Hi,
I find it irritating that "a*" matches "all" too, like in --limit=a*.
I think this opens too much room for inintended behavior/errors.
In my opinion "all" should only called, if "all" was explicitly set.
How about you?
Marc
Basically you’re asking that wildcards not match groups. I agree.
https://github.com/ansible/ansible/blob/devel/lib/ansible/inventory/init.py#L267
Ultimately, I don’t think many of us do use host patterns in host selectors, i.e. we’re much more apt to do:
- hosts: webservers:dbservers
Rather than (with hostnames)
- hosts: www*:db*
I suspect this hasn’t come up because we’ve always suggested using groups as host selectors, so it hasn’t really been a major concern.
But it does seem like wildcard group match could be ambiguous.
Does anyone rely on wildcard group match? If not, I’m more than happy to change this.
I may have occasionally used it to shorten my typening 
but I don't rely
on it.
Also, as lots iots of my group names are structured as a part of the
hostnames, this change will work out nicely.
I do on ocassion, but rely on host wildcards much more
We (Rackspace) rely heavily on wildcard group matching. We have a number of inventories, broken down by region. Within each region there is a number of cells, and within each cell there are a number of machine roles that get turned into groups.
Lets take our ORD inventory.
ORD has cells c1, c2, and c3. Those all become groups, "c1, c2, c3".
Within c1 we have:
nova-compute
nova-api
nova-cells
etc...
Each of those are a role type. There is one or more actual hosts in each of those role types.
c2 will have the same types, with different hosts within the types, so on for the other cells.
We create groups that are a combination of the role and the cell in which the hosts came from, e.g. the nova-compute set from c1 becomes "c1-nova-compute", whereas the nova-cells set from c3 becomes "c3-nova-compute".
The c1 group is just a collection of all the c1-<role> groups, same with c2 being a collection of c2-<role> groups.
Our playbooks will often need to operate across all systems of a particular role within an inventory, e.g. we need to operate on every nova-compute node in a region.
hosts: "*-nova-compute"
That's how our playbooks look.
If we want to limit actions to a particular cell, we would add "--limit c2" to our playbook execution line. That would reduce the available inventory down to just things that exist in c2, and we can keep the hosts: line as is with "*-nova-compute".
We could adjust how this is all done, if group globbing were to go away, it would just require a fair amount of busy work.
-jlk
Should just the groups 'all' and 'ungrouped' be removed from the matching?
Thanks guys! Great feedback and a definite sign we shouldn’t change this wholesale.
That might be the cleaner method, excellent idea Brian.
I can’t imagine anyone wanting to hit those.
I’ll file a ticket.
+1 exactly my thought!