hi
i have two hosts and i need to run my playbook only on one of them. i.e host A is always the target, unless it is not reachable. in this case, host B will be the target.
but the point is that if host A is reachable , playbook should’t work on host B.
any advice is accepted.
thanks
1 play before your normal play:
hosts: hosta,hostb
gather_facts: False
tasks:
- ping:
- group_by: key=rechable
hosts: reachable
....
Thanks for mentioning the ‘ping’ module - that is new to me. (It checks ssh connection and python, not an icmp ping)
But I don’t see “reachable” as a return value in the docs.
Looks like that will run it for both hosts, which is not what the requestor wanted. More like:
hosts: hosta
gather_facts: False
tasks:
- ping:
register: pingtest - hosts: hostb
when: pingtest.failed
But so far I cannot get it to work.
I am looking to use the same logic to connect to the internal or external IP of an AWS server depending on where I happen to be running Ansible at that moment.
> 1 play before your normal play:
>
>
> hosts: hosta,hostb
> gather_facts: False
> tasks:
> - ping:
> - group_by: key=rechable
>
> hosts: reachable
> ....
>
> ----------
> Brian Coca
>Thanks for mentioning the 'ping' module - that is new to me. (It checks
ssh connection and python, not an icmp ping)
But I don't see "reachable" as a return value in the docs.
It's not a return value.
group_by is a module that will add the host in a group call rechable.
Looks like that will run it for both hosts, which is not what the requestor
wanted. More like:hosts: hosta
gather_facts: False
tasks:
- ping:
register: pingtest
- hosts: hostb
when: pingtest.failedBut so far I cannot get it to work.
I am looking to use the same logic to connect to the internal or external
IP of an AWS server depending on where I happen to be running Ansible at
that moment.
This will run on the first host in the list(host2) if it reachable if not it will run on the second host(host1)
Not pretty but should work.
there is no need to register as the host failing the ping will be
removed from the play.
Yes it's necessary, if not the group_by still runs, just look at this run
PLAY [a2,a1] **********************************
TASK [ping] ***********************************
fatal: [a2]: UNREACHABLE! => {
"changed": false,
"skip_reason": "Host a2 is unreachable",
"unreachable": true
}
MSG:
Authentication or permission failure. In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in "/tmp". Failed command was: ( umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1542219116.25-109169561163325 `" && echo ansible-tmp-1542219116.25-109169561163325="` echo ~/.ansible/tmp/ansible-tmp-1542219116.25-109169561163325 `" ), exited with result 1
TASK [group_by] *******************************
ok: [a2] => {
"add_group": "rechable_hosts",
"changed": false,
"parent_groups": [
"all"
]
}
You might be interested in a proof of concept inventory plugin I wrote a few months back: https://github.com/flowerysong/ansible/commit/900b3001
A better implementation would be to do this at the connection layer so that the checking is done on demand instead of serially for every host in the inventory, but the inventory plugin approach works and isn’t unbearably slow for small inventories.
We don’t actually use this in production; for AWS our team uses Amazon’s DNS resolution, so the hostnames resolve to the internal IPs from within the VPC or the external IPs from outside:
`
ezekielh@ego ~ $ dig +short just-gofannon.ctools-mx.a.mail.umich.edu
ec2-52-15-122-141.us-east-2.compute.amazonaws.com.
10.0.74.217
zeke@ironbull ~ $ dig +short just-gofannon.ctools-mx.a.mail.umich.edu
ec2-52-15-122-141.us-east-2.compute.amazonaws.com.
52.15.122.141
`
Thanks, will look into that.