622 lines
17 KiB
ReStructuredText
622 lines
17 KiB
ReStructuredText
===================================
|
|
Ansible 2.5 "Kashmir" Release Notes
|
|
===================================
|
|
|
|
v2.5.0b2
|
|
========
|
|
|
|
Release Summary
|
|
---------------
|
|
|
|
| Release Date: 2018-02-15
|
|
| Estimated Final Release: mid-March 2018
|
|
| `Porting Guide <http://docs.ansible.com/ansible/devel/porting_guides.html>`_
|
|
|
|
|
|
Major Changes
|
|
-------------
|
|
|
|
- New simpler and more intuitive 'loop' keyword for task loops. The ``with_<lookup>`` loops will likely be deprecated in the near future and eventually removed.
|
|
|
|
- Added fact namespacing, from now on facts will be available under ``ansible_facts`` namespace (i.e. ``ansible_facts.os_distribution``)
|
|
w/o the ``ansible_`` prefix. They will continue to be added into the main namespace directly, but now with a configuration toggle to
|
|
enable this, currently on by default, in the future it will be off.
|
|
|
|
- Added a configuration file to filter modules that a site administrator wants to exclude from being used.
|
|
|
|
|
|
Minor Changes
|
|
-------------
|
|
|
|
- Added a few new magic vars corresponding to configuration/command
|
|
line options: ``ansible_diff_mode``, ``ansible_inventory_sources``,
|
|
``ansible_limit``, ``ansible_run_tags`` , ``ansible_forks`` and
|
|
``ansible_skip_tags``
|
|
|
|
- Updated the bundled copy of the six library to 1.11.0
|
|
|
|
- Added support to ``become`` ``NT AUTHORITY\System``,
|
|
``NT AUTHORITY\LocalService``, and ``NT AUTHORITY\NetworkService`` on Windows hosts
|
|
|
|
- Fixed ``become`` to work with async on Windows hosts
|
|
|
|
- Improved ``become`` elevation process to work on standard
|
|
Administrator users without disabling UAC on Windows hosts
|
|
|
|
- The jenkins\_plugin and yum\_repository plugins had their ``params``
|
|
option removed due to circumventing Ansible's option processing.
|
|
|
|
- combine filter now accepts a list of dicts as well as dicts directly
|
|
|
|
- New CLI options for ansible-inventory, ansible-console and ansible to
|
|
allow specifying a playbook\_dir to be used for relative search
|
|
paths.
|
|
|
|
- ``stat`` and ``win_stat`` have changed the default value of
|
|
``get_md5`` to ``False`` which will result in the ``md5`` return
|
|
value not being returned. This option will be removed altogether in
|
|
Ansible 2.9. use ``get_checksum: True`` with
|
|
``checksum_algorithm: md5`` to return an md5 hash of the file under
|
|
the ``checksum`` return value.
|
|
|
|
- ``osx_say`` module was renamed into ``say``.
|
|
|
|
- Task debugger functionality was moved into ``StrategyBase``, and
|
|
extended to allow explicit invocation from use of the ``debugger``
|
|
keyword. The ``debug`` strategy is still functional, and is now just
|
|
a trigger to enable this functionality
|
|
|
|
- Reorganized the documentation into distinct guides for different
|
|
target audiences.
|
|
|
|
- The ANSIBLE\_REMOTE\_TMP environment variable has been added to
|
|
supplement (and override) ANSIBLE\_REMOTE\_TEMP. This matches with
|
|
the spelling of the config value. ANSIBLE\_REMOTE\_TEMP will be
|
|
deprecated in the future.
|
|
|
|
|
|
Deprecated Features
|
|
-------------------
|
|
|
|
- Previously deprecated 'hostfile' config settings have been
|
|
're-deprecated' as previously code did not warn about deprecated
|
|
configuration settings.
|
|
|
|
- Using Ansible provided Jinja tests as filters is deprecated and will
|
|
be removed in Ansible 2.9
|
|
|
|
- ``stat`` and ``win_stat`` have deprecated ``get_md5`` and the ``md5``
|
|
return value and these options will become undocumented in Ansible
|
|
2.9 and removed in a later version.
|
|
|
|
- The ``redis_kv`` lookup in favor of new ``redis`` lookup
|
|
|
|
- Passing arbitrary parameters that begin with ``HEADER_`` to the uri
|
|
module, used for passing http headers, is deprecated. Use the
|
|
``headers`` parameter with a dictionary of header names to value
|
|
instead. This will be removed in Ansible-2.9
|
|
|
|
- Passing arbitrary parameters to the zfs module to set zfs properties
|
|
is deprecated. Use the ``extra_zfs_properties`` parameter with a
|
|
dictionary of property names to values instead. This will be removed
|
|
in Ansible-2.9.
|
|
|
|
- Use of the AnsibleModule parameter, check\_invalid\_arguments, in custom modules is deprecated. In the future, all parameters will be
|
|
checked to see whether they are listed in the arg spec and an error raised if they are not listed. This behaviour is the current and
|
|
future default so most custom modules can simply remove check\_invalid\_arguments if they set it to the default of True.
|
|
check\_invalid\_arguments will be removed in Ansible-2.9.
|
|
|
|
- nxos\_ip\_interface module is deprecated in Ansible 2.5. Use nxos\_l3\_interface module instead.
|
|
|
|
- nxos\_portchannel module is deprecated in Ansible 2.5. Use nxos\_linkagg module instead.
|
|
|
|
- nxos\_switchport module is deprecated in Ansible 2.5. Use nxos\_l2\_interface module instead.
|
|
|
|
- ec2\_ami\_find has been deprecated, use ec2\_ami\_facts.
|
|
|
|
- panos\_security\_policy: Use panos\_security\_rule - the old module uses deprecated API calls
|
|
|
|
- vsphere\_guest is deprecated in Ansible 2.5 and will be removed in Ansible-2.9. Use vmware\_guest module instead.
|
|
|
|
|
|
Removed Features (previously deprecated)
|
|
----------------------------------------
|
|
|
|
- accelerate.
|
|
|
|
- boundary\_meter: There was no deprecation period for this but the
|
|
hosted service it relied on has gone away so the module has been
|
|
removed. `#29387 <https://github.com/ansible/ansible/issues/29387>`__
|
|
|
|
- cl\_ : cl\_interface, cl\_interface\_policy, cl\_bridge,
|
|
cl\_img\_install, cl\_ports, cl\_license, cl\_bond. Use ``nclu``
|
|
instead
|
|
|
|
- docker, use docker\_container and docker\_image instead.
|
|
|
|
- ec2\_vpc.
|
|
|
|
- ec2\_ami\_search, use ec2\_ami\_facts instead.
|
|
|
|
- nxos\_mtu, use nxos\_system's ``system_mtu`` option. To specify an interface's MTU use nxos\_interface.
|
|
|
|
- panos\_nat\_policy: Use panos\_nat\_rule the old module uses deprecated API calls
|
|
|
|
|
|
New Lookup Plugins
|
|
------------------
|
|
|
|
- aws\_account\_attribute: Query AWS account attributes such as EC2-Classic availability
|
|
|
|
- aws\_service\_ip\_ranges: Query AWS IP ranges for services such as EC2/S3
|
|
|
|
- aws\_ssm: Query AWS ssm data
|
|
|
|
- config: Lookup Ansible settings
|
|
|
|
- conjur\_variable: Fetch credentials from CyberArk Conjur
|
|
|
|
- k8s: Query the K8s API
|
|
|
|
- nios: Query Infoblox NIOS objects
|
|
|
|
- openshift: Return info from Openshift installation
|
|
|
|
- redis: look up date from Redis DB, deprecates the redis\_kv one.
|
|
|
|
|
|
New Callback Plugins
|
|
--------------------
|
|
|
|
- null
|
|
|
|
- unixy
|
|
|
|
- yaml
|
|
|
|
|
|
New Connection Plugins
|
|
----------------------
|
|
|
|
- kubectl
|
|
|
|
- oc
|
|
|
|
- netconf
|
|
|
|
- network\_cli
|
|
- While neither network\_cli nor netconf are technically new plugins, these connections may now be used directly with network modules. See
|
|
`Network Best Practices for Ansible 2.5 <http://docs.ansible.com/ansible/devel/network_best_practices_2.5.html>`__ for more details.
|
|
|
|
|
|
New Filter Plugins
|
|
------------------
|
|
|
|
- parse\_xml
|
|
|
|
|
|
New Modules
|
|
-----------
|
|
|
|
- Cloud (amazon)
|
|
- aws\_acm\_facts
|
|
- aws\_application\_scaling\_policy
|
|
- aws\_az\_facts
|
|
- aws\_batch\_compute\_environment
|
|
- aws\_batch\_job\_definition
|
|
- aws\_batch\_job\_queue
|
|
- aws\_direct\_connect\_gateway
|
|
- aws\_direct\_connect\_virtual\_interface
|
|
- aws\_elasticbeanstalk\_app
|
|
- aws\_kms\_facts
|
|
- aws\_region\_facts
|
|
- aws\_s3\_cors
|
|
- aws\_ses\_identity
|
|
- aws\_ssm\_parameter\_store
|
|
- aws\_waf\_condition
|
|
- aws\_waf\_rule
|
|
- aws\_waf\_web\_acl
|
|
- cloudfront\_distribution
|
|
- cloudfront\_invalidation
|
|
- cloudfront\_origin\_access\_identity
|
|
- cloudwatchlogs\_log\_group
|
|
- cloudwatchlogs\_log\_group\_facts
|
|
- ec2\_ami\_facts
|
|
- ec2\_asg\_lifecycle\_hook
|
|
- ec2\_customer\_gateway\_facts
|
|
- ec2\_instance
|
|
- ec2\_placement\_group
|
|
- ec2\_placement\_group\_facts
|
|
- ec2\_vpc\_egress\_igw
|
|
- ecs\_taskdefinition\_facts
|
|
- elasticache\_facts
|
|
- elb\_target
|
|
- iam\_role\_facts
|
|
- iam\_user
|
|
|
|
- Cloud (azure)
|
|
- azure\_rm\_containerinstance
|
|
- azure\_rm\_containerregistry
|
|
- azure\_rm\_image
|
|
- azure\_rm\_keyvault
|
|
- azure\_rm\_keyvaultkey
|
|
- azure\_rm\_keyvaultsecret
|
|
- azure\_rm\_mysqldatabase
|
|
- azure\_rm\_mysqlserve
|
|
- azure\_rm\_postgresqldatabase
|
|
- azure\_rm\_postgresqlserver
|
|
- azure\_rm\_sqldatabase
|
|
- azure\_rm\_sqlserver
|
|
- azure\_rm\_sqlserver\_facts
|
|
|
|
- Cloud (cloudstack)
|
|
- cs\_network\_offering
|
|
- cs\_service\_offering
|
|
- cs\_vpc\_offering
|
|
- cs\_vpn\_connection
|
|
- cs\_vpn\_customer\_gateway
|
|
|
|
- Cloud (digital\_ocean)
|
|
- digital\_ocean\_certificate
|
|
- digital\_ocean\_floating\_ip\_facts
|
|
- digital\_ocean\_sshkey\_facts
|
|
|
|
- Cloud (google)
|
|
- gcp\_dns\_managed\_zone
|
|
|
|
- Cloud (misc)
|
|
- cloudscale\_floating\_ip
|
|
- spotinst\_aws\_elastigroup
|
|
- terraform
|
|
|
|
- Cloud (oneandone)
|
|
- oneandone\_firewall\_policy
|
|
- oneandone\_load\_balancer
|
|
- oneandone\_monitoring\_policy
|
|
- oneandone\_private\_network
|
|
- oneandone\_public\_ip
|
|
- oneandone\_server
|
|
|
|
- Cloud (openstack)
|
|
- os\_keystone\_endpoint
|
|
- os\_project\_access
|
|
|
|
- Cloud (ovirt)
|
|
- ovirt\_api\_facts
|
|
- ovirt\_disk\_facts
|
|
|
|
- Cloud (vmware)
|
|
- vcenter\_folder
|
|
- vmware\_cfg\_backup
|
|
- vmware\_datastore\_facts
|
|
- vmware\_drs\_rule\_facts
|
|
- vmware\_guest\_file\_operation
|
|
- vmware\_guest\_powerstate
|
|
- vmware\_host\_acceptance
|
|
- vmware\_host\_config\_facts
|
|
- vmware\_host\_config\_manager
|
|
- vmware\_host\_datastore
|
|
- vmware\_host\_dns\_facts
|
|
- vmware\_host\_facts
|
|
- vmware\_host\_firewall\_facts
|
|
- vmware\_host\_firewall\_manager
|
|
- vmware\_host\_lockdown
|
|
- vmware\_host\_ntp
|
|
- vmware\_host\_package\_facts
|
|
- vmware\_host\_service\_facts
|
|
- vmware\_host\_service\_manager
|
|
- vmware\_host\_vmnic\_facts
|
|
- vmware\_local\_role\_manager
|
|
- vmware\_vm\_vm\_drs\_rule
|
|
- vmware\_vmkernel\_facts
|
|
|
|
- Cloud (vultr)
|
|
- vr\_account\_facts
|
|
- vr\_dns\_domain
|
|
- vr\_dns\_record
|
|
- vr\_firewall\_group
|
|
- vr\_firewall\_rule
|
|
- vr\_server
|
|
- vr\_ssh\_key
|
|
- vr\_startup\_script
|
|
- vr\_user
|
|
|
|
- Clustering
|
|
- etcd3
|
|
- k8s
|
|
- k8s\_raw
|
|
- k8s\_scale
|
|
- openshift
|
|
- openshift\_raw
|
|
- openshift\_scale
|
|
|
|
- Crypto
|
|
- openssl\_dhparam
|
|
|
|
- Database
|
|
- influxdb
|
|
- influxdb\_query
|
|
- influxdb\_user
|
|
- influxdb\_write
|
|
|
|
- Identity
|
|
- ipa
|
|
- ipa\_dnszone
|
|
- ipa\_service
|
|
- ipa\_subca
|
|
- keycloak
|
|
- keycloak\_client
|
|
- keycloak\_clienttemplate
|
|
|
|
- Monitoring
|
|
- grafana\_dashboard
|
|
- grafana\_datasource
|
|
- grafana\_plugin
|
|
- icinga2\_host
|
|
- zabbix
|
|
- zabbix\_proxy
|
|
- zabbix\_template
|
|
|
|
- Net Tools
|
|
- ip\_netns
|
|
- nios
|
|
- nios\_dns\_view
|
|
- nios\_host\_record
|
|
- nios\_network
|
|
- nios\_network\_view
|
|
- nios\_zone
|
|
|
|
- Network (aci)
|
|
- aci\_aaa\_user
|
|
- aci\_aaa\_user\_certificate
|
|
- aci\_access\_port\_to\_interface\_policy\_leaf\_profile
|
|
- aci\_aep\_to\_domain
|
|
- aci\_domain
|
|
- aci\_domain\_to\_encap\_pool
|
|
- aci\_domain\_to\_vlan\_pool
|
|
- aci\_encap\_pool
|
|
- aci\_encap\_pool\_range
|
|
- aci\_fabric\_node
|
|
- aci\_firmware\_source
|
|
- aci\_interface\_policy\_leaf\_policy\_group
|
|
- aci\_interface\_policy\_leaf\_profile
|
|
- aci\_interface\_selector\_to\_switch\_policy\_leaf\_profile
|
|
- aci\_static\_binding\_to\_epg
|
|
- aci\_switch\_leaf\_selector
|
|
- aci\_switch\_policy\_leaf\_profile
|
|
- aci\_switch\_policy\_vpc\_protection\_group
|
|
- aci\_vlan\_pool
|
|
- aci\_vlan\_pool\_encap\_block
|
|
|
|
- Network (avi)
|
|
- avi\_api\_version
|
|
- avi\_clusterclouddetails
|
|
- avi\_customipamdnsprofile
|
|
- avi\_errorpagebody
|
|
- avi\_errorpageprofile
|
|
- avi\_gslbservice\_patch\_member
|
|
- avi\_wafpolicy
|
|
- avi\_wafprofile
|
|
|
|
- Network (dimension data)
|
|
- dimensiondata\_vlan
|
|
|
|
- Network (edgeos)
|
|
- edgeos\_command
|
|
- edgeos\_config
|
|
- edgeos\_facts
|
|
|
|
- Network (enos)
|
|
- enos\_command
|
|
- enos\_config
|
|
- enos\_facts
|
|
|
|
- Network (eos)
|
|
- eos\_interface
|
|
- eos\_l2\_interface
|
|
- eos\_l3\_interface
|
|
- eos\_linkagg
|
|
- eos\_lldp
|
|
- eos\_static\_route
|
|
|
|
- Network (f5)
|
|
- bigip\_asm\_policy
|
|
- bigip\_device\_connectivity
|
|
- bigip\_device\_group
|
|
- bigip\_device\_group\_member
|
|
- bigip\_device\_httpd
|
|
- bigip\_device\_trust
|
|
- bigip\_gtm\_server
|
|
- bigip\_iapplx\_package
|
|
- bigip\_monitor\_http
|
|
- bigip\_monitor\_https
|
|
- bigip\_monitor\_snmp\_dca
|
|
- bigip\_monitor\_udp
|
|
- bigip\_partition
|
|
- bigip\_policy
|
|
- bigip\_policy\_rule
|
|
- bigip\_profile\_client\_ssl
|
|
- bigip\_remote\_syslog
|
|
- bigip\_security\_address\_list
|
|
- bigip\_security\_port\_list
|
|
- bigip\_software\_update
|
|
- bigip\_ssl\_key
|
|
- bigip\_static\_route
|
|
- bigip\_traffic\_group
|
|
- bigip\_ucs\_fetch
|
|
- bigip\_vcmp\_guest
|
|
- bigip\_wait
|
|
- bigiq\_regkey\_license
|
|
- bigiq\_regkey\_pool
|
|
|
|
- Network (fortimanager)
|
|
- fmgr\_script
|
|
|
|
- Network (ios)
|
|
- ios\_l2\_interface
|
|
- ios\_l3\_interface
|
|
- ios\_linkagg
|
|
- ios\_lldp
|
|
- ios\_vlan
|
|
|
|
- Network (iosxr)
|
|
- iosxr\_netconf
|
|
|
|
- Network (ironware)
|
|
- ironware\_command
|
|
- ironware\_config
|
|
- ironware\_facts
|
|
|
|
- Network (junos)
|
|
- junos\_l2\_interface
|
|
- junos\_scp
|
|
|
|
- Network (netact)
|
|
- netact\_cm\_command
|
|
|
|
- Network (netscaler)
|
|
- netscaler\_nitro\_request
|
|
|
|
- Network (nso)
|
|
- nso\_action
|
|
- nso\_config
|
|
- nso\_query
|
|
- nso\_show
|
|
- nso\_verify
|
|
|
|
- Network (nxos)
|
|
- nxos\_l2\_interface
|
|
- nxos\_l3\_interface
|
|
- nxos\_linkagg
|
|
- nxos\_lldp
|
|
|
|
- Network (onyx)
|
|
- onyx\_bgp
|
|
- onyx\_command
|
|
- onyx\_config
|
|
- onyx\_facts
|
|
- onyx\_interface
|
|
- onyx\_l2\_interface
|
|
- onyx\_l3\_interface
|
|
- onyx\_linkagg
|
|
- onyx\_lldp
|
|
- onyx\_lldp\_interface
|
|
- onyx\_magp
|
|
- onyx\_mlag\_ipl
|
|
- onyx\_mlag\_vip
|
|
- onyx\_ospf
|
|
- onyx\_pfc\_interface
|
|
- onyx\_protocol
|
|
- onyx\_vlan
|
|
|
|
- Network (panos)
|
|
- panos\_dag\_tags
|
|
- panos\_match\_rule
|
|
- panos\_op
|
|
- panos\_query\_rules
|
|
|
|
- Network (radware)
|
|
- vdirect\_commit
|
|
- vdirect\_runnable
|
|
|
|
- Network (vyos)
|
|
- vyos\_vlan
|
|
|
|
- Notification
|
|
- logentries\_msg
|
|
- say
|
|
- snow\_record
|
|
|
|
- Packaging
|
|
- os
|
|
- package\_facts
|
|
- rhsm\_repository
|
|
|
|
- Remote Management (manageiq)
|
|
- manageiq\_alert\_profiles
|
|
- manageiq\_alerts
|
|
- manageiq\_policies
|
|
- manageiq\_tags
|
|
|
|
- Remote Management (oneview)
|
|
- oneview\_datacenter\_facts
|
|
- oneview\_enclosure\_facts
|
|
- oneview\_logical\_interconnect\_group
|
|
- oneview\_logical\_interconnect\_group\_facts
|
|
- oneview\_san\_manager\_facts
|
|
|
|
- Remote Management (ucs)
|
|
- ucs\_ip\_pool
|
|
- ucs\_lan\_connectivity
|
|
- ucs\_mac\_pool
|
|
- ucs\_san\_connectivity
|
|
- ucs\_vhba\_template
|
|
- ucs\_vlans
|
|
- ucs\_vnic\_template
|
|
- ucs\_vsans
|
|
- ucs\_wwn\_pool
|
|
|
|
- System
|
|
- mksysb
|
|
- nosh
|
|
- service\_facts
|
|
- vdo
|
|
|
|
- Web Infrastructure
|
|
- jenkins\_job\_facts
|
|
|
|
- Windows
|
|
- win\_audit\_policy\_system
|
|
- win\_audit\_rule
|
|
- win\_certificate\_store
|
|
- win\_disk\_facts
|
|
- win\_product\_facts
|
|
- win\_scheduled\_task\_stat
|
|
- win\_whoami
|
|
|
|
|
|
Bugfixes
|
|
--------
|
|
|
|
- azure_rm modules - internal changes to use API profiles and kwargs for future Azure Stack support and better stability between SDK updates. (https://github.com/ansible/ansible/pull/35538)
|
|
|
|
- fix memory bloat on nested includes by preventing blocks from self-parenting (https://github.com/ansible/ansible/pull/36075)
|
|
|
|
- ensure displayed messages under peristent connections are returned to the controller (https://github.com/ansible/ansible/pull/36064)
|
|
|
|
- eos_vrf and eos_eapi - fix vrf parsing (https://github.com/ansible/ansible/pull/35791)
|
|
|
|
- interface_file - accept interfaces without address family or method (https://github.com/ansible/ansible/pull/34200)
|
|
|
|
- lineinfile - fix insertion if pattern already exists (https://github.com/ansible/ansible/pull/33393)
|
|
|
|
- nxos_evpn_vni - fixed a number of issues (https://github.com/ansible/ansible/pull/35930)
|
|
|
|
- nxos_igmp_interface - fix response handling for different nxos versions (https://github.com/ansible/ansible/pull/35959)
|
|
|
|
- nxos_interface_ospf - various bugfixes (https://github.com/ansible/ansible/pull/35988)
|
|
|
|
- openshift modules - update to client version 0.4.0 (https://github.com/ansible/ansible/pull/35127)
|
|
|
|
- fix templating issues in loop_control (https://github.com/ansible/ansible/pull/36124)
|
|
|
|
- ansible-config - fix traceback when no config file is present (https://github.com/ansible/ansible/issues/35965)
|
|
|
|
- misc fixes to Linux virtualization facts (https://github.com/ansible/ansible/issues/36038)
|
|
|
|
- fix failure when remote_tmp is a subdir of a system tempdir (https://github.com/ansible/ansible/pull/36143)
|
|
|
|
- ios_ping - allow for count > 70 (https://github.com/ansible/ansible/pull/36142)
|
|
|
|
- vmware_guest_snapshot - always check for root snapshot (https://github.com/ansible/ansible/pull/36001)
|
|
|
|
- vyos - fixes to check mode support (https://github.com/ansible/ansible/pull/35977)
|
|
|
|
- vyos_l3_interface - add support for localhost (https://github.com/ansible/ansible/pull/36141)
|
|
|
|
- win_domain_controller - only specify ReadOnlyReplica when necessary (https://github.com/ansible/ansible/pull/36017)
|
|
|
|
- win_updates - fix regresion with string category names(https://github.com/ansible/ansible/pull/36015)
|
|
|
|
- win_uri - fixed issues with the creates and removes options (https://github.com/ansible/ansible/pull/36016)
|
|
|