Hello,

I am creating a role to upgrade my servers. Some are CentOS others are Fedora. CentOS servers use remote_user: root and Fedora servers remote_user: fedora

How can i setup my playbook to use one remote_user according to ansible_distribution?

In the Ansible FAQ there is a section that deals with these issue setting inventory variables in the inventory file, but i am
using dynamic inventory. http://docs.ansible.com/faq.html#how-do-i-handle-different-machines-needing-different-user-accounts-or-ports-to-log-in-with

Or there is a way to try sshing as some user if the connection fails, try another login user?

How to choose remote user according to OS?

Or it is easier to create a separate playbook for each ansible_distribution?

Thank you!

A better description is "How to set remote_user for according to OS distribution

There are several ways, the easiest is if your inventory script
provides OS info:

remote_user: "{{ansible_distibution == 'Fedora'|ternary('fedora', 'root')

If you have no info ahead of time you can test connecting and then use
group_by (example below) or the same expression above on the result
var. If using group_by you can preset group_vars/fedora =>
ansible_ssh_user: fedora

- hosts: all
  remote_user: root
  gather_facts: False
  tasks:
     - ping:
       register: rootlogin
       ignore_errors: yes

    - group_by: key=fedora
      when: rootlogin|failed

Thank you Brian for your reply.

Based on your suggestions, i created this playbook:
(create two groups and then apply the role to each subset)

• hosts: all
  remote_user: root
  gather_facts: false
  tasks:

• ping:
  register: rootlogin
  ignore_errors: true

• group_by: key=fedora-user
  when: rootlogin|failed

• group_by: key=root-user
  when: rootlogin|success

• name: Execute play for CentOS instances
  hosts: root-user
  remote_user: root
  roles:

• { role: path/to_role }

• name: Execute play for Fedora instances
  hosts: fedora-user
  remote_user: fedora
  sudo: yes
  sudo_user: root
  roles:

• { role: path/to_role }

The problem is that only the root-user group it is created.

created ‘group_by’ ActionModule: key=stage-root-user

No fedora-user group was created. When it comes the time to execute the rol for the fedora instances.

skipping: no hosts matched

I did also tried, create the two groups using multi plays(same idea), but the groups were created with the same elements:

• name: Group CentOS instances
  hosts: all
  remote_user: root
  gather_facts: no

ignore_errors: true

tasks:

• name: remote_user is root
  group_by: key=root_user
  ignore_errors: true

• name: Group Fedora instances
  hosts: all
  gather_facts: no
  remote_user: fedora
  sudo: yes
  sudo_user: root
  tasks:

• name: remote_user is fedora
  group_by: key=fedora_user
  ignore_errors: true

• name: Execute play for CentOS instances
  hosts: root_user
  remote_user: root
  roles:

• { role: path/to_role }

• name: Execute play for Fedora instances
  hosts: fedora_user
  remote_user: fedora
  sudo: yes
  sudo_user: root
  roles:

• { role: path/to_role }

FATAL: no hosts matched or all hosts have already failed – aborting

Thank you!

Ansible 1.9

you really only need 1 group, not sure why both did not get created though.

with one group you can have these play targets:

- hosts: group

- hosts: all:!group

^ first will target all hosts in the group, the 2nd all hosts NOT in the group.

Hello Brian,

I have made some tests and it seems that hosts conditional it is not working for the instances that cannot login (either root or fedora, tested both).

First test:

If i create the group according to fedora access rules, the group for the centos instances it is not created: