Hi All,
As I noted in a previously closed issue, it’s not clear to me where ansible_winrm_server_cert_validation will be respected in group_vars and host_vars. In addition, I’m unsure how to deal with the situation of dynamic inventory, such as in Ansible Tower. Here’s my GitHub question repeated for convenience:
Yeah, I think that restriction is still in place, but group_vars is a good place for it.
You have ‘hosts: all’ in your example playbook, but not all of them are going to be windows hosts (probably) so defining a group called windows and having these vars defined for hosts that belong to the windows group is a good place to start. Then when your plays are for windows hosts you can just set
hosts: windows
and the playbook will apply to the right machines, with the right settings (which are only really relevant to the windows machines).
So the specific details of connecting to windows machines are kept out of your playbook and are applied where they are meaningful, i.e. on any of your windows machines.
Obviously you can get more detailed and have child groups of windows hosts if needed but you can still keep these common connection variables and have them apply to any hosts that are running windows.
You don’t mention what your dynamic inventory source is, but provided your dynamic inventory returns your hosts as members of a group, you can use matching group_vars with dynamic inventory just fine.
Hope this helps,
Jon