On 1/20/21 6:16 PM, Vladimir Botka wrote:
On Wed, 20 Jan 2021 15:45:00 -0700
Rich Megginson <rmegg...@redhat.com> wrote:
- hosts: some_arbitrary_name_of_my_group_of_vpn_hosts
roles:
- linux-system-roles.vpn
or you can specify the hosts manually:
- hosts: hosta,hostb,hostc
roles:
- linux-system-roles.vpn
or some combination thereof. Or is there some other method?
Yes. Enable vpn in the inventory and create the group dynamically.
For example
shell> cat hosts
hosta vpn=enabled
hostb vpn=disabled
hostc vpn=enabled
The playbook
- hosts: all
gather_facts: false
tasks:
- add_host:
groups: vpn_hosts
name: "{{ item }}"
loop: "{{ hostvars|dict2items|
selectattr('value.vpn', 'eq', 'enabled')|
map(attribute='key')|list }}"
run_once: true
- hosts: vpn_hosts
gather_facts: false
tasks:
- debug:
msg: "Running linux-system-roles.vpn"
gives
ok: [hosta] =>
msg: Running linux-system-roles.vpn
ok: [hostc] =>
msg: Running linux-system-roles.vpn
This is an example of what @Matt Martz meant with "a multi play
playbook, where the first play minimally just is there to gather
facts that the 2nd play needs."
Is this better (as in more performant, best practices) than just doing
shell> cat hosts
[vpn_hosts]
hosta
hostb
hostc
- hosts: vpn_hosts
roles:
- linux-system-roles.vpn
?
--
You received this message because you are subscribed to the Google Groups "Ansible
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/86e1bfd4-d460-778e-e9c6-782055cc3287%40redhat.com.
