Sounds like you need to go group by group, server by server, and add them in slowly instead of trying to jump to the end and try to come up with a playbook that handles all scenarios for your entire 600 machines from the start. You could have a single inventory file with all 600 hosts in it, but I think it it easier and safer to have multiple inventories (one per group-environment pair). This lets you run plays on just one enviroment at a time instead of running a huge "do everything to every machine" playbook.
Let's take an example. Pick one instance of machines that are alike, like say you have a load-balanced pair of web servers that your HR department uses to store files on or something, so you call the instance "webhr". You have 2 production "webhr" servers and 2 test systems, so you would have a "webhr-prod" and a "webhr-test" instance-environment groupings. Your webhr-prod inventory could look like this: [webhr-prod] hrweb-1243 hrweb-9432 [children:webservers] webhr-prod I have a gist up at https://gist.github.com/BradGunnerSGT/ba1cea6c6629a702f9eb with a lot more detail that describes how we handle this sort of thing. Basically it lets us "touch" only the machines that need to be touched during that run, and if someone slips and runs ansible pointing at the complete inventory directory, then ansible only runs the parts of the master playbook pertinent to each individual machine and skips the rest. A system in "webhr-prod" would never have the "tomcat" or "mysql-server" roles run, and vice versa (unless the system has both "mysql-server" and "webserver" defined). ---- Mark McCoy <http://markmccoy.us> On Thu, Oct 2, 2014 at 8:36 AM, Johan Chassaing <chassaing.jo...@gmail.com> wrote: > Thanks for your reply :) > In my test case, I added apache indeed, but I would like to work like that > with any other packages. > I have a very long list of servers which is not up to date with all the > servers' servicies. > My intent is to not upgrade packages that can interrupt my production > (like apache, mysql.. ). So I want to put a list of packages that can > safely be upgraded and update them only if there are present. > If a specific server has a htop I want to upgrade without installing it on > the 600 others. > > If you have any idea. > johan > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ansible-project+unsubscr...@googlegroups.com. > To post to this group, send email to ansible-project@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/6dca7366-fd16-44f9-92bc-6f824aeb7e76%40googlegroups.com > <https://groups.google.com/d/msgid/ansible-project/6dca7366-fd16-44f9-92bc-6f824aeb7e76%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAP2%3DG9OVoQSicYsyeBe_A3mj8iEo4Kqpnn0%2BYBg8RygPUN%2B43Q%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
