Documentation

2. Release Notes

The following list summarizes the additions, changes, and modifications which were made to Ansible Tower v3.7.0.

2.1. Ansible Tower Version 3.7.0

  • Improved the performance (time to execute, and memory consumption) of the periodic job cleanup system job
  • Improved performance in the User Interface for various job views when many simultaneous users are logged into Tower
  • Improved job run performance and the write speed of stdout for running playbooks and parallel jobs through optimization of the job dependency/scheduling algorithm
  • Improved running jobs to no longer block associated inventory updates
  • Updated Tower’s external log aggregator feature with a more robust implementation based on rsyslogd
  • Updated Ansible Tower to use the following inventory plugins from upstream collections if inventory updates are run with Ansible 2.9:
    • amazon.aws.aws_ec2
    • community.vmware.vmware_vm_inventory
    • azure.azcollection.azure_rm
    • google.cloud.gcp_compute
    • theforeman.foreman.foreman
    • openstack.cloud.openstack
    • ovirt.ovirt.ovirt
    • awx.awx.tower
  • Updated the Red Hat Virtualization (ovirt) inventory source so that requests check certificates by default
  • Updated OpenShift-based deployments to use a Deployment rather than a StatefulSet
  • Updated Activity Stream logs to include Summary fields for related objects
  • Updated Tower CLI to no longer support Python 2 (it requires at least Python 3.6)
  • Updated the Tower CLI environment variable used to specify an OAuth2 token from TOWER_TOKEN to TOWER_OAUTH_TOKEN in order to align with the Tower collection. The old environment variable is still accepted, but it is recommended to use TOWER_OAUTH_TOKEN.
  • Updated Tower to no longer rely on RabbitMQ; Redis is added as a new dependency
  • Updated the job templates API to show a read-only organization field, which is inferred from the associated project
  • Updated to ansible-runner 1.4.6 to address various bugs
  • Updated Django to address CVE-2020-9402
  • Updated pyyaml version to address CVE-2017-18342
  • Updated the bundled version of OpenStack SDK to address a known issue
  • Added support for Approle and LDAP/AD mechanisms to the Hashicorp Vault credential plugin
  • Added a new Project (Domain Name) field to OpenStack Credentials to properly support the OpenStack Keystone v3 API
  • Added the ability to monitor stdout in the CLI for running jobs and workflow jobs
  • Added the ability to specify an OAuth2 token description in the Tower CLI
  • Added the ability to launch jobs (and workflows) using the --monitor flag in the Tower CLI to return a non-zero exit code on job failures
  • Added the ability to discover playbooks in project clones from symlinked directories
  • Added the ability to configure the convergence behavior of workflow nodes with the implementation of the ALL node, which requires that every single parent meets the “run on” conditions before continuing (refer to the Ansible Tower User Guide for detail)
  • Added a default maximum limit of 200 forks to job templates (this default is configurable)
  • Added the ability to specify AZURE_PUBLIC_CLOUD (for e.g., Azure Government KeyVault support) for the Azure credential plugin
  • Added a new field to jobs for tracking the date/time a job is canceled
  • Added the ability for Tower to use any environment variables in AWX_TASK_ENV when connecting to Red Hat Insights, Red Hat Subscription Manager, and when sending data to Automation Analytics
  • Introduced ansible.tower Ansible collection to be distributed on Automation Hub with a corresponding version number
  • Removed project update lock, allowing projects to update while a related job is running
  • Removed the limitation on the maximum number of events Tower can store as a result of playbook runs by expanding event tables to allow more than ~2 billion total events
  • Removed a number of pre-computed fields from the Host and Group models to improve Tower performance. As part of this change, inventory group UIs throughout the interface no longer display status icons.
  • Fixed the Tower CLI to properly install with newer versions of pip
  • Fixed the Tower CLI to save the JSON-type settings properly
  • Fixed a race condition that caused task container crashes when pods are quickly brought down and back up
  • Fixed a bug that prevented the use of ANSIBLE_SSH_ARGS for ad-hoc-commands
  • Fixed an unexpected deadlock during playbook execution in container groups
  • Fixed schedules containing RRULES with very old DTSTART dates to no longer break
  • Fixed OpenShift-based installs on older versions of Ansible packaged with RHEL 7
  • Fixed the Activity Stream to report the correct actor when associating user membership on SAML login
  • Fixed searching for Source Control credentials in the Tower user interface
  • Fixed disassociating orphaned users from credentials
  • Fixed the new scm_branch field to be used in custom notification templates
  • Fixed a race condition that sometimes causes success/failure notifications to include an incomplete list of hosts
  • Fixed playbook launches to no longer lose unsaved form edits on certain setting pages
  • Fixed the “Use TLS/SSL” field to properly save when editing email notification templates
  • Fixed a race condition that sometimes broke event/stdout processing for jobs launched in container groups
  • Fixed delays in project update stdout for certain large SCM clones (as of Ansible 2.9+)
  • Fixed certain smart inventory filters to not mistakenly return duplicate hosts
  • Fixed broken Grafana notification support in a newer version of Grafana
  • Fixed the Tower User Interface to allow users with read access to an organization to edit credentials for that organization
  • Fixed 404 errors when attempting to view the second page of the workflow approvals view
  • Fixed workflow approval records to properly record a started and elapsed date
  • Fixed workflow nodes to no longer have a confusing option for verbosity
  • Fixed RBAC so that projects and inventory schedules can be created by certain users in certain contexts
  • Fixed the role_path in a project’s config to be respected despite an error processing /etc/ansible/ansible.cfg
  • Fixed inventory updates for installs with custom home directories for the Tower user
  • Fixed fact data collection when Tower encounters invalid/unexpected fact data

For older version of the release notes, as well as other reference materials, refer to the Ansible Tower Release Notes.