Allowing some molecule hosts to fail

I got a special use case: where I has a group of hosts I wanted to test with molecule but I knew that at least one of them will fail with current code. I did not want to fail the execution due to the expected failure, so I ended up doing this complex logic below. The first part detects only reacable hosts and avoid failing the playbook if they are reacable (something that can happen if for example molecule fails to even create them).

Ansible ignore_errors are evil

If you ever used ignore_errors before you probably observed one of its side effects: Ansible console output becomes much harder to inspect because your it will contain lots of red (failed) task around, so scrolling to the right line would be much harder. It will trigger Ansible debugger if you configured ANSIBLE_STRATEGY=debug, even if you are likely not to want this making the use of debugger kinda useless if you have lots of such ignore_errors.

Naming hosts and groups

While Ansible was quite flexible regarding what you could use for inventory hostnames and groups, things changed for the worse. Newer versions are complaining about use of dashes (minus) in group names. You can find more informationn about changes made around groupnames read this explanatory comment from bcoca. If you want to find out why there is a long thread to read on bug #56930. I was originally offended by the decision but after few weeks and reading other comments, I realised that sometimes is better to adapt than fight.


Tools and libraries I LOVE,… most of the time,… most of them: pytest ansible molecule tox pip pbr pre-commit black flake8 git-review Cross-platform GUI apps Visual Studio Code - we can no longer say that Microsoft is not able to provide a good IDE. Atom was good, but code is great. Beyond Compare - best ever diff tool. MacOS specific apps iTerm – version 3.3 is even more awesome than ever, I really need to write about it.

Using a remote docker

Whatever if you are using an operating system that does not support docker or you do not want overload your main desktop with docker service you should know that there is a very easy way of doing it. Docker added remoting support via ssh few years back but they missed to advertise it others. Mainly you can build and run containers on a remote host almost identically as you would do with a local one.

Ansible Cheatsheet

Variable precendence order Order, order please! command line values (eg “-u user”) role defaults inventory file or script group vars inventory group_vars/all playbook group_vars/all inventory group_vars/* playbook group_vars/* inventory file or script host vars inventory host_vars/* playbook host_vars/* host facts / cached set_facts play vars play vars_prompt play vars_files role vars (defined in role/vars/main.yml) block vars (only for tasks in block) task vars (only for the task) include_vars set_facts / registered vars role (and include_role) params include params extra vars (always win precedence) Load distro specific variables - name: Load operating system specific variables include_vars: "{{ item }}" failed_when: false loop: - "family-{{ ansible_os_family | lower }}.