Version 0.7 of Ansible which is due for release at any moment now, is able to delegate a task to a specific host out of band. This is useful, say, to record the state of a host Ansible is currently processing in a central database, removing hosts from a load-balancer while Ansible does maintenance on them, distribute Kerberos keytabs, create a DNS record for a host, schedule downtime in Nagios or Icinga with Ansible's nagios plugin, etc.

Let's look at the following simple Ansible playbook which installs tmux on all development servers. Please note the third action called "Tell master":

- hosts: devservers
  user: f2
  sudo: True
  serial: 5
     editmode: vi
  - name: Install tmux package
    action: yum name=tmux state=installed
  - name: Configure tmux
    action: template dest=/tmp/tmux.conf
  - name: Tell master
    action: shell echo "{{ansible_fqdn}} done" >> /tmp/list

The action in this task invokes a shell command, but that is delegated to a foreign host (i.e. it is performed on that foreign host). Ansible interrupts, so to speak, the flow of processing all devservers I have in my inventory file and hops off to (which isn't configured as a devserver) to run the specified task, with the following result on

$ cat /tmp/list done

Ansible delegation

It's important to note, that the Ansible management server is the host connecting to the delegated host. In other words, it's not the devservers that connect to it but the machine ansible-playbook is currently running on.

A shorthand notation in a Playbook

local_action: command .....

delegates to but note that, here too, the management host will attempt an SSH connection to (it's not just a shell command invocation). Your local Ansible management machine must allow connections to itself.

The serial: keyword allows me to configure the parallelism I want Ansible to use: setting it to 1 means Ansible will handle one host after the other. The documentation contains more details.


blog comments powered by Disqus