We’re happy to announce the release of Ansible Tower 2.4. In this release, we’ve focused on some core improvements for our customers operating in spaces like government and security who have specific needs around authentication and tracking, but we expect these features will be useful to much of our general user base as well.
OAUTH, VIA GITHUB AND GOOGLE
No one wants to manage their users in multiple places, and many groups today use external providers for handling their identity and authentication. We’ve added support for pulling users and teams from either GitHub or Google Apps, using OAuth2. With this, you don’t need to add users directly to Tower - they can use the accounts they already have and are using in your organization.
ADDITIONAL ENTERPRISE AUTHENTICATION
Previously, for Enterprise users who have a standard corporate infrastructure Tower has included support for connecting to an LDAP or Active Directory server for user and team information. But not everyone exposes their LDAP for use with all internal services. With Tower 2.4, we’ve extended that enterprise authentication support to also include support for authenticating to a SAML 2.0 identity provider, and to authenticate against a RADIUS server. With this, we make it easy to use Tower with the authentication mechanisms and features (such as two-factor authentication) that you’ve already set up for other services, without having to manage such features separately in Tower.
CONFIGURABLE SESSION LIMITS
In some environments, you may want to restrict how users connect to Tower. For example, you may want to ensure that a user can only log into Tower from one computer at a time. We’ve extended and simplified the ways you can configure how user sessions are handled in Tower. Not only can you configure how long sessions are active for, but you can also limit your users to a specific number of active sessions at any time. If your security needs require that a user only have one session active at a time, Tower will ensure that logging in via a new computer invalidates any session the user may have active elsewhere.
We’ve added the ability for enterprise users to customize some of the branding in Tower. Need to add a custom logo, or a custom login message to inform users they’re accessing a monitored system? No problem.
We know that our users use Tower in a variety of different ways. With this release of Tower, we’re adding some analytics to Tower that collect statistics on how the Tower interface is being to help us streamline the Tower experience for our users, enhance future releases, and provide context-sensitive help throughout Tower, all configurable on a per-Tower basis.
As always, there are a variety of other minor fixes in this release. Some notable changes for existing users:
- We’ve standardized how variables are merged and passed to job templates at launch. See the User Guide for details.
- We’ve adjusted the behavior of inventory imports such that ‘Overwrite’ no longer implies ‘Overwrite Variables’.
For more information, please see the release notes at http://docs.ansible.com/ansible-tower/latest/html/installandreference/release_notes.htm.
TOWER 2.4 AVAILABLE NOW
Ansible Tower 2.4 is available now at http://ansible.com/tower. Tower is available for a free 30-day trial via Vagrant, Amazon EC2, or download for on-premise or cloud installation.
Ansible Tower is available via subscription tiers suitable for everyone from small companies to full-scale, mission-critical enterprise devops teams. See http://www.ansible.com/pricing for details on basic, enterprise, and premium subscription levels.