Today, we are pleased to announce the release of CFEngine 3.24.0! The code word for this release is consistency.
This release also marks an important event, the beginning of the 3.24 LTS series, which will be supported for 3 years.
Several new features have been added since the release of CFEngine 3.21 LTS, in the form of non-LTS releases. In this blog post we’ll highlight the most important features since the previous LTS release, even though some of them technically landed in intermediate non-supported releases.
What’s new
3.24 sneak peek webinar episode
In our latest episode of “The agent is in” webinar series, we looked at some of the new features coming in 3.24:
Groups in Mission Portal
In 3.22, we introduced the groups feature in Mission Portal. This feature allows you to split up your infrastructure into groups based on operating system, CFEngine version, environment, purpose, or any other information you include in the inventoried information about each machine. By default, Mission Portal comes with some groups like the Ubuntu group of all hosts running Ubuntu operating systems;
CMDB and group data
The group feature extends the CMDB functionality, letting you assign variables and classes to groups of hosts, rather than just individual hosts;
Quality of life and requested improvements to groups
Since its introduction in 2022, we’ve had customers testing and giving us feedback about the groups feature, and made several improvements since then, including:
- From the inventory report, you can now select a group to filter by, or save your current filter as a group.
- The host info page now shows a list of shared groups the host is a member of, with links to jump to those groups.
- The host info page also has a new Show JSON button for showing the merged JSON file (which combines group data and host specific data), giving you a complete view of exactly which variables and classes end up on the host.
- There is now drag and drop support for reordering the list of shared groups (which affects their priority when merged).
Compliance report scalability
Compliance reports with many checks previously took a long time to load, as the checks were run almost one after another (very limited parallellism).
We’ve added more parallellism and caching to compliance reports, allowing you to build bigger reports without being slowed down by long loading times.
The compliance-report-lynis module from CFEngine Build will benefit greatly from this, along with any similar compliance report modules we make in the future.
When testing the changes, we saw a ~5x performance increase (same report loaded in 1/5 of the time).
Breaking changes
From time to time, we need to change the behavior of certain features of CFEngine in a way that is not completely backwards compatible.
This is usually to address security concerns, bugs causing issues for our users, or features behaving in really unexpected or unintended ways.
In such cases, we try to communicate the changes with users, along with what is needed from them (such as adjusting their policy, reports, or API usage).
Please take a look at the recent change-in-behavior blog posts, and stay up to date on these via our blog:
https://cfengine.com/tags/change-in-behavior/
Other changes
There are other big changes introduced in the past 1.5 years, but not shown here. We encourage you to read our previous release blog posts to see more of these changes:
Changelogs
As always, you can see a full list of changes and improvements in our changelogs:
- 3.24.0 Changelog for CFEngine Community
- 3.24.0 Changelog for CFEngine Enterprise
- 3.24.0 Changelog for Masterfiles Policy Framework
If you are upgrading from the 3.21 LTS series, scroll down in the changelog to find changes from the earlier 3.22 and 3.23 releases. Please note that the Enterprise changelogs contain only changes specific to enterprise. To get a full overview of all changes in a version, read all 3 changelogs.
Dependency updates
Compared to the recently released 3.21.5, these dependencies have been updated:
| CFEngine version | 3.21.5 | 3.24.0 |
|---|---|---|
| Git | 2.45.1 | 2.45.2 |
| libcurl | 8.7.1 | 8.8.0 |
| libexpat | - | 2.5.0 |
| libxml2 | 2.12.6 | 2.13.1 |
| LMDB | 0.9.32 | 0.9.33 |
| OpenLDAP | 2.6.7 | 2.6.8 |
| OpenSSL | 3.0.13 | 3.3.1 |
| PCRE2 | - | 10.44 |
| PCRE | 8.45 | - |
| PHP | 8.2.19 | 8.3.8 |
| PostgreSQL | 15.6 | 16.3 |
Thank you to all the developers and maintainers of Open Source Software which make CFEngine possible!
Platform support
As mentioned when we announced the latest patch releases, support for Ubuntu 24, both ARM64 and x86-64, has arrived. This naturally applies to 3.24.0, as well.
In order to allow us to focus our resources on the platforms most widely used by our users, we are dropping support for older operating systems which are not actively supported by their vendors (outside of paid extended support programs):
- Debian 9 (Ended July 1st 2022)
- Debian 10 (Ended June 30th 2024)
- Ubuntu 16 (Ended April 2nd 2021)
- Ubuntu 18 (Ended May 31st 2023)
- Windows Server 2008 (Ended January 14th 2020)
- CoreOS (Discontinued May 26th 2020)
As always, if you need support for other operating systems than what we currently support (including older operating systems), please contact us and we can work on this for you.
Downloads
CFEngine Enterprise is free for up to 25 hosts, click here to go to the download pages with new packages.
If you are using cf-remote, it will now default to 3.24.0, since this is the latest LTS release available.
Contributions
We encourage all of our users to get involved in the community and contribute. Feel free to use one of the following avenues:
- Ask for help, share an idea, or start a discussion on GitHub Discussions
- Contribute modules to CFEngine Build
- Look through our curated list of issues for new contributors
- Improve the documentation by fixing typos, adding examples, or explaining things you found difficult
- Browse the code or submit a pull request through GitHub
- Submit a bug report or feature request in our issue tracker
