ansible/changelogs/CHANGELOG-v2.7.rst
2019-02-07 14:08:13 -08:00

82 KiB

Ansible 2.7 "In the Light" Release Notes

Topics

v2.7.7

Release Summary

Release Date: 2019-02-07
Porting Guide

Minor Changes

Bugfixes

v2.7.6

Release Summary

Release Date: 2019-01-17
Porting Guide

Minor Changes

  • Added documentation about using VMware dynamic inventory plugin.
  • Fixed bug around populating host_ip in hostvars in vmware_vm_inventory.
  • Image reference change in Azure VMSS is detected and applied correctly.
  • docker_volume - reverted changed behavior of force, which was released in Ansible 2.7.1 to 2.7.5, and Ansible 2.6.8 to 2.6.11. Volumes are now only recreated if the parameters changed and force is set to true (instead of or). This is the behavior which has been described in the documentation all the time.
  • set ansible_os_family from name variable in os-release
  • yum and dnf can now handle installing packages from URIs that are proxy redirects and don't end in the .rpm file extension

Bugfixes

  • Added log message at -vvvv when using netconf connection listing connection details.
  • Changes how ansible-connection names socket lock files. They now use the same name as the socket itself, and as such do not lock other attempts on connections to the same host, or cause issues with overly-long hostnames.
  • Fix mandatory statement error for junos modules (https://github.com/ansible/ansible/pull/50138)
  • Moved error in netconf connection plugin from at import to on connection.
  • This reverts some changes from commit 723daf3. If a line is found in the file, exactly or via regexp matching, it must not be added again. insertafter/insertbefore options are used only when a line is to be inserted, to specify where it must be added.
  • allow using openstack inventory plugin w/o a cache
  • callbacks - Do not filter out exception, warnings, deprecations on failure when using debug (https://github.com/ansible/ansible/issues/47576)
  • certificate_complete_chain - fix behavior when invalid file is parsed while reading intermediate or root certificates.
  • copy - Ensure that the src file contents is converted to unicode in diff information so that it is properly wrapped by AnsibleUnsafeText to prevent unexpected templating of diff data in Python3 (https://github.com/ansible/ansible/issues/45717)
  • correct behaviour of verify_file for vmware inventory plugin, it was always returning True
  • dnf - fix issue where conf_file was not being loaded properly
  • dnf - fix update_cache combined with install operation to not cause dnf transaction failure
  • docker_container - fix network_mode idempotency if the container:<container-name> form is used (as opposed to container:<container-id>) (https://github.com/ansible/ansible/issues/49794)
  • docker_container - warning when non-string env values are found, avoiding YAML parsing issues. Will be made an error in Ansible 2.8. (https://github.com/ansible/ansible/issues/49802)
  • docker_swarm_service - Document labels and container_labels with correct type.
  • docker_swarm_service - Document limit_memory and reserve_memory correctly on how to specify sizes.
  • docker_swarm_service - Document minimal API version for configs and secrets.
  • docker_swarm_service - fix use of Docker API so that services are not detected as present if there is an existing service whose name is a substring of the desired service
  • docker_swarm_service - fixing falsely reporting update_order as changed when option is not used.
  • document old option that was initally missed
  • ec2_instance now respects check mode https://github.com/ansible/ansible/pull/46774
  • fix for network_cli - ansible_command_timeout not working as expected (#49466)
  • fix handling of firewalld port if protocol is missing
  • fix lastpass lookup failure on python 3 (https://github.com/ansible/ansible/issues/42062)
  • flatpak - Fixed Python 2/3 compatibility
  • flatpak - Fixed issue where newer versions of flatpak failed on flatpak removal
  • flatpak_remote - Fixed Python 2/3 compatibility
  • gcp_compute_instance - fix crash when the instance metadata is not set
  • grafana_dashboard - Fix a pair of unicode string handling issues with version checking (https://github.com/ansible/ansible/pull/49194)
  • host execution order - Fix reverse_inventory not to change the order of the items before reversing on python2 and to not backtrace on python3
  • icinga2_host - fixed the issue with not working use_proxy option of the module.
  • influxdb_user - An unspecified password now sets the password to blank, except on existing users. This previously caused an unhandled exception.
  • influxdb_user - Fixed unhandled exception when using invalid login credentials (https://github.com/ansible/ansible/issues/50131)
  • openssl* - fix error when path contains a file name without path.
  • openssl_csr - fix problem with idempotency of keyUsage option.
  • openssl_pkcs12 - now does proper path expansion for ca_certificates.
  • os_security_group_rule - os_security_group_rule doesn't exit properly when secgroup doesn't exist and state=absent (https://github.com/ansible/ansible/issues/50057)
  • paramiko_ssh - add auth_timeout parameter to ssh.connect when supported by installed paramiko version. This will prevent "Authentication timeout" errors when a slow authentication step (>30s) happens with a host (https://github.com/ansible/ansible/issues/42596)
  • purefa_facts and purefb_facts now correctly adds facts into main ansible_fact dictionary (https://github.com/ansible/ansible/pull/50349)
  • reboot - add appropriate commands to make the plugin work with VMware ESXi (https://github.com/ansible/ansible/issues/48425)
  • reboot - add support for rebooting AIX (https://github.com/ansible/ansible/issues/49712)
  • reboot - gather distribution information in order to support Alpine and other distributions (https://github.com/ansible/ansible/issues/46723)
  • reboot - search common paths for the shutdown command and use the full path to the binary rather than depending on the PATH of the remote system (https://github.com/ansible/ansible/issues/47131)
  • reboot - use a common set of commands for older and newer Solaris and SunOS variants (https://github.com/ansible/ansible/pull/48986)
  • redfish_utils - fix reference to local variable 'systems_service'
  • setup - fix the rounding of the ansible_memtotal_mb value on VMWare vm's (https://github.com/ansible/ansible/issues/49608)
  • vultr_server - fixed multiple ssh keys were not handled.
  • win_copy - Fix copy of a dir that contains an empty directory - https://github.com/ansible/ansible/issues/50077
  • win_firewall_rule - Remove invalid 'bypass' action
  • win_lineinfile - Fix issue where a malformed json block was returned causing an error
  • win_updates - Correctly report changes on success

v2.7.5

Release Summary

Release Date: 2018-12-13
Porting Guide

Minor Changes

  • Add warning about falling back to jinja2_native=false when Jinja2 version is lower than 2.10.
  • Change the position to search os-release since clearlinux new versions are providing /etc/os-release too
  • Fixed typo in ansible-galaxy info command.
  • Improve the deprecation message for squashing, to not give misleading advice
  • Update docs and return section of vmware_host_service_facts module.
  • ansible-galaxy: properly warn when git isn't found in an installed bin path instead of traceback
  • dnf module properly load and initialize dnf package manager plugins
  • docker_swarm_service: use docker defaults for the user parameter if it is set to null

Bugfixes

v2.7.4

Release Summary

Release Date: 2018-11-30
Porting Guide

Bugfixes

  • powershell - add lib/ansible/executor/powershell to the packaging data

v2.7.3

Release Summary

Release Date: 2018-11-29
Porting Guide

Minor Changes

  • Document Path and Port are mutually exclusive parameters in wait_for module.
  • Puppet module remove --ignorecache to allow Puppet 6 support
  • dnf properly support modularity appstream installation via overloaded group modifier syntax
  • proxmox_kvm - fix exception.
  • win_security_policy - warn users to use win_user_right instead when editing Privilege Rights

Bugfixes

  • Fix the issue that FTD HTTP API retries authentication-related HTTP requests.
  • Fix the issue that module fails when the Swagger model does not have required fields.
  • Fix the issue with comparing string-like objects.
  • Fix using omit on play keywords (https://github.com/ansible/ansible/issues/48673)
  • Windows - prevent sensitive content from appearing in scriptblock logging (CVE 2018-16859)
  • apt_key - Disable TTY requirement in GnuPG for the module to work correctly when SSH pipelining is enabled (https://github.com/ansible/ansible/pull/48580)
  • better error message when bad type in config, deal with EVNAR= more gracefully https://github.com/ansible/ansible/issues/22470
  • configuration retrieval would fail on non primed plugins
  • cs_template - Fixed a KeyError on state=extracted.
  • docker_container - fix idempotency problems with docker-py caused by previous init idempotency fix.
  • docker_container - fix interplay of docker-py version check with argument_spec validation improvements.
  • docker_network - driver_options containing Python booleans would cause Docker to throw exceptions.
  • ec2_group - Fix comparison of determining which rules to purge by ignoring descriptions - https://github.com/ansible/ansible/issues/47904
  • pip module - fix setuptools/distutils replacement (https://github.com/ansible/ansible/issues/47198)
  • sysvinit - enabling a service should use "defaults" if no runlevels are specified

v2.7.2

Release Summary

Release Date: 2018-11-15
Porting Guide

Minor Changes

  • Fix documentation for cloning template.
  • Parsing plugin filter may raise TypeError, gracefully handle this exception and let user know about the syntax error in plugin filter file.
  • Scenario guide for VMware HTTP API usage.
  • Update plugin filter documentation.
  • fix yum and dnf autoremove input sanitization to properly warn user if invalid options passed and update documentation to match
  • improve readability and fix privileges names on vmware scenario_clone_template.
  • k8s - updated module documentation to mention how to avoid SSL validation errors
  • yum - when checking for updates, now properly include Obsoletes (both old and new) package data in the module JSON output, fixes https://github.com/ansible/ansible/issues/39978

Bugfixes

  • ACME modules support POST-as-GET and will be able to access Let's Encrypt ACME v2 endpoint after November 1st, 2019.
  • Add force disruptive option nxos_instal_os module (https://github.com/ansible/ansible/pull/47694).
  • Avoid misleading PyVmomi error if requests import fails in vmware module utils.
  • Fix argument spec for NetApp modules that are using the old version
  • Fix consistency issue in grafana_dashboard module where the module would detect absence of 'dashboard' key on dashboard create but not dashboard update.
  • Fix idempotency issues when setting BIOS attributes via redfish_config module (https://github.com/ansible/ansible/pull/47462)
  • Fix issue getting output from failed ios commands when check_rc=False
  • Fix issue with HTTP redirects with redfish_facts module (https://github.com/ansible/ansible/pull/45704)
  • Fix the password lookup when run from a FIPS enabled system. FIPS forbids the use of md5 but we can use sha1 instead. https://github.com/ansible/ansible/issues/47297
  • Fix trailing command in net_neighbors nxos_facts (https://github.com/ansible/ansible/pull/47548).
  • Fixed an issue where os_router would attempt to recreate router, because lack of enabled_snat parameter was treated as difference, if default Neutron policy for snat is set. (https://github.com/ansible/ansible/issues/29903)
  • Fixes issues with source and destination location for na_ontap_snapmirror
  • Handle exception when there is no snapshot available in virtual machine or template while cloning using vmware_guest.
  • Provides flexibility when retrieving redfish facts by not assuming that certains keys exist. Checks first if key exists before attempting to read from it.
  • Restore timeout in set_vm_power_state operation in vmware_guest_powerstate module.
  • aci_access_port_to_interface_policy_leaf_profile - Support missing policy_group
  • aci_interface_policy_leaf_policy_group - Support missing aep
  • aci_switch_leaf_selector - Support empty policy_group
  • ansible-galaxy - support yaml extension for meta file (https://github.com/ansible/ansible/pull/46505)
  • assert - add 'success_msg' to valid args (https://github.com/ansible/ansible/pull/47030)
  • delegate_to - Fix issue where delegate_to was upplied via apply on an include, where a loop was present on the include
  • django_manage - Changed the return type of the changed variable to bool.
  • docker_container - init and shm_size are now checked for idempotency.
  • docker_container - do not fail when removing a container which has auto_remove: yes.
  • docker_container - fix ipc_mode and pid_mode idempotency if the host:<container-name> form is used (as opposed to host:<container-id>).
  • docker_container - fix paused option (which never worked).
  • docker_container - fixing race condition when detach and auto_remove are both true.
  • docker_container - refactored minimal docker-py/API version handling, and fixing such handling of some options.
  • docker_container - some docker versions require containers to be unpaused before stopping or removing. Adds check to do this when docker returns a corresponding error on stopping or removing.
  • docker_swarm - making advertise_addr optional, as it was already documented.
  • docker_swarm_service - The publish.mode parameter was being ignored if docker-py version was < 3.0.0. Added a parameter validation test.
  • docker_volume - labels now work (and are a dict and no longer a list).
  • ec2_instance: - Fixed issue where ebs_optimized was considered sub-option of the network parameter. (https://github.com/ansible/ansible/issues/48159)
  • fix mail notification module when using starttls and py3.7
  • ini_file: Options within no sections aren't included, deleted or modified. These are just unmanged. This pull request solves this. (see https://github.com/ansible/ansible/pull/44324)
  • ldap_attr map to list (https://github.com/ansible/ansible/pull/48009)
  • lvg - fixed an idempotency regression in the lvg module (https://github.com/ansible/ansible/issues/47301)
  • net_put - fix when net_put module leaves temp files in some network OS cases e.g. routerOS
  • nxos_evpn_vni check_mode (https://github.com/ansible/ansible/pull/46612).
  • ovirt_host_network - Fix type conversion (https://github.com/ansible/ansible/pull/47617).
  • ovirt_host_pm - Bug fixes for power management (https://github.com/ansible/ansible/pull/47659).
  • pamd: fix state: args_present idempotence (see https://github.com/ansible/ansible/issues/47197)
  • pamd: fix state: updated idempotence (see https://github.com/ansible/ansible/issues/47083)
  • pamd: update regex to allow leading dash and retain EOF newline (see https://github.com/ansible/ansible/issues/47418)
  • pip - idempotence in check mode now works correctly.
  • reboot - change default reboot time command to prevent hanging on certain systems (https://github.com/ansible/ansible/issues/46562)
  • redfish_config - do not automatically reboot when scheduling a BIOS configuration job
  • remove rendundant path uniquifying in inventory plugins. This removes use of md5 hashing and fixes inventory plugins when run in FIPS mode.
  • replace renamed exceptions in multiple openstack modules
  • uri - Ensure the uri module supports async (https://github.com/ansible/ansible/issues/47660)
  • user - do not report changes every time when setting password_lock (https://github.com/ansible/ansible/issues/43670)
  • user - properly remove expiration when set to a negative value (https://github.com/ansible/ansible/issues/47114)
  • user - remove warning when creating a disabled account with '!' or '*' in the password field (https://github.com/ansible/ansible/issues/46334)
  • vmware_host - fixes the retry mechanism of AddHost task.
  • vultr - fixed the handling of an inconsistency in the response from Vultr API when it returns an unexpected empty list instead a empty dict.
  • vultr_server_facts - fixed facts gathering fails if firewall is enabled.
  • win_uri - stop junk output from being returned to Ansible - https://github.com/ansible/ansible/issues/47998
  • yum - fix "package == version" syntax (https://github.com/ansible/ansible/pull/47744)

v2.7.1

Release Summary

Release Date: 2018-10-25
Porting Guide

Minor Changes

  • Fix yum module to properly check for empty conf_file value
  • added capability to set the scheme for the consul_kv lookup.
  • added optional certificate and certificate verification for consul_kv lookups
  • dnf - properly handle modifying the enable/disable excludes data field
  • dnf appropriately handles disable_excludes repoid argument
  • dnf properly honor disable_gpg_check for local (on local disk of remote node) package installation
  • fix yum module to handle list argument optional empty strings properly
  • netconf_config - Make default_operation optional in netconf_config module (https://github.com/ansible/ansible/pull/46333)
  • win_nssm - Drop support of literal YAML dictionnary for app_parameters option. Use the key=value; string form instead
  • yum - properly handle proxy password and username embedded in url
  • yum/dnf - fail when space separated string of names (https://github.com/ansible/ansible/pull/47109)

Bugfixes

v2.7.0

Release Summary

Release Date: 2018-10-04
Porting Guide

Major Changes

  • Allow config to enable native jinja types (https://github.com/ansible/ansible/pull/32738)
  • Extends module_defaults by adding a prefix to defaults group/ which denotes a builtin or user-specified list of modules, such as group/aws or group/gcp
  • New keyword ignore_unreachable for plays and blocks. Allows ignoring tasks that fail due to unreachable hosts, and check results with is unreachable test.
  • New yumdnf module defines the shared argument specification for both yum and dnf modules and provides an entry point to share code when applicable
  • Remove support for simplejson (https://github.com/ansible/ansible/issues/42761)
  • Support for running an Ansible controller with Python-2.6 has been dropped. You can still manage machines which use Python-2.6 but you will have to manage them from a machine which has Python-2.7 or Python-3.5 or greater installed. See the porting guide if you need more information.
  • new yum action plugin enables the yum module to work with both yum3 and dnf-based yum4 by detecting the backend package manager and routing commands through the correct Ansible module for that python API
  • yum and dnf modules now at feature parity

Minor Changes

  • ActionBase - removed deprecated _fixup_perms method (https://github.com/ansible/ansible/pull/44320)
  • Add is_boto3_error_code function to module_utils/aws/core.py to make it easier for modules to handle special AWS error codes.
  • Add use_backend to yum module/action plugin
  • Added PrivilegeUtil PowerShell module util to easily control Windows Privileges in a process
  • Added capability to skip ssl verification on zabbix host with dynamic inventory
  • Added inventory.any_unparsed_is_failed configuration setting. In an inventory with a static hosts file and (say) ec2.py, enabling this setting will cause a failure instead of a warning if ec2.py fails.
  • Added new filter to generate random MAC addresses from a given string acting as a prefix. Refer to the appropriate entry which has been added to user_guide playbook_filters.rst document.
  • Added the from_yaml_all filter to parse multi-document yaml strings. Refer to the appropriate entry which as been added to user_guide playbooks_filters.rst document.
  • Ansible-2.7 changes the Ansiballz strategy for running modules remotely so that invoking a module only needs to invoke python once per module on the remote machine instead of twice.
  • Better error handling for depsolve and transaction errors in DNF
  • Changed the prefix of all Vultr modules from vr to vultr (https://github.com/ansible/ansible/issues/42942).
  • Enable installroot tests for yum4(dnf) integration testing, dnf backend now supports that
  • Explicit encoding for the output of the template module, to be able to generate non-utf8 files from a utf-8 template. (https://github.com/ansible/proposals/issues/121)
  • File locking feature added, making it possible to gain exclusive access to given file through module_utils.common.file.FileLock (https://github.com/ansible/ansible/issues/29962)
  • Fix dnf handling of autoremove to be compatible with yum
  • Fix timer in exponential backoff algorithm in vmware.py.
  • Fixed group action idempotent transactions in dnf backend
  • Fixed group actions in check mode to report correct changed state
  • GCP Modules will do home path expansion on service account file paths
  • In Ansible-2.4 and above, Ansible passes the temporary directory a module should use to the module. This is done via a module parameter (_ansible_tmpdir). An earlier version of this which was also prototyped in Ansible-2.4 development used an environment variable, ANSIBLE_REMOTE_TMP to pass this information to the module instead. When we switched to using a module parameter, the environment variable was left in by mistake. Ansible-2.7 removes that variable. Any third party modules which relied on it should use the module parameter instead.
  • New config options display_ok_hosts and display_failed_stderr (along with the existing display_skipped_hosts option) allow more fine-grained control over the way that ansible displays output from a playbook (https://github.com/ansible/ansible/pull/41058)
  • Removed an unnecessary import from the AnsiballZ wrapper
  • Restore module_utils.basic.BOOLEANS variable for backwards compatibility with the module API in older ansible releases.
  • Setting file attributes (via the file module amongst others) now accepts + and - modifiers to add or remove individual attributes. (https://github.com/ansible/ansible/issues/33838)
  • Switch from zip to bc for certain package install/remove test cases in yum integration tests. The dnf depsolver downgrades python when you uninstall zip which alters the test environment and we have no control over that.
  • The acme_account and acme_certificate modules now support two backends: the Python cryptograpy module or the OpenSSL binary. By default, the modules detect if a new enough cryptography module is available and use it, with the OpenSSL binary being a fallback. If the detection fails for some reason, the OpenSSL binary backend can be explicitly selected by setting select_crypto_backend to openssl.
  • The apt, ec2_elb_lb, elb_classic_lb, and unarchive modules have been ported away from using __file__. This is futureproofing as__file__ won't work if we switch to using python -m to invoke modules in the future or if we figure out a way to make a module never touch disk for pipelining purposes.
  • The password_hash filter supports all parameters of passlib. This allows users to provide a rounds parameter. (https://github.com/ansible/ansible/issues/15326)
  • action plugins strictly accept valid parameters and report invalid parameters
  • allow user to customize default ansible-console prompt/msg default color
  • aws_caller_facts - The module now outputs the "account_alias" as well
  • aws_rds - Add new inventory plugin for RDS instances and clusters to match behavior in the ec2 inventory script.
  • command module - Add support for check mode when passing creates or removes arguments. (https://github.com/ansible/ansible/pull/40428)
  • dnf - group removal does not work if group was installed with Ansible because of dnf upstream bug https://bugzilla.redhat.com/show_bug.cgi?id=1620324
  • ec2_group - Add diff mode support with and without check mode. This feature is preview and may change when a common framework is adopted for AWS modules.
  • elasticsearch_plugin - Add the possibility to use the elasticsearch_plugin installation batch mode to install plugins with advanced privileges without user interaction.
  • gather_subset - removed deprecated functionality for using comma separated list with gather_subset (https://github.com/ansible/ansible/pull/44320)
  • get_url - implement [expend checksum format to <algorithm>:(<checksum>|<url>)] (https://github.com/ansible/ansible/issues/27617)
  • import_tasks - Do not allow import_tasks to transition to dynamic if the file is missing (https://github.com/ansible/ansible/issues/44822)
  • lineinfile - add warning when using an empty regexp (https://github.com/ansible/ansible/issues/29443)
  • onepassword/onepassword_raw - accept subdomain and vault_password to allow Ansible to unlock 1Password vaults
  • password_hash is not restricted to the subset provided by crypt.crypt (https://github.com/ansible/ansible/issues/17266)
  • passwordstore - Add backup option when overwriting password (off by default)
  • puppet - Add support for --debug, --verbose, --summarize https://github.com/ansible/ansible/issues/37986
  • puppet - Add support for setting logdest to both stdout and syslog via 'all'
  • replace copy.deepcopy in high workload areas with a custom function to improve performance (https://github.com/ansible/ansible/pull/44337)
  • roles - removed deprecated functionality for non YAML role specs (https://github.com/ansible/ansible/pull/44320)
  • roles - removed deprecated special casing functionality of connection, port, and remote_user for role params (https://github.com/ansible/ansible/pull/44320)
  • service - removed deprecated state=running (https://github.com/ansible/ansible/pull/44320)
  • shell module - Add support for check mode when passing creates or removes arguments. (https://github.com/ansible/ansible/pull/40428)
  • sns_topic - Port sns_topic module to boto3 and add an integration test suite.
  • ssh - reset connection will show a warning instead of failing for older OpenSSH versions
  • to_nice_json - specify separators to json.dumps to normalize the output between python2 and python3 (https://github.com/ansible/ansible/pull/42633)
  • user - backup shadow file on platforms where the module modifies it directly (https://github.com/ansible/ansible/issues/40696)
  • user module - add a sanity check for the user's password and a more helpful warning message (https://github.com/ansible/ansible/pull/43615)
  • vars_prompt - removed deprecated functionality supporting 'short form' for vars_prompt (https://github.com/ansible/ansible/pull/44320)
  • vault - removed deprecated functionality for insecure VaultAES class (https://github.com/ansible/ansible/pull/44320)
  • win_chocolatey - Add support for installing Chocolatey itself from a source feed
  • win_chocolatey - Add support for username and password on source feeds
  • win_chocolatey - Added ability to specify multiple packages as a list in 1 module invocation
  • win_chocolatey - Removed the need to manually escape double quotes in the proxy username and password
  • win_chocolatey - Will no longer upgrade Chocolatey in check mode
  • win_chocolatey - set the rc return value to always be returned, default to 0 https://github.com/ansible/ansible/issues/41758
  • win_disk_image - return a list of mount paths with the return value mount_paths, this will always be a list and contain all mount points in an image
  • win_psexec - Added the session option to specify a session to start the process in
  • winrm - change the _reset() method to use reset() that is part of ConnectionBase

Deprecated Features

  • Modules will no longer be able to rely on the __file__ attribute pointing to a real file. If your third party module is using __file__ for something it should be changed before 2.8. See the 2.7 porting guide for more information.
  • The skippy, full_skip, actionable, and stderr callback plugins have been deprecated in favor of config options that influence the behavior of the default callback plugin (https://github.com/ansible/ansible/pull/41058)
  • win_disk_image - the return value mount_path is deprecated and will be removed in 2.11, this can be accessed through mount_paths[0] instead.

Removed Features (previously deprecated)

  • The configuration toggle, merge_multiple_cli_tags, has been removed. This setting controlled whether specifying --tags or --skip-tags multiple times on the commandline would merge the specified tags or use the old behaviour of overwriting the previous entry. The overwriting behaviour was deprecated in 2.3 and the default value of the config option became merge in 2.4.
  • ec2_facts - deprecated module removed (https://github.com/ansible/ansible/pull/44536)
  • s3 - deprecated module removed (https://github.com/ansible/ansible/pull/44537)

Bugfixes

New Plugins

Callback

  • counter_enabled - adds counters to the output items (tasks and hosts/task)
  • logdna - Sends playbook logs to LogDNA
  • splunk - Sends task result events to Splunk HTTP Event Collector

Connection

  • psrp - Run tasks over Microsoft PowerShell Remoting Protocol

Inventory

  • tower - Ansible dynamic inventory plugin for Ansible Tower.

Lookup

  • cpm_metering - Get Power and Current data from WTI OOB/Combo and PDU devices
  • cpm_status - Get status and parameters from WTI OOB and PDU devices.
  • grafana_dashboard - list or search grafana dashboards
  • nios_next_network - Return the next available network range for a network-container

Strategy

  • host_pinned - Executes tasks on each host without interruption

New Modules

Cloud

amazon
  • aws_eks_cluster - Manage Elastic Kubernetes Service Clusters
  • cloudformation_stack_set - Manage groups of CloudFormation stacks
  • elb_target_facts - Gathers which target groups a target is associated with.
  • rds_instance - Manage RDS instances
azure
  • azure_rm_appgateway - Manage Application Gateway instance.
  • azure_rm_appserviceplan - Manage App Service Plan
  • azure_rm_appserviceplan_facts - Get azure app service plan facts.
  • azure_rm_autoscale - Manage Azure autoscale setting.
  • azure_rm_autoscale_facts - Get Azure Auto Scale Setting facts.
  • azure_rm_containerregistry_facts - Get Azure Container Registry facts.
  • azure_rm_mysqldatabase_facts - Get Azure MySQL Database facts.
  • azure_rm_mysqlserver_facts - Get Azure MySQL Server facts.
  • azure_rm_postgresqldatabase_facts - Get Azure PostgreSQL Database facts.
  • azure_rm_postgresqlserver_facts - Get Azure PostgreSQL Server facts.
  • azure_rm_route - Manage Azure route resource.
  • azure_rm_routetable - Manage Azure route table resource.
  • azure_rm_routetable_facts - Get route table facts.
  • azure_rm_sqlfirewallrule - Manage Firewall Rule instance.
  • azure_rm_trafficmanagerendpoint - Manage Azure Traffic Manager endpoint.
  • azure_rm_trafficmanagerendpoint_facts - Get Azure Traffic Manager endpoint facts
  • azure_rm_trafficmanagerprofile - Manage Azure Traffic Manager profile.
  • azure_rm_trafficmanagerprofile_facts - Get Azure Traffic Manager profile facts
  • azure_rm_virtualmachine_facts - Get virtual machine facts.
  • azure_rm_webapp - Manage Web App instance.
  • azure_rm_webapp_facts - Get azure web app facts.
cloudstack
  • cs_disk_offering - Manages disk offerings on Apache CloudStack based clouds.
docker
  • docker_swarm - Manage Swarm cluster
  • docker_swarm_service - docker swarm service
google
  • gcp_compute_address_facts - Gather facts for GCP Address
  • gcp_compute_backend_bucket_facts - Gather facts for GCP BackendBucket
  • gcp_compute_backend_service_facts - Gather facts for GCP BackendService
  • gcp_compute_disk_facts - Gather facts for GCP Disk
  • gcp_compute_firewall_facts - Gather facts for GCP Firewall
  • gcp_compute_forwarding_rule_facts - Gather facts for GCP ForwardingRule
  • gcp_compute_global_address_facts - Gather facts for GCP GlobalAddress
  • gcp_compute_global_forwarding_rule_facts - Gather facts for GCP GlobalForwardingRule
  • gcp_compute_health_check_facts - Gather facts for GCP HealthCheck
  • gcp_compute_http_health_check_facts - Gather facts for GCP HttpHealthCheck
  • gcp_compute_https_health_check_facts - Gather facts for GCP HttpsHealthCheck
  • gcp_compute_image_facts - Gather facts for GCP Image
  • gcp_compute_instance_facts - Gather facts for GCP Instance
  • gcp_compute_instance_group_facts - Gather facts for GCP InstanceGroup
  • gcp_compute_instance_group_manager_facts - Gather facts for GCP InstanceGroupManager
  • gcp_compute_instance_template_facts - Gather facts for GCP InstanceTemplate
  • gcp_compute_network_facts - Gather facts for GCP Network
  • gcp_compute_route_facts - Gather facts for GCP Route
  • gcp_compute_router - Creates a GCP Router
  • gcp_compute_router_facts - Gather facts for GCP Router
  • gcp_compute_ssl_certificate_facts - Gather facts for GCP SslCertificate
  • gcp_compute_ssl_policy - Creates a GCP SslPolicy
  • gcp_compute_ssl_policy_facts - Gather facts for GCP SslPolicy
  • gcp_compute_subnetwork_facts - Gather facts for GCP Subnetwork
  • gcp_compute_target_http_proxy_facts - Gather facts for GCP TargetHttpProxy
  • gcp_compute_target_https_proxy_facts - Gather facts for GCP TargetHttpsProxy
  • gcp_compute_target_pool_facts - Gather facts for GCP TargetPool
  • gcp_compute_target_ssl_proxy_facts - Gather facts for GCP TargetSslProxy
  • gcp_compute_target_tcp_proxy_facts - Gather facts for GCP TargetTcpProxy
  • gcp_compute_target_vpn_gateway - Creates a GCP TargetVpnGateway
  • gcp_compute_target_vpn_gateway_facts - Gather facts for GCP TargetVpnGateway
  • gcp_compute_url_map_facts - Gather facts for GCP UrlMap
  • gcp_compute_vpn_tunnel - Creates a GCP VpnTunnel
  • gcp_compute_vpn_tunnel_facts - Gather facts for GCP VpnTunnel
  • gcp_spanner_database - Creates a GCP Database
  • gcp_spanner_instance - Creates a GCP Instance
  • gcp_sql_database - Creates a GCP Database
  • gcp_sql_instance - Creates a GCP Instance
  • gcp_sql_user - Creates a GCP User
online
  • online_user_facts - Gather facts about Online user.
openstack
  • os_coe_cluster_template - Add/Remove COE cluster template from OpenStack Cloud
  • os_listener - Add/Delete a listener for a load balancer from OpenStack Cloud
  • os_loadbalancer - Add/Delete load balancer from OpenStack Cloud
  • os_member - Add/Delete a member for a pool in load balancer from OpenStack Cloud
  • os_pool - Add/Delete a pool in the load balancing service from OpenStack Cloud
scaleway
  • scaleway_image_facts - Gather facts about the Scaleway images available.
  • scaleway_ip_facts - Gather facts about the Scaleway ips available.
  • scaleway_organization_facts - Gather facts about the Scaleway organizations available.
  • scaleway_security_group_facts - Gather facts about the Scaleway security groups available.
  • scaleway_server_facts - Gather facts about the Scaleway servers available.
  • scaleway_snapshot_facts - Gather facts about the Scaleway snapshots available.
  • scaleway_volume - Scaleway volumes management module
  • scaleway_volume_facts - Gather facts about the Scaleway volumes available.
vmware
  • vmware_about_facts - Provides information about VMware server to which user is connecting to
  • vmware_category - Manage VMware categories
  • vmware_category_facts - Gather facts about VMware tag categories
  • vmware_deploy_ovf - Deploys a VMware virtual machine from an OVF or OVA file
  • vmware_guest_boot_facts - Gather facts about boot options for the given virtual machine
  • vmware_guest_boot_manager - Manage boot options for the given virtual machine
  • vmware_guest_custom_attribute_defs - Manage custom attributes definitions for virtual machine from VMWare
  • vmware_guest_custom_attributes - Manage custom attributes from VMWare for the given virtual machine
  • vmware_guest_move - Moves virtual machines in vCenter
  • vmware_host_ntp_facts - Gathers facts about NTP configuration on an ESXi host
  • vmware_host_ssl_facts - Gather facts of ESXi host system about SSL
  • vmware_local_role_facts - Gather facts about local roles on an ESXi host
vultr
  • vultr_block_storage - Manages block storage volumes on Vultr.
  • vultr_block_storage_facts - Gather facts about the Vultr block storage volumes available.
  • vultr_dns_domain_facts - Gather facts about the Vultr DNS domains available.
  • vultr_firewall_group_facts - Gather facts about the Vultr firewall groups available.
  • vultr_network - Manages networks on Vultr.
  • vultr_network_facts - Gather facts about the Vultr networks available.
  • vultr_os_facts - Gather facts about the Vultr OSes available.
  • vultr_plan_facts - Gather facts about the Vultr plans available.
  • vultr_region_facts - Gather facts about the Vultr regions available.
  • vultr_server_facts - Gather facts about the Vultr servers available.
  • vultr_ssh_key_facts - Gather facts about the Vultr SSH keys available.
  • vultr_startup_script_facts - Gather facts about the Vultr startup scripts available.
  • vultr_user_facts - Gather facts about the Vultr user available.

Clustering

k8s
  • k8s_facts - Describe Kubernetes (K8s) objects

Crypto

  • certificate_complete_chain - Complete certificate chain given a set of untrusted and root certificates
  • openssl_pkcs12 - Generate OpenSSL PKCS#12 archive.
acme
  • acme_account_facts - Retrieves information on ACME accounts
  • acme_certificate_revoke - Revoke certificates with the ACME protocol
  • acme_challenge_cert_helper - Prepare certificates required for ACME challenges such as C(tls-alpn-01)

Identity

  • onepassword_facts - Fetch facts from 1Password items
ipa
  • ipa_config - Manage Global FreeIPA Configuration Settings
  • ipa_vault - Manage FreeIPA vaults

Monitoring

zabbix
  • zabbix_host_facts - Gather facts about Zabbix host

Net Tools

  • netcup_dns - manage Netcup DNS records
nios
  • nios_a_record - Configure Infoblox NIOS A records
  • nios_cname_record - Configure Infoblox NIOS CNAME records
  • nios_mx_record - Configure Infoblox NIOS MX records
  • nios_naptr_record - Configure Infoblox NIOS NAPTR records
  • nios_ptr_record - Configure Infoblox NIOS PTR records
  • nios_srv_record - Configure Infoblox NIOS SRV records
  • nios_txt_record - Configure Infoblox NIOS txt records

Network

aci
  • aci_interface_policy_ospf - Manage OSPF interface policies (ospf:IfPol)
cli
  • cli_command - Run a cli command on cli-based network devices
  • cli_config - Push text based configuration to network devices over network_cli
exos
  • exos_config - Manage Extreme Networks EXOS configuration sections
  • exos_facts - Collect facts from devices running Extreme EXOS
f5
  • bigip_appsvcs_extension - Manage application service deployments
  • bigip_cli_alias - Manage CLI aliases on a BIG-IP
  • bigip_cli_script - Manage CLI scripts on a BIG-IP
  • bigip_device_auth - Manage system authentication on a BIG-IP
  • bigip_device_facts - Collect facts from F5 BIG-IP devices
  • bigip_firewall_dos_profile - Manage AFM DoS profiles on a BIG-IP
  • bigip_firewall_policy - Manage AFM security firewall policies on a BIG-IP
  • bigip_firewall_rule - Manage AFM Firewall rules
  • bigip_firewall_rule_list - Manage AFM security firewall policies on a BIG-IP
  • bigip_monitor_dns - Manage DNS monitors on a BIG-IP
  • bigip_profile_http - Manage HTTP profiles on a BIG-IP
  • bigip_profile_http_compression - Manage HTTP compression profiles on a BIG-IP
  • bigip_profile_oneconnect - Manage OneConnect profiles on a BIG-IP
  • bigip_profile_persistence_src_addr - Manage source address persistence profiles
  • bigip_remote_role - Manage remote roles on a BIG-IP
  • bigip_software_image - Manage software images on a BIG-IP
  • bigip_software_install - Install software images on a BIG-IP
  • bigip_tunnel - Manage tunnels on a BIG-IP
  • bigiq_utility_license_assignment - Manage utility license assignment on BIG-IPs from a BIG-IQ
fortimanager
  • fmgr_provisioning - Provision devices via FortiMananger
ftd
  • ftd_configuration - Manages configuration on Cisco FTD devices over REST API
  • ftd_file_download - Downloads files from Cisco FTD devices over HTTP(S)
  • ftd_file_upload - Uploads files to Cisco FTD devices over HTTP(S)
meraki
  • meraki_config_template - Manage configuration templates in the Meraki cloud
  • meraki_device - Manage devices in the Meraki cloud
  • meraki_mr_l3_firewall - Manage MR access point layer 3 firewalls in the Meraki cloud
  • meraki_mx_l3_firewall - Manage MX appliance layer 3 firewalls in the Meraki cloud
  • meraki_ssid - Manage wireless SSIDs in the Meraki cloud
  • meraki_switchport - Manage switchports on a switch in the Meraki cloud
  • meraki_vlan - Manage VLANs in the Meraki cloud
nos
  • nos_command - Run commands on remote devices running Extreme Networks NOS
  • nos_config - Manage Extreme Networks NOS configuration sections
  • nos_facts - Collect facts from devices running Extreme NOS
nxos
  • nxos_rpm - Install patch or feature rpms on Cisco NX-OS devices.
onyx
  • onyx_igmp - Configures IGMP globl parameters
opx
  • opx_cps - CPS operations on networking device running Openswitch (OPX)
panos
  • panos_set - Execute arbitrary commands on a PAN-OS device using XPath and element
routeros
  • routeros_command - Run commands on remote devices running MikroTik RouterOS
slxos
  • slxos_lldp - Manage LLDP configuration on Extreme Networks SLX-OS network devices.
voss
  • voss_command - Run commands on remote devices running Extreme VOSS
  • voss_facts - Collect facts from remote devices running Extreme VOSS

Remote Management

cobbler
  • cobbler_sync - Sync Cobbler
  • cobbler_system - Manage system objects in Cobbler
cpm
  • cpm_user - Get various status and parameters from WTI OOB and PDU devices
redfish
  • redfish_command - Manages Out-Of-Band controllers using Redfish APIs
  • redfish_config - Manages Out-Of-Band controllers using Redfish APIs
  • redfish_facts - Manages Out-Of-Band controllers using Redfish APIs
ucs
  • ucs_ntp_server - Configures NTP server on Cisco UCS Manager
  • ucs_storage_profile - Configures storage profiles on Cisco UCS Manager
  • ucs_timezone - Configures timezone on Cisco UCS Manager
  • ucs_uuid_pool - Configures server UUID pools on Cisco UCS Manager

Storage

emc
  • emc_vnx_sg_member - Manage storage group member on EMC VNX
ibm
  • ibm_sa_host - Adds hosts to or removes them from IBM Spectrum Accelerate storage systems.
  • ibm_sa_pool - Handles pools on an IBM Spectrum Accelerate storage array.
  • ibm_sa_vol - Handle volumes on an IBM Spectrum Accelerate storage array
netapp
  • na_elementsw_access_group - NetApp Element Software Manage Access Groups
  • na_elementsw_account - NetApp Element Software Manage Accounts
  • na_elementsw_admin_users - NetApp Element Software Manage Admin Users
  • na_elementsw_backup - NetApp Element Software Create Backups
  • na_elementsw_check_connections - NetApp Element Software Check connectivity to MVIP and SVIP.
  • na_elementsw_cluster - NetApp Element Software Create Cluster
  • na_elementsw_cluster_pair - NetApp Element Software Manage Cluster Pair
  • na_elementsw_drive - NetApp Element Software Manage Node Drives
  • na_elementsw_ldap - NetApp Element Software Manage ldap admin users
  • na_elementsw_network_interfaces - NetApp Element Software Configure Node Network Interfaces
  • na_elementsw_node - NetApp Element Software Node Operation
  • na_elementsw_snapshot - NetApp Element Software Manage Snapshots
  • na_elementsw_snapshot_restore - NetApp Element Software Restore Snapshot
  • na_elementsw_snapshot_schedule - NetApp Element Software Snapshot Schedules
  • na_elementsw_vlan - NetApp Element Software Manage VLAN
  • na_elementsw_volume - NetApp Element Software Manage Volumes
  • na_elementsw_volume_clone - NetApp Element Software Create Volume Clone
  • na_elementsw_volume_pair - NetApp Element Software Volume Pair
  • na_ontap_autosupport - NetApp ONTAP manage Autosupport
  • na_ontap_cg_snapshot - NetApp ONTAP manage consistency group snapshot
  • na_ontap_cluster_peer - NetApp ONTAP Manage Cluster peering
  • na_ontap_command - NetApp ONTAP Run any cli command
  • na_ontap_disks - NetApp ONTAP Assign disks to nodes
  • na_ontap_dns - NetApp ONTAP Create, delete, modify DNS servers.
  • na_ontap_fcp - NetApp ONTAP Start, Stop and Enable FCP services.
  • na_ontap_firewall_policy - NetApp ONTAP Manage a firewall policy
  • na_ontap_gather_facts - NetApp information gatherer
  • na_ontap_motd - Setup motd on cDOT
  • na_ontap_node - NetApp ONTAP Rename a node.
  • na_ontap_snapmirror - NetApp ONTAP Manage SnapMirror
  • na_ontap_software_update - NetApp ONTAP Update Software
  • na_ontap_svm_options - NetApp ONTAP Modify SVM Options
  • na_ontap_vserver_peer - NetApp ONTAP Vserver peering
  • netapp_e_alerts - NetApp E-Series manage email notification settings
  • netapp_e_asup - NetApp E-Series manage auto-support settings
  • netapp_e_auditlog - NetApp E-Series manage audit-log configuration
  • netapp_e_global - NetApp E-Series manage global settings configuration
  • netapp_e_iscsi_interface - NetApp E-Series manage iSCSI interface configuration
  • netapp_e_iscsi_target - NetApp E-Series manage iSCSI target configuration
  • netapp_e_ldap - NetApp E-Series manage LDAP integration to use for authentication
  • netapp_e_mgmt_interface - NetApp E-Series management interface configuration
  • netapp_e_syslog - NetApp E-Series manage syslog settings
purestorage
  • purefb_facts - Collect facts from Pure Storage FlashBlade

System

  • java_keystore - Create or delete a Java keystore in JKS format.
  • python_requirements_facts - Show python path and assert dependency versions
  • reboot - Reboot a machine

Web Infrastructure

ansible_tower
  • tower_credential_type - Create, update, or destroy custom Ansible Tower credential type.
  • tower_inventory_source - create, update, or destroy Ansible Tower inventory source.
  • tower_settings - Modify Ansible Tower settings.
  • tower_workflow_template - create, update, or destroy Ansible Tower workflow template.

Windows

  • win_chocolatey_config - Manages Chocolatey config settings
  • win_chocolatey_feature - Manages Chocolatey features
  • win_chocolatey_source - Manages Chocolatey sources
  • win_wait_for_process - Waits for a process to exist or not exist before continuing.
  • win_xml - Add XML fragment to an XML parent