archive
/
ansible
mirror of https://github.com/ansible/ansible.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

convert CHANGELOG to per-major-ver and generated

Browse Source 
* CHANGELOGs are now per-version
* CHANGELOGs are now RST format
* CHANGELOGs are now generated via reno from YAML fragments located in changelogs/fragements. This allows feature/bugfix changelog fragments to be cherry-picked alongside the code changes
* each version's CHANGELOG_vX.Y.rst is generatd at release-time and can be easily copied/cherry-picked into other branches
pull/36302/head
Matt Davis 8 years ago
parent e8beb180e1
commit 6f62dd66bb
29 changed files with 6430 additions and 4519 deletions
Show Stats Download Patch File Download Diff File

4519
CHANGELOG.md
View File

File diff suppressed because it is too large Load Diff

1
CHANGELOG.rst
Unescape Escape View File

@ -0,0 +1 @@
Per-version CHANGELOGS can be found `here <changelogs/>`_.

2341
changelogs/CHANGELOG_legacy.rst
View File

File diff suppressed because it is too large Load Diff

577
changelogs/CHANGELOG_v2.0.rst
Unescape Escape View File

@ -0,0 +1,577 @@
=======================================================
Ansible 2.0 "Over the Hills and Far Away" Release Notes
=======================================================
2.0.2 "Over the Hills and Far Away"
-----------------------------------
- Backport of the 2.1 feature to ensure per-item callbacks are sent as
they occur, rather than all at once at the end of the task.
- Fixed bugs related to the iteration of tasks when certain
combinations of roles, blocks, and includes were used, especially
when handling errors in rescue/always portions of blocks.
- Fixed handling of redirects in our helper code, and ported the uri
module to use this helper code. This removes the httplib dependency
for this module while fixing some bugs related to redirects and SSL
certs.
- Fixed some bugs related to the incorrect creation of extra temp
directories for uploading files, which were not cleaned up properly.
- Improved error reporting in certain situations, to provide more
information such as the playbook file/line.
- Fixed a bug related to the variable precedence of role parameters,
especially when a role may be used both as a dependency of a role and
directly by itself within the same play.
- Fixed some bugs in the 2.0 implementation of do/until.
- Fixed some bugs related to run\_once:
- Ensure that all hosts are marked as failed if a task marked as
run\_once fails.
- Show a warning when using the free strategy when a run\_once task is
encountered, as there is no way for the free strategy to guarantee
the task is not run more than once.
- Fixed a bug where the assemble module was not honoring check mode in
some situations.
- Fixed a bug related to delegate\_to, where we were incorrectly using
variables from the inventory host rather than the delegated-to host.
- The 'package' meta-module now properly squashes items down to a
single execution (as the apt/yum/other package modules do).
- Fixed a bug related to the ansible-galaxy CLI command dealing with
paged results from the Galaxy server.
- Pipelining support is now available for the local and jail connection
plugins, which is useful for users who do not wish to have temp
files/directories created when running tasks with these connection
types.
- Improvements in support for additional shell types.
- Improvements in the code which is used to calculate checksums for
remote files.
- Some speed ups and bug fixes related to the variable merging code.
- Workaround bug in python subprocess on El Capitan that was making
vault fail when attempting to encrypt a file
- Fix lxc\_container module having predictable temp file names and
setting file permissions on the temporary file too leniently on a
temporary file that was executed as a script. Addresses CVE-2016-3096
- Fix a bug in the uri module where setting headers via module params
that start with ``HEADER_`` were causing a traceback.
- Fix bug in the free strategy that was causing it to synchronize its
workers after every task (making it a lot more like linear than it
should have been).
2.0.1 "Over the Hills and Far Away"
-----------------------------------
- Fixes a major compatibility break in the synchronize module shipped
with 2.0.0.x. That version of synchronize ran sudo on the controller
prior to running rsync. In 1.9.x and previous, sudo was run on the
host that rsync connected to. 2.0.1 restores the 1.9.x behaviour.
- Additionally, several other problems with where synchronize chose to
run when combined with delegate\_to were fixed. In particular, if a
playbook targetted localhost and then delegated\_to a remote host the
prior behavior (in 1.9.x and 2.0.0.x) was to copy files between the
src and destination directories on the delegated host. This has now
been fixed to copy between localhost and the delegated host.
- Fix a regression where synchronize was unable to deal with unicode
paths.
- Fix a regression where synchronize deals with inventory hosts that
use localhost but with an alternate port.
- Fixes a regression where the retry files feature was not implemented.
- Fixes a regression where the any\_errors\_fatal option was
implemented in 2.0 incorrectly, and also adds a feature where
any\_errors\_fatal can be set at the block level.
- Fix tracebacks when playbooks or ansible itself were located in
directories with unicode characters.
- Fix bug when sending unicode characters to an external pager for
display.
- Fix a bug with squashing loops for special modules (mostly package
managers). The optimization was squashing when the loop did not apply
to the selection of packages. This has now been fixed.
- Temp files created when using vault are now "shredded" using the unix
shred program which overwrites the file with random data.
- Some fixes to cloudstack modules for case sensitivity
- Fix non-newstyle modules (non-python modules and old-style modules)
to disabled pipelining.
- Fix fetch module failing even if fail\_on\_missing is set to False
- Fix for cornercase when local connections, sudo, and raw were used
together.
- Fix dnf module to remove dependent packages when state=absent is
specified. This was a feature of the 1.9.x version that was left out
by mistake when the module was rewritten for 2.0.
- Fix bugs with non-english locales in yum, git, and apt modules
- Fix a bug with the dnf module where state=latest could only upgrade,
not install.
- Fix to make implicit fact gathering task correctly inherit settings
from play, this might cause an error if settings environment on play
depending on 'ansible\_env' which was previously ignored
2.0 "Over the Hills and Far Away" - Jan 12, 2016
------------------------------------------------
Major Changes:
~~~~~~~~~~~~~~
- Releases are now named after Led Zeppelin songs, 1.9 will be the last
Van Halen named release.
- The new block/rescue/always directives allow for making task blocks
and exception-like semantics
- New strategy plugins (e.g. ``free``) allow control over the flow of
task execution per play. The default (``linear``) will be the same as
before.
- Improved error handling, with more detailed parser messages. General
exception handling and display has been revamped.
- Task includes are now evaluated during execution, allowing more
dynamic includes and options. Play includes are unchanged both still
use the ``include`` directive.
- "with\_" loops can now be used with task includes since they are
dynamic.
- Callback, connection, cache and lookup plugin APIs have changed.
Existing plugins might require modification to work with the new
versions.
- Callbacks are now shipped in the active directory and don't need to
be copied, just whitelisted in ansible.cfg.
- Many API changes. Those integrating directly with Ansible's API will
encounter breaking changes, but the new API is much easier to use and
test.
- Settings are now more inheritable; what you set at play, block or
role will be automatically inherited by the contained tasks. This
allows for new features to automatically be settable at all levels,
previously we had to manually code this.
- Vars are now settable at play, block, role and task level with the
``vars`` directive and scoped to the tasks contained.
- Template code now retains types for bools and numbers instead of
turning them into strings. If you need the old behaviour, quote the
value and it will get passed around as a string
- Empty variables and variables set to null in yaml will no longer be
converted to empty strings. They will retain the value of ``None``.
To go back to the old behaviour, you can override the
``null_representation`` setting to an empty string in your config
file or by setting the ``ANSIBLE_NULL_REPRESENTATION`` environment
variable.
- Added ``meta: refresh_inventory`` to force rereading the inventory in
a play. This re-executes inventory scripts, but does not force them
to ignore any cache they might use.
- New delegate\_facts directive, a boolean that allows you to apply
facts to the delegated host (true/yes) instead of the
inventory\_hostname (no/false) which is the default and previous
behaviour.
- local connections now work with 'su' as a privilege escalation method
- Ansible 2.0 has deprecated the "ssh" from ansible\_ssh\_user,
ansible\_ssh\_host, and ansible\_ssh\_port to become ansible\_user,
ansible\_host, and ansible\_port.
- New ssh configuration variables (``ansible_ssh_common_args``,
``ansible_ssh_extra_args``) can be used to configure a per-group or
per-host ssh ProxyCommand or set any other ssh options.
``ansible_ssh_extra_args`` is used to set options that are accepted
only by ssh (not sftp or scp, which have their own analogous
settings).
- ansible-pull can now verify the code it runs when using git as a
source repository, using git's code signing and verification
features.
- Backslashes used when specifying parameters in jinja2 expressions in
YAML dicts sometimes needed to be escaped twice. This has been fixed
so that escaping once works. Here's an example of how playbooks need
to be modified:
.. code:: yaml
# Syntax in 1.9.x
- debug:
msg: "{{ 'test1_junk 1\\\\3' | regex_replace('(.*)_junk (.*)', '\\\\1 \\\\2') }}"
# Syntax in 2.0.x
- debug:
msg: "{{ 'test1_junk 1\\3' | regex_replace('(.*)_junk (.*)', '\\1 \\2') }}"
# Output:
"msg": "test1 1\\3"
- When a string with a trailing newline was specified in the playbook
via yaml dict format, the trailing newline was stripped. When
specified in key=value format the trailing newlines were kept. In v2,
both methods of specifying the string will keep the trailing
newlines. If you relied on the trailing newline being stripped you
can change your playbook like this:
.. code:: yaml
# Syntax in 1.9.2
vars:
message: >
Testing
some things
tasks:
- debug:
msg: "{{ message }}"
# Syntax in 2.0.x
vars:
old_message: >
Testing
some things
message: "{{ old_messsage[:-1] }}"
- debug:
msg: "{{ message }}"
# Output
"msg": "Testing some things"
- When specifying complex args as a variable, the variable must use the
full jinja2 variable syntax ('{{var\_name}}') - bare variable names
there are no longer accepted. In fact, even specifying args with
variables has been deprecated, and will not be allowed in future
versions:
.. code:: yaml
---
- hosts: localhost
connection: local
gather_facts: false
vars:
my_dirs:
- { path: /tmp/3a, state: directory, mode: 0755 }
- { path: /tmp/3b, state: directory, mode: 0700 }
tasks:
- file:
args: "{{item}}"
with_items: my_dirs
Plugins
~~~~~~~
- Rewritten dnf module that should be faster and less prone to
encountering bugs in cornercases
- WinRM connection plugin passes all vars named ``ansible_winrm_*`` to
the underlying pywinrm client. This allows, for instance,
``ansible_winrm_server_cert_validation=ignore`` to be used with newer
versions of pywinrm to disable certificate validation on Python
2.7.9+.
- WinRM connection plugin put\_file is significantly faster and no
longer has file size limitations.
Deprecated Modules (new ones in parens):
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
- ec2\_ami\_search (ec2\_ami\_find)
- quantum\_network (os\_network)
- glance\_image
- nova\_compute (os\_server)
- quantum\_floating\_ip (os\_floating\_ip)
- quantum\_router (os\_router)
- quantum\_router\_gateway (os\_router)
- quantum\_router\_interface (os\_router)
New Modules:
^^^^^^^^^^^^
- amazon
- ec2\_ami\_copy
- ec2\_ami\_find
- ec2\_elb\_facts
- ec2\_eni
- ec2\_eni\_facts
- ec2\_remote\_facts
- ec2\_vpc\_igw
- ec2\_vpc\_net
- ec2\_vpc\_net\_facts
- ec2\_vpc\_route\_table
- ec2\_vpc\_route\_table\_facts
- ec2\_vpc\_subnet
- ec2\_vpc\_subnet\_facts
- ec2\_win\_password
- ecs\_cluster
- ecs\_task
- ecs\_taskdefinition
- elasticache\_subnet\_group\_facts
- iam
- iam\_cert
- iam\_policy
- route53\_facts
- route53\_health\_check
- route53\_zone
- s3\_bucket
- s3\_lifecycle
- s3\_logging
- sns\_topic
- sqs\_queue
- sts\_assume\_role
- apk
- bigip\_gtm\_wide\_ip
- bundler
- centurylink
- clc\_aa\_policy
- clc\_alert\_policy
- clc\_blueprint\_package
- clc\_firewall\_policy
- clc\_group
- clc\_loadbalancer
- clc\_modify\_server
- clc\_publicip
- clc\_server
- clc\_server\_snapshot
- circonus\_annotation
- consul
- consul
- consul\_acl
- consul\_kv
- consul\_session
- cloudtrail
- cloudstack
- cs\_account
- cs\_affinitygroup
- cs\_domain
- cs\_facts
- cs\_firewall
- cs\_iso
- cs\_instance
- cs\_instancegroup
- cs\_ip\_address
- cs\_loadbalancer\_rule
- cs\_loadbalancer\_rule\_member
- cs\_network
- cs\_portforward
- cs\_project
- cs\_securitygroup
- cs\_securitygroup\_rule
- cs\_sshkeypair
- cs\_staticnat
- cs\_template
- cs\_user
- cs\_vmsnapshot
- cronvar
- datadog\_monitor
- deploy\_helper
- docker
- docker\_login
- dpkg\_selections
- elasticsearch\_plugin
- expect
- find
- google
- gce\_tag
- hall
- ipify\_facts
- iptables
- libvirt
- virt\_net
- virt\_pool
- maven\_artifact
- openstack
- os\_auth
- os\_client\_config
- os\_image
- os\_image\_facts
- os\_floating\_ip
- os\_ironic
- os\_ironic\_node
- os\_keypair
- os\_network
- os\_network\_facts
- os\_nova\_flavor
- os\_object
- os\_port
- os\_project
- os\_router
- os\_security\_group
- os\_security\_group\_rule
- os\_server
- os\_server\_actions
- os\_server\_facts
- os\_server\_volume
- os\_subnet
- os\_subnet\_facts
- os\_user
- os\_user\_group
- os\_volume
- openvswitch\_db
- osx\_defaults
- pagerduty\_alert
- pam\_limits
- pear
- profitbricks
- profitbricks
- profitbricks\_datacenter
- profitbricks\_nic
- profitbricks\_snapshot
- profitbricks\_volume
- profitbricks\_volume\_attachments
- proxmox
- proxmox
- proxmox\_template
- puppet
- pushover
- pushbullet
- rax
- rax\_clb\_ssl
- rax\_mon\_alarm
- rax\_mon\_check
- rax\_mon\_entity
- rax\_mon\_notification
- rax\_mon\_notification\_plan
- rabbitmq
- rabbitmq\_binding
- rabbitmq\_exchange
- rabbitmq\_queue
- selinux\_permissive
- sendgrid
- sensu
- sensu\_check
- sensu\_subscription
- seport
- slackpkg
- solaris\_zone
- taiga\_issue
- vertica
- vertica\_configuration
- vertica\_facts
- vertica\_role
- vertica\_schema
- vertica\_user
- vmware
- vca\_fw
- vca\_nat
- vmware\_cluster
- vmware\_datacenter
- vmware\_dns\_config
- vmware\_dvs\_host
- vmware\_dvs\_portgroup
- vmware\_dvswitch
- vmware\_host
- vmware\_migrate\_vmk
- vmware\_portgroup
- vmware\_target\_canonical\_facts
- vmware\_vm\_facts
- vmware\_vm\_vss\_dvs\_migrate
- vmware\_vmkernel
- vmware\_vmkernel\_ip\_config
- vmware\_vsan\_cluster
- vmware\_vswitch
- vsphere\_copy
- webfaction
- webfaction\_app
- webfaction\_db
- webfaction\_domain
- webfaction\_mailbox
- webfaction\_site
- windows
- win\_acl
- win\_dotnet\_ngen
- win\_environment
- win\_firewall\_rule
- win\_iis\_virtualdirectory
- win\_iis\_webapplication
- win\_iis\_webapppool
- win\_iis\_webbinding
- win\_iis\_website
- win\_lineinfile
- win\_nssm
- win\_package
- win\_regedit
- win\_scheduled\_task
- win\_unzip
- win\_updates
- win\_webpicmd
- xenserver\_facts
- zabbbix
- zabbix\_host
- zabbix\_hostmacro
- zabbix\_screen
- znode
New Inventory scripts:
^^^^^^^^^^^^^^^^^^^^^^
- cloudstack
- fleetctl
- openvz
- nagios\_ndo
- nsot
- proxmox
- rudder
- serf
New Lookups:
^^^^^^^^^^^^
- credstash
- hashi\_vault
- ini
- shelvefile
New Filters:
^^^^^^^^^^^^
- combine
New Connection:
^^^^^^^^^^^^^^^
- docker: for talking to docker containers on the ansible controller
machine without using ssh.
New Callbacks:
^^^^^^^^^^^^^^
- logentries: plugin to send play data to logentries service
- skippy: same as default but does not display skip messages
Minor changes:
~~~~~~~~~~~~~~
- Many more tests. The new API makes things more testable and we took
advantage of it.
- big\_ip modules now support turning off ssl certificate validation
(use only for self-signed certificates).
- Consolidated code from modules using urllib2 to normalize features,
TLS and SNI support.
- synchronize module's dest\_port parameter now takes precedence over
the ansible\_ssh\_port inventory setting.
- Play output is now dynamically sized to terminal with a minimum of 80
coluumns (old default).
- vars\_prompt and pause are now skipped with a warning if the play is
called noninteractively (i.e. pull from cron).
- Support for OpenBSD's 'doas' privilege escalation method.
- Most vault operations can now be done over multilple files.
- ansible-vault encrypt/decrypt read from stdin if no other input file
is given, and can write to a given ``--output file`` (including
stdout, '-'). This lets you avoid ever writing sensitive plaintext to
disk.
- ansible-vault rekey accepts the --new-vault-password-file option.
- ansible-vault now preserves file permissions on edit and rekey and
defaults to restrictive permissions for other options.
- Configuration items defined as paths (local only) now all support
shell style interpolations.
- Many fixes and new options added to modules, too many to list here.
- Now you can see task file and line number when using verbosity of 3
or above.
- The ``[x-y]`` host range syntax is no longer supported. Note that
``[0:1]`` matches two hosts, i.e. the range is inclusive of its
endpoints.
- We now recommend the use of ``pattern1,pattern2`` to combine host
matching patterns.
- The use of ':' as a separator conflicts with IPv6 addresses and host
ranges. It will be deprecated in the future.
- The undocumented use of ';' as a separator is now deprecated.
- modules and callbacks have been extended to support no\_log to avoid
data disclosure.
- new managed\_syslog option has been added to control output to syslog
on managed machines, no\_log supersedes this settings.
- Lookup, vars and action plugin pathing has been normalized, all now
follow the same sequence to find relative files.
- We do not ignore the explicitly set login user for ssh when it
matches the 'current user' anymore, this allows overriding
.ssh/config when it is set explicitly. Leaving it unset will still
use the same user and respect .ssh/config. This also means
ansible\_ssh\_user can now return a None value.
- environment variables passed to remote shells now default to
'controller' settings, with fallback to en\_US.UTF8 which was the
previous default.
- add\_hosts is much stricter about host name and will prevent invalid
names from being added.
- ansible-pull now defaults to doing shallow checkouts with git, use
``--full`` to return to previous behaviour.
- random cows are more random
- when: now gets the registered var after the first iteration, making
it possible to break out of item loops
- Handling of undefined variables has changed. In most places they will
now raise an error instead of silently injecting an empty string. Use
the default filter if you want to approximate the old behaviour:
::
- debug: msg="The error message was: {{error_code |default('') }}"

383
changelogs/CHANGELOG_v2.1.rst
Unescape Escape View File

@ -0,0 +1,383 @@
=====================================================
Ansible 2.1 "The Song Remains the Same" Release Notes
=====================================================
2.1.4 "The Song Remains the Same" - 2017-01-16
----------------------------------------------
- Security fix for CVE-2016-9587 - An attacker with control over a
client system being managed by Ansible and the ability to send facts
back to the Ansible server could use this flaw to execute arbitrary
code on the Ansible server as the user and group Ansible is running
as.
- Fixed a bug with conditionals in loops, where undefined variables and
other errors will defer raising the error until the conditional has
been evaluated.
- Added a version check for jinja2-2.9, which does not fully work with
Ansible currently.
2.1.3 "The Song Remains the Same" - 2016-11-04
----------------------------------------------
- Security fix for CVE-2016-8628 - Command injection by compromised
server via fact variables. In some situations, facts returned by
modules could overwrite connection-based facts or some other special
variables, leading to injected commands running on the Ansible
controller as the user running Ansible (or via escalated
permissions).
- Security fix for CVE-2016-8614 - apt\_key module not properly
validating keys in some situations.
Minor Changes:
~~~~~~~~~~~~~~
- The subversion module from core now marks its password parameter as
no\_log so the password is obscured when logging.
- The postgresql\_lang and postgresql\_ext modules from extras now mark
login\_password as no\_log so the password is obscured when logging.
- Fixed several bugs related to locating files relative to
role/playbook directories.
- Fixed a bug in the way hosts were tested for failed states, resulting
in incorrectly skipped block sessions.
- Fixed a bug in the way our custom JSON encoder is used for the
``to_json*`` filters.
- Fixed some bugs related to the use of non-ascii characters in become
passwords.
- Fixed a bug with Azure modules which may be using the latest rc6
library.
- Backported some docker\_common fixes.
2.1.2 "The Song Remains the Same" - 2016-09-29
----------------------------------------------
Minor Changes
~~~~~~~~~~~~~
- Fixed a bug related to creation of retry files (#17456)
- Fixed a bug in the way include params are used when an include task
is dynamic (#17064)
- Fixed a bug related to including blocks in an include task (#15963)
- Fixed a bug related to the use of hostvars internally when creating
the connection plugin. This prevents things like variables using
lookups from being evaluated unnecessarily (#17024)
- Fixed a bug where using a variable containing a list for the
``hosts`` of a play resulted in an list of lists (#16583)
- Fixed a bug where integer values would cause an error if a module
param was of type ``float`` (no issue)
- Fixed a bug with net\_template failing if src was not specified
(#17726)
- Fixed a bug in "ansible-galaxy import" (#17417)
- Fixed a bug in which INI files incorrectly treated a hosts range as a
section header (#15331)
- Fixed a bug in which the max\_fail\_percentage calculation
erroneously caused a series of plays to stop executing (#15954)
- Fixed a bug in which the task names were not properly templated
(#16295)
- Fixed a bug causing "squashed" loops (ie. yum, apt) to incorrectly
report results (ansible-modules-core#4214)
- Fixed several bugs related to includes:
- when including statically, make sure that all parents were also
included statically (issue #16990)
- properly resolve nested static include paths
- print a message when a file is statically included
- Fixed a bug in which module params expected to be float types were
not converted from integers (only strings) (#17325)
- Fixed a bug introduced by static includes in 2.1, which prevented
notifications from going to the "top level" handler name.
- Fixed a bug where a group\_vars or host\_vars directory in the
current working directory would be used (and would take precedence)
over those in the inventory and/or playbook directory.
- Fixed a bug which could occur when the result of an async task did
not parse as valid JSON.
- (re)-allowed the use of ansible\_python\_interpreter lines with more
than one argument.
- Fixed several bugs related to the creation of the implicit localhost
in inventory.
- Fixed a bug related to an unspecified number of retries when using
until.
- Fixed a race-condition bug when creating temp directories before the
worker process is forked.
- Fix a bug with async's poll keyword not making use of
ansible\_python\_interpreter to run (and thus breaking when
/usr/bin/python is not present on the remote machine.)
- Fix a bug where hosts that started with a range in inventory were
being treated as an invalid section header.
Module fixes: \* Fixed a bug where the temporary CA files created by the
module helper code were not being deleted properly in some situations
(#17073) \* Fixed many bugs in the unarchive module \* Fixes for module
ec2: - Fixed a bug related to source\_dest\_check when used with non-vpc
instances (core#3243) - Fixed a bug in ec2 where instances were not
powering of when referenced via tags only (core#4765) - Fixed a bug
where instances with multiple interfaces were not powering up/down
correctly (core#3234) \* Fixes for module get\_url: - Fixed a bug in
get\_url module to force a download if there is a checksum mismatch
regardless of the last modified time (core#4262) - Fixed a bug in
get\_url module to properly process FTP results (core#3661 and
core#4601) \* Fixed a bug in win\_user related to users with disabled
accounts/expired passwords (core#4369) \* ini\_file: - Fixed a bug where
option lines are now inserted before blank lines. - Fixed a bug where
leading whitespace prevented matches on options. \* Fixed a bug in
iam\_cert when dup\_ok is used as a string. \* Fixed a bug in
postgresql\_db related to the changed logic when state=absent. \* Fixed
a bug where single\_transaction and quick were not passed into db\_dump
for the mysql\_db module. \* Fixed a bug where the fetch module was not
idempotent when retrieving the target of a symlink. \* Many minor fixes
for bugs in extras modules.
Deprecations
~~~~~~~~~~~~
- Deprecated the use of ``_fixup_perms``. Use ``_fixup_perms2``
instead. This change only impacts custom action plugins using
``_fixup_perms``.
Incompatible Changes
~~~~~~~~~~~~~~~~~~~~
- Use of ``_fixup_perms`` with ``recursive=True`` (the default) is no
longer supported. Custom action plugins using ``_fixup_perms`` will
require changes unless they already use ``recursive=False``. Use
``_fixup_perms2`` if support for previous releases is not required.
Otherwise use ``_fixup_perms`` with ``recursive=False``.
2.1 "The Song Remains the Same"
-------------------------------
Major Changes:
~~~~~~~~~~~~~~
- Official support for the networking modules, originally available in
2.0 as a tech preview.
- Refactored and expanded support for Docker with new modules and many
improvements to existing modules, as well as a new Kubernetes module.
- Added new modules for Azure (see below for the full list)
- Added the ability to specify includes as "static" (either through a
configuration option or on a per-include basis). When includes are
static, they are loaded at compile time and cannot contain dynamic
features like loops.
- Added a new strategy ``debug``, which allows per-task debugging of
playbooks, for more details see
https://docs.ansible.com/ansible/playbooks\_debugger.html
- Added a new option for tasks: ``loop_control``. This currently only
supports one option - ``loop_var``, which allows a different loop
variable from ``item`` to be used.
- Added the ability to filter facts returned by the fact gathering
setup step using the ``gather_subset`` option on the play or in the
ansible.cfg configuration file. See
http://docs.ansible.com/ansible/intro\_configuration.html#gathering
for details on the format of the option.
- Added the ability to send per-item callbacks, rather than a batch
update (this more closely resembles the behavior of Ansible 1.x).
- Added facility for modules to send back 'diff' for display when
ansible is called with --diff, updated several modules to return this
info
- Added ansible-console tool, a REPL shell that allows running adhoc
tasks against a chosen inventory (based on
https://github.com/dominis/ansible-shell)
- Added two new variables, which are set when the ``rescue`` portion of
a ``block`` is started:
- ``ansible_failed_task``, which contains the serialized version of the
failed task.
- ``ansible_failed_result``, which contains the result of the failed
task.
- New meta action, ``meta: clear_host_errors`` which will clear any
hosts which were marked as failed (but not unreachable hosts).
- New meta action, ``meta: clear_facts`` which will remove existing
facts for the current host from current memory and facts cache.
- copy module can now transparently use a vaulted file as source, if
vault passwords were provided it will decrypt and copy on the fly.
- The way new-style python modules (which include all of the
non-windows modules shipped with Ansible) are assembled before
execution on the remote machine has been changed. The new way stays
closer to how python imports modules which will make it easier to
write modules which rely heavily on shared code.
- Reduce the situations in which a module can end up as world readable.
For details, see:
https://docs.ansible.com/ansible/become.html#becoming-an-unprivileged-user
- Re-implemented the retry file feature, which had been left out of 2.0
(fix was backported to 2.0.1 originally).
- Improved winrm argument validation and feature sniffing (for upcoming
pywinrm NTLM support).
- Improved winrm error handling: basic parsing of stderr from CLIXML
stream.
New Modules
^^^^^^^^^^^
- aws
- ec2\_vol\_facts
- ec2\_vpc\_dhcp\_options
- ec2\_vpc\_net\_facts
- ec2\_snapshot\_facts
- azure:
- azure\_rm\_deployment
- azure\_rm\_networkinterface
- azure\_rm\_networkinterface\_facts (TECH PREVIEW)
- azure\_rm\_publicipaddress
- azure\_rm\_publicipaddress\_facts (TECH PREVIEW)
- azure\_rm\_resourcegroup
- azure\_rm\_resourcegroup\_facts (TECH PREVIEW)
- azure\_rm\_securitygroup
- azure\_rm\_securitygroup\_facts (TECH PREVIEW)
- azure\_rm\_storageaccount
- azure\_rm\_storageaccount\_facts (TECH PREVIEW)
- azure\_rm\_storageblob
- azure\_rm\_subnet
- azure\_rm\_virtualmachine
- azure\_rm\_virtualmachineimage\_facts (TECH PREVIEW)
- azure\_rm\_virtualnetwork
- azure\_rm\_virtualnetwork\_facts (TECH PREVIEW)
- cloudflare\_dns
- cloudstack
- cs\_cluster
- cs\_configuration
- cs\_instance\_facts
- cs\_pod
- cs\_resourcelimit
- cs\_volume
- cs\_zone
- cs\_zone\_facts
- clustering
- kubernetes
- cumulus
- cl\_bond
- cl\_bridge
- cl\_img\_install
- cl\_interface
- cl\_interface\_policy
- cl\_license
- cl\_ports
- eos
- eos\_command
- eos\_config
- eos\_eapi
- eos\_template
- gitlab
- gitlab\_group
- gitlab\_project
- gitlab\_user
- ios
- ios\_command
- ios\_config
- ios\_template
- iosxr
- iosxr\_command
- iosxr\_config
- iosxr\_template
- junos
- junos\_command
- junos\_config
- junos\_facts
- junos\_netconf
- junos\_package
- junos\_template
- make
- mongodb\_parameter
- nxos
- nxos\_command
- nxos\_config
- nxos\_facts
- nxos\_feature
- nxos\_interface
- nxos\_ip\_interface
- nxos\_nxapi
- nxos\_ping
- nxos\_switchport
- nxos\_template
- nxos\_vlan
- nxos\_vrf
- nxos\_vrf\_interface
- nxos\_vrrp
- openstack
- os\_flavor\_facts
- os\_group
- os\_ironic\_inspect
- os\_keystone\_domain\_facts
- os\_keystone\_role
- os\_port\_facts
- os\_project\_facts
- os\_user\_facts
- os\_user\_role
- openswitch
- ops\_command
- ops\_config
- ops\_facts
- ops\_template
- softlayer
- sl\_vm
- vmware
- vmware\_maintenancemode
- vmware\_vm\_shell
- windows
- win\_acl\_inheritance
- win\_owner
- win\_reboot
- win\_regmerge
- win\_timezone
- yum\_repository
New Strategies
^^^^^^^^^^^^^^
- debug
New Filters
^^^^^^^^^^^
- extract
- ip4\_hex
- regex\_search
- regex\_findall
New Callbacks
^^^^^^^^^^^^^
- actionable (only shows changed and failed)
- slack
- json
New Tests
^^^^^^^^^
- issubset
- issuperset
New Inventory scripts:
^^^^^^^^^^^^^^^^^^^^^^
- brook
- rackhd
- azure\_rm
Minor Changes:
~~~~~~~~~~~~~~
- Added support for pipelining mode to more connection plugins, which
helps prevent module data from being written to disk.
- Added a new '!unsafe' YAML decorator, which can be used in playbooks
to ensure a string is not templated. For example:
``foo: !unsafe "Don't template {{me}}"``.
- Callbacks now have access to the options with which the CLI was
called
- Debug now has verbosity option to control when to display by matching
number of -v in command line
- Modules now get verbosity, diff and other flags as passed to ansible
- Mount facts now also show 'network mounts' that use the pattern
``<host>:/<mount>``
- Plugins are now sorted before loading. This means, for instance, if
you want two custom callback plugins to run in a certain order you
can name them 10-first-callback.py and 20-second-callback.py.
- Added (alpha) Centirfy's dzdo as another become meethod (privilege
escalation)
Deprecations:
~~~~~~~~~~~~~
- Deprecated the use of "bare" variables in loops (ie.
``with_items: foo``, where ``foo`` is a variable). The full jinja2
variable syntax of ``{{foo}}`` should always be used instead. This
warning will be removed completely in 2.3, after which time it will
be an error.
- play\_hosts magic variable, use ansible\_play\_batch or
ansible\_play\_hosts instead.

427
changelogs/CHANGELOG_v2.2.rst
Unescape Escape View File

@ -0,0 +1,427 @@
==================================================
Ansible 2.2 "The Battle of Evermore" Release Notes
==================================================
2.2.1 "The Battle of Evermore" - 2017-01-16
-------------------------------------------
Major Changes
~~~~~~~~~~~~~
- Security fix for CVE-2016-9587 - An attacker with control over a
client system being managed by Ansible and the ability to send facts
back to the Ansible server could use this flaw to execute arbitrary
code on the Ansible server as the user and group Ansible is running
as.
Minor Changes
~~~~~~~~~~~~~
- Fixes a bug where undefined variables in with\_\* loops would cause a
task failure even if the when condition would cause the task to be
skipped.
- Fixed a bug related to roles where in certain situations a role may
be run more than once despite not allowing duplicates.
- Fixed some additional bugs related to atomic\_move for modules.
- Fixes multiple bugs related to field/attribute inheritance in nested
blocks and includes, as well as task iteration logic during failures.
- Fixed pip installing packages into virtualenvs using the system pip
instead of the virtualenv pip.
- Fixed dnf on systems with dnf-2.0.x (some changes in the API).
- Fixed traceback with dnf install of groups.
- Fixes a bug in which include\_vars was not working with failed\_when.
- Fix for include\_vars only loading files with .yml, .yaml, and .json
extensions. This was only supposed to apply to loading a directory of
vars files.
- Fixes several bugs related to properly incrementing the failed count
in the host statistics.
- Fixes a bug with listening handlers which did not specify a ``name``
field.
- Fixes a bug with the ``play_hosts`` internal variable, so that it
properly reflects the current list of hosts.
- Fixes a bug related to the v2\_playbook\_on\_start callback method
and legacy (v1) plugins.
- Fixes an openssh related process exit race condition, related to the
fact that connections using ControlPersist do not close stderr.
- Improvements and fixes to OpenBSD fact gathering.
- Updated ``make deb`` to use pbuilder. Use ``make local_deb`` for the
previous non-pbuilder build.
- Fixed Windows async to avoid blocking due to handle inheritance.
- Fixed bugs in the mount module on older Linux kernels and BSDs
- Various minor fixes for Python 3
- Inserted some checks for jinja2-2.9, which can cause some issues with
Ansible currently.
2.2 "The Battle of Evermore" - 2016-11-01
-----------------------------------------
Major Changes:
~~~~~~~~~~~~~~
- Added the ``listen`` feature for modules. This feature allows tasks
to more easily notify multiple handlers, as well as making it easier
for handlers from decoupled roles to be notified.
- Major performance improvements.
- Added support for binary modules
- Added the ability to specify serial batches as a list
(``serial: [1, 5, 10]``), which allows for so-called "canary" actions
in one play.
- Fixed 'local type' plugins and actions to have a more predictable
relative path. Fixes a regression of 1.9 (PR #16805). Existing users
of 2.x will need to adjust related tasks.
- ``meta`` tasks can now use conditionals.
- ``raw`` now returns ``changed: true`` to be consistent with
shell/command/script modules. Add ``changed_when: false`` to ``raw``
tasks to restore the pre-2.2 behavior if necessary.
- New privilege escalation become method ``ksu``
- Windows ``async:`` support for long-running or background tasks.
- Windows ``environment:`` support for setting module environment vars
in play/task.
- Added a new ``meta`` option: ``end_play``, which can be used to skip
to the end of a play.
- roles can now be included in the middle of a task list via the new
``include_role`` module, this also allows for making the role import
'loopable' and/or conditional.
- The service module has been changed to use system specific modules if
they exist and fall back to the old service module if they cannot be
found or detected.
- Add ability to specify what ssh client binary to use on the
controller. This can be configured via ssh\_executable in the ansible
config file or by setting ansible\_ssh\_executable as an inventory
variable if different ones are needed for different hosts.
- Windows:
- several facts were modified or renamed for consistency with their
Unix counterparts, and many new facts were added. If your playbooks
rely on any of the following keys, please ensure they are using the
correct key names and/or values:
- ansible\_date\_time.date (changed to use yyyy-mm-dd format instead
of default system-locale format)
- ansible\_date\_time.iso8601 (changed to UTC instead of local time)
- ansible\_distribution (now uses OS caption string, e.g.:
"Microsoft Windows Server 2012 R2 Standard", version is still
available on ansible\_distribution\_version)
- ansible\_totalmem (renamed to ansible\_memtotal\_mb, units changed
to MB instead of bytes)
- ``async:`` support for long-running or background tasks.
- ``environment:`` support for setting module environment vars in
play/task.
- Tech Preview: Work has been done to get Ansible running under
Python3. This work is not complete enough to depend upon in
production environments but it is enough to begin testing it.
- Most of the controller side should now work. Users should be able to
run python3 /usr/bin/ansible and python3 /usr/bin/ansible-playbook
and have core features of ansible work.
- A few of the most essential modules have been audited and are known
to work. Others work out of the box.
- We are using unit and integration tests to help us port code and not
regress later. Even if you are not familiar with python you can still
help by contributing integration tests (just ansible roles) that
exercise more of the code to make sure it continues to run on both
Python2 and Python3.
- scp\_if\_ssh now supports True, False and "smart". "smart" is the
default and will retry failed sftp transfers with scp.
- Network:
- Refactored all network modules to remove duplicate code and take
advantage of Ansiballz implementation
- All functionality from \*\_template network modules have been
combined into \*\_config module
- Network \*\_command modules not longer allow configuration mode
statements
New Modules
^^^^^^^^^^^
- apache2\_mod\_proxy
- asa
- asa\_acl
- asa\_command
- asa\_config
- atomic
- atomic\_host
- atomic\_image
- aws
- cloudformation\_facts
- ec2\_asg\_facts
- ec2\_customer\_gateway
- ec2\_lc\_find
- ec2\_vpc\_dhcp\_options\_facts
- ec2\_vpc\_nacl
- ec2\_vpc\_nacl\_facts
- ec2\_vpc\_nat\_gateway
- ec2\_vpc\_peer
- ec2\_vpc\_vgw
- efs
- efs\_facts
- execute\_lambda
- iam\_mfa\_device\_facts
- iam\_server\_certificate\_facts
- kinesis\_stream
- lambda
- lambda\_alias
- lambda\_event
- lambda\_facts
- redshift
- redshift\_subnet\_group
- s3\_website
- sts\_session\_token
- cloudstack
- cs\_router
- cs\_snapshot\_policy
- dellos6
- dellos6\_command
- dellos6\_config
- dellos6\_facts
- dellos9
- dellos9\_command
- dellos9\_config
- dellos9\_facts
- dellos10
- dellos10\_command
- dellos10\_config
- dellos10\_facts
- digital\_ocean\_block\_storage
- docker
- docker\_network
- eos
- eos\_facts
- exoscale:
- exo\_dns\_domain
- exo\_dns\_record
- f5:
- bigip\_device\_dns
- bigip\_device\_ntp
- bigip\_device\_sshd
- bigip\_gtm\_datacenter
- bigip\_gtm\_virtual\_server
- bigip\_irule
- bigip\_routedomain
- bigip\_selfip
- bigip\_ssl\_certificate
- bigip\_sys\_db
- bigip\_vlan
- github
- github\_key
- github\_release
- google
- gcdns\_record
- gcdns\_zone
- gce\_mig
- honeybadger\_deployment
- illumos
- dladm\_etherstub
- dladm\_vnic
- flowadm
- ipadm\_if
- ipadm\_prop
- ipmi
- ipmi\_boot
- ipmi\_power
- ios
- ios\_facts
- iosxr
- iosxr\_facts
- include\_role
- jenkins
- jenkins\_job
- jenkins\_plugin
- kibana\_plugin
- letsencrypt
- logicmonitor
- logicmonitor\_facts
- lxd
- lxd\_profile
- lxd\_container
- netapp
- netapp\_e\_amg
- netapp\_e\_amg\_role
- netapp\_e\_amg\_sync
- netapp\_e\_auth
- netapp\_e\_facts
- netapp\_e\_flashcache
- netapp\_e\_hostgroup
- netapp\_e\_host
- netapp\_e\_lun\_mapping
- netapp\_e\_snapshot\_group
- netapp\_e\_snapshot\_images
- netapp\_e\_snapshot\_volume
- netapp\_e\_storage\_system
- netapp\_e\_storagepool
- netapp\_e\_volume
- netapp\_e\_volume\_copy
- netconf\_config
- netvisor
- pn\_cluster
- pn\_ospfarea
- pn\_ospf
- pn\_show
- pn\_trunk
- pn\_vlag
- pn\_vlan
- pn\_vrouterbgp
- pn\_vrouterif
- pn\_vrouterlbif
- pn\_vrouter
- nxos
- nxos\_aaa\_server\_host
- nxos\_aaa\_server
- nxos\_acl\_interface
- nxos\_acl
- nxos\_bgp\_af
- nxos\_bgp\_neighbor\_af
- nxos\_bgp\_neighbor
- nxos\_bgp
- nxos\_evpn\_global
- nxos\_evpn\_vni
- nxos\_file\_copy
- nxos\_gir\_profile\_management
- nxos\_gir
- nxos\_hsrp
- nxos\_igmp\_interface
- nxos\_igmp
- nxos\_igmp\_snooping
- nxos\_install\_os
- nxos\_interface\_ospf
- nxos\_mtu
- nxos\_ntp\_auth
- nxos\_ntp\_options
- nxos\_ntp
- nxos\_ospf
- nxos\_ospf\_vrf
- nxos\_overlay\_global
- nxos\_pim\_interface
- nxos\_pim
- nxos\_pim\_rp\_address
- nxos\_portchannel
- nxos\_rollback
- nxos\_smu
- nxos\_snapshot
- nxos\_snmp\_community
- nxos\_snmp\_contact
- nxos\_snmp\_host
- nxos\_snmp\_location
- nxos\_snmp\_traps
- nxos\_snmp\_user
- nxos\_static\_route
- nxos\_udld\_interface
- nxos\_udld
- nxos\_vpc\_interface
- nxos\_vpc
- nxos\_vrf\_af
- nxos\_vtp\_domain
- nxos\_vtp\_password
- nxos\_vtp\_version
- nxos\_vxlan\_vtep
- nxos\_vxlan\_vtep\_vni
- mssql\_db
- ovh\_ip\_loadbalancing\_backend
- opendj\_backendprop
- openstack
- os\_keystone\_service
- os\_recordset
- os\_server\_group
- os\_stack
- os\_zone
- ovirt
- ovirt\_auth
- ovirt\_disks
- ovirt\_vms
- rhevm
- rocketchat
- sefcontext
- sensu\_subscription
- smartos
- smartos\_image\_facts
- sros
- sros\_command
- sros\_config
- sros\_rollback
- statusio\_maintenance
- systemd
- telegram
- univention
- udm\_dns\_record
- udm\_dns\_zone
- udm\_group
- udm\_share
- udm\_user
- vmware
- vmware\_guest
- vmware\_local\_user\_manager
- vmware\_vmotion
- vyos
- vyos\_command
- vyos\_config
- vyos\_facts
- wakeonlan
- windows
- win\_command
- win\_robocopy
- win\_shell
New Callbacks
^^^^^^^^^^^^^
- foreman
Minor Changes
~~~~~~~~~~~~~
- now -vvv shows exact path from which 'currently executing module' was
picked up from.
- loop\_control now has a label option to allow fine grained control
what gets displayed per item
- loop\_control now has a pause option to allow pausing for N seconds
between loop iterations of a task.
- New privilege escalation become method ``ksu``
- ``raw`` now returns ``changed: true`` to be consistent with
shell/command/script modules. Add ``changed_when: false`` to ``raw``
tasks to restore the pre-2.2 behavior if necessary.
- removed previously deprecated ';' as host list separator.
- Only check if the default ssh client supports ControlPersist once
instead of once for each host + task combination.
- Fix a problem with the pip module updating the python pip package
itself.
- ansible\_play\_hosts is a new magic variable to provide a list of
hosts in scope for the current play. Unlike play\_hosts it is not
subject to the 'serial' keyword.
- ansible\_play\_batch is a new magic variable meant to substitute the
current play\_hosts.
For custom front ends using the API
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- ansible.parsing.vault:
- VaultLib.is\_encrypted() has been deprecated. It will be removed in
2.4. Use ansible.parsing.vault.is\_encrypted() instead
- VaultFile has been removed. This unfinished code was never used
inside of Ansible. The feature it was intended to support has now
been implemented without using this.
- VaultAES, the older, insecure encrypted format that debuted in
Ansible-1.5 and was replaced by VaultAES256 less than a week later,
now has a deprecation warning. **It will be removed in 2.3**. In the
unlikely event that you wrote a vault file in that 1 week window and
have never modified the file since (ansible-vault automatically
re-encrypts the file using VaultAES256 whenever it is written to but
not read), run ``ansible-vault rekey [filename]`` to move to
VaultAES256.
Removed Deprecated
~~~~~~~~~~~~~~~~~~
- ';' as host list separator.
- with\_ 'bare variable' handling, now loop items must always be
templated ``{{ }}`` or they will be considered as plain strings.
- skipping task on 'missing attribute' in loop variable, now in a loop
an undefined attribute will return an error instead of skipping the
task.
- skipping on undefined variables in loop, now loops will have to
define a variable or use ``|default`` to avoid errors.
Deprecations
~~~~~~~~~~~~
Notice given that the following will be removed in Ansible 2.4: \*
Modules \* eos\_template \* ios\_template \* iosxr\_template \*
junos\_template \* nxos\_template \* ops\_template

554
changelogs/CHANGELOG_v2.3.rst
Unescape Escape View File

@ -0,0 +1,554 @@
=====================================
Ansible 2.3 "Ramble On" Release Notes
=====================================
2.3.3 "Ramble On" - TBD
-----------------------
Bugfixes
~~~~~~~~
- Fix alternatives module handlling of non existing options
- Fix synchronize traceback with the docker connection plugin
- Do not escape backslashes in the template lookup plugin to mirror
what the template module does
- Fix the expires option of the postgresq\_user module
- Fix for win\_acl when settings permissions on registry objects that
use ``ALL APPLICATION PACKAGES`` and
``ALL RESTRICTED APPLICATION PACKAGES``
- Python3 fixes
- asorted azure modules
- pause module
- hacking/env-setup script
- Fix traceback when checking for passwords in logged strings when
logging executed commands.
- docker\_login module
- Workaround python-libselinux API change in the seboolean module
- digital\_ocean\_tag module
- Fix the zip filter
- Fix user module combining bytes and text
- Fix for security groups in the amazon efs module
- Fix for the jail connection plugin not finding the named jail
- Fix for blockinfile's parameters insertbefore and insertafter
- ios\_config: Fix traceback when the efaults parameter is not set
- iosxr\_config: Fixed unicode error when UTF-8 characters are in
configs
- Fix check mode in archive module
- Fix UnboundLocalError in check mode in cs\_role module
- Fix to always use lowercase hostnames for host keys in known\_hosts
module
- Added missing return results for win\_stat
- Fix rabbitmq modules to give a helpful error if requests is not
installed
- Fix yum module not deleting rpms that it downloaded
- Fix yum module failing with a URL to an rpm
- Fix file module inappropriately expanding literal dollar signs in a
path read from the filesystem as an environment variable.
- Fix the ssh "smart" transport setting which automatically selects the
best means of transferring files over ssh (sftp, ssh, piped).
- Fix authentication by api\_key parameter in exoscale modules.
- vmware module\_utils shared code ssl/validate\_certs fixes in
connection logic
- allow 'bridge' facts to work for certain containers that create
conflicting ones with connection plugins
- Fix for win\_get\_url to use TLS 1.2/1.1 if it is available on the
host
- Fix for the filetree lookup with non-ascii group names
- Better message for invalid keywords/options in task due to undefined
expressions
- Fixed check mode for enable on Solaris for service module
- Fix cloudtrail module to allow AWS profiles other than the default
- Fix an encoding issue with secret (password) vars\_prompts
2.3.2 "Ramble On" - 2017-08-04
------------------------------
Bugfixes
~~~~~~~~
- Fix partend i18n issues
- fixed handling of extra vars for tower\_job\_template (#25272)
- Python3 bugfixes
- Fix sorting of ec2 policies
- Fix digital\_ocean dynamic inventory script
- Fix for the docker connection plugin
- Fix pip module when using python3's pyvenv and python3 -m venv to
create virtualenvs
- Fix for the AnsiBallZ wrapper so that it gives a better error message
when there's not enough disk space to create its tempdir.
- Fix so ansilbe-galaxy install --force with unversioned roles will
once again overwrite old versions.
- Fix for RabbitMQ 3.6.7 endpoint return code changing.
- Fix for Foreman organization creation
- fixed incorrect fail\_json ref in rpm\_key
- Corrected requried on hash\_name for dynamodb\_table
- Fix for fetch action plugin not validating correctly
- Avoid vault view writing display to logs
- htpasswd: fix passlib module version comparison
- Fix for flowdock error message when external\_user\_name is missing
- fixed corner case for delegate\_to, loops and delegate\_facts
- fixed wait\_for python2.4/2.5 compatibility (this is last version
this is needed)
- fix for adhoc not obeying callback options
- fix for win\_find where it fails to recursively scan empty nested
directories
- fix non-pipelined code paths for Windows (eg,
ANSIBLE\_KEEP\_REMOTE\_FILES, non-pipelined connection plugins)
- fix for win\_updates where args and check mode were ignored due to
common code change
- fix for unprivileged users to Windows runas become method
- fix starttls code path for mail module
- fix missing LC\_TYPE in parted module
- fix CN parsing with OpenSSL 1.1 in letsencrypt module
- fix params assignment in jabber module
- fix TXT record type handling in exo\_dns\_record module
- fix message queue message ttl can't be 0 in rabbitmq\_queue module
- CloudStack bugfixes:
- fix template upload for users in cs\_template module, change default
to is\_routing=None
- several fixes in cs\_host module fixes hypervisor handling
- fix network param ignored due typo in cs\_nic module
- fix missing type bool in module cs\_zone
- fix KeyError: 'sshkeypair' in cs\_instance module for CloudStack v4.5
and before
- fix for win\_chocolatey where trying to upgrade all the packages as
per the example docs fails
- fix for win\_chocolatey where it did not fail if the version set did
not exist
- fix for win\_regedit always changing a reg key if the dword values
set is a hex
- fix for wait\_for on non-Linux systems with newer versions of psutil
- fix eos\_banner code and test issues
- run tearup and teardown of EAPI service only on EAPI tests
- fix eos\_config tests so only Eth1 and Eth2 are used
- Fix for potential bug when using legacy inventory vars for
configuring the su password.
- Fix crash in file module when directories contain non-utf8 filenames
- Fix for dnf groupinstall with dnf-2.x
- Fix seboolean module for incompatibility in newer Python3 selinux
bindings
- Optimization for inventory, no need to dedup at every stage, its
redundant and slow
- Fix fact gathering for package and service action plugins
- make random\_choice more error resilient (#27380)
- ensure prefix in plugin loading to avoid conflicts
- fix for a small number of modules (tempfile, possibly copy) which
could fail if the tempdir on the remote box was a symlink
- fix non-pipelined code paths for Windows (eg,
ANSIBLE\_KEEP\_REMOTE\_FILES, non-pipelined connection plugins)
- fix for win\_updates where args and check mode were ignored due to
common code change
2.3.1 "Ramble On" - 2017-06-01
------------------------------
Bugfixes
~~~~~~~~
- Security fix for CVE-2017-7481 - data for lookup plugins used as
variables was not being correctly marked as "unsafe".
- Fix default value of fetch module's validate\_checksum to be True
- Added fix for "meta: refresh\_connection" not working with default
'smart' connection.
- Fix template so that the --diff command line option works when the
destination is a directory
- Fix python3 bugs in pam\_limits
- Fix unbound error when using module deprecation as a single string
- Several places in which error handling was broken due to bad
conversions or just typos
- Fix to user module for appending/setting groups on OpenBSD (flags
were reversed)
- assemble fix to use safer os.join.path, avoids charset issues
- fixed issue with solaris facts and i18n
- added python2.4 compatiblity fix to sysctl module
- Fix comparison of exisiting container security opts in the
docker\_container module
- fixed service module invocation of insserv on certain platforms
- Fix traceback in os\_user in an error case.
- Fix docker container to restart a container when changing to fewer
exposed ports
- Fix tracebacks in docker\_network
- Fixes to detection of updated docker images
- Handle detection of docker image changes when published ports is
changed
- Fix for docker\_container restarting images when links list is empty.
2.3 "Ramble On" - 2017-04-12
----------------------------
Moving to Ansible 2.3 guide
http://docs.ansible.com/ansible/porting\_guide\_2.3.html
Major Changes
~~~~~~~~~~~~~
- Documented and renamed the previously released 'single var vaulting'
feature, allowing user to use vault encryption for single variables
in a normal YAML vars file.
- Allow module\_utils for custom modules to be placed in site-specific
directories and shipped in roles
- On platforms that support it, use more modern system polling API
instead of select in the ssh connection plugin. This removes one
limitation on how many parallel forks are feasible on these systems.
- Windows/WinRM supports (experimental) become method "runas" to run
modules and scripts as a different user, and to transparently access
network resources.
- The WinRM connection plugin now uses pipelining when executing
modules, resulting in significantly faster execution for small tasks.
- The WinRM connection plugin can now manage Kerberos tickets
automatically when ``ansible_winrm_transport=kerberos`` and
``ansible_user``/``ansible_password`` are specified.
- Refactored/standardized most Windows modules, adding check-mode and
diff support where possible.
- Extended Windows module API with parameter-type support, helper
functions. (i.e. Expand-Environment, Add-Warning,
Add-DeprecatationWarning)
- restructured how async works to allow it to apply to action plugins
that choose to support it.
Minor Changes
~~~~~~~~~~~~~
- The version and release facts for OpenBSD hosts were reversed. This
has been changed so that version has the numeric portion and release
has the name of the release.
- removed 'package' from default squash actions as not all package
managers support it and it creates errors when using loops, any user
can add back via config options if they don't use those package
managers or otherwise avoid the errors.
- Blocks can now have a ``name`` field, to aid in playbook readability.
- default strategy is now configurable via ansible.cfg or environment
variable.
- Added 'ansible\_playbook\_python' which contains 'current python
executable', it can be blank in some cases in which Ansible is not
invoked via the standard CLI (sys.executable limitation).
- Added 'metadata' to modules to enable classification
- ansible-doc now displays path to module and existing 'metadata'
- added optional 'piped' transfer method to ssh plugin for when scp and
sftp are missing, ssh plugin is also now 'smarter' when using these
options
- default controlpersist path is now a custom hash of host-port-user to
avoid the socket path length errors for long hostnames
- Various fixes for Python3 compatibility
- Fixed issues with inventory formats not handling 'all' and
'ungrouped' in an uniform way.
- 'service' tasks can now use async again, we had lost this capability
when changed into an action plugin.
- made any\_errors\_fatal inheritable from play to task and all other
objects in between.
- many small performance improvements in inventory and variable
handling and in task execution.
- Added a retry class to the ec2\_asg module since customers were
running into throttling errors (AWSRetry is a solution for modules
using boto3 which isn't applicable here).
Deprecations
~~~~~~~~~~~~
- Specifying --tags (or --skip-tags) multiple times on the command line
currently leads to the last one overriding all the previous ones.
This behaviour is deprecated. In the future, if you specify --tags
multiple times the tags will be merged together. From now on, using
--tags multiple times on one command line will emit a deprecation
warning. Setting the merge\_multiple\_cli\_tags option to True in the
ansible.cfg file will enable the new behaviour. In 2.4, the default
will be to merge and you can enable the old overwriting behaviour via
the config option. In 2.5, multiple --tags options will be merged
with no way to go back to the old behaviour.
- Modules (scheduled for removal in 2.5)
- ec2\_vpc
- cl\_bond
- cl\_bridge
- cl\_img\_install
- cl\_interface
- cl\_interface\_policy
- cl\_license
- cl\_ports
- nxos\_mtu, use nxos\_system instead
New: Callbacks
^^^^^^^^^^^^^^
- dense: minimal stdout output with fallback to default when verbose
New: lookups
^^^^^^^^^^^^
- keyring: allows getting password from the 'controller' system's
keyrings
- chef\_databag: allows querying Chef Databags via pychef library
New: cache
^^^^^^^^^^
- pickle (uses python's own serializer)
- yaml
New: inventory scripts
^^^^^^^^^^^^^^^^^^^^^^
- oVirt/RHV
New: filters
^^^^^^^^^^^^
- combinations
- permutations
- zip
- zip\_longest
Module Notes
~~~~~~~~~~~~
- AWS lambda: previously ignored changes that only affected one
parameter. Existing deployments may have outstanding changes that
this bugfix will apply.
- oVirt/RHV: Added support for 4.1 features and the following:
- data centers, clusters, hosts, storage domains and networks
management.
- hosts and virtual machines affinity groups and labels.
- users, groups and permissions management.
- Improved virtual machines and disks management.
- Mount: Some fixes so bind mounts are not mounted each time the
playbook runs.
New Modules
~~~~~~~~~~~
- a10\_server\_axapi3
- amazon:
- aws\_kms
- cloudfront\_facts
- ec2\_group\_facts
- ec2\_lc\_facts
- ec2\_vpc\_igw\_facts
- ec2\_vpc\_nat\_gateway\_facts
- ec2\_vpc\_vgw\_facts
- ecs\_ecr
- elasticache\_parameter\_group
- elasticache\_snapshot
- iam\_role
- s3\_sync
- archive
- beadm
- bigswitch:
- bigmon\_chain
- bigmon\_policy
- cisco
- cisco\_spark
- cloudengine:
- ce\_command
- cloudscale\_server
- cloudstack:
- cs\_host
- cs\_nic
- cs\_region
- cs\_role
- cs\_vpc
- dimensiondata\_network
- eos:
- eos\_banner
- eos\_system
- eos\_user
- f5:
- bigip\_gtm\_facts
- bigip\_hostname
- bigip\_snat\_pool
- bigip\_sys\_global
- foreman:
- foreman
- katello
- fortios
- fortios\_config
- gconftool2
- google:
- gce\_eip
- gce\_snapshot
- gcpubsub
- gcpubsub\_facts
- hpilo:
- hpilo\_boot
- hpilo\_facts
- hponcfg
- icinga2\_feature
- illumos:
- dladm\_iptun
- dladm\_linkprop
- dladm\_vlan
- ipadm\_addr
- ipadm\_addrprop
- ipadm\_ifprop
- infinidat:
- infini\_export
- infini\_export\_client
- infini\_fs
- infini\_host
- infini\_pool
- infini\_vol
- ipa:
- ipa\_group
- ipa\_hbacrule
- ipa\_host
- ipa\_hostgroup
- ipa\_role
- ipa\_sudocmd
- ipa\_sudocmdgroup
- ipa\_sudorule
- ipa\_user
- ipinfoio\_facts
- ios:
- ios\_banner
- ios\_system
- ios\_vrf
- iosxr\_system
- iso\_extract
- java\_cert
- jenkins\_script
- ldap:
- ldap\_attr
- ldap\_entry
- logstash\_plugin
- mattermost
- net\_command
- netapp:
- sf\_account\_manager
- sf\_snapshot\_schedule\_manager
- sf\_volume\_manager
- sf\_volume\_access\_group\_manager
- nginx\_status\_facts
- nsupdate
- omapi\_host
- openssl:
- openssl\_privatekey
- openssl\_publickey
- openstack:
- os\_nova\_host\_aggregate
- os\_quota
- openwrt\_init
- ordnance:
- ordnance\_config
- ordnance\_facts
- ovirt:
- ovirt\_affinity\_groups
- ovirt\_affinity\_labels
- ovirt\_affinity\_labels\_facts
- ovirt\_clusters
- ovirt\_clusters\_facts
- ovirt\_datacenters
- ovirt\_datacenters\_facts
- ovirt\_external\_providers
- ovirt\_external\_providers\_facts
- ovirt\_groups
- ovirt\_groups\_facts
- ovirt\_host\_networks
- ovirt\_host\_pm
- ovirt\_hosts
- ovirt\_hosts\_facts
- ovirt\_mac\_pools
- ovirt\_networks
- ovirt\_networks\_facts
- ovirt\_nics
- ovirt\_nics\_facts
- ovirt\_permissions
- ovirt\_permissions\_facts
- ovirt\_quotas
- ovirt\_quotas\_facts
- ovirt\_snapshots
- ovirt\_snapshots\_facts
- ovirt\_storage\_domains
- ovirt\_storage\_domains\_facts
- ovirt\_tags
- ovirt\_tags\_facts
- ovirt\_templates
- ovirt\_templates\_facts
- ovirt\_users
- ovirt\_users\_facts
- ovirt\_vmpools
- ovirt\_vmpools\_facts
- ovirt\_vms\_facts
- pacemaker\_cluster
- packet:
- packet\_device
- packet\_sshkey
- pamd
- panos:
- panos\_address
- panos\_admin
- panos\_admpwd
- panos\_cert\_gen\_ssh
- panos\_check
- panos\_commit
- panos\_dag
- panos\_import
- panos\_interface
- panos\_lic
- panos\_loadcfg
- panos\_mgtconfig
- panos\_nat\_policy
- panos\_pg
- panos\_restart
- panos\_security\_policy
- panos\_service
- postgresql\_schema
- proxmox\_kvm
- proxysql:
- proxysql\_backend\_servers
- proxysql\_global\_variables
- proxysql\_manage\_config
- proxysql\_mysql\_users
- proxysql\_query\_rules
- proxysql\_replication\_hostgroups
- proxysql\_scheduler
- pubnub\_blocks
- pulp\_repo
- runit
- serverless
- set\_stats
- panos:
- panos\_security\_policy
- smartos:
- imgadm
- vmadm
- sorcery
- stacki\_host
- swupd
- tempfile
- tower:
- tower\_credential
- tower\_group
- tower\_host
- tower\_inventory
- tower\_job\_template
- tower\_label
- tower\_organization
- tower\_project
- tower\_role
- tower\_team
- tower\_user
- vmware:
- vmware\_guest\_facts
- vmware\_guest\_snapshot
- web\_infrastructure:
- jenkins\_script
- system
- parted
- windows:
- win\_disk\_image
- win\_dns\_client
- win\_domain
- win\_domain\_controller
- win\_domain\_membership
- win\_find
- win\_msg
- win\_path
- win\_psexec
- win\_reg\_stat
- win\_region
- win\_say
- win\_shortcut
- win\_tempfile
- xbps
- zfs:
- zfs\_facts
- zpool\_facts

921
changelogs/CHANGELOG_v2.4.rst
Unescape Escape View File

@ -0,0 +1,921 @@
========================================
Ansible 2.4 "Dancing Days" Release Notes
========================================
2.4.1 "Dancing Days" - 2017-10-25
---------------------------------
Bugfixes
~~~~~~~~
- Security fix for CVE-2017-7550 the jenkins\_plugin module was logging
the jenkins server password if the url\_password was passed via the
params field: https://github.com/ansible/ansible/pull/30875
- Update openssl\* module documentation to show openssl-0.16 is the
minimum version
- Fix openssl\_certificate's csr handling
- Python-3 fixes
- Fix openssl\_certificate parameter assertion on Python3
- Fix for python3 and nonascii strings in inventory plugins
(https://github.com/ansible/ansible/pull/30666)
- Fix missing urllib in iam\_policy
- Fix crypttab module for bytes<=>text string mismatch (
https://github.com/ansible/ansible/pull/30457 )
- Fix lxc\_container module combining bytes with text (
https://github.com/ansible/ansible/pull/30572 )
- Fix map doesn't return a list on python3 in ec2\_snapshot\_facts
module (https://github.com/ansible/ansible/pull/30606)
- Fix uri (and other url retrieving) modules when used with a proxy.
(https://github.com/ansible/ansible/issues/31109)
- Fix azure\_rm dynamic inventory script ConfigParser usage.
- Fix for win\_file to respect check mode when deleting directories
- Fix for Ansible.ModuleUtils.Legacy.psm1 to return list params
correctly
- Fix for a proper logout in the module ovirt\_vms
- Fixed docs for 'password' lookup
- Corrected and added missing feature and porting docs for 2.4
- Fix for Ansible.ModuleUtils.CamelConversion to handle empty lists and
lists with one entry
- Fix nxos terminal regex to parse username correctly.
- Fix colors for selective callback
- Fix for 'New password' prompt on 'ansible-vault edit'
(https://github.com/ansible/ansible/issues/30491)
- Fix for 'ansible-vault encrypt' with vault\_password\_file in config
and --ask-vault-pass cli
(https://github.com/ansible/ansible/pull/30514#pullrequestreview-63395903)
- updated porting guide with notes for callbacks and config
- Added backwards compatiblity shim for callbacks that do not inherit
from CallbackBase
- Corrected issue with configuration and multiple ini entries being
overwriten even when not set.
- backported fix for doc generation (plugin\_formatter)
- Fix ec2\_lc module for an unknown parameter name
(https://github.com/ansible/ansible/pull/30573)
- Change configuration of defaults to use standard jinja2 instead of
custom eval() for using variables in the default field of config
(https://github.com/ansible/ansible/pull/30650)
- added missing entry in chlog deprecation
- Fixed precedence and values for become flags and executable settings
- Fix for win\_domain\_membership to throw more helpful error messages
and check/fix when calling WMI function after changing workgroup
- Fix for win\_power\_plan to compare the OS version's correctly and
work on Windows 10/Server 2016
- Fix module doc for typo in telnet command option
- Fix OpenBSD pkg\_mgr fact
(https://github.com/ansible/ansible/issues/30623)
- Fix encoding error when there are nonascii values in the path to the
ssh binary
- removed YAML inventory group name validation, broke existing setups
and should be global in any case, and configurable
- performance improvment for inventory, had slown down considerably
from 2.3
- Fix cpu facts on sparc64
(https://github.com/ansible/ansible/pull/30261)
- Fix ansible\_distribution fact for Arch linux
(https://github.com/ansible/ansible/issues/30600)
- remove print statements from play\_context/become
- Fix vault errors after 'ansible-vault edit'
(https://github.com/ansible/ansible/issues/30575)
- updated api doc example to match api changes
- corrected issues with slack callback plugin
- it is import\_playbook, not import\_plays, docs now reflect this
- fixed typo and missed include/import conversion in import\_tasks docs
- updated porting docs with note about inventory\_dir
- removed extension requirement for yaml inventory plugin to restore
previous behaviour
- fixed ansible-pull to now correctly deal with inventory
- corrected dig lookup docs
- fix type handling for sensu\_silence so the module works
- added fix for win\_iis\_webapppool to correctly handle array elements
- Fix bugs caused by lack of collector ordering like service\_mgr being
incorrect (https://github.com/ansible/ansible/issues/30753)
- Fix os\_image when the id parameter is not set in the task. (
https://github.com/ansible/ansible/pull/29147 )
- Fix for the winrm connection to use proper task vars
- removed typo from dig lookup docs
- Updated win\_chocolatey example to be clearer around what should be
used with become
- Fix for copy module when permissions are changed but the file
contents are not ( https://github.com/ansible/ansible/issues/30556 )
- corrected YAML\_FILENAME\_EXTENSIONS ini setter as key/section were
swapped
- Better error message when a yaml inventory is invalid
- avoid include\_Xs conflating vars with options
- Fix aws\_s3 module handling ``encrypt`` option
(https://github.com/ansible/ansible/pull/31203)
- Fix for win\_msg to document and show error when message is greater
than 255 characters
- Fix for win\_dotnet\_ngen to work after recent regression
- fixed backwards compat method for config
- removed docs for prematurely added ssh specific pipelining settings
- fixed redis cache typo
- Fix AttributeError during inventory group deserialization
(https://github.com/ansible/ansible/issues/30903)
- Fix 'ansible-vault encrypt --output=-'
(https://github.com/ansible/ansible/issues/30550)
- restore pre 2.4 pipeline configuration options (env and ini)
- Fix win\_copy regression: handling of vault-encrypted source files
(https://github.com/ansible/ansible/pull/31084)
- Updated return values for win\_reg\_stat to correctly show what is
being returned (https://github.com/ansible/ansible/pull/31252)
- reduced normal error redundancy and verbosity, display on increased
and when needed
- Give an informative error instead of a traceback if include\_vars dir
is file instead of directory
(https://github.com/ansible/ansible/pull/31157)
- Fix monit module's version check for color support
(https://github.com/ansible/ansible/pull/31212)
- Make ``elasticsearch_plugin`` module work with both 2.x and 5.x
(https://github.com/ansible/ansible/issues/21989)
- Fix for become on Windows to handle ignored errors
(https://github.com/ansible/ansible/issues/30468)
- Fix removal of newlines when writing SELinux config
(https://github.com/ansible/ansible/issues/30618)
- clarified extension requirement for constructed inv plugin
- really turn off inventory caching, toggle will be added in 2.5
- for inventory sources, dont follow symlinks to calculate base
directory, used for group/host\_vars
- Port the uptime.py example script to the new inventory API.
- inventory\_file variable again returns full path, not just basename
- added info about cwd group/host vars to porting guide
- Fix name parsing out of envra in the yum module
- give user friendly error on badly formatted yaml inventory source
- Fix any\_errors\_fatal setting in playbooks.
- Fix setting of ssh-extra-args from the cli
(https://github.com/ansible/ansible/pull/31326)
- Change SELinux fact behavior to always return a dictionary.
(https://github.com/ansible/ansible/issues/18692)
- Revert a fix for using non /bin/sh shells for modules' running
commands as this was causing output from commands to change, thus
breaking playbooks. See the original bug for details and links to the
eventual fix: https://github.com/ansible/ansible/issues/24169
- Do not log data field in ``docker_secrets`` module
(https://github.com/ansible/ansible/pull/31366)
- Fix rpm\_key taking the wrong 8 chars from the keyid
(https://github.com/ansible/ansible/pull/31045)
- chown errors now more informative
- Fix for win\_copy to copy a source file that has invalid windows
characters in the filename, the dest still must be have valid windows
characters
(https://github.com/ansible/ansible/issues/31336#issuecomment-334649927)
- Fix systemd module to not run daemon-reload in check mode.
- fixed some parsing and selection issues with inventory manager, fixed
minor bugs in yaml and constructed plugins
- Fix the ping module documentation to reference win\_ping instead of
itself: https://github.com/ansible/ansible/pull/31444
- Fix for ec2\_win\_password to allow blank key\_passphrase again
(https://github.com/ansible/ansible/pull/28791)
- added toggle for vars\_plugin behaviour to execute relative to
playbook, set default to revert to previous way.
- Fix for win\_copy to not remove destination file on change when in
check mode (https://github.com/ansible/ansible/pull/31469)
- Fix include\_role usage of role\_name
(https://github.com/ansible/ansible/pull/31463)
- Fix service and package forcing a second run of the setup module to
function (https://github.com/ansible/ansible/issues/31485)
- Better error message when attempting to use include or import with
/usr/bin/ansible (https://github.com/ansible/ansible/pull/31492/)
- Fix ``sysctl`` module to remove etries when ``state=absent``
(https://github.com/ansible/ansible/issues/29920)
- Fix for ec2\_group to avoid trying to iterate over None
(https://github.com/ansible/ansible/pull/31531)
- Fix for ec2\_group for a possible KeyError bug
(https://github.com/ansible/ansible/pull/31540)
- Fix for the rpm\_key module when importing the first gpg key on a
system (https://github.com/ansible/ansible/pull/31514)
- Fix for aws\_s3 metadata to use the correct parameters when uploading
a file (https://github.com/ansible/ansible/issues/31232)
- Fix for the yum module when installing from file/url crashes
(https://github.com/ansible/ansible/pull/31529)
- Improved error messaging for Windows become/runas when username is
bogus (https://github.com/ansible/ansible/pull/31551)
- Fix rollback feature in junos\_config to now allow configuration
rollback on device (https://github.com/ansible/ansible/pull/31424)
- Remove command executed log from ansible-connection
(https://github.com/ansible/ansible/pull/31581)
- Fix relative paths to be relative to config file when there is no
playbook available (https://github.com/ansible/ansible/issues/31533)
- Fix Inventory plugins to use the configured inventory plugin path
(https://github.com/ansible/ansible/issues/31605)
- Fix include task to be dynamic
(https://github.com/ansible/ansible/issues/31593)
- A couple fixes to the test process to account for new testing
resources in our ci system and an upstream cryptography update that
didn't work with pip-8.x
- Document backup\_path in a few dellos modules and vyos\_config
(https://github.com/ansible/ansible/issues/31844)
- Fix for vmware\_vm\_facts with dangling inaccessible VM which don't
have MAC addresses (https://github.com/ansible/ansible/pull/31629)
- Fix for win\_regedit sending extra data that could confuse ansible's
result parsing (https://github.com/ansible/ansible/pull/31813)
- Fix git module to correctly cleanup temporary dirs
(https://github.com/ansible/ansible/pull/31541)
- Fix for modules which use atomic\_move() to rename files raising an
exception if a file could not be opened. Fix will return a nice error
message instead: https://github.com/ansible/ansible/issues/31786
- Fix ansible-doc and ansible-console module-path option
(https://github.com/ansible/ansible/pull/31744)
- Fix for hostname module on RHEL 7.5
(https://github.com/ansible/ansible/issues/31811)
- Fix provider password leak in logs for asa modules
(https://github.com/ansible/ansible/issues/32343)
- Fix tagging for dynamodb\_table if region is not explicitly passed to
the module (https://github.com/ansible/ansible/pull/32557)
- Fix Python 3 decode error in ``cloudflare_dns``
(https://github.com/ansible/ansible/pull/32065)
Known Bugs
~~~~~~~~~~
- Implicit localhost is getting ansible\_connection from all:vars
instead of from the implicit localhost definition
(https://github.com/ansible/ansible/issues/31420)
2.4 "Dancing Days" - 2017/09/18
-------------------------------
Major Changes
~~~~~~~~~~~~~
- Support for Python-2.4 and Python-2.5 on the managed system's side
was dropped. If you need to manage a system that ships with
Python-2.4 or Python-2.5, you'll need to install Python-2.6 or better
on the managed system or run Ansible-2.3 until you can upgrade the
system.
- New import/include keywords to replace the old bare ``include``
directives. The use of ``static: {yes|no}`` on such includes is now
deprecated.
- Using ``import_*`` (``import_playbook``, ``import_tasks``,
``import_role``) directives are static.
- Using ``include_*`` (``include_tasks``, ``include_role``)
directives are dynamic. This is done to avoid collisions and
possible security issues as facts come from the remote targets and
they might be compromised.
- New ``order`` play level keyword that allows the user to change the
order in which Ansible processes hosts when dispatching tasks.
- Users can now set group merge priority for groups of the same depth
(parent child relationship), using the new ``ansible_group_priority``
variable, when values are the same or don't exist it will fallback to
the previous sorting by name'.
- Inventory has been revamped:
- Inventory classes have been split to allow for better management and
deduplication
- Logic that each inventory source duplicated is now common and pushed
up to reconciliation
- VariableManager has been updated for better interaction with
inventory
- Updated CLI with helper method to initialize base objects for plays
- New inventory plugins for creating inventory
- Old inventory formats are still supported via plugins
- Inline host\_list is also an inventory plugin, an example alternative
``advanced_host_list`` is also provided (it supports ranges)
- New configuration option to list enabled plugins and precedence order
``[inventory]enable_plugins`` in ansible.cfg
- vars\_plugins have been reworked, they are now run from Vars manager
and API has changed (need docs)
- Loading group\_vars/host\_vars is now a vars plugin and can be
overridden
- It is now possible to specify multiple inventory sources in the
command line (-i /etc/hosts1 -i /opt/hosts2)
- Inventory plugins can use the cache plugin (i.e. virtualbox) and is
affected by ``meta: refresh_inventory``
- Group variable precedence is now configurable via new 'precedence'
option in ansible.cfg (needs docs)
- Improved warnings and error messages across the board
- Configuration has been changed from a hardcoded listing in the
constants module to dynamically loaded from yaml definitions
- Also added an ansible-config CLI to allow for listing config options
and dumping current config (including origin)
- TODO: build upon this to add many features detailed in ansible-config
proposal https://github.com/ansible/proposals/issues/35
- Windows modules now support the use of multiple shared module\_utils
files in the form of Powershell modules (.psm1), via
``#Requires -Module Ansible.ModuleUtils.Whatever.psm1``
- Python module argument\_spec now supports custom validation logic by
accepting a callable as the ``type`` argument.
- Windows become\_method: runas is no longer marked ``experimental``
- Windows become\_method: runas now works across all authtypes and will
auto-elevate under UAC if WinRM user has "Act as part of the
operating system" privilege
Deprecations
~~~~~~~~~~~~
- The behaviour when specifying ``--tags`` (or ``--skip-tags``)
multiple times on the command line has changed so that the tags are
merged together by default. See the documentation for how to
temporarily use the old behaviour if needed:
https://docs.ansible.com/ansible/intro\_configuration.html#merge-multiple-cli-tags
- The ``fetch`` module's ``validate_md5`` parameter has been deprecated
and will be removed in 2.8. If you wish to disable post-validation of
the downloaded file, use validate\_checksum instead.
- Those using ansible as a library should note that the
``ansible.vars.unsafe_proxy`` module is deprecated and slated to go
away in 2.8. The functionality has been moved to
``ansible.utils.unsafe_proxy`` to avoid a circular import.
- The win\_get\_url module has the dictionary 'win\_get\_url' in its
results deprecated, its content is now also available directly in the
resulting output, like other modules.
- Previously deprecated 'hostfile' config settings have been
're-deprecated' as before the code did not warn about deprecated
configuration settings, but it does now.
Deprecated Modules (to be removed in 2.8):
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
- azure: use M(azure\_rm\_virtualmachine) instead
- cs\_nic: replaced by cs\_instance\_nic\_secondaryip, also see new
module cs\_instance\_nic for managing nics
- ec2\_facts: replaced by ec2\_metadata\_facts
- ec2\_remote\_facts: replaced by ec2\_instance\_facts
- panos\_address: use M(panos\_object) instead
- panos\_nat\_policy: use M(panos\_nat\_rule) instead
- panos\_security\_policy: use M(panos\_security\_rule) instead
- panos\_service: use M(panos\_object) instead
- s3: replaced by aws\_s3
- win\_msi: use M(win\_package) instead
Removed Modules (previously deprecated):
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
- eos\_template: use eos\_config instead
- ios\_template: use ios\_config instead
- iosxr\_template: use iosxr\_config instead
- junos\_template: use junos\_config instead
- nxos\_template: use nxos\_config instead
- openswitch
- ops\_template: use ops\_config instead
Minor Changes
~~~~~~~~~~~~~
- Now deprecated configuration options issue warnings when set.
- Removed unused and deprecated config option ``pattern``
- Updated the copy of six bundled for modules to use from 1.4.1 to
1.10.0
- The ``inventory_dir`` var is not a global anymore, as we now allow
multiple inventory sources, it is now host dependant. This means it
cannot be used wherever host vars are not permitted, for example in
task/handler names.
- Fixed a cornercase with ini inventory vars. Previously, if an
inventory var was a quoted string with hash marks ("#") in it then
the parsed string included the quotes. Now the string will not be
quoted. Previously, if the quoting ended before the string finished
and then the hash mark appeared, the hash mark was included as part
of the string. Now it is treated as a trailing comment:
# Before: var1="string#comment" ===> var1: ""string#comment""
var1="string" #comment ===> var1: ""string" #comment" # After:
var1="string#comment" ===> var1: "string#comment" var1="string"
#comment ===> var1: "string"
The new behaviour mirrors how the variables would appear if there was no
hash mark in the string. \* As of 2.4.0, the fetch module fails if there
are errors reading the remote file. Use ``ignore_errors`` or
``failed_when`` in playbooks if you wish to ignore errors. \*
Experimentally added pmrun become method. \* Enable the docker
connection plugin to use su as a become method \* Add an encoding
parameter for the replace module so that it can operate on non-utf-8
files \* By default, Ansible now uses the cryptography module to
implement vault instead of the older pycrypto module. \* Changed task
state resulting from both ``rc`` and ``failed`` fields returned, 'rc' no
longer overrides 'failed'. Test plugins have also been updated
accordingly. \* The win\_unzip module no longer includes dictionary
'win\_unzip' in its results, the content is now directly in the
resulting output, like pretty much every other module. \* Rewrite of the
copy module so that it handles cornercases with symbolic links and empty
directories. The copy module has a new parameter, ``local_follow`` which
controls how links on the source system are treated. (The older
parameter, follow is for links on the remote system.) \* Update the
handling of symbolic file permissions in file-related mode parameters to
deal with multiple operators. For instance, ``mode='u=rw+x-X'`` to set
the execute bit on directories, remove it from filea, and set read-write
on both is now supported \* Added better cookie parsing to
fetch\_url/open\_url. Cookies are now in a dictionary named ``cookies``
in the fetch\_url result. Anything using ``open_url`` directly can pass
a cookie object as a named arg (``cookies``), and then parse/format the
cookies in the result. \* The bundled copy of six in
lib/ansible/module\_utils/six is now used unconditionally. The code to
fallback on a system six interfered with static analysis of the code so
the cost of using the fallback code became too high. Distributions which
wish to unbundle may do so by replacing the bundled six in
ansible/module\_utils/six/\ **init**.py. Six is tricky to unbundle,
however, so they may want to base their efforts off the code we were
using: \*
https://github.com/ansible/ansible/blob/2fff690caab6a1c6a81973f704be3fbd0bde2c2f/lib/ansible/module\_utils/six/\ **init**.py
\* Update ipaddr Jinja filters to replace existing non RFC compliant
ones. Added additional filters for easier use of handling IP addresses.
(PR #26566) \* datetime filter updated to use default format of
datetime.datetime (ISO8601) \* The junit plugin now has an option to
report a junit test failure on changes for idempotent testing. \* New
'diff' keyword allows setting diff mode on playbook objects, overriding
command line option and config. \* New config settings for inventory to:
- control inventory plugins used - extensions of files to ignore when
using inventory directory - patterns of files to ignore when using
inventory directory - option to toggle failed inventory source parsing
between an error or a warning \* More fixes for Python 3 across the code
base. \* win\_shell and win\_command modules now properly preserve
quoted arguments passed on the command-line. Tasks that attempted to
work around the issue by adding extra quotes/escaping may need to be
reworked. See https://github.com/ansible/ansible/issues/23019 for
additional detail. \* All configuration paths are now relative to the
``ansible.cfg`` file used. \* By user request, a 'configuration macro'
(``CWD``) is available to force configured paths to be relative to the
current working directory. Please note that this is unsafe and not
recommended.
New Callbacks:
^^^^^^^^^^^^^^
- full\_skip
- profile\_roles
- stderr
New Filters:
^^^^^^^^^^^^
- parse\_cli
- parse\_cli\_textfsm
New Inventory Plugins:
^^^^^^^^^^^^^^^^^^^^^^
- advanced\_host\_list
- constructed
- host\_list
- ini
- script
- virtualbox
- yaml
New Inventory scripts:
^^^^^^^^^^^^^^^^^^^^^^
- lxd
New: Tests
^^^^^^^^^^
- ``any``: true if any element is true
- ``all``: true if all elements are true
Module Notes
~~~~~~~~~~~~
- The docker\_container module has gained a new option, ``working_dir``
which allows specifying the working directory for the command being
run in the image.
- The ec2\_win\_password module now requires the cryptography python
module be installed to run
- The stat module added a field, lnk\_target. When the file being
stated is a symlink, lnk\_target will contain the target of the link.
This differs from lnk\_source when the target is specified relative
to the symlink. In this case, lnk\_target will remain relative while
lnk\_source will be expanded to an absolute path.
- The archive module has a new parameter exclude\_path which lists
paths to exclude from the archive
- The yum module has a new parameter security which limits state=latest
to security updates
- The template module gained a follow parameter to match with copy and
file. Like those modules, template defaults this parameter to False.
Previously, template hardcoded this to true.
- Added a new parameter to command module that lets users specify data
to pipe into the command's stdin.
- The azure\_rm modules now accept a ``cloud_environment`` arg to
access regional and private clouds.
- The azure\_rm modules and inventory script now require at least
version 2.0.0 of the Azure Python SDK.
New Modules
~~~~~~~~~~~
Cloud
^^^^^
- amazon
- aws\_api\_gateway
- aws\_direct\_connect\_connection
- aws\_direct\_connect\_link\_aggregation\_group
- aws\_s3
- aws\_s3\_bucket\_facts
- aws\_waf\_facts
- data\_pipeline
- dynamodb\_ttl
- ec2\_instance\_facts
- ec2\_metadata\_facts
- ec2\_vpc\_dhcp\_option\_facts
- ec2\_vpc\_endpoint
- ec2\_vpc\_endpoint\_facts
- ec2\_vpc\_peering\_facts
- ecs\_attribute
- elb\_application\_lb
- elb\_application\_lb\_facts
- elb\_target\_group
- elb\_target\_group\_facts
- iam\_group
- iam\_managed\_policy
- lightsail
- redshift\_facts
- azure
- azure\_rm\_acs
- azure\_rm\_availabilityset
- azure\_rm\_availabilityset\_facts
- azure\_rm\_dnsrecordset
- azure\_rm\_dnsrecordset\_facts
- azure\_rm\_dnszone
- azure\_rm\_dnszone\_facts
- azure\_rm\_functionapp
- azure\_rm\_functionapp\_facts
- azure\_rm\_loadbalancer
- azure\_rm\_loadbalancer\_facts
- azure\_rm\_managed\_disk
- azure\_rm\_managed\_disk\_facts
- azure\_rm\_virtualmachine\_extension
- azure\_rm\_virtualmachine\_scaleset
- azure\_rm\_virtualmachine\_scaleset\_facts
- atomic
- atomic\_container
- cloudstack
- cs\_instance\_nic
- cs\_instance\_nic\_secondaryip
- cs\_network\_acl
- cs\_network\_acl\_rule
- cs\_storage\_pool
- cs\_vpn\_gateway
- digital\_ocean
- digital\_ocean\_floating\_ip
- docker
- docker\_secret
- docker\_volume
- google
- gce\_labels
- gcp\_backend\_service
- gcp\_forwarding\_rule
- gcp\_healthcheck
- gcp\_target\_proxy
- gcp\_url\_map
- misc
- helm
- ovirt
- ovirt\_host\_storage\_facts
- ovirt\_scheduling\_policies\_facts
- ovirt\_storage\_connections
- vmware
- vcenter\_license
- vmware\_guest\_find
- vmware\_guest\_tools\_wait
- vmware\_resource\_pool
Commands
^^^^^^^^
- telnet
Crypto
^^^^^^
- openssl\_certificate
- openssl\_csr
Files
^^^^^
- xml
Identity
^^^^^^^^
- cyberark
- cyberark\_authentication
- cyberark\_user
- ipa
- ipa\_dnsrecord
Monitoring
^^^^^^^^^^
- sensu\_client
- sensu\_handler
- sensu\_silence
Network
^^^^^^^
- aci
- aci\_aep
- aci\_ap
- aci\_bd
- aci\_bd\_subnet
- aci\_bd\_to\_l3out
- aci\_contract
- aci\_contract\_subject\_to\_filter
- aci\_epg
- aci\_epg\_monitoring\_policy
- aci\_epg\_to\_contract
- aci\_epg\_to\_domain
- aci\_filter
- aci\_filter\_entry
- aci\_intf\_policy\_fc
- aci\_intf\_policy\_l2
- aci\_intf\_policy\_lldp
- aci\_intf\_policy\_mcp
- aci\_intf\_policy\_port\_channel
- aci\_intf\_policy\_port\_security
- aci\_l3out\_route\_tag\_policy
- aci\_rest
- aci\_taboo\_contract
- aci\_tenant
- aci\_tenant\_action\_rule\_profile
- aci\_tenant\_span\_dst\_group
- aci\_vrf
- aireos
- aireos\_command
- aireos\_config
- aruba
- aruba\_command
- aruba\_config
- avi
- avi\_actiongroupconfig
- avi\_alertconfig
- avi\_alertemailconfig
- avi\_alertscriptconfig
- avi\_alertsyslogconfig
- avi\_authprofile
- avi\_backup
- avi\_backupconfiguration
- avi\_cloud
- avi\_cloudconnectoruser
- avi\_cloudproperties
- avi\_cluster
- avi\_controllerproperties
- avi\_dnspolicy
- avi\_gslb
- avi\_gslbapplicationpersistenceprofile
- avi\_gslbgeodbprofile
- avi\_gslbhealthmonitor
- avi\_gslbservice
- avi\_hardwaresecuritymodulegroup
- avi\_httppolicyset
- avi\_ipaddrgroup
- avi\_ipamdnsproviderprofile
- avi\_microservicegroup
- avi\_network
- avi\_networksecuritypolicy
- avi\_poolgroupdeploymentpolicy
- avi\_prioritylabels
- avi\_scheduler
- avi\_seproperties
- avi\_serverautoscalepolicy
- avi\_serviceengine
- avi\_serviceenginegroup
- avi\_snmptrapprofile
- avi\_stringgroup
- avi\_trafficcloneprofile
- avi\_useraccountprofile
- avi\_vrfcontext
- avi\_vsdatascriptset
- avi\_vsvip
- avi\_webhook
- bigswitch
- bcf\_switch
- cloudengine
- ce\_aaa\_server
- ce\_aaa\_server\_host
- ce\_acl
- ce\_acl\_advance
- ce\_acl\_interface
- ce\_bfd\_global
- ce\_bfd\_session
- ce\_bfd\_view
- ce\_bgp
- ce\_bgp\_af
- ce\_bgp\_neighbor
- ce\_bgp\_neighbor\_af
- ce\_config
- ce\_dldp
- ce\_dldp\_interface
- ce\_eth\_trunk
- ce\_evpn\_bd\_vni
- ce\_evpn\_bgp
- ce\_evpn\_bgp\_rr
- ce\_evpn\_global
- ce\_facts
- ce\_file\_copy
- ce\_info\_center\_debug
- ce\_info\_center\_global
- ce\_info\_center\_log
- ce\_info\_center\_trap
- ce\_interface
- ce\_interface\_ospf
- ce\_ip\_interface
- ce\_link\_status
- ce\_mlag\_config
- ce\_mlag\_interface
- ce\_mtu
- ce\_netconf
- ce\_netstream\_aging
- ce\_netstream\_export
- ce\_netstream\_global
- ce\_netstream\_template
- ce\_ntp
- ce\_ntp\_auth
- ce\_ospf
- ce\_ospf\_vrf
- ce\_reboot
- ce\_rollback
- ce\_sflow
- ce\_snmp\_community
- ce\_snmp\_contact
- ce\_snmp\_location
- ce\_snmp\_target\_host
- ce\_snmp\_traps
- ce\_snmp\_user
- ce\_startup
- ce\_static\_route
- ce\_stp
- ce\_switchport
- ce\_vlan
- ce\_vrf
- ce\_vrf\_af
- ce\_vrf\_interface
- ce\_vrrp
- ce\_vxlan\_arp
- ce\_vxlan\_gateway
- ce\_vxlan\_global
- ce\_vxlan\_tunnel
- ce\_vxlan\_vap
- cloudvision
- cv\_server\_provision
- eos
- eos\_logging
- eos\_vlan
- eos\_vrf
- f5
- bigip\_command
- bigip\_config
- bigip\_configsync\_actions
- bigip\_gtm\_pool
- bigip\_iapp\_service
- bigip\_iapp\_template
- bigip\_monitor\_tcp\_echo
- bigip\_monitor\_tcp\_half\_open
- bigip\_provision
- bigip\_qkview
- bigip\_snmp
- bigip\_snmp\_trap
- bigip\_ucs
- bigip\_user
- bigip\_virtual\_address
- fortios
- fortios\_address
- interface
- net\_interface
- net\_linkagg
- net\_lldp\_interface
- ios
- ios\_interface
- ios\_logging
- ios\_static\_route
- ios\_user
- iosxr
- iosxr\_banner
- iosxr\_interface
- iosxr\_logging
- iosxr\_user
- junos
- junos\_banner
- junos\_interface
- junos\_l3\_interface
- junos\_linkagg
- junos\_lldp
- junos\_lldp\_interface
- junos\_logging
- junos\_static\_route
- junos\_system
- junos\_vlan
- junos\_vrf
- layer2
- net\_l2\_interface
- net\_vlan
- layer3
- net\_l3\_interface
- net\_vrf
- netscaler
- netscaler\_cs\_action
- netscaler\_cs\_policy
- netscaler\_cs\_vserver
- netscaler\_gslb\_service
- netscaler\_gslb\_site
- netscaler\_gslb\_vserver
- netscaler\_lb\_monitor
- netscaler\_lb\_vserver
- netscaler\_save\_config
- netscaler\_server
- netscaler\_service
- netscaler\_servicegroup
- netscaler\_ssl\_certkey
- nuage
- nuage\_vspk
- nxos
- nxos\_banner
- nxos\_logging
- panos
- panos\_nat\_rule
- panos\_object
- panos\_security\_rule
- protocol
- net\_lldp
- routing
- net\_static\_route
- system
- net\_banner
- net\_logging
- net\_system
- net\_user
- vyos
- vyos\_banner
- vyos\_interface
- vyos\_l3\_interface
- vyos\_linkagg
- vyos\_lldp
- vyos\_lldp\_interface
- vyos\_logging
- vyos\_static\_route
- vyos\_user
Notification
^^^^^^^^^^^^
- bearychat
- catapult
- office\_365\_connector\_card
Remote Management
^^^^^^^^^^^^^^^^^
- hpe
- oneview\_fc\_network
- imc
- imc\_rest
- manageiq
- manageiq\_user
Source Control
^^^^^^^^^^^^^^
- github\_deploy\_key
- github\_issue
Storage
^^^^^^^
- nuage\_vpsk
- panos
- panos\_sag
- purestorage
- purefa\_hg
- purefa\_host
- purefa\_pg
- purefa\_snap
- purefa\_volume
System
^^^^^^
- aix\_lvol
- awall
- dconf
- interfaces\_file
Web Infrastructure
^^^^^^^^^^^^^^^^^^
- gunicorn
- rundeck\_acl\_policy
- rundeck\_project
Windows
^^^^^^^
- win\_defrag
- win\_domain\_group
- win\_domain\_user
- win\_dsc
- win\_eventlog
- win\_eventlog\_entry
- win\_firewall
- win\_group\_membership
- win\_hotfix
- win\_mapped\_drive
- win\_pagefile
- win\_power\_plan
- win\_psmodule
- win\_rabbitmq\_plugin
- win\_route
- win\_security\_policy
- win\_toast
- win\_user\_right
- win\_wait\_for
- win\_wakeonlan

620
changelogs/CHANGELOG_v2.5.rst
Unescape Escape View File

@ -0,0 +1,620 @@
===================================
Ansible 2.5 "Kashmir" Release Notes
===================================
v2.5.0b2
========
Release Summary
---------------
| Release Date: 2018-02-15
| Estimated Final Release: mid-March 2018
| `Porting Guide <http://docs.ansible.com/ansible/devel/porting_guides.html>`_
Major Changes
-------------
- New simpler and more intuitive 'loop' keyword for task loops. The ``with_<lookup>`` loops will likely be deprecated in the near future and eventually removed.
- Added fact namespacing, from now on facts will be available under ``ansible_facts`` namespace (i.e. ``ansible_facts.os_distribution``)
w/o the ``ansible_`` prefix. They will continue to be added into the main namespace directly, but now with a configuration toggle to
enable this, currently on by default, in the future it will be off.
- Added a configuration file to filter modules that a site administrator wants to exclude from being used.
Minor Changes
-------------
- Added a few new magic vars corresponding to configuration/command
line options: ``ansible_diff_mode``, ``ansible_inventory_sources``,
``ansible_limit``, ``ansible_run_tags`` , ``ansible_forks`` and
``ansible_skip_tags``
- Updated the bundled copy of the six library to 1.11.0
- Added support to ``become`` ``NT AUTHORITY\System``,
``NT AUTHORITY\LocalService``, and ``NT AUTHORITY\NetworkService`` on Windows hosts
- Fixed ``become`` to work with async on Windows hosts
- Improved ``become`` elevation process to work on standard
Administrator users without disabling UAC on Windows hosts
- The jenkins\_plugin and yum\_repository plugins had their ``params``
option removed due to circumventing Ansible's option processing.
- combine filter now accepts a list of dicts as well as dicts directly
- New CLI options for ansible-inventory, ansible-console and ansible to
allow specifying a playbook\_dir to be used for relative search
paths.
- ``stat`` and ``win_stat`` have changed the default value of
``get_md5`` to ``False`` which will result in the ``md5`` return
value not being returned. This option will be removed altogether in
Ansible 2.9. use ``get_checksum: True`` with
``checksum_algorithm: md5`` to return an md5 hash of the file under
the ``checksum`` return value.
- ``osx_say`` module was renamed into ``say``.
- Task debugger functionality was moved into ``StrategyBase``, and
extended to allow explicit invocation from use of the ``debugger``
keyword. The ``debug`` strategy is still functional, and is now just
a trigger to enable this functionality
- Reorganized the documentation into distinct guides for different
target audiences.
- The ANSIBLE\_REMOTE\_TMP environment variable has been added to
supplement (and override) ANSIBLE\_REMOTE\_TEMP. This matches with
the spelling of the config value. ANSIBLE\_REMOTE\_TEMP will be
deprecated in the future.
Deprecated Features
-------------------
- Previously deprecated 'hostfile' config settings have been
're-deprecated' as previously code did not warn about deprecated
configuration settings.
- Using Ansible provided Jinja tests as filters is deprecated and will
be removed in Ansible 2.9
- ``stat`` and ``win_stat`` have deprecated ``get_md5`` and the ``md5``
return value and these options will become undocumented in Ansible
2.9 and removed in a later version.
- The ``redis_kv`` lookup in favor of new ``redis`` lookup
- Passing arbitrary parameters that begin with ``HEADER_`` to the uri
module, used for passing http headers, is deprecated. Use the
``headers`` parameter with a dictionary of header names to value
instead. This will be removed in Ansible-2.9
- Passing arbitrary parameters to the zfs module to set zfs properties
is deprecated. Use the ``extra_zfs_properties`` parameter with a
dictionary of property names to values instead. This will be removed
in Ansible-2.9.
- Use of the AnsibleModule parameter, check\_invalid\_arguments, in custom modules is deprecated. In the future, all parameters will be
checked to see whether they are listed in the arg spec and an error raised if they are not listed. This behaviour is the current and
future default so most custom modules can simply remove check\_invalid\_arguments if they set it to the default of True.
check\_invalid\_arguments will be removed in Ansible-2.9.
- nxos\_ip\_interface module is deprecated in Ansible 2.5. Use nxos\_l3\_interface module instead.
- nxos\_portchannel module is deprecated in Ansible 2.5. Use nxos\_linkagg module instead.
- nxos\_switchport module is deprecated in Ansible 2.5. Use nxos\_l2\_interface module instead.
- ec2\_ami\_find has been deprecated, use ec2\_ami\_facts.
- panos\_security\_policy: Use panos\_security\_rule - the old module uses deprecated API calls
- vsphere\_guest is deprecated in Ansible 2.5 and will be removed in Ansible-2.9. Use vmware\_guest module instead.
Removed Features (previously deprecated)
----------------------------------------
- accelerate.
- boundary\_meter: There was no deprecation period for this but the
hosted service it relied on has gone away so the module has been
removed. `#29387 <https://github.com/ansible/ansible/issues/29387>`__
- cl\_ : cl\_interface, cl\_interface\_policy, cl\_bridge,
cl\_img\_install, cl\_ports, cl\_license, cl\_bond. Use ``nclu``
instead
- docker, use docker\_container and docker\_image instead.
- ec2\_vpc.
- ec2\_ami\_search, use ec2\_ami\_facts instead.
- nxos\_mtu, use nxos\_system's ``system_mtu`` option. To specify an interface's MTU use nxos\_interface.
- panos\_nat\_policy: Use panos\_nat\_rule the old module uses deprecated API calls
New Lookup Plugins
------------------
- aws\_account\_attribute: Query AWS account attributes such as EC2-Classic availability
- aws\_service\_ip\_ranges: Query AWS IP ranges for services such as EC2/S3
- aws\_ssm: Query AWS ssm data
- config: Lookup Ansible settings
- conjur\_variable: Fetch credentials from CyberArk Conjur
- k8s: Query the K8s API
- nios: Query Infoblox NIOS objects
- openshift: Return info from Openshift installation
- redis: look up date from Redis DB, deprecates the redis\_kv one.
New Callback Plugins
--------------------
- null
- unixy
- yaml
New Connection Plugins
----------------------
- kubectl
- oc
- netconf
- network\_cli
- While neither network\_cli nor netconf are technically new plugins, these connections may now be used directly with network modules. See
`Network Best Practices for Ansible 2.5 <http://docs.ansible.com/ansible/devel/network_best_practices_2.5.html>`__ for more details.
New Filter Plugins
------------------
- parse\_xml
New Modules
-----------
- Cloud (amazon)
- aws\_acm\_facts
- aws\_application\_scaling\_policy
- aws\_az\_facts
- aws\_batch\_compute\_environment
- aws\_batch\_job\_definition
- aws\_batch\_job\_queue
- aws\_direct\_connect\_gateway
- aws\_direct\_connect\_virtual\_interface
- aws\_elasticbeanstalk\_app
- aws\_kms\_facts
- aws\_region\_facts
- aws\_s3\_cors
- aws\_ses\_identity
- aws\_ssm\_parameter\_store
- aws\_waf\_condition
- aws\_waf\_rule
- aws\_waf\_web\_acl
- cloudfront\_distribution
- cloudfront\_invalidation
- cloudfront\_origin\_access\_identity
- cloudwatchlogs\_log\_group
- cloudwatchlogs\_log\_group\_facts
- ec2\_ami\_facts
- ec2\_asg\_lifecycle\_hook
- ec2\_customer\_gateway\_facts
- ec2\_instance
- ec2\_placement\_group
- ec2\_placement\_group\_facts
- ec2\_vpc\_egress\_igw
- ecs\_taskdefinition\_facts
- elasticache\_facts
- elb\_target
- iam\_role\_facts
- iam\_user
- Cloud (azure)
- azure\_rm\_containerinstance
- azure\_rm\_containerregistry
- azure\_rm\_image
- azure\_rm\_keyvault
- azure\_rm\_keyvaultkey
- azure\_rm\_keyvaultsecret
- azure\_rm\_mysqldatabase
- azure\_rm\_mysqlserve
- azure\_rm\_postgresqldatabase
- azure\_rm\_postgresqlserver
- azure\_rm\_sqldatabase
- azure\_rm\_sqlserver
- azure\_rm\_sqlserver\_facts
- Cloud (cloudstack)
- cs\_network\_offering
- cs\_service\_offering
- cs\_vpc\_offering
- cs\_vpn\_connection
- cs\_vpn\_customer\_gateway
- Cloud (digital\_ocean)
- digital\_ocean\_certificate
- digital\_ocean\_floating\_ip\_facts
- digital\_ocean\_sshkey\_facts
- Cloud (google)
- gcp\_dns\_managed\_zone
- Cloud (misc)
- cloudscale\_floating\_ip
- spotinst\_aws\_elastigroup
- terraform
- Cloud (oneandone)
- oneandone\_firewall\_policy
- oneandone\_load\_balancer
- oneandone\_monitoring\_policy
- oneandone\_private\_network
- oneandone\_public\_ip
- oneandone\_server
- Cloud (openstack)
- os\_keystone\_endpoint
- os\_project\_access
- Cloud (ovirt)
- ovirt\_api\_facts
- ovirt\_disk\_facts
- Cloud (vmware)
- vcenter\_folder
- vmware\_cfg\_backup
- vmware\_datastore\_facts
- vmware\_drs\_rule\_facts
- vmware\_guest\_file\_operation
- vmware\_guest\_powerstate
- vmware\_host\_acceptance
- vmware\_host\_config\_facts
- vmware\_host\_config\_manager
- vmware\_host\_datastore
- vmware\_host\_dns\_facts
- vmware\_host\_facts
- vmware\_host\_firewall\_facts
- vmware\_host\_firewall\_manager
- vmware\_host\_lockdown
- vmware\_host\_ntp
- vmware\_host\_package\_facts
- vmware\_host\_service\_facts
- vmware\_host\_service\_manager
- vmware\_host\_vmnic\_facts
- vmware\_local\_role\_manager
- vmware\_vm\_vm\_drs\_rule
- vmware\_vmkernel\_facts
- Cloud (vultr)
- vr\_account\_facts
- vr\_dns\_domain
- vr\_dns\_record
- vr\_firewall\_group
- vr\_firewall\_rule
- vr\_server
- vr\_ssh\_key
- vr\_startup\_script
- vr\_user
- Clustering
- etcd3
- k8s
- k8s\_raw
- k8s\_scale
- openshift
- openshift\_raw
- openshift\_scale
- Crypto
- openssl\_dhparam
- Database
- influxdb
- influxdb\_query
- influxdb\_user
- influxdb\_write
- Identity
- ipa
- ipa\_dnszone
- ipa\_service
- ipa\_subca
- keycloak
- keycloak\_client
- keycloak\_clienttemplate
- Monitoring
- grafana\_dashboard
- grafana\_datasource
- grafana\_plugin
- icinga2\_host
- zabbix
- zabbix\_proxy
- zabbix\_template
- Net Tools
- ip\_netns
- nios
- nios\_dns\_view
- nios\_host\_record
- nios\_network
- nios\_network\_view
- nios\_zone
- Network (aci)
- aci\_aaa\_user
- aci\_aaa\_user\_certificate
- aci\_access\_port\_to\_interface\_policy\_leaf\_profile
- aci\_aep\_to\_domain
- aci\_domain
- aci\_domain\_to\_encap\_pool
- aci\_domain\_to\_vlan\_pool
- aci\_encap\_pool
- aci\_encap\_pool\_range
- aci\_fabric\_node
- aci\_firmware\_source
- aci\_interface\_policy\_leaf\_policy\_group
- aci\_interface\_policy\_leaf\_profile
- aci\_interface\_selector\_to\_switch\_policy\_leaf\_profile
- aci\_static\_binding\_to\_epg
- aci\_switch\_leaf\_selector
- aci\_switch\_policy\_leaf\_profile
- aci\_switch\_policy\_vpc\_protection\_group
- aci\_vlan\_pool
- aci\_vlan\_pool\_encap\_block
- Network (avi)
- avi\_api\_version
- avi\_clusterclouddetails
- avi\_customipamdnsprofile
- avi\_errorpagebody
- avi\_errorpageprofile
- avi\_gslbservice\_patch\_member
- avi\_wafpolicy
- avi\_wafprofile
- Network (dimension data)
- dimensiondata\_vlan
- Network (edgeos)
- edgeos\_command
- edgeos\_config
- edgeos\_facts
- Network (enos)
- enos\_command
- enos\_config
- enos\_facts
- Network (eos)
- eos\_interface
- eos\_l2\_interface
- eos\_l3\_interface
- eos\_linkagg
- eos\_lldp
- eos\_static\_route
- Network (f5)
- bigip\_asm\_policy
- bigip\_device\_connectivity
- bigip\_device\_group
- bigip\_device\_group\_member
- bigip\_device\_httpd
- bigip\_device\_trust
- bigip\_gtm\_server
- bigip\_iapplx\_package
- bigip\_monitor\_http
- bigip\_monitor\_https
- bigip\_monitor\_snmp\_dca
- bigip\_monitor\_udp
- bigip\_partition
- bigip\_policy
- bigip\_policy\_rule
- bigip\_profile\_client\_ssl
- bigip\_remote\_syslog
- bigip\_security\_address\_list
- bigip\_security\_port\_list
- bigip\_software\_update
- bigip\_ssl\_key
- bigip\_static\_route
- bigip\_traffic\_group
- bigip\_ucs\_fetch
- bigip\_vcmp\_guest
- bigip\_wait
- bigiq\_regkey\_license
- bigiq\_regkey\_pool
- Network (fortimanager)
- fmgr\_script
- Network (ios)
- ios\_l2\_interface
- ios\_l3\_interface
- ios\_linkagg
- ios\_lldp
- ios\_vlan
- Network (iosxr)
- iosxr\_netconf
- Network (ironware)
- ironware\_command
- ironware\_config
- ironware\_facts
- Network (junos)
- junos\_l2\_interface
- junos\_scp
- Network (netact)
- netact\_cm\_command
- Network (netscaler)
- netscaler\_nitro\_request
- Network (nso)
- nso\_action
- nso\_config
- nso\_query
- nso\_show
- nso\_verify
- Network (nxos)
- nxos\_l2\_interface
- nxos\_l3\_interface
- nxos\_linkagg
- nxos\_lldp
- Network (onyx)
- onyx\_bgp
- onyx\_command
- onyx\_config
- onyx\_facts
- onyx\_interface
- onyx\_l2\_interface
- onyx\_l3\_interface
- onyx\_linkagg
- onyx\_lldp
- onyx\_lldp\_interface
- onyx\_magp
- onyx\_mlag\_ipl
- onyx\_mlag\_vip
- onyx\_ospf
- onyx\_pfc\_interface
- onyx\_protocol
- onyx\_vlan
- Network (panos)
- panos\_dag\_tags
- panos\_match\_rule
- panos\_op
- panos\_query\_rules
- Network (radware)
- vdirect\_commit
- vdirect\_runnable
- Network (vyos)
- vyos\_vlan
- Notification
- logentries\_msg
- say
- snow\_record
- Packaging
- os
- package\_facts
- rhsm\_repository
- Remote Management (manageiq)
- manageiq\_alert\_profiles
- manageiq\_alerts
- manageiq\_policies
- manageiq\_tags
- Remote Management (oneview)
- oneview\_datacenter\_facts
- oneview\_enclosure\_facts
- oneview\_logical\_interconnect\_group
- oneview\_logical\_interconnect\_group\_facts
- oneview\_san\_manager\_facts
- Remote Management (ucs)
- ucs\_ip\_pool
- ucs\_lan\_connectivity
- ucs\_mac\_pool
- ucs\_san\_connectivity
- ucs\_vhba\_template
- ucs\_vlans
- ucs\_vnic\_template
- ucs\_vsans
- ucs\_wwn\_pool
- System
- mksysb
- nosh
- service\_facts
- vdo
- Web Infrastructure
- jenkins\_job\_facts
- Windows
- win\_audit\_policy\_system
- win\_audit\_rule
- win\_certificate\_store
- win\_disk\_facts
- win\_product\_facts
- win\_scheduled\_task\_stat
- win\_whoami
Bugfixes
--------
- azure_rm modules - internal changes to use API profiles and kwargs for future Azure Stack support and better stability between SDK updates. (https://github.com/ansible/ansible/pull/35538)
- fix memory bloat on nested includes by preventing blocks from self-parenting (https://github.com/ansible/ansible/pull/36075)
- ensure displayed messages under peristent connections are returned to the controller (https://github.com/ansible/ansible/pull/36064)
- eos_vrf and eos_eapi - fix vrf parsing (https://github.com/ansible/ansible/pull/35791)
- interface_file - accept interfaces without address family or method (https://github.com/ansible/ansible/pull/34200)
- nxos_evpn_vni - fixed a number of issues (https://github.com/ansible/ansible/pull/35930)
- nxos_igmp_interface - fix response handling for different nxos versions (https://github.com/ansible/ansible/pull/35959)
- nxos_interface_ospf - various bugfixes (https://github.com/ansible/ansible/pull/35988)
- openshift modules - update to client version 0.4.0 (https://github.com/ansible/ansible/pull/35127)
- fix templating issues in loop_control (https://github.com/ansible/ansible/pull/36124)
- ansible-config - fix traceback when no config file is present (https://github.com/ansible/ansible/issues/35965)
- misc fixes to Linux virtualization facts (https://github.com/ansible/ansible/issues/36038)
- fix failure when remote_tmp is a subdir of a system tempdir (https://github.com/ansible/ansible/pull/36143)
- ios_ping - allow for count > 70 (https://github.com/ansible/ansible/pull/36142)
- vmware_guest_snapshot - always check for root snapshot (https://github.com/ansible/ansible/pull/36001)
- vyos - fixes to check mode support (https://github.com/ansible/ansible/pull/35977)
- vyos_l3_interface - add support for localhost (https://github.com/ansible/ansible/pull/36141)
- win_domain_controller - only specify ReadOnlyReplica when necessary (https://github.com/ansible/ansible/pull/36017)
- win_updates - fix regresion with string category names(https://github.com/ansible/ansible/pull/36015)
- win_uri - fixed issues with the creates and removes options (https://github.com/ansible/ansible/pull/36016)

18
changelogs/config.yaml
Unescape Escape View File

@ -0,0 +1,18 @@
---
release_tag_re: '(v(?:[\d.ab\-]|rc)+)'
pre_release_tag_re: '(?P<pre_release>(?:[ab]|rc)+\d*)$'
notesdir: fragments
prelude_section_name: release_summary
sections:
- ['major_changes', 'Major Changes']
- ['minor_changes', 'Minor Changes']
- ['deprecated_features', 'Deprecated Features']
- ['removed_features', 'Removed Features (previously deprecated)']
- ['new_lookup_plugins', 'New Lookup Plugins']
- ['new_callback_plugins', 'New Callback Plugins']
- ['new_connection_plugins', 'New Connection Plugins']
- ['new_test_plugins', 'New Test Plugins']
- ['new_filter_plugins', 'New Filter Plugins']
- ['new_modules', 'New Modules']
- ['bugfixes', 'Bugfixes']
- ['known_issues', 'Known Issues']

2
changelogs/fragments/ansible-inv-export.yaml
Unescape Escape View File

@ -0,0 +1,2 @@
minor_features:
- ansible-inventory - now supports a ``--export`` option to preserve group_var data (https://github.com/ansible/ansible/pull/36188)

3
changelogs/fragments/azure_api_profiles.yaml
Unescape Escape View File

@ -0,0 +1,3 @@
bugfixes:
- |
azure_rm modules - internal changes to use API profiles and kwargs for future Azure Stack support and better stability between SDK updates. (https://github.com/ansible/ansible/pull/35538)

3
changelogs/fragments/block_parenting.yaml
Unescape Escape View File

@ -0,0 +1,3 @@
bugfixes:
- |
fix memory bloat on nested includes by preventing blocks from self-parenting (https://github.com/ansible/ansible/pull/36075)

3
changelogs/fragments/display_fix.yaml
Unescape Escape View File

@ -0,0 +1,3 @@
bugfixes:
- |
ensure displayed messages under peristent connections are returned to the controller (https://github.com/ansible/ansible/pull/36064)

3
changelogs/fragments/eos_vrf_parsing_fix.yaml
Unescape Escape View File

@ -0,0 +1,3 @@
bugfixes:
- |
eos_vrf and eos_eapi - fix vrf parsing (https://github.com/ansible/ansible/pull/35791)

3
changelogs/fragments/interfaces_file_args_fix.yaml
Unescape Escape View File

@ -0,0 +1,3 @@
bugfixes:
- |
interface_file - accept interfaces without address family or method (https://github.com/ansible/ansible/pull/34200)

3
changelogs/fragments/nxos_evpn_vni_issues.yaml
Unescape Escape View File

@ -0,0 +1,3 @@
bugfixes:
- |
nxos_evpn_vni - fixed a number of issues (https://github.com/ansible/ansible/pull/35930)

3
changelogs/fragments/nxos_igmp_interface_fix.yaml
Unescape Escape View File

@ -0,0 +1,3 @@
bugfixes:
- |
nxos_igmp_interface - fix response handling for different nxos versions (https://github.com/ansible/ansible/pull/35959)

3
changelogs/fragments/nxos_interface_ospf_fix.yaml
Unescape Escape View File

@ -0,0 +1,3 @@
bugfixes:
- |
nxos_interface_ospf - various bugfixes (https://github.com/ansible/ansible/pull/35988)

3
changelogs/fragments/openshift_client_update.yaml
Unescape Escape View File

@ -0,0 +1,3 @@
bugfixes:
- |
openshift modules - update to client version 0.4.0 (https://github.com/ansible/ansible/pull/35127)

525
changelogs/fragments/v2.5.0b1_catchup.yaml
Unescape Escape View File

@ -0,0 +1,525 @@
major_changes:
- New simpler and more intuitive 'loop' keyword for task loops. The ``with_<lookup>`` loops will likely be deprecated in the near future and eventually removed.
- |
Added fact namespacing, from now on facts will be available under ``ansible_facts`` namespace (i.e. ``ansible_facts.os_distribution``)
w/o the ``ansible_`` prefix. They will continue to be added into the main namespace directly, but now with a configuration toggle to
enable this, currently on by default, in the future it will be off.
- Added a configuration file to filter modules that a site administrator wants to exclude from being used.
minor_changes:
- |
Added a few new magic vars corresponding to configuration/command
line options: ``ansible_diff_mode``, ``ansible_inventory_sources``,
``ansible_limit``, ``ansible_run_tags`` , ``ansible_forks`` and
``ansible_skip_tags``
- Updated the bundled copy of the six library to 1.11.0
- |
Added support to ``become`` ``NT AUTHORITY\System``,
``NT AUTHORITY\LocalService``, and ``NT AUTHORITY\NetworkService`` on Windows hosts
- Fixed ``become`` to work with async on Windows hosts
- |
Improved ``become`` elevation process to work on standard
Administrator users without disabling UAC on Windows hosts
- |
The jenkins\_plugin and yum\_repository plugins had their ``params``
option removed due to circumventing Ansible's option processing.
- combine filter now accepts a list of dicts as well as dicts directly
- |
New CLI options for ansible-inventory, ansible-console and ansible to
allow specifying a playbook\_dir to be used for relative search
paths.
- |
``stat`` and ``win_stat`` have changed the default value of
``get_md5`` to ``False`` which will result in the ``md5`` return
value not being returned. This option will be removed altogether in
Ansible 2.9. use ``get_checksum: True`` with
``checksum_algorithm: md5`` to return an md5 hash of the file under
the ``checksum`` return value.
- |
``osx_say`` module was renamed into ``say``.
- |
Task debugger functionality was moved into ``StrategyBase``, and
extended to allow explicit invocation from use of the ``debugger``
keyword. The ``debug`` strategy is still functional, and is now just
a trigger to enable this functionality
- |
Reorganized the documentation into distinct guides for different
target audiences.
- |
The ANSIBLE\_REMOTE\_TMP environment variable has been added to
supplement (and override) ANSIBLE\_REMOTE\_TEMP. This matches with
the spelling of the config value. ANSIBLE\_REMOTE\_TEMP will be
deprecated in the future.
deprecated_features:
- |
Previously deprecated 'hostfile' config settings have been
're-deprecated' as previously code did not warn about deprecated
configuration settings.
- |
Using Ansible provided Jinja tests as filters is deprecated and will
be removed in Ansible 2.9
- |
``stat`` and ``win_stat`` have deprecated ``get_md5`` and the ``md5``
return value and these options will become undocumented in Ansible
2.9 and removed in a later version.
- The ``redis_kv`` lookup in favor of new ``redis`` lookup
- |
Passing arbitrary parameters that begin with ``HEADER_`` to the uri
module, used for passing http headers, is deprecated. Use the
``headers`` parameter with a dictionary of header names to value
instead. This will be removed in Ansible-2.9
- |
Passing arbitrary parameters to the zfs module to set zfs properties
is deprecated. Use the ``extra_zfs_properties`` parameter with a
dictionary of property names to values instead. This will be removed
in Ansible-2.9.
- |
Use of the AnsibleModule parameter, check\_invalid\_arguments, in custom modules is deprecated. In the future, all parameters will be
checked to see whether they are listed in the arg spec and an error raised if they are not listed. This behaviour is the current and
future default so most custom modules can simply remove check\_invalid\_arguments if they set it to the default of True.
check\_invalid\_arguments will be removed in Ansible-2.9.
- nxos\_ip\_interface module is deprecated in Ansible 2.5. Use nxos\_l3\_interface module instead.
- nxos\_portchannel module is deprecated in Ansible 2.5. Use nxos\_linkagg module instead.
- nxos\_switchport module is deprecated in Ansible 2.5. Use nxos\_l2\_interface module instead.
- ec2\_ami\_find has been deprecated, use ec2\_ami\_facts.
- |
panos\_security\_policy: Use panos\_security\_rule - the old module uses deprecated API calls
- vsphere\_guest is deprecated in Ansible 2.5 and will be removed in Ansible-2.9. Use vmware\_guest module instead.
removed_features:
- accelerate.
- |
boundary\_meter: There was no deprecation period for this but the
hosted service it relied on has gone away so the module has been
removed. `#29387 <https://github.com/ansible/ansible/issues/29387>`__
- |
cl\_ : cl\_interface, cl\_interface\_policy, cl\_bridge,
cl\_img\_install, cl\_ports, cl\_license, cl\_bond. Use ``nclu``
instead
- docker, use docker\_container and docker\_image instead.
- ec2\_vpc.
- ec2\_ami\_search, use ec2\_ami\_facts instead.
- nxos\_mtu, use nxos\_system's ``system_mtu`` option. To specify an interface's MTU use nxos\_interface.
- |
panos\_nat\_policy: Use panos\_nat\_rule the old module uses deprecated API calls
new_lookup_plugins:
- |
aws\_account\_attribute: Query AWS account attributes such as EC2-Classic availability
- |
aws\_service\_ip\_ranges: Query AWS IP ranges for services such as EC2/S3
- |
aws\_ssm: Query AWS ssm data
- |
config: Lookup Ansible settings
- |
conjur\_variable: Fetch credentials from CyberArk Conjur
- |
k8s: Query the K8s API
- |
nios: Query Infoblox NIOS objects
- |
openshift: Return info from Openshift installation
- |
redis: look up date from Redis DB, deprecates the redis\_kv one.
new_callback_plugins:
- 'null'
- unixy
- yaml
new_connection_plugins:
- kubectl
- oc
- netconf
- |
network\_cli
- While neither network\_cli nor netconf are technically new plugins, these connections may now be used directly with network modules. See
`Network Best Practices for Ansible 2.5 <http://docs.ansible.com/ansible/devel/network_best_practices_2.5.html>`__ for more details.
new_filter_plugins:
- parse\_xml
new_modules:
- |
Cloud (amazon)
- aws\_acm\_facts
- aws\_application\_scaling\_policy
- aws\_az\_facts
- aws\_batch\_compute\_environment
- aws\_batch\_job\_definition
- aws\_batch\_job\_queue
- aws\_direct\_connect\_gateway
- aws\_direct\_connect\_virtual\_interface
- aws\_elasticbeanstalk\_app
- aws\_kms\_facts
- aws\_region\_facts
- aws\_s3\_cors
- aws\_ses\_identity
- aws\_ssm\_parameter\_store
- aws\_waf\_condition
- aws\_waf\_rule
- aws\_waf\_web\_acl
- cloudfront\_distribution
- cloudfront\_invalidation
- cloudfront\_origin\_access\_identity
- cloudwatchlogs\_log\_group
- cloudwatchlogs\_log\_group\_facts
- ec2\_ami\_facts
- ec2\_asg\_lifecycle\_hook
- ec2\_customer\_gateway\_facts
- ec2\_instance
- ec2\_placement\_group
- ec2\_placement\_group\_facts
- ec2\_vpc\_egress\_igw
- ecs\_taskdefinition\_facts
- elasticache\_facts
- elb\_target
- iam\_role\_facts
- iam\_user
- |
Cloud (azure)
- azure\_rm\_containerinstance
- azure\_rm\_containerregistry
- azure\_rm\_image
- azure\_rm\_keyvault
- azure\_rm\_keyvaultkey
- azure\_rm\_keyvaultsecret
- azure\_rm\_mysqldatabase
- azure\_rm\_mysqlserve
- azure\_rm\_postgresqldatabase
- azure\_rm\_postgresqlserver
- azure\_rm\_sqldatabase
- azure\_rm\_sqlserver
- azure\_rm\_sqlserver\_facts
- |
Cloud (cloudstack)
- cs\_network\_offering
- cs\_service\_offering
- cs\_vpc\_offering
- cs\_vpn\_connection
- cs\_vpn\_customer\_gateway
- |
Cloud (digital\_ocean)
- digital\_ocean\_certificate
- digital\_ocean\_floating\_ip\_facts
- digital\_ocean\_sshkey\_facts
- |
Cloud (google)
- gcp\_dns\_managed\_zone
- |
Cloud (misc)
- cloudscale\_floating\_ip
- spotinst\_aws\_elastigroup
- terraform
- |
Cloud (oneandone)
- oneandone\_firewall\_policy
- oneandone\_load\_balancer
- oneandone\_monitoring\_policy
- oneandone\_private\_network
- oneandone\_public\_ip
- oneandone\_server
- |
Cloud (openstack)
- os\_keystone\_endpoint
- os\_project\_access
- |
Cloud (ovirt)
- ovirt\_api\_facts
- ovirt\_disk\_facts
- |
Cloud (vmware)
- vcenter\_folder
- vmware\_cfg\_backup
- vmware\_datastore\_facts
- vmware\_drs\_rule\_facts
- vmware\_guest\_file\_operation
- vmware\_guest\_powerstate
- vmware\_host\_acceptance
- vmware\_host\_config\_facts
- vmware\_host\_config\_manager
- vmware\_host\_datastore
- vmware\_host\_dns\_facts
- vmware\_host\_facts
- vmware\_host\_firewall\_facts
- vmware\_host\_firewall\_manager
- vmware\_host\_lockdown
- vmware\_host\_ntp
- vmware\_host\_package\_facts
- vmware\_host\_service\_facts
- vmware\_host\_service\_manager
- vmware\_host\_vmnic\_facts
- vmware\_local\_role\_manager
- vmware\_vm\_vm\_drs\_rule
- vmware\_vmkernel\_facts
- |
Cloud (vultr)
- vr\_account\_facts
- vr\_dns\_domain
- vr\_dns\_record
- vr\_firewall\_group
- vr\_firewall\_rule
- vr\_server
- vr\_ssh\_key
- vr\_startup\_script
- vr\_user
- |
Clustering
- etcd3
- k8s
- k8s\_raw
- k8s\_scale
- openshift
- openshift\_raw
- openshift\_scale
- |
Crypto
- openssl\_dhparam
- |
Database
- influxdb
- influxdb\_query
- influxdb\_user
- influxdb\_write
- |
Identity
- ipa
- ipa\_dnszone
- ipa\_service
- ipa\_subca
- keycloak
- keycloak\_client
- keycloak\_clienttemplate
- |
Monitoring
- grafana\_dashboard
- grafana\_datasource
- grafana\_plugin
- icinga2\_host
- zabbix
- zabbix\_proxy
- zabbix\_template
- |
Net Tools
- ip\_netns
- nios
- nios\_dns\_view
- nios\_host\_record
- nios\_network
- nios\_network\_view
- nios\_zone
- |
Network (aci)
- aci\_aaa\_user
- aci\_aaa\_user\_certificate
- aci\_access\_port\_to\_interface\_policy\_leaf\_profile
- aci\_aep\_to\_domain
- aci\_domain
- aci\_domain\_to\_encap\_pool
- aci\_domain\_to\_vlan\_pool
- aci\_encap\_pool
- aci\_encap\_pool\_range
- aci\_fabric\_node
- aci\_firmware\_source
- aci\_interface\_policy\_leaf\_policy\_group
- aci\_interface\_policy\_leaf\_profile
- aci\_interface\_selector\_to\_switch\_policy\_leaf\_profile
- aci\_static\_binding\_to\_epg
- aci\_switch\_leaf\_selector
- aci\_switch\_policy\_leaf\_profile
- aci\_switch\_policy\_vpc\_protection\_group
- aci\_vlan\_pool
- aci\_vlan\_pool\_encap\_block
- |
Network (avi)
- avi\_api\_version
- avi\_clusterclouddetails
- avi\_customipamdnsprofile
- avi\_errorpagebody
- avi\_errorpageprofile
- avi\_gslbservice\_patch\_member
- avi\_wafpolicy
- avi\_wafprofile
- |
Network (dimension data)
- dimensiondata\_vlan
- |
Network (edgeos)
- edgeos\_command
- edgeos\_config
- edgeos\_facts
- |
Network (enos)
- enos\_command
- enos\_config
- enos\_facts
- |
Network (eos)
- eos\_interface
- eos\_l2\_interface
- eos\_l3\_interface
- eos\_linkagg
- eos\_lldp
- eos\_static\_route
- |
Network (f5)
- bigip\_asm\_policy
- bigip\_device\_connectivity
- bigip\_device\_group
- bigip\_device\_group\_member
- bigip\_device\_httpd
- bigip\_device\_trust
- bigip\_gtm\_server
- bigip\_iapplx\_package
- bigip\_monitor\_http
- bigip\_monitor\_https
- bigip\_monitor\_snmp\_dca
- bigip\_monitor\_udp
- bigip\_partition
- bigip\_policy
- bigip\_policy\_rule
- bigip\_profile\_client\_ssl
- bigip\_remote\_syslog
- bigip\_security\_address\_list
- bigip\_security\_port\_list
- bigip\_software\_update
- bigip\_ssl\_key
- bigip\_static\_route
- bigip\_traffic\_group
- bigip\_ucs\_fetch
- bigip\_vcmp\_guest
- bigip\_wait
- bigiq\_regkey\_license
- bigiq\_regkey\_pool
- |
Network (fortimanager)
- fmgr\_script
- |
Network (ios)
- ios\_l2\_interface
- ios\_l3\_interface
- ios\_linkagg
- ios\_lldp
- ios\_vlan
- |
Network (iosxr)
- iosxr\_netconf
- |
Network (ironware)
- ironware\_command
- ironware\_config
- ironware\_facts
- |
Network (junos)
- junos\_l2\_interface
- junos\_scp
- |
Network (netact)
- netact\_cm\_command
- |
Network (netscaler)
- netscaler\_nitro\_request
- |
Network (nso)
- nso\_action
- nso\_config
- nso\_query
- nso\_show
- nso\_verify
- |
Network (nxos)
- nxos\_l2\_interface
- nxos\_l3\_interface
- nxos\_linkagg
- nxos\_lldp
- |
Network (onyx)
- onyx\_bgp
- onyx\_command
- onyx\_config
- onyx\_facts
- onyx\_interface
- onyx\_l2\_interface
- onyx\_l3\_interface
- onyx\_linkagg
- onyx\_lldp
- onyx\_lldp\_interface
- onyx\_magp
- onyx\_mlag\_ipl
- onyx\_mlag\_vip
- onyx\_ospf
- onyx\_pfc\_interface
- onyx\_protocol
- onyx\_vlan
- |
Network (panos)
- panos\_dag\_tags
- panos\_match\_rule
- panos\_op
- panos\_query\_rules
- |
Network (radware)
- vdirect\_commit
- vdirect\_runnable
- |
Network (vyos)
- vyos\_vlan
- |
Notification
- logentries\_msg
- say
- snow\_record
- |
Packaging
- os
- package\_facts
- rhsm\_repository
- |
Remote Management (manageiq)
- manageiq\_alert\_profiles
- manageiq\_alerts
- manageiq\_policies
- manageiq\_tags
- |
Remote Management (oneview)
- oneview\_datacenter\_facts
- oneview\_enclosure\_facts
- oneview\_logical\_interconnect\_group
- oneview\_logical\_interconnect\_group\_facts
- oneview\_san\_manager\_facts
- |
Remote Management (ucs)
- ucs\_ip\_pool
- ucs\_lan\_connectivity
- ucs\_mac\_pool
- ucs\_san\_connectivity
- ucs\_vhba\_template
- ucs\_vlans
- ucs\_vnic\_template
- ucs\_vsans
- ucs\_wwn\_pool
- |
System
- mksysb
- nosh
- service\_facts
- vdo
- |
Web Infrastructure
- jenkins\_job\_facts
- |
Windows
- win\_audit\_policy\_system
- win\_audit\_rule
- win\_certificate\_store
- win\_disk\_facts
- win\_product\_facts
- win\_scheduled\_task\_stat
- win\_whoami

11
changelogs/fragments/v2.5.0b2_catchup.yaml
Unescape Escape View File

@ -0,0 +1,11 @@
bugfixes:
- |
fix templating issues in loop_control (https://github.com/ansible/ansible/pull/36124)
- |
ansible-config - fix traceback when no config file is present (https://github.com/ansible/ansible/issues/35965)
- |
misc fixes to Linux virtualization facts (https://github.com/ansible/ansible/issues/36038)
- |
fix failure when remote_tmp is a subdir of a system tempdir (https://github.com/ansible/ansible/pull/36143)
- |
ios_ping - allow for count > 70 (https://github.com/ansible/ansible/pull/36142)

4
changelogs/fragments/v2.5.0b2_summary.yaml
Unescape Escape View File

@ -0,0 +1,4 @@
release_summary: |
| Release Date: 2018-02-15
| Estimated Final Release: mid-March 2018
| `Porting Guide <http://docs.ansible.com/ansible/devel/porting_guides.html>`_

3
changelogs/fragments/vmware_guest_snapshot_root_fix.yaml
Unescape Escape View File

@ -0,0 +1,3 @@
bugfixes:
- |
vmware_guest_snapshot - always check for root snapshot (https://github.com/ansible/ansible/pull/36001)

3
changelogs/fragments/vyos_check_mode.yaml
Unescape Escape View File

@ -0,0 +1,3 @@
bugfixes:
- |
vyos - fixes to check mode support (https://github.com/ansible/ansible/pull/35977)

4
changelogs/fragments/vyos_l3_lo_fix.yaml
Unescape Escape View File

@ -0,0 +1,4 @@
bugfixes:
- |
vyos_l3_interface - add support for localhost (https://github.com/ansible/ansible/pull/36141)

3
changelogs/fragments/win_domain_controller_readonlyreplica_fix.yaml
Unescape Escape View File

@ -0,0 +1,3 @@
bugfixes:
- |
win_domain_controller - only specify ReadOnlyReplica when necessary (https://github.com/ansible/ansible/pull/36017)

3
changelogs/fragments/win_update_string_names_fix.yaml
Unescape Escape View File

@ -0,0 +1,3 @@
bugfixes:
- |
win_updates - fix regresion with string category names(https://github.com/ansible/ansible/pull/36015)

3
changelogs/fragments/win_uri_create_remove_fix.yaml
Unescape Escape View File

@ -0,0 +1,3 @@
bugfixes:
- |
win_uri - fixed issues with the creates and removes options (https://github.com/ansible/ansible/pull/36016)
Write Preview
Loading…
Cancel
Save