{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 beautiful° 的问题《How can I configure an “all or nothing” Ansible pl》','https://www.manongdao.com/q-838157.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I have a bunch of servers that need will be need frequent patching. I am planning on using Ansible to coordinate the patching process. The keep point here is that it must be an "all or nothing" patching. Either all servers are patched or none.
The tasks I was considering for my playbook would be something like: 1 - Go to all servers and take an lvm snapshot 2 - IIF task 1 works on all servers, apply the changes 3 - If one of the hosts fails for any reason, roll back the snapshot on ALL NODES.
The problem is that I am new to Ansible and I can't express this on a playbook. I have written this simple testing playbook:
---
- hosts: all
strategy: linear
tasks:
- block:
- debug: msg='Testing on {{ inventory_hostname }}...'
- command: /home/amirsamary/activity.sh
changed_when: false
rescue:
- debug: msg='Rollback of {{ inventory_hostname }}...'
- debug: msg='I continued running tasks on {{ inventory_hostname }}...'
I have two hosts on my inventory. On the first node, activity.sh returns true and on the second node, activity.sh returns false. So, node2 will always fail. The problem is that the rescue tasks will only run for the failed host and not for all of them (as one would expect anyway) and the playbook keeps running the other tasks.
I have heard a lot about how good Ansible was to orchestrate complex tasks on thousands of servers. But I can't seem to find a way of safely implement an "all or nothing strategy" with it. What am I missing?
I bet there are many ways to implement this, here is one of them:
What's done here?
cmd_resultand ignore errors, if anycommandtask completed on all hosts before next task being executedcmd_resultregistered for every hostcmd_resultfacts for all hosts in the current play, select those withfaileddefined, convert them to list and count them: if there is any, rollback.So rollback task will be executed for all hosts if there is failed
cmd_resultfor any of them.You may want to add this task after rollback task:
This way you will have your rollback tasks done and also mark problem hosts as failed.