Abort Playbook on Play Failure

[James Lucas]

I'm trying to use Ansible to automate the creation of Amazon machine images. The basic process is: 1) create an instance 2) run ansible play on that instance 3) convert that instance to an AMI

Right now I'm cramming all of these steps into one playbook with three separate plays, primarily because the AWS API is run against the host 'localhost' whereas provisioning the instance with Ansible requires pointing Ansible to the instance. The problem is that the 'convert instance to ami' play will run regardless of whether the previous play succeeded or failed. I only want to create the AMI if the instance was actually successfully provisioned, but I haven't found a good way to do it. Playbook looks like this:

---

- name: provision instance
  hosts: localhost
  vars:
    [...]
  tasks:
  - name: create instance
    ec2:
     [...]
     wait: yes
    register: ec2
  - name: add instances to inventory / nodejs group
    add_host:
     hostname: "{{item.public_dns_name}}"
     groups: nodejs
    with_items: ec2.tagged_instances
  - name: wait for instance accessible
    wait_for:
     host: "{{item.public_dns_name}}"
     port: 22
     search_regex: "OpenSSH"
    with_items: ec2.tagged_instances

- name: run ansible on all hosts in group
  become: yes
  hosts: nodejs
  roles:
  - nodejs

- name: convert instance to ami
  hosts: localhost
  vars:
    region: us-west-2
  tasks:
  - name: build ami
    ec2_ami:
     name: amlx-nodejs
     description: basic nodejs image
     instance_id: "{{item.id}}"
     region: "{{region}}"
     wait: yes
    with_items: ec2.tagged_instances

Does anyone have any ideas for a better way to structure this? I thought this would be a very simple situation, but it's the first time I've had to run plays across different hosts, and clearly I'm missing something.

Thanks for your help!

[chris meyers]

Use ansible maximum fail percentage and set it to 1% (or 0% if 0 isn't treated special). This way, if any tasks fail on the play executing on the play running against the nodejs group, the Ami play following will not run. http://docs.ansible.com/ansible/playbooks_delegation.html#maximum-failure-percentage

[James Lucas]

Thanks for the suggestion. Unfortunately, this does not work. I tried your suggestion:

- name: run ansible on all hosts in group

  become: yes

  hosts: nodejs

  max_fail_percentage: 1

  roles:

  - nodejs

... as well as the 'any_errors_fatal' option, like this:

- name: run ansible on all hosts in group

  become: yes

  hosts: nodejs

  any_errors_fatal: True

  roles:

  - nodejs

However, regardless of failure on the play run against nodejs, the playbook continues running straight into the 'convert instance to ami' play:

- name: convert instance to ami

  hosts: localhost

  vars:

    region: us-west-2

  tasks:

  - name: build ami

    ec2_ami:

     name: amlx-nodejs

     description: basic nodejs image

     instance_id: "{{item.id}}"

     region: "{{region}}"

     wait: yes

    with_items: ec2.tagged_instances

Is this the way Ansible is supposed to work? Should I be separating this out into separate playbooks and having a service like Jenkins manage running multiple playbooks?

[James Lucas]

My solution has been to build testing into the image-building step, so:

1) create instance

2) run nodejs ansible role on instance
3) bake instance into image... but don't do it if port 80 isn't open on the instance:

- name: convert instance to ami

  hosts: localhost

  vars:

    region: us-west-2

    tags: { type: nodejs-pre-image }

  # check that the web daemon will actually start before building the image

  # -- this test could definitely be more comprehensive, ie, with uri module

  tasks:

  - name: wait for port 80 open

    wait_for:

     host: "{{item.private_ip}}"

     port: 80

    with_items: ec2.tagged_instances

  - name: build ami

    ec2_ami:

    [ ..... and so on .... ]


This has the added benefit of forcing me to do what I've been meaning to do anyway, build some testing into my Ansible scripts. That's a good thing!