Develop Reference

How to run tasks file as a playbook and as an include_file

I have a generic tasks, like update a DNS records based on my machine -> server
Which I use it in my playbooks with include_tasks like so:
- name: (include) Update DNS
include_tasks: task_update_dns.yml
I have many of these "generic tasks" simply acting as a "shared task" in many playbooks.
But in some cases, I just want to run one of these generic tasks on a server, but running the following gives the below error:
ansible-playbook playbooks/task_update_dns.yml --limit $myserver
# ERROR
ERROR! 'set_fact' is not a valid attribute for a Play
Simply because it's not a "playbook" they are just "tasks"
File: playbooks/task_update_dns.yml
---
- name: dig mydomain.com
set_fact:
my_hosts: '{{ lookup("dig", "mydomain.com").split(",") }}'
tags: always
- name: Set entries
blockinfile:
....
I know I can write a playbook, empty, that only "include" the task file, but I don't want to create a shallow playbook now for each task.
Is there a way to configure the task file in such way that I'll be able to run it for both include_tasks and as a "stand alone"/play command line ?

Have you tried to use custom tags for those tasks?
Create a playbook with all the tasks
---
- name: Update web servers
hosts: webservers
remote_user: root
tasks:
- name: dig mydomain.com
set_fact:
my_hosts: '{{ lookup("dig", "mydomain.com").split(",") }}'
tags: always
- name: Set entries
blockinfile:
tags:
- set_entries
- name: (include) Update DNS
include_tasks: task_update_dns_2.yml
tags:
- dns
...
when you need to run only that specific task, you just need to add the --tag parameter in the execution with the task name
ansible-playbook playbooks/task_update_dns.yml --limit $myserver --tag set_entries

How to wait for ssh to become available on a host before installing a role?

Is there a way to wait for ssh to become available on a host before installing a role? There's wait_for_connection but I only figured out how to use it with tasks.
This particular playbook spin up servers on a cloud provider before attempting to install roles. But fails since the ssh service on the hosts isn't available yet.
How should I fix this?
---
- hosts: localhost
connection: local
tasks:
- name: Deploy vultr servers
include_tasks: create_vultr_server.yml
loop: "{{ groups['vultr_servers'] }}"
- hosts: all
gather_facts: no
become: true
tasks:
- name: wait_for_connection # This one works
wait_for_connection:
delay: 5
timeout: 600
- name: Gather facts for first time
setup:
- name: Install curl
package:
name: "curl"
state: present
roles: # How to NOT install roles UNLESS the current host is available ?
- role: apache2
vars:
doc_root: /var/www/example
message: 'Hello world!'
- common-tools

Ansible play actions start with pre_tasks, then roles, followed by tasks and finally post_tasks. Move your wait_for_connection task as the first pre_tasks and it will block everything until connection is available:
- hosts: all
gather_facts: no
become: true
pre_tasks:
- name: wait_for_connection # This one works
wait_for_connection:
delay: 5
timeout: 600
roles: ...
tasks: ...
For more info on execution order, see this title in role's documentation (paragraph just above the notes).
Note: you probably want to move all your current example tasks in that section too so that facts are gathered and curl installed prior to do anything else.

How to set an Ansible tag from within a playbook?

I would like to skip some of the plays based on a conditional value.
I could have a task at the beginning that would skip some of the other tasks when a condition is met.
I know I could always use set_fact and use this as a condition to run the other plays (roles and tasks) or evaluate the said condition directly in each play I want to skip.
However, since the plays already have a tagging system in place, is there something like set_tags in Ansible that I could leverage on to avoid having to add conditions all over my plays and bloat my already heavy playbook.
Something such as:
- name: skip terraform tasks if no file is provided
hosts: localhost
tasks:
set_tags:
- name: terraform
state: skip
when: terraform_files == ""
The two plays I'd like to skip:
- name: bootstrap a testing infrastructure
hosts: localhost
roles:
- role: terraform
state: present
tags:
- create_servers
- terraform
[...]
- name: flush the testing infrastructure
hosts: localhost
roles:
- role: terraform
state: absent
tags:
- destroy_servers
- terraform

If I understood correctly, the following should do the job:
- name: bootstrap a testing infrastructure
hosts: localhost
roles:
- role: terraform
state: present
when: terraform_files != ""
tags:
- create_servers
- terraform
[...]
- name: flush the testing infrastructure
hosts: localhost
roles:
- role: terraform
state: absent
when: terraform_files != ""
tags:
- destroy_servers
- terraform
This is basically the same as setting the when clause on every single tasks in the role. So each task will be inspected but skipped if the condition is false.

roles overides tasks in playbook

I have ansible playbook which look similar to the code below :
---
- hosts: localhost
connection: local
tasks:
- name: "Create custom fact directory
file:
path: "/etc/ansible/facts.d"
state: "directory"
- name: "Insert custom fact file"
copy:
src: custom_fact.fact
dest: /etc/ansible/facts.d/custom_fact.fact
mode: 0755
roles:
- role1
- role2
once i am running the playbook with ansible-playbook command
only the roles is running ,but the tasks is not getting ran
if i am remarking the roles from the playbook,the task gets ran
how can i make the task to run before the roles ?

Put the tasks in a section pre_tasks which are run before roles.
You may also find post_tasks useful which run tasks after roles.

Correct the indentation
- hosts: localhost
connection: local
tasks:
- name: "Create custom fact directory
file:
path: ...

Ansible: Skips "always" tags in roles

I have a playbook which calls multiple roles I have written. This playbook has each role tagged so than I can call them separately or run the entire procedure from start to end. Within the roles additional tags may be provided to break up the works within those as well. Some of the role tasks are tagged with "always" because I want them to execute whenever the role is ran, regardless of any role specific tags.
The problem I am running into is that these "always" tags execute whether the role specific tag is called or not. If I don't call the tag for a role, I don't want to role to execute at all, including any "always" tasks specific to that role.
Example:
# Playbook
- hosts: localhost
roles:
- role: roleA
tags: do_roleA
- role: roleB
tags: do_roleB
# Role A:
- name: Always do this when doing role A
debug: msg="test"
tags: always
- name: Task1
debug: msg="task1"
tags: do_task1
- name: Task2
debug: msg="task2"
tags: do_task2
Example call:
ansibile-playbook my-playbook.yml --tags "do_roleB"
But this causes the debug in Role A to occur as well.
Some requirements I have:
Can not skip "always" as roleB may have some tasks that require it.
Do not want to change the tag from always and add a list of tags for every sub task. i.e. [do_task1,do_task2] as the number of tags would become large and easy to forget to add one.
Basically I am looking for a way to tell Ansible, if I call a "playbook tag" execute only roles from the playbook where the tag matches; do not execute any of the tasks in roles that do not match, even if they are tagged with "always". But if I call a "role tag" execute all the tasks in that role which either have tags of "always" or the tag I called.
Does Ansible have a feature like this? If it helps I am using Ansible 2.0.1.0

Keep in mind that applying tag do_roleA to a role adds do_roleA tag to every task in that role.
So your example role actually becomes:
# Role A:
- name: Always do this when doing role A
debug: msg="test"
tags:
- always
- do_roleA
- name: Task1
debug: msg="task1"
tags:
- do_task1
- do_roleA
- name: Task2
debug: msg="task2"
tags:
- do_task2
- do_roleA
You can remove always tag from that task, so after tagging a role with do_roleA it will be the only tag for that task.
So calling playbook with -t do_roleB will not execute that task.

For anybody who might land on this page having the same issue -- the solution is to use untagged:
playbook.yaml
- name: Preparing gateway node
hosts: "{{ hosts }}"
serial: 1
remote_user: root
any_errors_fatal: true
tasks:
- include_role:
name: my-role
tags: [ untagged, install, config, my-role-enable-service ]
my-role/tasks/main.yaml
- name: Task 1
debug:
msg: "Run when tags: untagged and config"
tags: [ untagged, config ]
- name: Task 2
debug:
msg: "Run when tags: untagged and install"
tags: [ untagged, install ]
- name: Task 3
debug:
msg: "Run when tags: my-role-enable-service"
tags: [ untagged, my-role-enable-service ]
When you run:
ansible-playbook playbook.yaml -- runs all tasks
ansible-playbook playbook.yaml --tags config -- runs only Task 1
ansible-playbook playbook.yaml --tags install -- runs only Task 2
ansible-playbook playbook.yaml --tags my-role-enable-service -- runs only Task 3
This quickly becomes handy when you have all-in-one roles that does installation or building from source in conjunction with configuration.
You can simply use --tags config after the installation steps have completed to speed-up your playbook instead of having to wait for things to build from sources every time.