[Ansible] How to branch the processing of a Playbook [Configuration Management]

2019.02.21

others

table of contents

1 If you want to skip a file that already exists
2 Other branching operations
3 Conclusion

Hello! This is Shimeji from the System Solutions Department.
It's been two months since I moved to the SRE team.
There's still so much I don't know, but I'm grateful for this environment where I can learn new things every day!
Learning new things is fun!

Today we'll be talking about Ansible, a configuration management tool.
There are times when you want to branch the processing of a Playbook, right?

For example, let's say you execute the following Playbook process.
It's a common one: it renames the existing configuration file and then places a new configuration file in its place.

- name: Rename Config File shell: mv /etc/hoge/main.cf /etc/hoge/main.cf_backup - name: Deploy Config File template: src: "{{ inventory_dir }}/roles/hoge/template/conf.j2" dest: "/etc/hoge/main.cf" owner: root group: root mode: 644

The process described above will complete without any issues by "renaming the original configuration file" and "installing the new configuration file."
However, if you already have a file named "main.cf_backup," you might want to skip this process...
In that case, use Registered Variables and the `when` statement.

Registered Variables allow you to store the results of executed tasks into variables.
You can then branch the process based on these results, allowing you to skip parts of the process.
To branch the process, use the `when` statement.

If you want to skip a file that already exists

The following is the processing of the Playbook taking the above into consideration

- name: Rename Config File Confirm stat: path: /etc/hoge/main.cf_backup register: result - name: Rename Config File shell: mv /etc/hoge/main.cf /etc/hoge/main.cf_backup when: not result.stat.exists - name: Deploy Config File template: src: "{{ inventory_dir }}/roles/hoge/template/conf.j2" dest: "/etc/hoge/main.cf" owner: root group: root mode: 644

See the process called Rename Config File Confirm

  stat: path: /etc/hoge/main.cf_backup register: result

The `stat` module is used to check if `main.cf_backup` exists.
If it exists, it stores `True` in the variable `result`; otherwise, it stores `False`.

And there is a when statement in the Rename Config File process

when: not result.stat.exists

Only perform the Rename Config File operation if result is not True

Let's verify that the process is not executed when the conditions are actually met.
We will execute the process on the following server where main.cf_backup exists:
192.168.33.72 [CentOS72]

ansible-playbook -i hosts operation.yml --ask-pass

PLAY [apply common configuration to all nodes] ********************************* TASK [Gathering Facts] ***************************************************************** ok: [192.168.33.72] TASK [hoge : Rename Config File Confirm] ************************************************ ok: [192.168.33.72] TASK [hoge : Rename Config File] ************************************************** skipping: [192.168.33.72] TASK [hoge : Deploy Config File] ********************************************************************* ok: [192.168.33.72] PLAY RECAP **************************************************************** 192.168.33.72 : ok=3 changed=0 unreachable=0 failed=0

Yes, the process is skipped

Other branching operations

The `when` statement can be used for various other conditional branching.
The following is a Playbook that installs Apache only if the OS is CentOS 7.

  - name: CentOS7 Install Apache yum: name: httpd state: present when: - ansible_facts['distribution'] == "CentOS" - ansible_facts['distribution_major_version'] == "7"

Conditions can be written in list format.
In this case, the process will only be executed if all conditions are met.
(In the example above, the OS is CentOS and the version is 7.)

Let's actually run the process on the following two servers:
• 192.168.33.67 [CentOS67]
• 192.168.33.72 [CentOS72]

ansible-playbook -i hosts operation.yml --ask-pass

PLAY [apply common configuration to all nodes] ********************************* TASK [Gathering Facts] ***************************************************************** ok: [192.168.33.65] ok: [192.168.33.72] TASK [test : CentOS7-install-apache] ************************************************* skipping: [192.168.33.65] changed: [192.168.33.72] PLAY RECAP ********************************************************************* 192.168.33.65 : ok=1 changed=0 unreachable=0 failed=0 192.168.33.72 : ok=2 changed=1 unreachable=0 failed=0

The process was executed only on 192.168.33.72.
Success!

Conclusion

This was just a brief introduction, but
the `when` statement can be used for various other conditional branching methods.
If you'd like to learn more, please check out the official documentation!
Official Documentation

If you found this article helpful,please give it a "Like"!

The person who wrote this article

About the author

Shimeji mushrooms

  CERTIFICATE:
    - TOEIC 835
    - LPIC304
    - AWS Solution Architect Associate
    - AWS Solution Architect Professional
    - GCP Professional Cloud Architect
    - IPA SC (not registered)

Kagome, Kagome,
who's that man behind us?

I'm an old man. (2018)

"CEO Lunch" held for the first time! Students and CEOs interact casually. Switching Terraform versions using tfenv.