I have a task in Ansible which needs to be executed on two different inventory groups based on certain condition.
Say if a specific flag is set, I want to execute it on one host. If the flag is disabled, it needs to be executed on the other. Is it possible to use conditionals for determining inventory set in which the task should run in Ansible?
Inventories:
[group_A]
A
a
[group_B]
B
b
Task:
-name: Stop component
roles:
-stop
hosts:
-group_A, when: flag|bool
-group_B, when: not flag|bool
Thanks in advance!
For example
shell> cat playbook
- hosts: "{{ flag|default(true)|bool|ternary('group_A', 'group_B') }}"
tasks:
- debug:
var: inventory_hostname
gives
shell> ansible-playbook -e flag=True playbook.yml
ok: [A] =>
inventory_hostname: A
ok: [a] =>
inventory_hostname: a
shell> ansible-playbook -e flag=False playbook.yml
ok: [B] =>
inventory_hostname: B
ok: [b] =>
inventory_hostname: b
Related
Suppose I have a template file, containing, among others, a /24 IP range:
...
podCIDR: 192.168.<x>.0/24
...
Now, using Ansible, I want to render this template, with a running number from 1 to the number of hosts in my inventory, so that each host will have a different range. The first will have 192.168.1.0/24, the second 192.168.2.0/24, etc.
How do I do this?
Declare the index variable in the group_vars/all and use it to create the network
shell> cat group_vars/all
my_index1: "{{ ansible_play_hosts_all.index(inventory_hostname) + 1 }}"
podCIDR: "192.168.{{ my_index1 }}.0/24"
Then, given the inventory
shell> cat hosts
host_1
host_2
host_3
the playbook below
shell> cat pb.yml
- hosts: all
tasks:
- debug:
var: my_index1
- debug:
var: podCIDR
gives abridged
TASK [debug] *********************************************************************************
ok: [host_1] =>
my_index1: '1'
ok: [host_2] =>
my_index1: '2'
ok: [host_3] =>
my_index1: '3'
TASK [debug] *********************************************************************************
ok: [host_1] =>
podCIDR: 192.168.1.0/24
ok: [host_2] =>
podCIDR: 192.168.2.0/24
ok: [host_3] =>
podCIDR: 192.168.3.0/24
See:
Special Variables
Variable precedence: Where should I put a variable?
Finding the index of an item in a list
I have the following hosts structure in the inventory:
all:
children:
sc:
hosts:
sc-finder01a.com:
sc-finder01b.com:
vars:
default_port: 5679
version: 0.4.2-RELEASE
ms:
hosts:
ms-finder01a.com:
ms-finder01a.com:
vars:
default_port: 5679
version: 0.4.2-RELEASE
I'm running on all hosts, where for each host I'd like to access the other one in the subgroup (sc/ms) in order to check a condition before executing it on the current host, but I'm struggling to find the syntax. Also, I have to prevent Ansible from executing the command on two hosts in the same subgroup in parallel.
Ideas?
Have a look at ansible's special variables. For controlling execution, check playbook strategies.
You can access the current host's groups with the group_names variable. If you want to be in control of host execution order, delegate_to and run_once may help, where you assign a run_once controlling server and delegate tasks looping over the group members list.
Q: "Access the other hosts in the subgroup (sc/ms) in order to check a condition before executing it on the current host."
A: Iterate the list of the hosts in the subgroup(s), e.g.
- debug:
msg: "Check a condition on {{ item }}"
loop: "{{ group_names|map('extract', groups)|flatten|unique|
difference([inventory_hostname]) }}"
gives
TASK [debug] *******************************************************
ok: [sc-finder01b.com] => (item=sc-finder01a.com) =>
msg: Check a condition on sc-finder01a.com
ok: [sc-finder01a.com] => (item=sc-finder01b.com) =>
msg: Check a condition on sc-finder01b.com
ok: [ms-finder01b.com] => (item=ms-finder01a.com) =>
msg: Check a condition on ms-finder01a.com
ok: [ms-finder01a.com] => (item=ms-finder01b.com) =>
msg: Check a condition on ms-finder01b.com
Debug
The inventory
shell> cat hosts
all:
children:
sc:
hosts:
sc-finder01a.com:
sc-finder01b.com:
vars:
default_port: 5679
version: 0.4.2-RELEASE
ms:
hosts:
ms-finder01a.com:
ms-finder01b.com:
vars:
default_port: 5679
version: 0.4.2-RELEASE
Display all hosts
- debug:
var: groups
run_once: true
gives
TASK [debug] ***************************************************************
ok: [sc-finder01a.com] =>
groups:
all:
- sc-finder01a.com
- sc-finder01b.com
- ms-finder01a.com
- ms-finder01b.com
ms:
- ms-finder01a.com
- ms-finder01b.com
sc:
- sc-finder01a.com
- sc-finder01b.com
ungrouped: []
Multiple subgroups
The code works also if a host is a member of multiple subgroups, e.g.
shell> cat hosts
all:
children:
sc:
hosts:
sc-finder01a.com:
ms:
hosts:
ms-finder01a.com:
foo:
hosts:
foo-bar.com:
sc-finder01a.com:
ms-finder01a.com:
gives
TASK [debug] ******************************************************
ok: [sc-finder01a.com] => (item=foo-bar.com) =>
msg: Check a condition on foo-bar.com
ok: [sc-finder01a.com] => (item=ms-finder01a.com) =>
msg: Check a condition on ms-finder01a.com
ok: [foo-bar.com] => (item=sc-finder01a.com) =>
msg: Check a condition on sc-finder01a.com
ok: [ms-finder01a.com] => (item=foo-bar.com) =>
msg: Check a condition on foo-bar.com
ok: [foo-bar.com] => (item=ms-finder01a.com) =>
msg: Check a condition on ms-finder01a.com
ok: [ms-finder01a.com] => (item=sc-finder01a.com) =>
msg: Check a condition on sc-finder01a.com
Im trying to run a playbook for n host groups serially (but 100% parallel within the host group). How do I achieve this?
I've tried things like:
- name: Test
hosts: group1:group2
serial: 100%
and even
- name: Test
hosts: group1:group2
serial: 1
Thinking it would do group by group, however these do not work.
How do I get it to run over all of group1, then after, all of group2 (but fail if anything in group1 fails)?
Also, how do I get it to run over n groups? (There are many hostgroups, which might be tough to define in the hosts key)
You can't control a playbook from another playbook. You'll have to control the playbook from outside, for example by a script. Given the inventory
shell> cat hosts-497
[group1]
srv1
[group2]
srv2
srv3
[group3]
srv4
srv5
srv6
and the playbook
shell> cat test-497.yml
- name: Test
hosts: all
gather_facts: false
tasks:
- debug:
msg: "{{ '%H:%M:%S'|strftime }}: {{ inventory_hostname }}"
the debug task is executed in parallel by all hosts
shell> ansible-playbook -i hosts-497 test-497.yml
PLAY [Test] ***************************************************************
TASK [debug] **************************************************************
ok: [srv3] =>
msg: '20:51:30: srv3'
ok: [srv1] =>
msg: '20:51:30: srv1'
ok: [srv4] =>
msg: '20:51:30: srv4'
ok: [srv2] =>
msg: '20:51:30: srv2'
ok: [srv5] =>
msg: '20:51:30: srv5'
ok: [srv6] =>
msg: '20:51:30: srv6'
If you want to control the hosts create a script and iterate the groups, e.g.
shell> cat test-497.sh
#!/usr/bin/sh
for i in group1 group2 group3; do
ansible-playbook -i hosts-497 --limit $i test-497.yml
done
gives (abridged)
shell> ./test-497.sh
PLAY [Test] *************************************************************
TASK [debug] ************************************************************
ok: [srv1] =>
msg: '20:56:41: srv1'
PLAY [Test] *************************************************************
TASK [debug] ************************************************************
ok: [srv3] =>
msg: '20:56:45: srv3'
ok: [srv2] =>
msg: '20:56:45: srv2'
PLAY [Test] *************************************************************
TASK [debug] ************************************************************
ok: [srv5] =>
msg: '20:56:52: srv5'
ok: [srv6] =>
msg: '20:56:52: srv6'
ok: [srv4] =>
msg: '20:56:53: srv4'
I have a main_play.yml Ansible playbook in which I am importing a reusable playbook a.yml.
main_play.yml
- import_playbook: "reusable_playbooks/a.yml"
a.yml
---
- name: my_playbook
hosts: "{{ HOSTS }}"
force_handlers: true
gather_facts: false
environment:
APP_DEFAULT_PORT: "{{ APP_DEFAULT_PORT }}"
tasks:
- name: Print Msg
debug:
msg: "hello"
My question is: how can I pass an additional environment variable from my main_playbook.yml playbook to my re-usable playbook a.yml (if needed) so that the environment variables become like
environment:
APP_DEFAULT_PORT: "{{ APP_DEFAULT_PORT }}"
SPRING_PROFILE: "{{ SPRING_PROFILE }}"
import_playbook is not really a module but a core feature. It does not allow for any parameter to be passed to the imported playbook. You can see this keyword as a simple commodity to facilitate playing several playbooks in a row exactly as if they were defined in the same file.
So your problem comes down to:
How do I pass additional environment variables to a play ?
Here is one solution with illustrations to use it with extra_vars or setting a fact from a previous play. This far from being exhaustive but I hope it will guide you to you own best solution.
To ease readability:
I used the APP_ prefix for all environment variables in my below examples and filtered only on those for the results.
I truncated the playbook output to the only relevant debug task
We can define the following reusable.yml playbook containing a single play
---
- hosts: localhost
gather_facts: false
vars:
default_env:
APP_DEFAULT_PORT: "{{ APP_DEFAULT_PORT | d(8080) }}"
environment: "{{ default_env | combine(additionnal_env | d({})) }}"
tasks:
- name: get the output on env for APP_* vars
shell: env | grep -i app_
register: env_cmd
changed_when: false
- name: debug the output of env
debug:
var: env_cmd.stdout_lines
We can directly run this playbook as-is which will give
$ ansible-playbook reusable.yml
[... truncated ...]
TASK [debug the output of env] ************************************************************************************************************************************************************************************
ok: [localhost] => {
"env_cmd.stdout_lines": [
"APP_DEFAULT_PORT=8080"
]
}
We can override the default port with
$ ansible-playbook reusable.yml -e APP_DEFAULT_PORT=1234
[... truncated ...]
TASK [debug the output of env] ************************************************************************************************************************************************************************************
ok: [localhost] => {
"env_cmd.stdout_lines": [
"APP_DEFAULT_PORT=1234"
]
}
We can pass additional environment variables with:
$ ansible-playbook reusable.yml -e '{"additionnal_env":{"APP_SPRING_PROFILE": "/toto/pipo"}}'
[... truncated ...]
TASK [debug the output of env] ************************************************************************************************************************************************************************************
ok: [localhost] => {
"env_cmd.stdout_lines": [
"APP_SPRING_PROFILE=/toto/pipo",
"APP_DEFAULT_PORT=8080"
]
}
Now if we want to do this from a parent playbook, we can set the needed variable for the given host in a previous play. We can define a parent.yml playbook:
---
- hosts: localhost
gather_facts: false
tasks:
- name: define additionnal env vars for this host to be used in next play(s)
set_fact:
additionnal_env:
APP_WHATEVER: some_value
APP_VERY_IMPORTANT: "ho yes!"
- import_playbook: reusable.yml
which will give:
$ ansible-playbook parent.yml
[... truncated ...]
TASK [define additionnal env vars for this host to be used in next play(s)] ************************************************************************************************************************
ok: [localhost]
[... truncated ...]
TASK [debug the output of env] ************************************************************************************************************************************************************************************
ok: [localhost] => {
"env_cmd.stdout_lines": [
"APP_WHATEVER=some_value",
"APP_VERY_IMPORTANT=ho yes!",
"APP_DEFAULT_PORT=8080"
]
}
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 2 years ago.
Improve this question
I do have an inventory file as below
[ParentGroup]
ChildrenGroup1
ChildrenGroup2
[ChildrenGroup1]
host1
host2
host3
[ChildrenGroup2]
host4
host5
host6
Now i want to iterate Children wise..
i.e. Perform my task in parallel on host1,host2, host3 i.e only on hosts exists inChildrenGroup1 and once this is success, i Need to go with ChildrenGroup2 i.e on host4, host5, host6
Points to be taken care ?
if there is any failure on any one of the childrengroup hosts then we need to wait/pause before proceeding with next children group
I shall have many children groups on my inventory
I need to action my task only on one chidlrengroup at a time.
I shall make sure all the childrengroups are addressed in one-shot too.
Can you suggest on how to take this forward ?
The critical limitation here is the fact that a playbook can't start another playbook. The only option is import_playbook. Imported files must be available when a playbook starts. As a result, the solution is a two-step process. Create the playbooks in the first step and then run them. For example, given the inventory
shell> cat hosts
[ParentGroup:children]
ChildrenGroup1
ChildrenGroup2
[ChildrenGroup1]
host1
host2
host3
[ChildrenGroup2]
host4
host5
host6
you want to run the playbook pb.yml as described in the question. Take the playbook and create the template by putting {{ item }} to hosts:
shell> cat pb.yml.j2
- hosts: "{{ item }}"
gather_facts: false
tasks:
- debug:
msg: "{{ inventory_hostname }}: Playbook started."
1. Create playbooks
The playbook below creates the list of the groups my_groups in the first task. Then the template task iterates this list and creates playbooks for the groups. The next template task imports these playbooks into the playbook pb-groups.yml
shell> cat pb-init.yml
- hosts: localhost
vars:
groups_other: [ParentGroup, all, ungrouped]
tasks:
- set_fact:
my_groups: "{{ groups.keys()|difference(groups_other) }}"
- template:
src: pb.yml.j2
dest: "pb-{{ item }}.yml"
loop: "{{ my_groups }}"
- template:
src: pb-groups.yml.j2
dest: pb-groups.yml
shell> cat pb-groups.yml.j2
- hosts: localhost
gather_facts: false
{% for group in my_groups %}
- import_playbook: pb-{{ group }}.yml
{% endfor %}
See created files
shell> cat pb-ChildrenGroup1.yml
- hosts: "ChildrenGroup1"
gather_facts: false
tasks:
- debug:
msg: "localhost: Playbook started."
shell> cat pb-ChildrenGroup2.yml
- hosts: "ChildrenGroup2"
gather_facts: false
tasks:
- debug:
msg: "localhost: Playbook started."
shell> cat pb-groups.yml
- hosts: localhost
gather_facts: false
- import_playbook: pb-ChildrenGroup1.yml
- import_playbook: pb-ChildrenGroup2.yml
2. Run created playbooks
shell> ansible-playbook pb-groups.yml
PLAY [localhost] ****
PLAY [ChildrenGroup1] ****
TASK [debug] ****
ok: [host1] =>
msg: 'localhost: Playbook started.'
ok: [host2] =>
msg: 'localhost: Playbook started.'
ok: [host3] =>
msg: 'localhost: Playbook started.'
PLAY [ChildrenGroup2] ****
TASK [debug] ****
ok: [host4] =>
msg: 'localhost: Playbook started.'
ok: [host5] =>
msg: 'localhost: Playbook started.'
ok: [host6] =>
msg: 'localhost: Playbook started.'
PLAY RECAP ****
...
Many children groups on my inventory
Change the inventory. For example
shell> cat hosts
[ParentGroup:children]
ChildrenGroup1
ChildrenGroup2
ChildrenGroup3
[ChildrenGroup1]
host1
host2
[ChildrenGroup2]
host4
host5
[ChildrenGroup3]
host3
host6
The commands below work as expected
shell> ansible-playbook pb-init.yml
...
shell> ansible-playbook pb-groups.yml
PLAY [localhost] ****
PLAY [ChildrenGroup1] ****
TASK [debug] ****
ok: [host1] =>
msg: 'localhost: Playbook started.'
ok: [host2] =>
msg: 'localhost: Playbook started.'
PLAY [ChildrenGroup2] ****
TASK [debug] ****
ok: [host4] =>
msg: 'localhost: Playbook started.'
ok: [host5] =>
msg: 'localhost: Playbook started.'
PLAY [ChildrenGroup3] ****
TASK [debug] ****
ok: [host3] =>
msg: 'localhost: Playbook started.'
ok: [host6] =>
msg: 'localhost: Playbook started.'
PLAY RECAP ****
...