Ansible 5 Porting Guide

Ansible 5 is based on Ansible-core 2.12.

We suggest you read this page along with the Ansible 5 Changelog to understand what updates you may need to make.

Playbook

  • When calling tasks and setting async, setting ANSIBLE_ASYNC_DIR under environment: is no longer valid. Instead, use the shell configuration variable async_dir, for example by setting ansible_async_dir:

tasks:
  - dnf:
      name: '*'
      state: latest
    async: 300
    poll: 5
    vars:
      ansible_async_dir: /path/to/my/custom/dir
  • The undef() function is added to the templating environment for creating undefined variables directly in a template. Optionally, a hint may be provided for variables which are intended to be overridden.

vars:
  old: "{{ undef }}"
  new: "{{ undef() }}"
  new_with_hint: "{{ undef(hint='You must override this variable') }}"

Python Interpreter Discovery

The default value of INTERPRETER_PYTHON changed to auto. The list of Python interpreters in INTERPRETER_PYTHON_FALLBACK changed to prefer Python 3 over Python 2. The combination of these two changes means the new default behavior is to quietly prefer Python 3 over Python 2 on remote hosts. Previously a deprecation warning was issued in situations where interpreter discovery would have used Python 3 but the interpreter was set to /usr/bin/python.

INTERPRETER_PYTHON_FALLBACK can be changed from the default list of interpreters by setting the ansible_interpreter_python_fallback variable.

See interpreter discovery documentation for more details.

Command Line

  • Python 3.8 on the controller node is a hard requirement for this release. The command line scripts will not function with a lower Python version.

  • ansible-vault no longer supports PyCrypto and requires cryptography.

Deprecated

  • Python 2.6 on the target node is deprecated in this release. ansible-core 2.13 will remove support for Python 2.6.

  • Bare variables in conditionals: when conditionals no longer automatically parse string booleans such as "true" and "false" into actual booleans. Any variable containing a non-empty string is considered true. This was previously configurable with the CONDITIONAL_BARE_VARS configuration option (and the ANSIBLE_CONDITIONAL_BARE_VARS environment variable). This setting no longer has any effect. Users can work around the issue by using the |bool filter:

vars:
  teardown: 'false'

tasks:
  - include_tasks: teardown.yml
    when: teardown | bool

  - include_tasks: provision.yml
    when: not teardown | bool
  • The _remote_checksum() method in ActionBase is deprecated. Any action plugin using this method should use _execute_remote_stat() instead.

Modules

  • cron now requires name to be specified in all cases.

  • cron no longer allows a reboot parameter. Use special_time: reboot instead.

  • hostname - On FreeBSD, the before result will no longer be "temporarystub" if permanent hostname file does not exist. It will instead be "" (empty string) for consistency with other systems.

  • hostname - On OpenRC and Solaris based systems, the before result will no longer be "UNKNOWN" if the permanent hostname file does not exist. It will instead be "" (empty string) for consistency with other systems.

  • pip now uses the pip Python module installed for the Ansible module’s Python interpreter, if available, unless executable or virtualenv were specified.

Modules removed

The following modules no longer exist:

  • No notable changes

Deprecation notices

No notable changes

Noteworthy module changes

No notable changes

Plugins

  • unique filter with Jinja2 < 2.10 is case-sensitive and now raise coherently an error if case_sensitive=False instead of when case_sensitive=True.

  • Set theory filters (intersect, difference, symmetric_difference and union) are now case-sensitive. Explicitly use case_sensitive=False to keep previous behavior. Note: with Jinja2 < 2.10, the filters were already case-sensitive by default.

  • password_hash now uses passlib defaults when an option is unspecified, for example bcrypt_sha256, now default to the “2b” format and if the “2a” format is required it must be specified.

Porting custom scripts

No notable changes

Networking

No notable changes

Porting Guide for v5.9.0

Added Collections

  • cisco.dnac (version 6.4.0)

  • community.sap_libs (version 1.1.0)

Major Changes

fortinet.fortios

  • Support FortiOS 7.0.2, 7.0.3, 7.0.4, 7.0.5.

Deprecated Features

  • The collection community.sap has been renamed to community.sap_libs. For now both collections are included in Ansible. The content in community.sap will be replaced with deprecated redirects to the new collection in Ansible 7.0.0, and these redirects will eventually be removed from Ansible. Please update your FQCNs for community.sap.

community.docker

Porting Guide for v5.8.0

Added Collections

  • vmware.vmware_rest (version 2.1.5)

Breaking Changes

vmware.vmware_rest

  • The vmware_rest 2.0.0 support vSphere 7.0.2 onwards.

  • vcenter_vm_storage_policy - the format of the disks parameter has changed.

  • vcenter_vm_storage_policy - the module has a new mandatory parameter: vm_home.

Major Changes

community.mysql

  • The community.mysql collection no longer supports Ansible 2.9 and ansible-base 2.10. While we take no active measures to prevent usage and there are no plans to introduce incompatible code to the modules, we will stop testing against Ansible 2.9 and ansible-base 2.10. Both will very soon be End of Life and if you are still using them, you should consider upgrading to the latest Ansible / ansible-core 2.11 or later as soon as possible (https://github.com/ansible-collections/community.mysql/pull/343).

community.postgresql

  • The community.postgresql collection no longer supports Ansible 2.9 and ansible-base 2.10. While we take no active measures to prevent usage and there are no plans to introduce incompatible code to the modules, we will stop testing against Ansible 2.9 and ansible-base 2.10. Both will very soon be End of Life and if you are still using them, you should consider upgrading to the latest Ansible / ansible-core 2.11 or later as soon as possible (https://github.com/ansible-collections/community.postgresql/pull/245).

Deprecated Features

community.hashi_vault

community.network

  • Support for Ansible 2.9 and ansible-base 2.10 is deprecated, and will be removed in the next major release (community.network 4.0.0) this spring. While most content will probably still work with ansible-base 2.10, we will remove symbolic links for modules and action plugins, which will make it impossible to use them with Ansible 2.9 anymore. Please use community.network 3.x.y with Ansible 2.9 and ansible-base 2.10, as these releases will continue to support Ansible 2.9 and ansible-base 2.10 even after they are End of Life (https://github.com/ansible-community/community-topics/issues/50, https://github.com/ansible-collections/community.network/pull/382).

vmware.vmware_rest

  • vcenter_vm_storage_policy_compliance - drop the module, it returns 404 error.

  • vcenter_vm_tools - remove the upgrade state.

  • vcenter_vm_tools_installer - remove the module from the collection.

Porting Guide for v5.7.0

Major Changes

community.postgresql

fortinet.fortios

  • Support FortiOS 7.0.2, 7.0.3, 7.0.4, 7.0.5.

Deprecated Features

community.general

  • nmcli - deprecate default hairpin mode for a bridge. This so we can change it to false in community.general 7.0.0, as this is also the default in nmcli (https://github.com/ansible-collections/community.general/pull/4334).

  • proxmox inventory plugin - the current default true of the want_proxmox_nodes_ansible_host option has been deprecated. The default will change to false in community.general 6.0.0. To keep the current behavior, explicitly set want_proxmox_nodes_ansible_host to true in your inventory configuration. We suggest to already switch to the new behavior by explicitly setting it to false, and by using compose: to set ansible_host to the correct value. See the examples in the plugin documentation for details (https://github.com/ansible-collections/community.general/pull/4466).

Porting Guide for v5.6.0

Added Collections

  • community.sap (version 1.0.0)

Deprecated Features

cisco.ios

  • Deprecates lldp module.

Porting Guide for v5.5.0

Known Issues

community.general

Deprecated Features

community.general

Porting Guide for v5.4.0

Major Changes

chocolatey.chocolatey

  • win_chocolatey - Added choco_args option to pass additional arguments directly to Chocolatey.

vyos.vyos

  • Add ‘pool’ as value to server key in ntp_global.

Deprecated Features

cisco.ios

  • ios_acls - Deprecated fragment attribute added boolean alternate as enable_fragment.

Porting Guide for v5.3.0

Major Changes

f5networks.f5_modules

  • bigip_device_info - pagination logic has also been added to help with api stability.

  • bigip_device_info - the module no longer gathers information from all partitions on device. This change will stabalize the module by gathering resources only from the given partition and prevent the module from gathering way too much information that might result in crashing.

Deprecated Features

community.general

Porting Guide for v5.2.0

Known Issues

dellemc.openmanage

  • idrac_user - Issue(192043) The module may error out with the message unable to perform the import or export operation because there are pending attribute changes or a configuration job is in progress. Wait for the job to complete and run the task again.

  • ome_application_alerts_smtp - Issue(212310) - The module does not provide a proper error message if the destination_address is more than 255 characters.

  • ome_application_alerts_syslog - Issue(215374) - The module does not provide a proper error message if the destination_address is more than 255 characters.

  • ome_device_local_access_configuration - Issue(215035) - The module reports Successfully updated the local access setting if an unsupported value is provided for the parameter timeout_limit. However, this value is not actually applied on OpenManage Enterprise Modular.

  • ome_device_local_access_configuration - Issue(217865) - The module does not display a proper error message if an unsupported value is provided for the user_defined and lcd_language parameters.

  • ome_device_network_services - Issue(212681) - The module does not provide a proper error message if unsupported values are provided for the parameters- port_number, community_name, max_sessions, max_auth_retries, and idle_timeout.

  • ome_device_power_settings - Issue(212679) - The module errors out with the following message if the value provided for the parameter power_cap is not within the supported range of 0 to 32767, Unable to complete the request because PowerCap does not  exist or is not applicable for the resource URI.

  • ome_smart_fabric_uplink - Issue(186024) - The module does not allow the creation of multiple uplinks of the same name even though it is supported by OpenManage Enterprise Modular. If an uplink is created using the same name as an existing uplink, the existing uplink is modified.

purestorage.flasharray

  • purefa_admin - Once max_login and lockout have been set there is currently no way to rest these to zero except through the FlashArray GUI

Major Changes

cisco.meraki

  • meraki_mr_radio - New module

Deprecated Features

purestorage.flasharray

  • purefa_sso - Deprecated in favor of M(purefa_admin). Will be removed in Collection 2.0

Porting Guide for v5.1.0

Known Issues

dellemc.openmanage

  • idrac_user - Issue(192043) The module may error out with the message unable to perform the import or export operation because there are pending attribute changes or a configuration job is in progress. Wait for the job to complete and run the task again.

  • ome_application_alerts_smtp - Issue(212310) - The module does not provide a proper error message if the destination_address is more than 255 characters.

  • ome_application_alerts_syslog - Issue(215374) - The module does not provide a proper error message if the destination_address is more than 255 characters.

  • ome_device_network_services - Issue(212681) - The module does not provide a proper error message if unsupported values are provided for the parameters- port_number, community_name, max_sessions, max_auth_retries, and idle_timeout.

  • ome_device_power_settings - Issue(212679) - The module errors out with the following message if the value provided for the parameter power_cap is not within the supported range of 0 to 32767, Unable to complete the request because PowerCap does not  exist or is not applicable for the resource URI.

  • ome_smart_fabric_uplink - Issue(186024) - The module does not allow the creation of multiple uplinks of the same name even though it is supported by OpenManage Enterprise Modular. If an uplink is created using the same name as an existing uplink, the existing uplink is modified.

Major Changes

containers.podman

  • Add podman_tag module

  • Add secrets driver and driver opts support

Removed Features

community.hashi_vault

Deprecated Features

cisco.nxos

  • Deprecated nxos_snmp_community module.

  • Deprecated nxos_snmp_contact module.

  • Deprecated nxos_snmp_host module.

  • Deprecated nxos_snmp_location module.

  • Deprecated nxos_snmp_traps module.

  • Deprecated nxos_snmp_user module.

community.general

community.hashi_vault

junipernetworks.junos

  • ‘router_id’ options is deprecated from junos_ospf_interfaces, junos_ospfv2 and junos_ospfv3 resource module.

Porting Guide for v5.0.1

Major Changes

  • Raised python requirement of the ansible package from >=2.7 to >=3.8 to match ansible-core

Porting Guide for v5.0.0

Added Collections

  • cisco.ise (version 1.2.1)

  • cloud.common (version 2.1.0)

  • community.ciscosmb (version 1.0.4)

  • community.dns (version 2.0.3)

  • infoblox.nios_modules (version 1.1.2)

  • netapp.storagegrid (version 21.7.0)

Known Issues

Ansible-core

  • ansible-test - Tab completion anywhere other than the end of the command with the new composite options will provide incorrect results. See issue 351 for additional details.

dellemc.openmanage

  • idrac_user - Issue(192043) Module may error out with the message unable to perform the import or export operation because there are pending attribute changes or a configuration job is in progress. Wait for the job to complete and run the task again.

  • ome_device_power_settings - Issue(212679) The ome_device_power_settings module errors out with the following message if the value provided for the parameter power_cap is not within the supported range of 0 to 32767, Unable to complete the request because PowerCap does not  exist or is not applicable for the resource URI.

  • ome_smart_fabric_uplink - Issue(186024) ome_smart_fabric_uplink module does not allow the creation of multiple uplinks of the same name even though it is supported by OpenManage Enterprise Modular. If an uplink is created using the same name as an existing uplink, the existing uplink is modified.

  • ome_smart_fabric_uplink - Issue(186024) ome_smart_fabric_uplink module does not allow the creation of multiple uplinks of the same name even though this is supported by OpenManage Enterprise Modular. If an uplink is created using the same name as an existing uplink, the existing uplink is modified.

purestorage.flashblade

  • purefb_lag - The mac_address field in the response is not populated. This will be fixed in a future FlashBlade update.

Breaking Changes

Ansible-core

  • Action, module, and group names in module_defaults must be static values. Their values can still be templates.

  • Fully qualified ‘ansible.legacy’ plugin names are not included implicitly in action_groups.

  • Unresolvable groups, action plugins, and modules in module_defaults are an error.

  • ansible-test - Automatic installation of requirements for “cloud” test plugins no longer occurs. The affected test plugins are aws, azure, cs, hcloud, nios, opennebula, openshift and vcenter. Collections should instead use one of the supported integration test requirements files, such as the tests/integration/requirements.txt file.

  • ansible-test - The HTTP Tester is no longer available with the ansible-test shell command. Only the integration and windows-integration commands provide HTTP Tester.

  • ansible-test - The --disable-httptester option is no longer available. The HTTP Tester is no longer optional for tests that specify it.

  • ansible-test - The --httptester option is no longer available. To override the container used for HTTP Tester tests, set the ANSIBLE_HTTP_TEST_CONTAINER environment variable instead.

  • ansible-test - Unit tests for modules and module_utils are now limited to importing only ansible.module_utils from the ansible module.

  • conditionals - when conditionals no longer automatically parse string booleans such as "true" and "false" into actual booleans. Any non-empty string is now considered true. The CONDITIONAL_BARE_VARS configuration variable no longer has any effect.

  • hostname - Drops any remaining support for Python 2.4 by using with open() to simplify exception handling code which leaked file handles in several spots

  • hostname - On FreeBSD, the string temporarystub no longer gets written to the hostname file in the get methods (and in check_mode). As a result, the default hostname will now appear as '' (empty string) instead of temporarystub for consistency with other strategies. This means the before result will be different.

  • hostname - On OpenRC systems and Solaris, the before value will now be '' (empty string) if the permanent hostname file does not exist, for consistency with other strategies.

  • intersect, difference, symmetric_difference, union filters - the default behavior is now to be case-sensitive (https://github.com/ansible/ansible/issues/74255)

  • unique filter - the default behavior is now to fail if Jinja2’s filter fails and explicit case_sensitive=False as the Ansible’s fallback is case-sensitive (https://github.com/ansible/ansible/pull/74256)

amazon.aws

arista.eos

  • Arista released train 4.23.X and newer and along with it replaced and deprecated several commands. This PR adds support for syntax changes in release train 4.23 and after. Going forward the eos modules will not support eos sw version < 4.23.

community.aws

  • ec2_instance - The module has been migrated to the amazon.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_instance.

  • ec2_instance_info - The module has been migrated to the amazon.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_instance_info.

  • ec2_vpc_endpoint - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_endpoint.

  • ec2_vpc_endpoint_facts - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_endpoint_info.

  • ec2_vpc_endpoint_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_endpoint_info.

  • ec2_vpc_endpoint_service_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_endpoint_service_info.

  • ec2_vpc_igw - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_igw.

  • ec2_vpc_igw_facts - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_igw_info.

  • ec2_vpc_igw_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_igw_info.

  • ec2_vpc_nat_gateway - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_nat_gateway.

  • ec2_vpc_nat_gateway_facts - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_nat_gateway_info.

  • ec2_vpc_nat_gateway_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_nat_gateway_info.

  • kms_info - key details are now returned in the kms_keys attribute rather than the keys attribute (https://github.com/ansible-collections/community.aws/pull/648).

community.crypto

community.dns

community.docker

community.general

community.hashi_vault

community.okd

community.routeros

community.zabbix

  • all roles now reference other roles and modules through their fully qualified collection names, which makes Ansible 2.10 minimum supported version for roles (See issue 477).

kubernetes.core

netapp.storagegrid

  • This version introduces a breaking change. All modules have been renamed from nac_sg_* to na_sg_*. Playbooks and Roles must be updated to match.

Major Changes

Ansible-core

  • Python Controller Requirement - Python 3.8 or newer is required for the control node (the machine that runs Ansible) (https://github.com/ansible/ansible/pull/74013)

  • ansible-test - All “cloud” plugins which use containers can now be used with all POSIX and Windows hosts. Previously the plugins did not work with Windows at all, and support for hosts created with the --remote option was inconsistent.

  • ansible-test - Collections can now specify controller and target specific integration test requirements and constraints. If provided, they take precedence over the previously available requirements and constraints files.

  • ansible-test - Integration tests run with the integration command can now be executed on two separate hosts instead of always running on the controller. The target host can be one provided by ansible-test or by the user, as long as it is accessible using SSH.

  • ansible-test - Most container features are now supported under Podman. Previously a symbolic link for docker pointing to podman was required.

  • ansible-test - New --controller and --target / --target-python options have been added to allow more control over test environments.

  • ansible-test - Python 3.8 - 3.10 are now required to run ansible-test, thus matching the Ansible controller Python requirements. Older Python versions (2.6 - 2.7 and 3.5 - 3.10) can still be the target for relevant tests.

  • ansible-test - SSH port forwarding and redirection is now used exclusively to make container ports available on non-container hosts. When testing on POSIX systems this requires SSH login as root. Previously SSH port forwarding was combined with firewall rules or other port redirection methods, with some platforms being unsupported.

  • ansible-test - Sanity tests always run in isolated Python virtual environments specific to the requirements of each test. The environments are cached.

  • ansible-test - Sanity tests are now separated into two categories, controller and target. All tests except import and compile are controller tests. The controller tests always run using the same Python version used to run ansible-test. The target tests use the Python version(s) specified by the user, or all available Python versions.

  • ansible-test - Sanity tests now use fully pinned requirements that are independent of each other and other test types.

  • ansible-test - Tests run with the centos6 and default test containers now use a PyPI proxy container to access PyPI when Python 2.6 is used. This allows tests running under Python 2.6 to continue functioning even though PyPI is discontinuing support for non-SNI capable clients.

  • ansible-test - The future-import-boilerplate and metaclass-boilerplate sanity tests are limited to remote-only code. Additionally, they are skipped for collections which declare no support for Python 2.x.

  • ansible-test - The import and compile sanity tests limit remote-only Python version checks to remote-only code.

  • ansible-test - Unit tests for controller-only code now require Python 3.8 or later.

  • ansible-test - Version neutral sanity tests now require Python 3.8 or later.

  • junit callback - The junit_xml and ordereddict Python modules are no longer required to use the junit callback plugin.

amazon.aws

  • amazon.aws collection - Due to the AWS SDKs announcing the end of support for Python less than 3.6 (https://boto3.amazonaws.com/v1/documentation/api/1.17.64/guide/migrationpy3.html) this collection now requires Python 3.6+ (https://github.com/ansible-collections/amazon.aws/pull/298).

  • amazon.aws collection - The amazon.aws collection has dropped support for botocore<1.18.0 and boto3<1.15.0. Most modules will continue to work with older versions of the AWS SDK, however compatibility with older versions of the SDK is not guaranteed and will not be tested. When using older versions of the SDK a warning will be emitted by Ansible (https://github.com/ansible-collections/amazon.aws/pull/502).

  • ec2_instance - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_instance.

  • ec2_instance_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_instance_info.

  • ec2_vpc_endpoint - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_endpoint.

  • ec2_vpc_endpoint_facts - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_endpoint_info.

  • ec2_vpc_endpoint_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_endpoint_info.

  • ec2_vpc_endpoint_service_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_endpoint_service_info.

  • ec2_vpc_igw - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_igw.

  • ec2_vpc_igw_facts - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_igw_facts.

  • ec2_vpc_igw_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_igw_info.

  • ec2_vpc_nat_gateway - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_nat_gateway.

  • ec2_vpc_nat_gateway_facts - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_nat_gateway_info.

  • ec2_vpc_nat_gateway_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_nat_gateway_info.

  • ec2_vpc_route_table - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_route_table.

  • ec2_vpc_route_table_facts - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_route_table_facts.

  • ec2_vpc_route_table_info - The module has been migrated from the community.aws collection. Playbooks using the Fully Qualified Collection Name for this module should be updated to use amazon.aws.ec2_vpc_route_table_info.

cisco.ise

  • Adds ise_uses_api_gateway to module options.

  • Adds a ‘aws_deployment’ role that allows the deployment of an arbitrary large ISE cluster to AWS.

  • Adds ise_responses to return values of info modules.

  • Adds ise_update_response to return values of non-info modules.

  • Fixes inner logic of modules that have no get by name and have not working filter.

  • Renamed module device_administration_authorization_exception_rules to device_administration_local_exception_rules.

  • Renamed module device_administration_authorization_global_exception_rules to device_administration_global_exception_rules.

  • Renamed module network_access_authorization_exception_rules to network_access_local_exception_rules.

  • Renamed module network_access_authorization_global_exception_rules to network_access_global_exception_rules.

  • Updates options required for modules.

  • Updates sdk parameters for previous modules

  • device_administration_authorization_exception_rules - removed module.

  • device_administration_authorization_exception_rules_info - removed module.

  • device_administration_authorization_global_exception_rules - removed module.

  • device_administration_authorization_global_exception_rules_info - removed module.

  • guest_user_reinstante - removed module.

  • import_trust_cert - removed module.

  • network_access_authorization_exception_rules - removed module.

  • network_access_authorization_exception_rules_info - removed module.

  • network_access_authorization_global_exception_rules - removed module.

  • network_access_authorization_global_exception_rules_info - removed module.

  • personas_check_standalone - Adds module for the deployment of personas to existing nodes in an ISE cluster.

  • personas_export_certs - Adds module for the deployment of personas to existing nodes in an ISE cluster.

  • personas_promote_primary - Adds module for the deployment of personas to existing nodes in an ISE cluster.

  • personas_update_roles - Adds module for the deployment of personas to existing nodes in an ISE cluster.

  • service_info - removed module.

  • system_certificate_export - removed module.

  • telemetry_info_info - removed module.

cloud.common

  • turbo - enable turbo mode for lookup plugins

cloudscale_ch.cloud

  • Add custom_image module

community.aws

community.ciscosmb

  • Python 2.6, 2.7, 3.5 is required

  • add CBS350 support

  • add antsibull-changelog support

  • add ciscosmb_command

  • added facts subset “interfaces”

  • ciscosmb_facts with default subset and unit tests

  • interface name canonicalization

  • transform collection qaxi.ciscosmb to community.ciscosmb

  • transform community.ciscosmb.ciscosmb_command to community.ciscosmb.command

  • transform community.ciscosmb.ciscosmb_facts to community.ciscosmb.facts

  • unit tests for CBS350

community.dns

community.general

community.kubernetes

community.okd

community.postgresql

community.vmware

containers.podman

  • Add systemd generation for pods

  • Generate systemd service files for containers

dellemc.openmanage

  • idrac_server_config_profile - Added support for exporting and importing Server Configuration Profile through HTTP/HTTPS share.

  • ome_device_group - Added support for adding devices to a group using the IP addresses of the devices and group ID.

  • ome_firmware - Added option to stage the firmware update and support for selecting components and devices for baseline-based firmware update.

  • ome_firmware_baseline - Module supports check mode, and allows the modification and deletion of firmware baselines.

  • ome_firmware_catalog - Module supports check mode, and allows the modification and deletion of firmware catalogs.

fortinet.fortios

  • Add real-world use cases in the example section for some configuration modules.

  • Collect the current configurations of the modules and convert them into playbooks.

  • Improve fortios_configuration_fact to use multiple selectors concurrently.

  • New module fortios_monitor_fact.

  • Support FortiOS 7.0.1.

  • Support Fortios 7.0.

  • Support Log APIs.

  • Support check_mode in all cofigurationAPI-based modules.

  • Support filtering for fact gathering modules fortios_configuration_fact and fortios_monitor_fact.

  • Support member operation (delete/add extra members) on an object that has a list of members in it.

  • Support moving policy in firewall_central_snat_map.

  • Support selectors feature in fortios_monitor_fact and fortios_log_fact.

  • Unify schemas for monitor API.

gluster.gluster

hetzner.hcloud

  • Introduction of placement groups

kubernetes.core

netapp.cloudmanager

  • Adding stage environment to all modules in cloudmanager

netbox.netbox

  • packages is now a required Python package and gets installed through Ansible 2.10+.

openvswitch.openvswitch

  • By mistake we tagged the repo to 2.0.0 and as it wasn’t intended and cannot be reverted we’re releasing 2.0.1 to make the community aware of the major version update.

ovirt.ovirt

Removed Features

Ansible-core

  • The built-in module_util ansible.module_utils.common.removed was previously deprecated and has been removed.

  • connections, removed password check stubs that had been moved to become plugins.

  • task, inline parameters being auto coerced into variables has been removed.

ansible.windows

  • win_reboot - Removed shutdown_timeout and shutdown_timeout_sec which has not done anything since Ansible 2.5.

community.crypto

community.docker

community.general

community.hashi_vault

Deprecated Features

Ansible-core

  • ansible-test - The --docker-no-pull option is deprecated and has no effect.

  • ansible-test - The --no-pip-check option is deprecated and has no effect.

  • include action is deprecated in favor of include_tasks, import_tasks and import_playbook.

  • module_utils’ FileLock is scheduled to be removed, it is not used due to its unreliable nature.

amazon.aws

ansible.netcommon

  • network_cli - The paramiko_ssh setting look_for_keys was set automatically based on the values of the password and private_key_file options passed to network_cli. This option can now be set explicitly, and the automatic setting of look_for_keys will be removed after 2024-01-01 (https://github.com/ansible-collections/ansible.netcommon/pull/271).

ansible.windows

  • win_reboot - Unreachable hosts can be ignored with ignore_errors: True, this ability will be removed in a future version. Use ignore_unreachable: True to ignore unreachable hosts instead. - https://github.com/ansible-collections/ansible.windows/issues/62

  • win_updates - Deprecated the filtered_reason return value for each filtered up in favour of filtered_reasons. This has been done to show all the reasons why an update was filtered and not just the first reason.

  • win_updates - Deprecated the use_scheduled_task option as it is no longer used.

  • win_updates - Deprecated the whitelist and blacklist options in favour of accept_list and reject_list respectively to conform to the new standards used in Ansible for these types of options.

arista.eos

  • Remove testing with provider for ansible-test integration jobs. This helps prepare us to move to network-ee integration tests.

cisco.ios

  • Deprecated ios_bgp in favor of ios_bgp_global and ios_bgp_address_family.

  • Deprecated ios_ntp modules.

  • Remove testing with provider for ansible-test integration jobs. This helps prepare us to move to network-ee integration tests.

cisco.iosxr

  • The iosxr_logging module has been deprecated in favor of the new iosxr_logging_global resource module and will be removed in a release after ‘2023-08-01’.

cisco.nxos

  • Deprecated nxos_ntp, nxos_ntp_options, nxos_ntp_auth modules.

  • The nxos_logging module has been deprecated in favor of the new nxos_logging_global resource module and will be removed in a release after ‘2023-08-01’.

community.aws

community.azure

community.crypto

community.dns

community.docker

  • docker_* modules and plugins, except docker_swarm connection plugin and docker_compose and docker_stack*` modules - the current default ``localhost for tls_hostname is deprecated. In community.docker 2.0.0 it will be computed from docker_host instead (https://github.com/ansible-collections/community.docker/pull/134).

  • docker_container - the new command_handling’s default value, compatibility, is deprecated and will change to correct in community.docker 3.0.0. A deprecation warning is emitted by the module in cases where the behavior will change. Please note that ansible-core will output a deprecation warning only once, so if it is shown for an earlier task, there could be more tasks with this warning where it is not shown (https://github.com/ansible-collections/community.docker/pull/186).

  • docker_container - using the special value all in published_ports has been deprecated. Use publish_all_ports=true instead (https://github.com/ansible-collections/community.docker/pull/210).

community.general

community.grafana

  • grafana_dashboard lookup - Providing a mangled version of the API key is no longer preferred.

community.hashi_vault

community.kubernetes

community.vmware

inspur.sm

  • add_ad_group - This feature will be removed in inspur.sm.add_ad_group 3.0.0. replaced with inspur.sm.ad_group.

  • add_ldap_group - This feature will be removed in inspur.sm.add_ldap_group 3.0.0. replaced with inspur.sm.ldap_group.

  • add_user - This feature will be removed in inspur.sm.add_user 3.0.0. replaced with inspur.sm.user.

  • add_user_group - This feature will be removed in inspur.sm.add_user_group 3.0.0. replaced with inspur.sm.user_group.

  • del_ad_group - This feature will be removed in inspur.sm.del_ad_group 3.0.0. replaced with inspur.sm.ad_group.

  • del_ldap_group - This feature will be removed in inspur.sm.del_ldap_group 3.0.0. replaced with inspur.sm.ldap_group.

  • del_user - This feature will be removed in inspur.sm.del_user 3.0.0. replaced with inspur.sm.user.

  • del_user_group - This feature will be removed in inspur.sm.del_user_group 3.0.0. replaced with inspur.sm.user_group.

  • edit_ad_group - This feature will be removed in inspur.sm.edit_ad_group 3.0.0. replaced with inspur.sm.ad_group.

  • edit_ldap_group - This feature will be removed in inspur.sm.edit_ldap_group 3.0.0. replaced with inspur.sm.ldap_group.

  • edit_user - This feature will be removed in inspur.sm.edit_user 3.0.0. replaced with inspur.sm.user.

  • edit_user_group - This feature will be removed in inspur.sm.edit_user_group 3.0.0. replaced with inspur.sm.user_group.

junipernetworks.junos

  • Deprecated router_id from ospfv2 resource module.

  • Deprecated router_id from ospfv3 resource module.

  • The junos_logging module has been deprecated in favor of the new junos_logging_global resource module and will be removed in a release after ‘2023-08-01’.

vyos.vyos

  • The vyos_logging module has been deprecated in favor of the new vyos_logging_global resource module and will be removed in a release after “2023-08-01”.