!), please note that we would need the pull requests ready for merging by early September in order to have time to incorporate them into 3.12.
Improvements in 3.10.2 LTS
zypper is supported as a new package module for the package promise implementation introduced in 3.7, making package management with Zypper much more reliable. If you are currently using the zypper package_method (old package promise implementation), you might consider switching to this new package module instead. Several issues around CFEngine start (init/systemd) scripts on multiple platforms have been fixed. In CFEngine Enterprise Mission Portal, there was an issue exporting csv files in some environments, which is now resolved. The inventory report also correctly parses lists in all cases, not displaying any curly braces in the report itself. As always, dependencies have been upgraded. Most notably, the CFEngine Enterprise 3.10.2 hub is shipped with Apache 2.4.27, PostgreSQL 9.6.3, PHP 5.6.31 and Redis 3.2.9. For more details please see the CFEngine 3.10.2 LTS ChangeLog for core, masterfiles, and enterprise.
New functionality in 3.11.0 non-LTS
Simplifying policy
Several features have been introduced that makes it faster and easier to
write CFEngine policy. Most notably, the with
attribute helps
eliminate intermediate variables when looping. Here is an example:
bundle agent main
{
vars:
"todo" slist => { "a 1", "b 2", "c 3" };
# Here, `with` is the canonified version of $(todo), letting us avoid an
# intermediate canonification array.
"$(with)" string => "$(todo)", with => canonify($(todo));
"complex" data => '
{
"x": 200,
"y": [ 1, 2, null, true, false ]
}
';
reports:
"For iterable '$(todo)' we created variable '$(with)' and its value is '$(todo)'"
with => canonify($(todo));
"We can print a data container compactly without creating a temporary variable: $(with)"
with => format("%S", complex);
"We can print a data container fully without creating a temporary variable: $(with)"
with => storejson(complex);
}
R: For iterable 'a 1' we created variable 'a_1' and its value is 'a 1'
R: For iterable 'b 2' we created variable 'b_2' and its value is 'b 2'
R: For iterable 'c 3' we created variable 'c_3' and its value is 'c 3'
R: We can print a data container compactly without creating a temporary variable: {"x":200,"y":[1,2,null,true,false]}
R: We can print a data container fully without creating a temporary variable: {
"x": 200,
"y": [
1,
2,
null,
true,
false
]
}
Expanded system discovery
CFEngine now leverages the standardized file /etc/os-release
to do
operating system discovery. This enables much broader OS disovery, for
example the Amazon Linux and CoreOS platforms are now detected as
classes and variables. You can use the cf-promises
options
--show-classes
and --show-vars
to see the new classes and variables
on your favorite platform! Environment files can now be read in
natively into CFEngine, with the support of the new readenvfile()
function,
as well as ENV support in the readdata()
function.
Other changes
Also in 3.11.0, zypper is supported as a new package module for the
package promise implementation introduced
in 3.7, making package
management with Zypper much more reliable. If you are currently using
the zypper package_method (old package promise implementation), you
might consider switching to this new package module instead. Previously,
heavily loaded hubs that were handling multiple concurrent connections
would occasionally reach the system resource limit of max open files,
and manual tweaking was needed ( nofile limit in
/etc/security/limits.conf ). In 3.11.0 (and 3.10.1) cf-serverd
auto-configures this limit according to the maxconnections policy
setting, so manual tweaking of the system limit should never be needed
again. CFEngine Enterprise now has a global search box, allowing for
hosts to be directly located by hostname or IP address from anywhere in
the UI. Mission Portal’s application logs have been relocated
from /var/cfengine/httpd/htdocs/application/logs
to /var/cfengine/httpd/logs/application
. As usual, dependencies have
been upgraded in order to get the latest security, performance and
reliability improvements. For more details please see the CFEngine
3.11.0 non-LTS ChangeLog for
core,
masterfiles,
and
enterprise
Upgrading?
If you’re upgrading an existing CFEngine Enterprise installation, check out the 3.10 upgrade documentation for guidelines to make the process as smooth as possible. We are happy to assist CFEngine Enterprise customers with upgrading! Please contact CFEngine customer support to receive a fixed-price quote for upgrading your CFEngine infrastructure.
Get it!
CFEngine Enterprise packages can be downloaded here or you can take a quick spin with the CFEngine Enterprise 3.10 Vagrant environment. Community Edition is released as source code, packages and Linux package repositories – to make installation as easy as possible! We hope you enjoy the new releases, and we look forward to hearing about your experience in the CFEngine Google Group!