Release of 7.0.0
* Tue Sep 07 2021 Trevor Vaughan <tvaughan@onyxpoint.com> - 7.0.0
- Changed set/get from `master` to `server` in updates to the puppet
configuration
- Changed the check for puppetserver running from a fragile CRL query to the
actual `status` endpoint and moved from `curl` to native `net/http`
- Removed management of puppetdb components since it is no longer enabled by
default.
* Thu Jun 24 2021 Liz Nemsick <lnemsick.simp@gmail.com> - 7.0.0
- Removed support for EL6
- simp kv breaking changes:
- Updated the `simp kv` command suite to work with simp-simpkv
Puppet module version >= 0.8.0.
- simp-simpkv 0.8.0 changed how global keys are accessed.
- Only impacts sites that explicitly enabled the experimental
simpkv capability.
- simp CLI changes:
- Dropped support for Puppet 5.
- simp config changes:
- Updated LDAP configuration to use 389ds, when the SIMP server is the LDAP
is on EL>7.
- Configures the LDAP server to be the SIMP 389ds accounts instance
- Configures the LDAP client to communicate with the 389ds server.
- Updated the logic that extracts existing DNS configuration to
handle scenarios in which /etc/resolv.conf is not available.
- Added option to configure a local user with ssh and sudo privileges
to prevent server lockout, when SIMP is not installed from ISO.
- Especially important for cloud instances when the user does not have
console access.
- Specified local user will be created if not already present.
- If the specified local user exists and has authorized ssh keys, the keys
will be copied to /etc/ssh/local_keys/, the default location of local user
ssh authorized key files in SIMP.
IMPORTANT: Any future updates to a users's ssh authorized key list must
be made to the user's file in /etc/ssh/local_keys/.
- Moved the mechanism to set the SIMP server's grub password to Puppet.
- The password is now set via simp_grub::password instead of
grub::password.
- Fixed a bug in which running `simp config` multiple times could result in
multiple /etc/hosts entries for the puppetserver.
- Removed the OBE action that created an updates repo in /var/www/yum and
disabled CentOS repos, when SIMP was installed via ISO.
- Updated the list of packages to verify when SIMP is not installed
via ISO.
* Thu Jun 17 2021 Jeanne Greulich <jeanne.greulich@onyxpoint.com> - 7.0.0
- simp config changes:
- The LOCAL sssd domain is no longer needed for sssd to start. The
sssd::domains value is now only set if the SIMP server is the LDAP server.
- Configure simp_options::ntp::servers instead of deprecated
simp_options::ntpd::servers.
- Set the NTP server defaults for ntpd and chronyd.
simp_options::ntp::servers is intended to be the default NTP server
settings for a SIMP system, regardless of whether it uses ntpd or
chronyd. However, the chrony module does not use simp_options,
because it is not a SIMP-maintained module. To work around this,
`simp config` was updated to set chrony::servers to an alias of
simp_options::ntp::servers in hieradata.
- Check for both ntpd and chronyd settings when determining the OS defaults
for simp_options::ntp::server, not just ntpd settings.
* Thu Dec 10 2020 Chris Tessmer <chris.tessmer@onyxpoint.com> - 7.0.0
- Bumped .gemspec dependencies to mitigate CVE-2020-8130