How to run a task on a specific host which is not part of the hosts scope for the playbook?

[Rasmus Sjørslev]

What i am trying to achieve:

I have a playbook that provisions some virtual machines by running a role:

---

- hosts: localhost

  gather_facts: false

  connection: local

  vars_files:

    - vm_data.yml

  roles:

    - { role: common }

...

the common role logs into phpIPAM and gets some subnet information and then runs - using an include - the vm creation part as many times as there are specified VMs in the vm_data variable:

---

- name: Login to phpIPAM

  uri:

    url: "{{ phpipam_url }}/user/"

    method: POST

    body_format: json

    force_basic_auth: yes

    user: "{{ user }}"

    password: "{{ password }}"

  register: ipam_login

- name: Get subnet information (DNS, gateway, netmask etc.)

  uri:

    url: "{{ phpipam_url }}/subnets/7/"

    method: GET

    headers:

      token: "{{ ipam_login.json.data.token }}"

    status_code: 200

  register: subnet_info

- include: roles/common/files/provision.yml

  with_items: "{{ vm_data }}"

...

inside the provision.yml file - which i include so i can loop - i do the following

1. get an IP from phpIPAM

2. create a VM and configure it with the IP from step 1

3. update the IP gotten in step 1 with the MAC address of the newly created VM

Now comes my actual challenge and i realise i might be going beyond the scope of Ansible and into IaaS territory.

As a 4th step in the list above i would like to call out to a Windows based system using Ansible to run a powershell command that registers the created VM object in Windows DNS.

I can successfully create a playbook as a standalone that does exactly that however i dont know how i would invoke this 4th step only against a specific host (defined in my hosts file).

If the DNS server i am using had a REST api i would just use the uri module but given this limitation:

how (if possible) can i run a task using eg. win_shell against a specific host that takes a variable from the overall playbook it is being initialised from?

I have tried an 

- include: dns_changes.yml

  hosts: windows_server

  vars:

    ip: "{{ my_ip }}"

as a playbook include but that wont work as i think im breaking the variable scope ? I get an undefined fatal.

i have also played around with something like:

- include: dns_changes.yml hosts=windows_server

as a task include but that does not seem to work.

Thanks in advance.

[Kai Stian Olstad]

On 06. juli 2017 11:49, Rasmus Sjørslev wrote:
> how (if possible) can i run a task using eg. win_shell against a specific
> host that takes a variable from the overall playbook it is being
> initialised from?
>
> I have tried an
>
> - include: dns_changes.yml
> hosts: windows_server
> vars:
> ip: "{{ my_ip }}"
>
> as a playbook include but that wont work as i think im breaking the
> variable scope ? I get an undefined fatal.
>
> i have also played around with something like:
>
> - include: dns_changes.yml hosts=windows_server
>
> as a task include but that does not seem to work.

use delegate_to, that will run the task(s) on the delegated host.

--
Kai Stian Olstad

[Rasmus Sjørslev]

I had ventured down that path but it failed with an SSL error that it could not verify.

But you had me look at this again and i found:

https://github.com/ansible/ansible/issues/18066

once i defined this entry in my hosts file:

localhost ansible_winrm_server_cert_validation=ignore

and added this to my play:

- hosts: localhost
  gather_facts: true
  connection: local

then i tried a simple win_shell command:

- name: windows delegate
  win_shell: echo "hello world" > C:\temp\delegate2.txt
  delegate_to: 192.168.111.13

which then worked!

it seems like its still a known issue in ansible v. 2.3 the fact that it doesn't know what to do with winRM?

Thanks!