Opensourcetechブログ

OpensourcetechによるNGINX/Kubernetes/Zabbix/Neo4j/Linuxなどオープンソース技術に関するブログです。

Ansible v2.7.1 release!!

 

こんにちは、LinuCエバンジェリストこと、鯨井貴博@opensourcetechです。

 

Ansible v2.7.1 がリリースされました。

ansible/CHANGELOG-v2.7.rst at stable-2.7 · ansible/ansible · GitHub

 

 

更新内容

Minor Changesは、以下の通り 11点。

Minor Changes

1. Fix yum module to properly check for empty conf_file value
2. added capability to set the scheme for the consul_kv lookup.
3. added optional certificate and certificate verification for consul_kv lookups
4. dnf - properly handle modifying the enable/disable excludes data field
5. dnf appropriately handles disable_excludes repoid argument
6. dnf properly honor disable_gpg_check for local (on local disk of remote node) package installation
7. fix yum module to handle list argument optional empty strings properly
8. netconf_config - Make default_operation optional in netconf_config module (https://github.com/ansible/ansible/pull/46333)
9. win_nssm - Drop support of literal YAML dictionnary for app_parameters option. Use the key=value; string form instead
10. yum - properly handle proxy password and username embedded in url
11. yum/dnf - fail when space separated string of names (https://github.com/ansible/ansible/pull/47109)

 

 

 Bugfixesは、以下の通り 116点。

Bugfixes

1. Ansible JSON Decoder - Switch from decode to object_hook to support nested use of __ansible_vault and __ansible_unsafe (https://github.com/ansible/ansible/pull/45514)
2. Don't parse parameters and options when state is absent (https://github.com/ansible/ansible/pull/45700).
3. FieldAttribute - Do not use mutable defaults, instead allow supplying a callable for defaults of mutable types (https://github.com/ansible/ansible/issues/46824)
4. Fix an issue with the default telnet prompt handling. The value needs to be escaped otherwise it does not work when converted to bytes.
5. Fix calling deprecate with correct arguments (https://github.com/ansible/ansible/pull/46062).
6. Fix iterator to list conversion in ldap_entry module.
7. Fix nxos_ospf_vrf module auto-cost idempotency and module check mode (https://github.com/ansible/ansible/pull/47190).
8. Fix pip module so that it can recognize multiple extras
9. Fix prompt mismatch issue for ios (https://github.com/ansible/ansible/issues/47004)
10. Fix the issue with refreshing the token by storing Authorization header inside HttpApi connection plugin.
11. Fix the quoting of vhost and other names in rabbitmq_binding
12. Fix the win_reboot plugin so that the post_reboot_delay parameter is honored
13. Fixed an issue with ansible-doc -l failing when parsing some plugin documentation.
14. Fixed: Appropriate code to expand value was missing so assigning SSL certificate is not working as described in the documentation. https://github.com/ansible/ansible/pull/45830
15. Fixes an error that occurs when attempting to see if the netns already exists on the remote device. This change will now execute ip netns list and check if the desired namespace is in the output.
16. Give user better error messages and more information on verbose about inventory plugin behaviour
17. Hardware fact gathering now completes on Solaris 8. Previously, it aborted with error Argument 'args' to run_command must be list or string.
18. Ignore empty result of rabbitmqctl list_user_permissions.
19. In systemd module, allow scope to default to 'system'
20. In systemd module, fix check if a systemd+initd service is enabled - disabled in systemd means disabled
21. Only access EC2 volume tags when set
22. Only delete host key from redis in-memory cache if present.
23. PLUGIN_FILTERS_CFG - Ensure that the value is treated as type=path, and that we use the standard section of defaults instead of default (https://github.com/ansible/ansible/pull/45994)
24. Refactor virtual machine disk logic.
25. Restore SIGPIPE to SIG_DFL when creating subprocesses to avoid it being ignored under Python 2.
26. Rewrite get_resource_pool method for correct resource_pool selection.
27. The docker_* modules more uniformly check versions of docker-py/docker and (if necessary) the docker API.
28. Update callbacks to use Ansible's JSON encoder to avoid known serialization issues
29. Update the signatures of many cliconf plugins' get() methods to support the check_all paramter. Specifically, aireos, aruba, asa, ce, cnos, dellos6, dellos9, dellos10, edgeos, enos, exos, ironware, nos, onyx, routeros, slxos, and voss were updated. This fixes the cli_command module for these platforms
30. Vultr - fix for unreliable API behaviors resulting in timeouts (https://github.com/ansible/ansible/pull/45712/).
31. ansible-connection - Clean up socket files if playbook aborted before connection is started.
32. ansible-doc, removed local hardcoded listing, now uses the 'central' list from constants and other minor issues
33. aws_ec2 - fixed issue where cache did not contain the computed groups
34. aws_ssm_parameter_store - AWS Systems Manager Parameter Store may reach an internal limit before finding the expected parameter, causing misleading results. This is resolved by paginating the describe_parameters call.
35. azure_rm_deployment - fixed regression that prevents resource group from being created (https://github.com/ansible/ansible/issues/45941)
36. blockinfile - use bytes rather than a native string to prevent a stacktrace in Python 3 when writing to the file (https://github.com/ansible/ansible/issues/46237)
37. chroot connection - Support empty files with copying to target (https://github.com/ansible/ansible/issues/36725)
38. cs_instance - Fix docs and typo in examples (https://github.com/ansible/ansible/pull/46035).
39. cs_instance - Fix host migration without volume (https://github.com/ansible/ansible/pull/46115).
40. delegate_to - When templating delegate_to in a loop, don't use the task for a cache, return a special cache through get_vars allowing looping over a hostvar (https://github.com/ansible/ansible/issues/47207)
41. docker connection - Support empty files with copying to target (https://github.com/ansible/ansible/issues/36725)
42. docker_container - Fix idempotency problems with cap_drop and groups (when numeric group IDs were used).
43. docker_container - Fix type conversion errors for log_options.
44. docker_container - Fixing various comparison/idempotency problems related to wrong comparisons. In particular, comparisons for command and entrypoint (both lists) no longer ignore missing elements during idempotency checks.
45. docker_container - Makes blkio_weight, cpuset_mems, dns_opts and uts options actually work.
46. docker_container - publish_ports: all was not used correctly when checking idempotency.
47. docker_container - fail if ipv4_address or ipv6_address is used with a too old docker-py version.
48. docker_container - fix memory_swappiness documentation.
49. docker_container - fix behavior of detach: yes if auto_remove: yes is specified.
50. docker_container - fix idempotency check for published_ports in some special cases.
51. docker_container - the behavior is improved in case image is not specified, but needed for (re-)creating the container.
52. docker_network - fixes idempotency issues (https://github.com/ansible/ansible/issues/33045) and name substring issue (https://github.com/ansible/ansible/issues/32926).
53. docker_service - correctly parse string values for the scale parameter https://github.com/ansible/ansible/pull/45508
54. docker_volume - fix force and change detection logic. If not both evaluated to True, the volume was not recreated.
55. dynamic includes - Use the copied and merged task for calculating task vars in the free strategy (https://github.com/ansible/ansible/issues/47024)
56. ec2_group - There can be multiple security groups with the same name in different VPCs. Prior to 2.6 if a target group name was provided, the group matching the name and VPC had highest precedence. Restore this behavior by updated the dictionary with the groups matching the VPC last.
57. ec2_group - support EC2-Classic by not assuming security groups have VPCs.
58. ec2_metadata_facts - Parse IAM role name from metadata ARN instead of security credential field.
59. fetch_url did not always return lower-case header names in case of HTTP errors (https://github.com/ansible/ansible/pull/45628).
60. fix azure_rm_autoscale module can create a schedule with fixed start/end date (https://github.com/ansible/ansible/pull/47186)
61. fix flatten to properly handle multiple lists in lists https://github.com/ansible/ansible/issues/46343
62. get_url - improve code that parses checksums from a file so it is not fragile and reports a helpful error when no matching checksum is found
63. handlers - fix crash when handler task include tasks
64. jail connection - Support empty files with copying to target (https://github.com/ansible/ansible/issues/36725)
65. junos - fix terminal prompt regex (https://github.com/ansible/ansible/pull/47096)
66. k8s - allow kubeconfig or context to be set without the other
67. k8s_facts now returns a resources key in all situations
68. kubectl connection - Support empty files with copying to target (https://github.com/ansible/ansible/issues/36725)
69. libvirt_lxc connection - Support empty files with copying to target (https://github.com/ansible/ansible/issues/36725)
70. lineinfile - fix index out of range error when using insertbefore on a file with only one line (https://github.com/ansible/ansible/issues/46043)
71. mail - Fix regression when sending mail without TLS/SSL
72. mysql_*, proxysql_* - PyMySQL (a pure-Python MySQL driver) is now a preferred dependency also supporting Python 3.X.
73. netconf_config - Fix in confirmed_commit capability in netconf_config modules (https://github.com/ansible/ansible/pull/46778)
74. netconf_config - Fix netconf module_utils dict changed size issue (https://github.com/ansible/ansible/pull/46778)
75. nmcli - fix syntax of vlan modification command (https://github.com/ansible/ansible/issues/42322)
76. nxos_file_copy fix for binary files (https://github.com/ansible/ansible/pull/46822).
77. openssl_csr - fix byte encoding issue on Python 3
78. openssl_pkcs12 - fix byte encoding issue on Python 3
79. os_router - enable_snat: no was ignored.
80. ovirt_host_network - check for empty user_opts (https://github.com/ansible/ansible/pull/47283).
81. ovirt_vm - Check next_run configuration update if exist (https://github.com/ansible/ansible/pull/47282/).
82. ovirt_vm - Fix initialization of cloud init (https://github.com/ansible/ansible/pull/47354).
83. ovirt_vm - Fix issue in SSO option (https://github.com/ansible/ansible/pull/47312).
84. ovirt_vm - Fix issue in setting the custom_compatibility_version to NULL (https://github.com/ansible/ansible/pull/47388).
85. pamd: add delete=False to NamedTemporaryFile() fixes OSError on module completion, and removes print statement from module code. (see https://github.com/ansible/ansible/pull/47281 and https://github.com/ansible/ansible/issues/47080)
86. pamd: use module.tmpdir for NamedTemporaryFile() (see https://github.com/ansible/ansible/pull/47133 and https://github.com/ansible/ansible/issues/36954)
87. postgresql_user - create pretty error message when creating a user without an encrypted password on newer PostgreSQL versions
88. psexec - Handle socket.error exceptions properly
89. psexec - give proper error message when the psexec requirements are not installed
90. psrp - Fix UTF-8 output - https://github.com/ansible/ansible/pull/46998
91. psrp - Fix issue when dealing with unicode values in the output for Python 2
92. reboot - add reboot_timeout parameter to the list of parameters so it can be used.
93. reboot - add support for OpenBSD
94. reboot - use correct syntax for fetching a value from a dict and account for bare Linux systems (https://github.com/ansible/ansible/pull/45607#issuecomment-422403177)
95. reboot - use unicode instead of bytes for stdout and stderr to match the type returned from low_level_execute()
96. roles - Ensure that we don't overwrite roles that have been registered (from imports) while parsing roles under the roles header (https://github.com/ansible/ansible/issues/47454)
97. route53 - fix CAA record ordering for idempotency.
98. ssh connection - Support empty files with piped transfer_method (https://github.com/ansible/ansible/issues/45426)
99. templar - Do not strip new lines in native jinja - https://github.com/ansible/ansible/issues/46743
100. unsafe - Add special casing to sets, to support wrapping elements of sets correctly in Python 3 (https://github.com/ansible/ansible/issues/47372)
101. use proper module_util to get Ansible version for Azure requests
102. user - add documentation on what underlying tools are used on each platform (https://github.com/ansible/ansible/issues/44266)
103. user module - do not pass ssh_key_passphrase on cmdline (CVE-2018-16837)
104. vmware - honor "wait_for_ip_address" when powering on a VM
105. vultr_server - fix diff for user data (https://github.com/ansible/ansible/pull/45753/).
106. vyos_facts - fix vyos_facts not returning version number issue (https://github.com/ansible/ansible/pull/39115)
107. win_copy - Fix issue where the dest return value would be enclosed in single quote when dest is a folder - https://github.com/ansible/ansible/issues/45281
108. win_nssm - Add missing space between parameters with app_parameters
109. win_nssm - Correctly escape argument line when a parameter contains spaces, quotes or backslashes
110. win_nssm - Fix error when several services were given to the dependencies option
111. win_nssm - Fix extra space added in argument line with app_parameters or app_parameters_free_form when a parameter start by a dash and is followed by a period (https://github.com/ansible/ansible/issues/44079)
112. win_nssm - Fix service not started when state=started (https://github.com/ansible/ansible/issues/35442)
113. win_nssm - Fix several issues and idempotency problems (https://github.com/ansible/ansible/pull/44755)
114. winrm - Only use pexpect for auto kerb auth if it is installed and contains the required kwargs - https://github.com/ansible/ansible/issues/43462
115. zabbix_host - module was failing when zabbix host was updated with new interface and template depending on that interface at the same time
116. zone connection - Support empty files with copying to target (https://github.com/ansible/ansible/issues/36725)

 

 

 

 

 v2.7.1へのアップグレード

pipでサクッとアップグレードします。

XYZ:~ YOSHIKI$ pip list | grep ansible
ansible 2.7.0
XYZ:~ YOSHIKI$ pip install --upgrade ansible
Collecting ansible
Downloading https://files.pythonhosted.org/packages/ec/ee/1494474b59c6e9cccdfde32da1364b94cdb280ff96b1493deaf4f3ae55f8/ansible-2.7.1.tar.gz (11.7MB)
100% |████████████████████████████████| 11.7MB 1.7MB/s
Requirement already satisfied, skipping upgrade: jinja2 in ./anaconda3/lib/python3.6/site-packages (from ansible) (2.10)
Requirement already satisfied, skipping upgrade: PyYAML in ./anaconda3/lib/python3.6/site-packages (from ansible) (3.12)
Requirement already satisfied, skipping upgrade: paramiko in ./anaconda3/lib/python3.6/site-packages (from ansible) (2.4.1)
Requirement already satisfied, skipping upgrade: cryptography in ./anaconda3/lib/python3.6/site-packages (from ansible) (2.2.2)
Requirement already satisfied, skipping upgrade: setuptools in ./anaconda3/lib/python3.6/site-packages (from ansible) (39.1.0)
Requirement already satisfied, skipping upgrade: MarkupSafe>=0.23 in ./anaconda3/lib/python3.6/site-packages (from jinja2->ansible) (1.0)
Requirement already satisfied, skipping upgrade: bcrypt>=3.1.3 in ./anaconda3/lib/python3.6/site-packages (from paramiko->ansible) (3.1.4)
Requirement already satisfied, skipping upgrade: pyasn1>=0.1.7 in ./anaconda3/lib/python3.6/site-packages (from paramiko->ansible) (0.4.4)
Requirement already satisfied, skipping upgrade: pynacl>=1.0.1 in ./anaconda3/lib/python3.6/site-packages (from paramiko->ansible) (1.2.1)
Requirement already satisfied, skipping upgrade: idna>=2.1 in ./anaconda3/lib/python3.6/site-packages (from cryptography->ansible) (2.6)
Requirement already satisfied, skipping upgrade: asn1crypto>=0.21.0 in ./anaconda3/lib/python3.6/site-packages (from cryptography->ansible) (0.24.0)
Requirement already satisfied, skipping upgrade: six>=1.4.1 in ./anaconda3/lib/python3.6/site-packages (from cryptography->ansible) (1.11.0)
Requirement already satisfied, skipping upgrade: cffi>=1.7 in ./anaconda3/lib/python3.6/site-packages (from cryptography->ansible) (1.11.5)
Requirement already satisfied, skipping upgrade: pycparser in ./anaconda3/lib/python3.6/site-packages (from cffi>=1.7->cryptography->ansible) (2.18)
Building wheels for collected packages: ansible
Running setup.py bdist_wheel for ansible ... done
Stored in directory: /Users/YOSHIKI/Library/Caches/pip/wheels/6f/d0/b9/f2a3aaed1d85196fe6ebae050323658a5c228a0a0d417e37ba
Successfully built ansible
Installing collected packages: ansible
Found existing installation: ansible 2.7.0
Uninstalling ansible-2.7.0:
Successfully uninstalled ansible-2.7.0
Successfully installed ansible-2.7.1
XYZ:~ YOSHIKI$ pip list | grep ansible
ansible 2.7.1
XYZ:~ YOSHIKI$ ansible --version
ansible 2.7.1
config file = /Users/YOSHIKI/.ansible.cfg
configured module search path = ['/Users/YOSHIKI/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /Users/YOSHIKI/anaconda3/lib/python3.6/site-packages/ansible
executable location = /Users/YOSHIKI/anaconda3/bin/ansible
python version = 3.6.5 |Anaconda, Inc.| (default, Apr 26 2018, 08:42:37) [GCC 4.2.1 Compatible Clang 4.0.1 (tags/RELEASE_401/final)]

 

 

 

www.slideshare.net

github.com

www.facebook.com

twitter.com

www.instagram.com

 

 

にほんブログ村 IT技術ブログ Linuxへ
Linux

にほんブログ村 IT技術ブログ オープンソースへ
オープンソース

 

 

Opensourcetech by Takahiro Kujirai