Ansible Tags – A Story

Posted on March 19, 2021 by Freejack

Started a new job back in October. The team is just me and another guy and the boss. And the other guy quit in December.

The real good thing is it’s a small single project shop and pretty much all the server work is done with Ansible so lots of playbooks. Of course the bad thing is it’s just me so I’m dissecting the playbooks to see what the previous folks did and why.

One of the things is the use of Tags. There are defined tags in several places but in the calling playbook and apparently not used when running the playbook or in the roles. It’s not defined in any documentation (what little there is) and the playbooks themselves don’t seem to need the tags.

I pulled up the Ansible docs on tags, checked a couple of youtube videos and an O’Reilly book and really didn’t see a need for Tags. Anything large enough where Tags might be useful probably should be broken down into smaller tasks anyway.

Then the boss made a request. We’re changing the IPs in the load balancer and the load balancer IP and I’d like it done via Ansible.

My first attempt was a task with a list of old IPs and a second task with a list of the new IPs. Use with_items and go. Added a backout task in case there was a problem that just reversed the lists.

Boss updated the request. We bring down Side A first, test to make sure it’s good, then Side B. A sequential list of tasks vs just delete and add. Okay, let’s see…

Started creating a bunch of little playbooks in part because of a manual check between changes.

  • Remove Side A from the Load Balancer
  • Remove the old IP from Side A
  • Add the new IP to Side A
  • Validate
  • Add Side A back to the Load Balancer
  • Remove Side B from the Load Balancer
  • Remove the old IP from Side B
  • Add the new IP to Side B
  • Validate
  • Add Side B back to the Load Balancer
  • Validate

So three playbooks. Well, let’s not forget creating similar playbooks to back out the change in case Validate == Failed. So three more playbooks. Plus a couple of edge cases. For example, if Side A is fine but there’s some network issue with Side B, backing out Side B might mean three of the backout tasks can be run but we’d want to leave the new Side A in the Load Balancer.

That’s a lot of playbooks.

Hey, Tags! Create one Update playbook and tag the tasks appropriately. Then a second Backout playbook and tag those tasks. Then run the Update playbook with –tags delsidealb,delsidea,addsidea.

So not necessarily a long playbook but also for a bunch of simple tasks that need backouts and manual verifications.

Well, I thought it was cool 🙂 Learning new things is always fun and I thought I’d share.

This entry was posted in ansible, Computers and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *