Hello dear readers.
I was just reading through the previous posts in the Ansible guide and realized that I forgot to mention two important Ansible features. One is check mode, which allows us to run playbooks in test mode. Changes are only shown in the output, not actually executed. Second, there is diff mode, which shows changes in "before and after" mode in the output.
Check Mode
To use the check mode, we simply need to append a "--check" to our command. Here is an example from our setup-postgres.yml playbook from the last part:
ansible-playbook -i inventory.txt setup-postgres.yml --checkPLAY [db] ***********************************************************************************
TASK [Gathering Facts] ***********************************************************************************
ok: [ansible-guide-3]
ok: [ansible-guide-4]
TASK [install postgresql on debian based systems (Ubuntu)] **************************************************************************************************************
changed: [ansible-guide-3]
skipping: [ansible-guide-4]
TASK [install postgresql on Redhat based systems (CentOS)] **************************************************************************************************************
skipping: [ansible-guide-3]
changed: [ansible-guide-4]
PLAY RECAP **************************************************************************************************************************************************************
ansible-guide-3 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
ansible-guide-4 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 The output is identical to that without check mode, but the changes have not been made on the hosts.
In principle, this works with any playbook, but there are a few special features:
Dependencies
If a task depends on a previous one, for example, because a package is installed and then the corresponding service is started, the following task in check mode will probably fail because the corresponding package has not actually been installed.
Shell commands
The command and shell modules will return the status "changed" as in normal mode, but the actual effect cannot be checked because the result of the shell command is independent of Ansible.
For such cases, we can skip individual tasks in check mode:
- name: Skip this task in check mode
ansible.builtin.lineinfile:
line: "important config"
dest: /path/to/myconfig.conf
state: present
check_mode: noWith the task parameter "check_mode: no", we tell Ansible not to run the corresponding task in check mode.
Diff Mode
Diff mode is independent of check mode, but can be used in conjunction with it. In diff mode, Ansible displays all changes from the original state. Here is a small example using the "lineinfile" module:
- hosts: ansible-guide-1
tasks:
- name: add entry to /etc/hosts
ansible.builtin.lineinfile:
path: /etc/hosts
line: "192.168.0.3 ansible-guide-3"
regexp: "^192.168.0.3"
become: trueWe will now run the playbook in check and diff mode:
ansible-playbook -i inventory.txt lineinfile_diff.yml --check --diffPLAY [ansible-guide-1] ******************************************************************************************************************
TASK [Gathering Facts] ************************************************************************************************************
cok: [ansible-guide-1]
TASK [add entry to /etc/hosts] ****************************************************************************************************
--- before: /etc/hosts (content)
+++ after: /etc/hosts (content)
@@ -8,3 +8,4 @@
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
+192.168.0.3 ansible-guide-3
changed: [ansible-guide-1]
PLAY RECAP ************************************************************************************************************************
ansible-guide-1 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 If the result is OK for us, we can run the command again, this time omitting the "--check".
That's all there is to it! In the next part we will continue with part 2 of the loops!
Regards
Mow