I am using ansible to create instances in EC2. I set disableApiTermination to true using an AWS CLI invocation for each instance that I create (On that note, I hope https://github.com/ansible/ansible-modules-core/pull/205 gets accepted into the devel branch soon).
However, I would like to unset it for any instances for which playbook execution fails. So that I may terminate those instances promptly after the playbook run. In fact if this facility were to be added to ansible, I could even put the termination call right there, so that at the end of the playbook run, I would only have the instances for which everything ran smoothly, and the ones for which things failed would have already been terminated.
So basically I am looking for the equivalent of an except block, something that would allow me to define tasks (even roles perhaps?) for inventory items that registered failure and for which ansible would stop executing the rest of the playbook. This could be helpful in any kind of cleanup/rollback task.
If there is already something that allows doing this, I would appreciate pointers towards it.
Regards,
Sankalp
Also note that using tasks labelled with when: |failed doesn’t cover my use case since it would require me to register the results of each and every task (inside roles too?) in the event of whose failure I want to trigger my rollback/cleanup actions. This approach seems neither practical nor elegant.
A workaround that I’m planning to use right now is to shift actions like
- Load Balancer Registration
- DNS Record Creation/Update
- Enabling of Termination Protection
and so on… to the end of my playbooks, so that they are only run on hosts for which all else has completed without failure.
Still, the original feature request seems like a useful thing to have.
But even this workaround has obvious flaws. What if one of these tasks itself were to fail? Say the instance was registered with the requisite Load Balancer, but then for some reason the DNS record creation failed. In that case it would be really handy to be able to undo the Load Balancer registration right there, before finishing the playbook run.
I really hope this sounds like something useful and worth adding.
Thanks!
Hi all,
As discussed previously on this list, the idea of blocks will be coming to a future release of Ansible.
The ‘v2/’ subtree refactoring is intended to enable such capabilities as try/except type blocks.
Until then, the “when” feature, along with ignore_errors, etc, is available.