Reputation: 3568
ansible-playbook not limiting hosts
I've got a hosts file, specifying a server belonging to multiple groups:
[web]
192.168.45.37
[integration]
192.168.45.37
[database]
192.168.45.37
The different groups have different roles applied to them in the playbook:
- hosts: all
roles:
- { role: base, tags: ['base'] }
- { role: logstash, tags: ['logstash'] }
- hosts: database
roles:
- { role: mysql, tags: ['database', 'mysql'] }
- { role: mysql-backup, tags: ['database', 'mysql', 'backup'] }
- hosts: web
roles:
- { role: nginx, tags: ['web', 'nginx'] }
- { role: ssl-certs, tags: ['web', 'ssl-certs'] }
- hosts: integration
roles:
- { role: jetty, tags: ['integration', 'jetty'] }
My problem is that when I go to run the playbook, trying to limit it to only the "roles" required by specifying the "group" with the "--limit" argument e.g.
ansible-playbook -i hosts site.yml -l integration
It ends up running all of the plays against the server. Why does it do this? Can I get it to just run the set of plays/roles associated with that particular server group?
Upvotes: 1
Views: 1528
Answers (1)
Reputation: 13940
This is by design- under the covers, limits are implemented as a list of hosts, though the limit expression can be an arbitrarily complex combination of both hosts and groups. We don't exclude group definitions that aren't specified in the limit expression (it sounds like that's what you want)- that would significantly hamper the utility of limit expressions for more complex use cases.
For example: if you had a play that targeted an intersection of two groups, "mysite:&myrole", I think the expectation would be that if you passed a limit expression of mysite, that it would run. If we explicitly dropped hosts for group defs that weren't specified in the limit expression, it wouldn't.
Tags are definitely the right thing to use here, and they can be specified at the play level for the role-specific stuff so you don't have to repeat that part for each role/task underneath. The pre_tasks section should behave the same way with tags (ie, the tasks need to be tagged to run, though make sure you know about "always")- if they don't, that's definitely an issue you should report.
Upvotes: 1
Related Questions
- How to get a list of all hosts specified by ansible-playbook --limit
- Using limit flag with ansible-playbook causes localhost to not be found
- ansible error conflicting hosts, tasks when I include playbooks in role
- Ansible Playbook - Import Playbook pass Host Name for each in Group - Rescursive Loop detected
- Ansible playbook does not run tasks in roles
- Ansible: execute role only for some hosts
- Limit ansible playbook by `hosts` of plays
- Ansible playbook does not run tasks from roles
- Using Ansible hosts raises `--limit` does not match any hosts
- ansible-playbook --limit not working with overlapping host aliases