Ansible - Httqm's Docs

A few words of warning :

Examples below :

are given in the context of ad-hoc commands, but you should get the idea very easily to use them in a play
specify no inventory file, which is ok as long as its name can be determined implicitly (default name, default location, specified in a personal settings file, ...). Otherwise, specify it explicitly with -i :
ansible -i myInventoryFile
should also apply to the --limit directive

Now let's target hosts :

Target	Syntax	Comment
by name
a list of hosts	ansible host1,host2,host3
a list of hosts matching a regular expression	ansible '~server0[12]\.acme\.org'	matches server01.acme.org and server02.acme.org make sure you're not limiting the effective target with the ansible-playbook -l flag
by group
all hosts of a single group	ansible groupName
all hosts known to Ansible	ansible all
hosts of several groups	ansible group1:group2:group3	The colon `:` actually means a logical OR. This command above applies to any host belonging either to group1 or to group2 or to group3 When it comes to complex rules with intersections and exclusions (see examples), it may not be a REAL "logical OR"
hosts belonging to the 2 specified groups	ansible 'group1:&group2'	aka intersection of groups
by name + group
all hosts except those matching an expression	ansible 'all:!expression*' ansible 'groupName:!badHost'	can be an expression with a wildcard or a regular expression the whole `!...` string must be single-quoted (details)
all hosts of a group except several of them	ansible 'groupName:!~(host1\|host2)'	`~` is used to introduce a regular expression you get the idea to exclude as many hosts as necessary

Let's consider this play :

- hosts: 127.0.0.1
  connection: local
  gather_facts: no
  tasks:

  - set_fact:
      fruits: [
        'apple',
        'orange',
        'banana',
        ]

  - debug:
      var: item
    loop:
      - fruits

  - debug:
      var: item
    loop:
      - "{{ fruits }}"

  - debug:
      var: item
    loop:
      "{{ fruits }}"

which outputs :

TASK [debug] ********************************************************************
ok: [127.0.0.1] => (item=fruits) => {
    "item": "fruits"
}

TASK [debug] ********************************************************************
ok: [127.0.0.1] => (item=[u'apple', u'orange', u'banana']) => {
    "item": [
        "apple",
        "orange",
        "banana"
    ]
}

TASK [debug] ********************************************************************
ok: [127.0.0.1] => (item=apple) => {
    "item": "apple"
}
ok: [127.0.0.1] => (item=orange) => {
    "item": "orange"
}
ok: [127.0.0.1] => (item=banana) => {
    "item": "banana"
}

Explanations

- fruits

this passes the string fruits, not the fruits variable
use "{{ }}" to pass a variable

- "{{ fruits }}"

the leading dash - introduces a list item
_HERE_ it's a one-item list, and this item happens to be a list
Anyway, this is why the loop turns only once and displays all fruits at once

"{{ fruits }}"

this is what we expected

There are circumstances (especially during development) when it would be convenient to stop a playbook at a given point because the following tasks
- are irrelevant for the current development / debug
- take too long to run
- ...
There is a --start-at-task (source : 1, 2) directive but no --stop-at-task so far.

  - fail:
      msg: "Playbook stopped on purpose for whatever reason"

This stops the execution abruptly, with a failure status, making this solution mostly suited for debugging. It has the advantage that :

the ansible-playbook execution ends on the fail command, none of the following commands will be executed
it stops where you expect it to stop : no conditions nor subtleties (see below)
it throws a red message to the console you can't ignore

This _can_ do the job too :

- meta: end_play

But it's fairly different from the fail method :

no failure exit status
no message sent to the execution log, so the ending may go unnoticed
it only affects the current play, meaning further tasks of the current playbook may be executed if they belong to a distinct play

Check it with metaEndPlay.yml.

Create ~/.ansible.cfg and replicate + override the required section / values :

[defaults]
host_key_checking	= False
inventory		= /home/stuart/ansible/hosts
roles_path		= /home/stuart/ansible/roles
vault_password_file	= /var/lib/ansible/.vault_password

Because I can never remember how to use with_items, here's an example :

- name: unmount volume groups
  mount:
    src: "{{ item.device }}"
    name: "{{ item.mountPoint }}"		will be path in Ansible 2.3+
    state: unmounted
  with_items:
    - { device: '/dev/mapper/vg_data-data', mountPoint: '/var/lib/docker/devicemapper' }
    - { device: '/dev/mapper/vg_data-data', mountPoint: '/var/lib/docker' }

Ansible - The HowTo's

How to specify target hosts ?

A few words of warning :

Now let's target hosts :

How to loop on a list of items ?

Explanations

How to interrupt a playbook (i.e. something like --stop-at-task) ?

Situation :

Solution :

Alternate solution :

How to override /etc/ansible/ansible.cfg settings with personal values ?

How to use `with_items` ?

How to specify target hosts ?

A few words of warning :

Now let's target hosts :

How to loop on a list of items ?

Explanations

How to interrupt a playbook (i.e. something like --stop-at-task) ?

Situation :

Solution :

Alternate solution :

How to override /etc/ansible/ansible.cfg settings with personal values ?

How to use with_items ?

How to use `with_items` ?