Ansible – exclude host from playbook execution

By using –limit argument with¬†ansible-playbook command we can exclude a host from playbook execution.
If hostname starts with “!” it will excluded from host execution.

Lets say if we want to exclude host1 and host2 from ansible-playbook execution use following command:

$ ansible-playbook --limit '!hoost1:!host2' yourPlaybook.yml

To exclude only host1 from execution use following command:

$ ansible-playbook --limit '!hoost1' yourPlaybook.yml

To execute only in host1 and host2 from execution use following command:

$ ansible-playbook --limit 'hoost1:host2' yourPlaybook.yml

To execute only in host1 use following command:

$ ansible-playbook --limit 'hoost1' yourPlaybook.yml

To exclude host1 and host2 from execution and allow execution only in host3:

$ ansible-playbook --limit '!hoost1:!host2:host3' yourPlaybook.yml

Ansible – disable gather facts

 

When we execute an ansible playbook by default it will gather facts of operating system first and then execute tasks listed in it.

Its always not required to gather facts & if we have too many hosts it will take more time to execute a playbook.

To mitigate this we need to disable gather facts with “gather_facts” attribute in ansible playbook.

By default gather_facts attributes value is True, to disable it we need to set it as False.

gather_facts: False

Here is my play book example with gather_facts: False

---
- hosts: all
  gather_facts: False
  tasks:
    - name: Hello
      shell: "echo hello"
      tags:
         - hello

    - name: Bye
      shell: "echo bye"
      tags:
         - bye

After updating gather_facts: False in playbook if we execute, it will skip collecting facts and directly execute tasks listed.

Ansible tags

 

To run specific part or exclude specific part in a playbook we an use tags attrubute.

Here is my example playbook with name tags_example.yml:

---
- hosts: all
  tasks:
    - name: Hello
      shell: "echo hello"
      tags:
         - hello

    - name: Bye
      shell: "echo bye"
      tags:
         - bye

In above playbook we have two tasks Hello and Bye with tags hello and bye tags respectively.

To execute above playbook use following command:

$ ansible-playbook yml/tags_example.yml

Above command will execute both tasks Hello and Bye respectively.

Now lets see how to execute specific part of play book.

We can use --tags "<tagName>" argument with ansible-playbook to execute only specific tasks and use --skip-tasks "<tagName>" to skip specific tasks from execution.

To execute all tasks with hello tag use following command:

$ ansible-playbook yml/tags_example.yml --tags "hello"

To skip all tasks with hello tag use following command:

$ ansible-playbook yml/tags_example.yml --skip-tags "hello"

To execute multiple tags use following command:

$ ansible-playbook yml/tags_example.yml --tags "hello,bye"

To skip multiple tags use following command:

$ ansible-playbook yml/tags_example.yml --skip-tags "hello,bye"

I hope this will helps to understand tags concept in Ansible.

Ansible – Create user with password in Ubuntu/Linux

Ansible is an open-source software platform for configuring and managing computers.

In this article I will explain how to create new user with password.

Ansible has a user module to create a user. You can refer user module docs for more details.

I would like to create a user with name “guest” and password “guest123”.

Ansible will take only encrypted password as input password i.e, if we give passowrd as “guest123” it will decrypt the given password and set, obviosely if we decrypt “guest123” it wont be same as “guest123”.

After deciding username and password generate encrypted password:

python -c ‘import crypt; print crypt.crypt(“guest123”, “guest”)’

Output:

gu2KmqcJp0Yyo

In above example I using guest as key to encrypt the password.

After creating password add following code in ansible-playbook:


---
- hosts: yourhostname
  user: root
  sudo: no

  #Define user and password variables
  vars:
    # created with:
    # python -c 'python -c 'import crypt; print crypt.crypt("guest123", "guest")'
    password : gu2KmqcJp0Yyo
    user : guest

  # Define task to add user
  tasks:
    - name: add user
      action: user name={{ user }} password={{ password }} update_password=always 
                   shell=/bin/bash home=/home/{{ user }}
      tags:
        - user

After updating code run above playbook and it will create new user with given password.