Documentation

1. Release Notes for Ansible Tower Version 3.3.0

1.1. Ansible Tower Version 3.3.0

  • Added support for container-based clusters using OpenShift or Kubernetes
  • Added support for multiple or no credential assignment in Job Templates
  • Added support for multiple Vault credential assignment in Job Templates
  • Added support for multiple LDAP server configurations
  • Added support fact caching for isolated instances
  • Added the ability to schedule configurations of a job template using job template prompts
  • Added deprecation note to the Tower REST API for Version 1 (/api/v1/), which will be removed in a future release of Ansible Tower
  • Added the ability to make a copy of existing Tower objects (inventory, project, etc.) as a template for creating a new one
  • Added the ability to relaunch jobs on a subset of hosts by status
  • Added validation to prevent string "$encrypted$" from becoming a literal survey question default
  • Added support for more job template prompts at workflow node creation time
  • Added ask_variables_on_launch to workflow job templates (WFJT)
  • Added diff_mode and verbosity fields to WFJT nodes
  • Added Saved Launch-time configurations feature - added WFJT node promptable fields to schedules, added extra_data to WFJT nodes, and added “schedule this job” endpoint.
  • Added block creation of schedules when variables not allowed are given. Block similar cases for WFJT nodes.
  • Added the ability to create instance groups and associate instances at runtime via the user interface and API
  • Added the ability to group instances based on policy, such as such as “50% of instances” and “at least three instances”
  • Added additional organizational roles for administration of projects, job templates, inventories, workflows and more
  • Added support for custom virtual environments for customizing Ansible execution
  • Added OAuth2 support for token based authentication
  • Added support for OAuth2 applications and access token generation
  • Added the ability to forcibly expire sessions through awx-manage expire_sessions
  • Added support for making inventory parsing errors fatal, and only enable the script inventory plugin for job runs and vendored inventory updates
  • Added inventory field to inventory updates
  • Added related credentials endpoint for inventory updates to be more internally consistent with job templates, model changes
  • Added a graphical user interface for network inventory
  • Added a restriction to viewing and editing network UI canvas to users with inventory admin_role
  • Added the ability to show all teams to organization admins if the ORG_ADMINS_CAN_SEE_ALL_USERS setting is enabled
  • Added the ability to create schedules and workflow nodes from job templates that use credentials which prompt for passwords if ask_credential_on_launch is set.
  • Deprecated the fact_versions and fact_view endpoints from the API, including OPTIONS
  • Deprecated fact tables
  • Deprecated the awx-manage cleanup_facts command for fact cleanup
  • Deprecated the /api/v2/authtoken/ endpoint in the API and replaced it with /api/v2/tokens/
  • Fixed a conflict with Tower credential type by removing TOWER_HOST as a default environment variable in job running environments. Playbook authors should replace their use with AWX_HOST.
  • Fixed a behavior in Tower to prevent it from deleting jobs when event processing is still ongoing
  • Fixed a behavior in Tower to disallow relaunching jobs with execute_role if another user provided prompts
  • Improved project updates so that previously synced git projects do not attempt to contact the server if they are already at the proper revision
  • Improved WFJT node credential to many-to-many credentials
  • Improved stricter criteria to admin users where organization admin role now necessary for all organizations of which the target user is a member. Additionally, removed unused admin_role associated with users
  • Improved logs to consistently catch task exceptions
  • Improved external loggers to passively create handler from settings on every log emission, replacing server restart, allowing use in OpenShift deployments
  • Improved Tower to automatically run a project update if sensitive fields change like scm_url
  • Improved queuing logic through setting execution_node in task manager and submitting waiting jobs to only the queue for the specific instance job is targeted to run on
  • Updated the auth-token-timeout header name to Session-Timeout
  • Updated the AUTH_TOKEN_EXPIRATION setting name to change to SESSION_COOKIE_AGE and AUTH_TOKEN_PER_USER changed to SESSIONS_PER_USER
  • Updated source-control based inventory to allow for vaulted variable values
  • Updated the minimum required version of Red Hat Enterprise Linux to 7.4
  • Updated the minimum required RAM for standalone Tower to 4GB
  • Updated Ansible Tower to set ANSIBLE_DISPLAY_ARGS_TO_STDOUT to False by default for all playbook runs to match Ansible’s default behavior. See Jobs for more information.
  • Updated all job and tasks to generate consistent output events and make job output available on all cluster nodes
  • Updated external logging to default to HTTPS unless http:// is explicitly specified in the log aggregator hostname
  • Updated the behavior of a job template to prohibit configuring callbacks on job templates without an inventory
  • Updated the boolean fields for custom credential types to always default extra_vars and environment variables to False when a value is not provided
  • Updated to disallow using HTTP PUT/PATCH methods to modify existing jobs in Job Details API endpoint