[2.10] Docsite backport 71909, 71859, 71858, 71857, 71854, 71834 (#71937)

* Docsite: improve user_guide/intro_inventory (#71859)

(cherry picked from commit 25bfda8417)

* Docsite: improve user_guide/playbooks_tags (#71858)

(cherry picked from commit c3841b8440)

* Docsite: improve user_guide/playbooks_reuse_roles (#71857)

* Docsite: improve user_guide/playbooks_reuse_roles

* fix
(cherry picked from commit 7a0a2f188b)

* Docsite: update Migrating Ansible content to a different collection (#71854)

Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 2655fc0c23)

* Docsite: improve user_guide/intro_adhoc (#71909)

(cherry picked from commit ed6fb2e3f6)

* Docsite: improve user_guide/playbooks_reuse (#71834)

(cherry picked from commit 3db4be2c3b)
This commit is contained in:
Andrew Klychkov 2020-09-25 17:42:21 +03:00 committed by GitHub
parent 5fc0dc1956
commit 5282ab853d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 166 additions and 138 deletions

View file

@ -534,17 +534,41 @@ Migrating Ansible content to a different collection
First, look at `Ansible Collection Checklist <https://github.com/ansible-collections/overview/blob/main/collection_requirements.rst>`_. First, look at `Ansible Collection Checklist <https://github.com/ansible-collections/overview/blob/main/collection_requirements.rst>`_.
To migrate content from one collection to another, you need to create three PRs as follows: To migrate content from one collection to another, if the collections are parts of `Ansible distribution <https://github.com/ansible-community/ansible-build-data/blob/main/2.10/ansible.in>`_:
#. Create a PR against the old collection to remove the content. #. Copy content from the source (old) collection to the target collection.
#. Create a PR against the new collection to add the files removed in step 1. #. Deprecate the module/plugin with ``removal_version`` scheduled for the next major version in ``meta/runtime.yml`` of the source collection. The deprecation must be released after the copied content has been included in a release of the target collection.
#. Update the ``ansible/ansible:devel`` branch entries for all files moved. #. When the next major release comes:
* remove the module/plugin from the source collection
* add ``redirect`` to the corresponding entry in ``meta/runtime.yml``
* remove ``removal_version`` from there
According to the above, you need to create at least three PRs as follows:
#. Create a PR against the target collection to copy the content.
#. Deprecate the module/plugin in the source collection.
#. Later create a PR against the source collection to remove the content according to the schedule.
Adding the content to the new collection
----------------------------------------
Create a PR in the new collection to:
#. Copy ALL the related files from the old collection.
#. If it is an action plugin, include the corresponding module with documentation.
#. If it is a module, check if it has a corresponding action plugin that should move with it.
#. Check ``meta/`` for relevant updates to ``runtime.yml`` if it exists.
#. Carefully check the moved ``tests/integration`` and ``tests/units`` and update for FQCN.
#. Review ``tests/sanity/ignore-*.txt`` entries in the old collection.
#. Update ``meta/runtime.yml`` in the old collection.
Removing the content from the old collection Removing the content from the old collection
---------------------------------------------- --------------------------------------------
Create a PR against the old collection repo to remove the modules, module_utils, plugins, and docs_fragments related to this migration: Create a PR against the source collection repository to remove the modules, module_utils, plugins, and docs_fragments related to this migration:
#. If you are removing an action plugin, remove the corresponding module that contains the documentation. #. If you are removing an action plugin, remove the corresponding module that contains the documentation.
#. If you are removing a module, remove any corresponding action plugin that should stay with it. #. If you are removing a module, remove any corresponding action plugin that should stay with it.
@ -554,11 +578,6 @@ Create a PR against the old collection repo to remove the modules, module_utils,
#. if you are removing from content from ``community.general`` or ``community.network``, remove entries from ``.github/BOTMETA.yml``. #. if you are removing from content from ``community.general`` or ``community.network``, remove entries from ``.github/BOTMETA.yml``.
#. Carefully review ``meta/runtime.yml`` for any entries you may need to remove or update, in particular deprecated entries. #. Carefully review ``meta/runtime.yml`` for any entries you may need to remove or update, in particular deprecated entries.
#. Update ``meta/runtime.yml`` to contain redirects for EVERY PLUGIN, pointing to the new collection name. #. Update ``meta/runtime.yml`` to contain redirects for EVERY PLUGIN, pointing to the new collection name.
#. If possible, do not yet add deprecation warnings to the new ``meta/runtime.yml`` entries, but only for a later major release. So the order should be:
1. Remove content, add redirects in 3.0.0;
2. Deprecate redirects in 4.0.0;
3. Set removal version to 5.0.0 or later.
.. warning:: .. warning::
@ -568,34 +587,15 @@ Create a PR against the old collection repo to remove the modules, module_utils,
#. Once 1.0.0 of the collection from which the content has been removed has been released, such PRs can only be merged for a new **major** version (in other words, 2.0.0, 3.0.0, and so on). #. Once 1.0.0 of the collection from which the content has been removed has been released, such PRs can only be merged for a new **major** version (in other words, 2.0.0, 3.0.0, and so on).
Adding the content to the new collection
-----------------------------------------
Create a PR in the new collection to:
#. Add ALL the files removed in first PR (from the old collection).
#. If it is an action plugin, include the corresponding module with documentation.
#. If it is a module, check if it has a corresponding action plugin that should move with it.
#. Check ``meta/ `` for relevant updates to ``action_groups.yml`` and ``runtime.yml`` if they exist.
#. Carefully check the moved ``tests/integration`` and ``tests/units`` and update for FQCN.
#. Review ``tests/sanity/ignore-\*.txt`` entries.
#. Update ``meta/runtime.yml``.
Updating ``ansible/ansible:devel`` branch entries for all files moved
----------------------------------------------------------------------
Create a third PR on ``ansible/ansible`` repository to:
#. Update ``lib/ansible/config/ansible_builtin_runtime.yml`` (the redirect entry).
#. Update ``.github/BOTMETA.yml`` (the migrated_to entry)
BOTMETA.yml BOTMETA.yml
----------- -----------
The `BOTMETA.yml <https://github.com/ansible/ansible/blob/devel/.github/BOTMETA.yml>`_ in the ansible/ansible GitHub repository is the source of truth for: The ``BOTMETA.yml``, for example in `community.general collection repository <https://github.com/ansible-collections/community.general/blob/main/.github/BOTMETA.yml>`_, is the source of truth for:
* ansibullbot * ansibullbot
If the old and/or new collection has ``ansibullbot``, its ``BOTMETA.yml`` must be updated correspondingly.
Ansibulbot will know how to redirect existing issues and PRs to the new repo. Ansibulbot will know how to redirect existing issues and PRs to the new repo.
The build process for docs.ansible.com will know where to find the module docs. The build process for docs.ansible.com will know where to find the module docs.

View file

@ -30,7 +30,7 @@ achieve a form of idempotence by checking the current state before they begin an
Rebooting servers Rebooting servers
----------------- -----------------
The default module for the ``ansible`` command-line utility is the :ref:`command module<command_module>`. You can use an ad-hoc task to call the command module and reboot all web servers in Atlanta, 10 at a time. Before Ansible can do this, you must have all servers in Atlanta listed in a a group called [atlanta] in your inventory, and you must have working SSH credentials for each machine in that group. To reboot all the servers in the [atlanta] group: The default module for the ``ansible`` command-line utility is the :ref:`ansible.builtin.command module<command_module>`. You can use an ad-hoc task to call the command module and reboot all web servers in Atlanta, 10 at a time. Before Ansible can do this, you must have all servers in Atlanta listed in a group called [atlanta] in your inventory, and you must have working SSH credentials for each machine in that group. To reboot all the servers in the [atlanta] group:
.. code-block:: bash .. code-block:: bash
@ -62,11 +62,11 @@ If you add ``--ask-become-pass`` or ``-K``, Ansible prompts you for the password
syntax, use the `shell` module instead. Read more about the differences on the syntax, use the `shell` module instead. Read more about the differences on the
:ref:`working_with_modules` page. :ref:`working_with_modules` page.
So far all our examples have used the default 'command' module. To use a different module, pass ``-m`` for module name. For example, to use the :ref:`shell module <shell_module>`: So far all our examples have used the default 'command' module. To use a different module, pass ``-m`` for module name. For example, to use the :ref:`ansible.builtin.shell module <shell_module>`:
.. code-block:: bash .. code-block:: bash
$ ansible raleigh -m shell -a 'echo $TERM' $ ansible raleigh -m ansible.builtin.shell -a 'echo $TERM'
When running any command with the Ansible *ad hoc* CLI (as opposed to When running any command with the Ansible *ad hoc* CLI (as opposed to
:ref:`Playbooks <working_with_playbooks>`), pay particular attention to shell quoting rules, so :ref:`Playbooks <working_with_playbooks>`), pay particular attention to shell quoting rules, so
@ -83,29 +83,29 @@ An ad-hoc task can harness the power of Ansible and SCP to transfer many files t
.. code-block:: bash .. code-block:: bash
$ ansible atlanta -m copy -a "src=/etc/hosts dest=/tmp/hosts" $ ansible atlanta -m ansible.builtin.copy -a "src=/etc/hosts dest=/tmp/hosts"
If you plan to repeat a task like this, use the :ref:`template<template_module>` module in a playbook. If you plan to repeat a task like this, use the :ref:`ansible.builtin.template<template_module>` module in a playbook.
The :ref:`file<file_module>` module allows changing ownership and permissions on files. These The :ref:`ansible.builtin.file<file_module>` module allows changing ownership and permissions on files. These
same options can be passed directly to the ``copy`` module as well: same options can be passed directly to the ``copy`` module as well:
.. code-block:: bash .. code-block:: bash
$ ansible webservers -m file -a "dest=/srv/foo/a.txt mode=600" $ ansible webservers -m ansible.builtin.file -a "dest=/srv/foo/a.txt mode=600"
$ ansible webservers -m file -a "dest=/srv/foo/b.txt mode=600 owner=mdehaan group=mdehaan" $ ansible webservers -m ansible.builtin.file -a "dest=/srv/foo/b.txt mode=600 owner=mdehaan group=mdehaan"
The ``file`` module can also create directories, similar to ``mkdir -p``: The ``file`` module can also create directories, similar to ``mkdir -p``:
.. code-block:: bash .. code-block:: bash
$ ansible webservers -m file -a "dest=/path/to/c mode=755 owner=mdehaan group=mdehaan state=directory" $ ansible webservers -m ansible.builtin.file -a "dest=/path/to/c mode=755 owner=mdehaan group=mdehaan state=directory"
As well as delete directories (recursively) and delete files: As well as delete directories (recursively) and delete files:
.. code-block:: bash .. code-block:: bash
$ ansible webservers -m file -a "dest=/path/to/c state=absent" $ ansible webservers -m ansible.builtin.file -a "dest=/path/to/c state=absent"
.. _managing_packages: .. _managing_packages:
@ -116,25 +116,25 @@ You might also use an ad-hoc task to install, update, or remove packages on mana
.. code-block:: bash .. code-block:: bash
$ ansible webservers -m yum -a "name=acme state=present" $ ansible webservers -m ansible.builtin.yum -a "name=acme state=present"
To ensure a specific version of a package is installed: To ensure a specific version of a package is installed:
.. code-block:: bash .. code-block:: bash
$ ansible webservers -m yum -a "name=acme-1.5 state=present" $ ansible webservers -m ansible.builtin.yum -a "name=acme-1.5 state=present"
To ensure a package is at the latest version: To ensure a package is at the latest version:
.. code-block:: bash .. code-block:: bash
$ ansible webservers -m yum -a "name=acme state=latest" $ ansible webservers -m ansible.builtin.yum -a "name=acme state=latest"
To ensure a package is not installed: To ensure a package is not installed:
.. code-block:: bash .. code-block:: bash
$ ansible webservers -m yum -a "name=acme state=absent" $ ansible webservers -m ansible.builtin.yum -a "name=acme state=absent"
Ansible has modules for managing packages under many platforms. If there is no module for your package manager, you can install packages using the command module or create a module for your package manager. Ansible has modules for managing packages under many platforms. If there is no module for your package manager, you can install packages using the command module or create a module for your package manager.
@ -147,11 +147,11 @@ You can create, manage, and remove user accounts on your managed nodes with ad-h
.. code-block:: bash .. code-block:: bash
$ ansible all -m user -a "name=foo password=<crypted password here>" $ ansible all -m ansible.builtin.user -a "name=foo password=<crypted password here>"
$ ansible all -m user -a "name=foo state=absent" $ ansible all -m ansible.builtin.user -a "name=foo state=absent"
See the :ref:`user <user_module>` module documentation for details on all of the available options, including See the :ref:`ansible.builtin.user <user_module>` module documentation for details on all of the available options, including
how to manipulate groups and group membership. how to manipulate groups and group membership.
.. _managing_services: .. _managing_services:
@ -163,19 +163,19 @@ Ensure a service is started on all webservers:
.. code-block:: bash .. code-block:: bash
$ ansible webservers -m service -a "name=httpd state=started" $ ansible webservers -m ansible.builtin.service -a "name=httpd state=started"
Alternatively, restart a service on all webservers: Alternatively, restart a service on all webservers:
.. code-block:: bash .. code-block:: bash
$ ansible webservers -m service -a "name=httpd state=restarted" $ ansible webservers -m ansible.builtin.service -a "name=httpd state=restarted"
Ensure a service is stopped: Ensure a service is stopped:
.. code-block:: bash .. code-block:: bash
$ ansible webservers -m service -a "name=httpd state=stopped" $ ansible webservers -m ansible.builtin.service -a "name=httpd state=stopped"
.. _gathering_facts: .. _gathering_facts:
@ -186,9 +186,9 @@ Facts represent discovered variables about a system. You can use facts to implem
.. code-block:: bash .. code-block:: bash
$ ansible all -m setup $ ansible all -m ansible.builtin.setup
You can also filter this output to display only certain facts, see the :ref:`setup <setup_module>` module documentation for details. You can also filter this output to display only certain facts, see the :ref:`ansible.builtin.setup <setup_module>` module documentation for details.
Now that you understand the basic elements of Ansible execution, you are ready to learn to automate repetitive tasks using :ref:`Ansible Playbooks <playbooks_intro>`. Now that you understand the basic elements of Ansible execution, you are ready to learn to automate repetitive tasks using :ref:`Ansible Playbooks <playbooks_intro>`.

View file

@ -72,9 +72,9 @@ Hosts in multiple groups
You can (and probably will) put each host in more than one group. For example a production webserver in a datacenter in Atlanta might be included in groups called [prod] and [atlanta] and [webservers]. You can create groups that track: You can (and probably will) put each host in more than one group. For example a production webserver in a datacenter in Atlanta might be included in groups called [prod] and [atlanta] and [webservers]. You can create groups that track:
* What - An application, stack or microservice. (For example, database servers, web servers, and so on). * What - An application, stack or microservice (for example, database servers, web servers, and so on).
* Where - A datacenter or region, to talk to local DNS, storage, and so on. (For example, east, west). * Where - A datacenter or region, to talk to local DNS, storage, and so on (for example, east, west).
* When - The development stage, to avoid testing on production resources. (For example, prod, test). * When - The development stage, to avoid testing on production resources (for example, prod, test).
Extending the previous YAML inventory to include what, when, and where would look like: Extending the previous YAML inventory to include what, when, and where would look like:
@ -651,23 +651,23 @@ Here is an example of how to instantly deploy to created containers:
.. code-block:: yaml .. code-block:: yaml
- name: create jenkins container - name: Create a jenkins container
docker_container: community.general.docker_container:
docker_host: myserver.net:4243 docker_host: myserver.net:4243
name: my_jenkins name: my_jenkins
image: jenkins image: jenkins
- name: add container to inventory - name: Add the container to inventory
add_host: ansible.builtin.add_host:
name: my_jenkins name: my_jenkins
ansible_connection: docker ansible_connection: docker
ansible_docker_extra_args: "--tlsverify --tlscacert=/path/to/ca.pem --tlscert=/path/to/client-cert.pem --tlskey=/path/to/client-key.pem -H=tcp://myserver.net:4243" ansible_docker_extra_args: "--tlsverify --tlscacert=/path/to/ca.pem --tlscert=/path/to/client-cert.pem --tlskey=/path/to/client-key.pem -H=tcp://myserver.net:4243"
ansible_user: jenkins ansible_user: jenkins
changed_when: false changed_when: false
- name: create directory for ssh keys - name: Create a directory for ssh keys
delegate_to: my_jenkins delegate_to: my_jenkins
file: ansible.builtin.file:
path: "/var/jenkins_home/.ssh/jupiter" path: "/var/jenkins_home/.ssh/jupiter"
state: directory state: directory
@ -743,8 +743,8 @@ without affecting database servers:
- hosts: dbservers - hosts: dbservers
tasks: tasks:
- name: allow access from 10.0.0.1 - name: Allow access from 10.0.0.1
iptables: ansible.builtin.iptables:
chain: INPUT chain: INPUT
jump: ACCEPT jump: ACCEPT
source: 10.0.0.1 source: 10.0.0.1

View file

@ -56,7 +56,9 @@ You can still use the bare :ref:`roles <roles_keyword>` keyword at the play leve
Includes: dynamic re-use Includes: dynamic re-use
------------------------ ------------------------
Including roles, tasks, or variables adds them to a playbook dynamically. Ansible processes included files and roles as they come up in a playbook, so included tasks can be affected by the results of earlier tasks within the top-level playbook. Included roles and tasks are similar to handlers - they may or may not run, depending on the results of other tasks in the top-level playbook. The primary advantage of using ``include_*`` statements is looping. When a loop is used with an include, the included tasks or role will be executed once for each item in the loop. Including roles, tasks, or variables adds them to a playbook dynamically. Ansible processes included files and roles as they come up in a playbook, so included tasks can be affected by the results of earlier tasks within the top-level playbook. Included roles and tasks are similar to handlers - they may or may not run, depending on the results of other tasks in the top-level playbook.
The primary advantage of using ``include_*`` statements is looping. When a loop is used with an include, the included tasks or role will be executed once for each item in the loop.
You can pass variables into includes. See :ref:`ansible_variable_precedence` for more details on variable inheritance and precedence. You can pass variables into includes. See :ref:`ansible_variable_precedence` for more details on variable inheritance and precedence.
@ -73,9 +75,11 @@ You can pass variables to imports. You must pass variables if you want to run an
- import_tasks: wordpress.yml - import_tasks: wordpress.yml
vars: vars:
wp_user: timmy wp_user: timmy
- import_tasks: wordpress.yml - import_tasks: wordpress.yml
vars: vars:
wp_user: alice wp_user: alice
- import_tasks: wordpress.yml - import_tasks: wordpress.yml
vars: vars:
wp_user: bob wp_user: bob
@ -129,13 +133,13 @@ You can also use includes and imports in the :ref:`handlers` section of a playbo
.. code-block:: yaml .. code-block:: yaml
# restarts.yml # restarts.yml
- name: restart apache - name: Restart apache
service: ansible.builtin.service:
name: apache name: apache
state: restarted state: restarted
- name: restart mysql - name: Restart mysql
service: ansible.builtin.service:
name: mysql name: mysql
state: restarted state: restarted
@ -144,36 +148,36 @@ You can trigger handlers from either an import or an include, but the procedure
Triggering included (dynamic) handlers Triggering included (dynamic) handlers
-------------------------------------- --------------------------------------
Includes are executed at run-time, so the name of the include exists during play execution, but the included tasks do not exist until the include itself is triggered. To use the ``restart apache`` task with dynamic re-use, refer to the name of the include itself. This approach triggers all tasks in the included file as handlers. For example, with the task file shown above: Includes are executed at run-time, so the name of the include exists during play execution, but the included tasks do not exist until the include itself is triggered. To use the ``Restart apache`` task with dynamic re-use, refer to the name of the include itself. This approach triggers all tasks in the included file as handlers. For example, with the task file shown above:
.. code-block:: yaml .. code-block:: yaml
- trigger an included (dynamic) handler - trigger an included (dynamic) handler
hosts: localhost hosts: localhost
handlers: handlers:
- name: restart services - name: Restart services
include_tasks: restarts.yml include_tasks: restarts.yml
tasks: tasks:
- command: "true" - command: "true"
notify: restart services notify: Restart services
Triggering imported (static) handlers Triggering imported (static) handlers
------------------------------------- -------------------------------------
Imports are processed before the play begins, so the name of the import no longer exists during play execution, but the names of the individual imported tasks do exist. To use the ``restart apache`` task with static re-use, refer to the name of each task or tasks within the imported file. For example, with the task file shown above: Imports are processed before the play begins, so the name of the import no longer exists during play execution, but the names of the individual imported tasks do exist. To use the ``Restart apache`` task with static re-use, refer to the name of each task or tasks within the imported file. For example, with the task file shown above:
.. code-block:: yaml .. code-block:: yaml
- trigger an imported (static) handler - trigger an imported (static) handler
hosts: localhost hosts: localhost
handlers: handlers:
- name: restart services - name: Restart services
import_tasks: restarts.yml import_tasks: restarts.yml
tasks: tasks:
- command: "true" - command: "true"
notify: restart apache notify: Restart apache
- command: "true" - command: "true"
notify: restart mysql notify: Restart mysql
.. seealso:: .. seealso::

View file

@ -51,22 +51,23 @@ You can add other YAML files in some directories. For example, you can place pla
.. code-block:: yaml .. code-block:: yaml
# roles/example/tasks/main.yml # roles/example/tasks/main.yml
- name: install the correct web server for RHEL - name: Install the correct web server for RHEL
import_tasks: redhat.yml import_tasks: redhat.yml
when: ansible_facts['os_family']|lower == 'redhat' when: ansible_facts['os_family']|lower == 'redhat'
- name: install the correct web server for debian
- name: Install the correct web server for Debian
import_tasks: debian.yml import_tasks: debian.yml
when: ansible_facts['os_family']|lower == 'debian' when: ansible_facts['os_family']|lower == 'debian'
# roles/example/tasks/redhat.yml # roles/example/tasks/redhat.yml
- install web server - name: Install web server
yum: ansible.builtin.yum:
name: "httpd" name: "httpd"
state: present state: present
# roles/example/tasks/debian.yml # roles/example/tasks/debian.yml
- install web server - name: Install web server
apt: ansible.builtin.apt:
name: "apache2" name: "apache2"
state: present state: present
@ -174,11 +175,16 @@ To include a role:
--- ---
- hosts: webservers - hosts: webservers
tasks: tasks:
- debug: - name: Print a message
ansible.builtin.debug:
msg: "this task runs before the example role" msg: "this task runs before the example role"
- include_role:
- name: Include the example role
include_role:
name: example name: example
- debug:
- name: Print a message
ansible.builtin.debug:
msg: "this task runs after the example role" msg: "this task runs after the example role"
You can pass other keywords, including variables and tags, when including roles: You can pass other keywords, including variables and tags, when including roles:
@ -188,7 +194,8 @@ You can pass other keywords, including variables and tags, when including roles:
--- ---
- hosts: webservers - hosts: webservers
tasks: tasks:
- include_role: - name: Include the foo_app_instance role
include_role:
name: foo_app_instance name: foo_app_instance
vars: vars:
dir: '/opt/a' dir: '/opt/a'
@ -205,7 +212,8 @@ You can conditionally include a role:
--- ---
- hosts: webservers - hosts: webservers
tasks: tasks:
- include_role: - name: Include the some_role role
include_role:
name: some_role name: some_role
when: "ansible_facts['os_family'] == 'RedHat'" when: "ansible_facts['os_family'] == 'RedHat'"
@ -219,11 +227,16 @@ You can reuse roles statically anywhere in the ``tasks`` section of a play using
--- ---
- hosts: webservers - hosts: webservers
tasks: tasks:
- debug: - name: Print a message
ansible.builtin.debug:
msg: "before we run our role" msg: "before we run our role"
- import_role:
- name: Import the example role
import_role:
name: example name: example
- debug:
- name: Print a message
ansible.builtin.debug:
msg: "after we ran our role" msg: "after we ran our role"
You can pass other keywords, including variables and tags, when importing roles: You can pass other keywords, including variables and tags, when importing roles:
@ -233,7 +246,8 @@ You can pass other keywords, including variables and tags, when importing roles:
--- ---
- hosts: webservers - hosts: webservers
tasks: tasks:
- import_role: - name: Import the foo_app_instance role
import_role:
name: foo_app_instance name: foo_app_instance
vars: vars:
dir: '/opt/a' dir: '/opt/a'

View file

@ -6,8 +6,8 @@ Tags
If you have a large playbook, it may be useful to run only specific parts of it instead of running the entire playbook. You can do this with Ansible tags. Using tags to execute or skip selected tasks is a two-step process: If you have a large playbook, it may be useful to run only specific parts of it instead of running the entire playbook. You can do this with Ansible tags. Using tags to execute or skip selected tasks is a two-step process:
#. Add tags to your tasks, either individually or with tag inheritance from a block, play, role, or import #. Add tags to your tasks, either individually or with tag inheritance from a block, play, role, or import.
#. Select or skip tags when you run your playbook #. Select or skip tags when you run your playbook.
.. contents:: .. contents::
:local: :local:
@ -25,8 +25,8 @@ At the simplest level, you can apply one or more tags to an individual task. You
.. code-block:: yaml .. code-block:: yaml
tasks: tasks:
- install the servers - name: Install the servers
yum: ansible.builtin.yum:
name: name:
- httpd - httpd
- memcached - memcached
@ -35,8 +35,8 @@ At the simplest level, you can apply one or more tags to an individual task. You
- packages - packages
- webservers - webservers
- configure the service - name: Configure the service
template: ansible.builtin.template:
src: templates/src.j2 src: templates/src.j2
dest: /etc/foo.conf dest: /etc/foo.conf
tags: tags:
@ -49,29 +49,29 @@ You can apply the same tag to more than one individual task. This example tags s
--- ---
# file: roles/common/tasks/main.yml # file: roles/common/tasks/main.yml
- name: be sure ntp is installed - name: Install ntp
yum: ansible.builtin.yum:
name: ntp name: ntp
state: present state: present
tags: ntp tags: ntp
- name: be sure ntp is configured - name: Configure ntp
template: ansible.builtin.template:
src: ntp.conf.j2 src: ntp.conf.j2
dest: /etc/ntp.conf dest: /etc/ntp.conf
notify: notify:
- restart ntpd - restart ntpd
tags: ntp tags: ntp
- name: be sure ntpd is running and enabled - name: Enable and run ntpd
service: ansible.builtin.service:
name: ntpd name: ntpd
state: started state: started
enabled: yes enabled: yes
tags: ntp tags: ntp
- name: be sure file sharing is installed - name: Install NFS utils
yum: ansible.builtin.yum:
name: name:
- nfs-utils - nfs-utils
- nfs-util-lib - nfs-util-lib
@ -94,7 +94,7 @@ You add tags to includes the same way you add tags to any other task:
--- ---
# file: roles/common/tasks/main.yml # file: roles/common/tasks/main.yml
- name: dynamic re-use of database tasks - name: Dynamic re-use of database tasks
include_tasks: db.yml include_tasks: db.yml
tags: db tags: db
@ -105,7 +105,8 @@ You can add a tag only to the dynamic include of a role. In this example, the ``
--- ---
- hosts: webservers - hosts: webservers
tasks: tasks:
- include_role: - name: Include the bar role
include_role:
name: bar name: bar
tags: tags:
- foo - foo
@ -130,24 +131,26 @@ If you want to apply a tag to many, but not all, of the tasks in your play, use
tasks: tasks:
- block: - block:
tags: ntp tags: ntp
- name: be sure ntp is installed - name: Install ntp
yum: ansible.builtin.yum:
name: ntp name: ntp
state: present state: present
- name: be sure ntp is configured
template: - name: Configure ntp
ansible.builtin.template:
src: ntp.conf.j2 src: ntp.conf.j2
dest: /etc/ntp.conf dest: /etc/ntp.conf
notify: notify:
- restart ntpd - restart ntpd
- name: be sure ntpd is running and enabled
service: - name: Enable and run ntpd
ansible.builtin.service:
name: ntpd name: ntpd
state: started state: started
enabled: yes enabled: yes
- name: be sure file sharing is installed - name: Install NFS utils
yum: ansible.builtin.yum:
name: name:
- nfs-utils - nfs-utils
- nfs-util-lib - nfs-util-lib
@ -164,20 +167,20 @@ If all the tasks in a play should get the same tag, you can add the tag at the l
- hosts: all - hosts: all
tags: ntp tags: ntp
tasks: tasks:
- name: be sure ntp is installed - name: Install ntp
yum: ansible.builtin.yum:
name: ntp name: ntp
state: present state: present
- name: be sure ntp is configured - name: Configure ntp
template: ansible.builtin.template:
src: ntp.conf.j2 src: ntp.conf.j2
dest: /etc/ntp.conf dest: /etc/ntp.conf
notify: notify:
- restart ntpd - restart ntpd
- name: be sure ntpd is running and enabled - name: Enable and run ntpd
service: ansible.builtin.service:
name: ntpd name: ntpd
state: started state: started
enabled: yes enabled: yes
@ -232,13 +235,15 @@ You can also apply a tag or tags to all the tasks imported by the static ``impor
--- ---
- hosts: webservers - hosts: webservers
tasks: tasks:
- import_role: - name: Import the foo role
import_role:
name: foo name: foo
tags: tags:
- bar - bar
- baz - baz
- import_tasks: foo.yml - name: Import tasks from foo.yml
import_tasks: foo.yml
tags: [ web, foo ] tags: [ web, foo ]
.. _apply_keyword: .. _apply_keyword:
@ -252,7 +257,7 @@ If you want tag inheritance, you probably want to use imports. However, using bo
.. code-block:: yaml .. code-block:: yaml
- name: applies the db tag to the include and to all tasks in db.yaml - name: Apply the db tag to the include and to all tasks in db.yaml
include_tasks: include_tasks:
file: db.yml file: db.yml
# adds 'db' tag to tasks within db.yml # adds 'db' tag to tasks within db.yml
@ -266,7 +271,8 @@ Or you can use a block:
.. code-block:: yaml .. code-block:: yaml
- block: - block:
- include_tasks: db.yml - name: Include tasks from db.yml
include_tasks: db.yml
tags: db tags: db
.. _special_tags: .. _special_tags:
@ -281,12 +287,14 @@ For example:
.. code-block:: yaml .. code-block:: yaml
tasks: tasks:
- debug: - name: Print a message
ansible.builtin.debug:
msg: "Always runs" msg: "Always runs"
tags: tags:
- always - always
- debug: - name: Print a message
ansible.builtin.debug:
msg: "runs when you use tag1" msg: "runs when you use tag1"
tags: tags:
- tag1 - tag1
@ -305,8 +313,9 @@ For example:
.. code-block:: yaml .. code-block:: yaml
tasks: tasks:
- Rarely-used debug task - name: Run the rarely-used debug task
debug: msg="{{ showmevar }}" ansible.builtin.debug:
msg: '{{ showmevar }}'
tags: [ never, debug ] tags: [ never, debug ]
The rarely-used debug task in the example above only runs when you specifically request the ``debug`` or ``never`` tags. The rarely-used debug task in the example above only runs when you specifically request the ``debug`` or ``never`` tags.
@ -371,19 +380,19 @@ If you have a role or a tasks file with tags defined at the task or block level,
# mixed.yml # mixed.yml
tasks: tasks:
- name: task with no tags - name: Run the task with no tags
debug: ansible.builtin.debug:
msg: this task has no tags msg: this task has no tags
- name: tagged task - name: Run the tagged task
debug: ansible.builtin.debug:
msg: this task is tagged with mytag msg: this task is tagged with mytag
tags: mytag tags: mytag
- block: - block:
- name: First block task with mytag - name: Run the first block task with mytag
... ...
- name: Second block task with mytag - name: Run the second block task with mytag
... ...
tags: tags:
- mytag - mytag
@ -395,7 +404,8 @@ And you might include the tasks file above in a playbook:
# myplaybook.yml # myplaybook.yml
- hosts: all - hosts: all
tasks: tasks:
- include_tasks: - name: Run tasks from mixed.yml
include_tasks:
name: mixed.yml name: mixed.yml
tags: mytag tags: mytag