Hello…
So I have a semi-elaborate set of Ansible roles that provision a handful of different system types based on variable configuration and all is working well. In total provisioning a new system may take ~400 tasks.
What I’m scratching my head is when it comes to making additions/changes/updates going forward. I understand the concept of idempotence, but it doesn’t seem right to run and wait for the entire playbook/role set with hundred of (previously completed) tasks just to apply a few new ones that were added. In my case that can take quite a while especially with many systems involved.
That is when I thought “tags” would be my answer. I could just set a fact on the system with a rolling “version” number and apply only the new tag’d tasks that would be needed to get to that version. For example a system is at 1.1, so it may need to run tags for 1.2 and 1.3 to get to 1.3. Seemed simple enough to automate, except tags for filtering can only be passed when executing the playbook, not when including roles or tasks within playbooks. 
So I feel like I’m missing something here. It seems like my options are:
- Let the full playbook run and wait it out, which will get quite painful at scale.
- Use variables and a ton of when statements essentially “skipping things” based on some version I maintain. Seems like a big kluge.
- Use tags and figure out some front end scripts to essentially run the filtered playbooks based on what the system needs.
- Beg for tag filtering within included roles, tasks, etc. Seems like this would make it so clean.
- Some other option I’m completely overlooking??
I’d really love to hear what people are doing for “delta” updates/changes on systems, as I feel like I’m missing something on an otherwise awesome system.
Thanks…