OpenStack-Ansible

Use of groups in roles

Bug #1471746 reported by git-harry on 2015-07-06

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	OpenStack-Ansible	Expired	Undecided	Unassigned
	Trunk	Expired	Undecided	Unassigned

Bug Description

A number of the roles reference groups directly, the common example is to test if inventory_host is a member of a particular group, e.g.

playbooks/roles/os_neutron/tasks/main.yml: inventory_hostname in groups['neutron_agent']

This does not appear to be a standard practice with ansible and could possibly be described as an anti-pattern because the play does not control the hosts on which a role gets run. The role is no longer an abstracted unit of work but is instead tightly coupled to the inventory and the play.

If the roles are not designed for use by other projects, this issue may not be of much concern. However, if there is an expectation that the roles should be consumable outside of this project, I think that they should be reworked.

Revision history for this message

Serge van Ginderachter (svg) wrote on 2015-07-06:

I would not go as far to say that is an anti-pattern. The construct "when: inventory_hostname in groups[somegroup]" is used quite often in the community, and lots of contributors and core-developers propose it as a solution pattern.

It is true however that this makes a role dependent of a specific group name, which at the very least should be explicitly documented, which could address this concern when the role is published for re-use outside of OSAD.

So far I do not see an easy and clean alternative way for this. I do hope that this kind of things might be addressed in Ansible when the inventory will get a major update, which AFAIK is planned post the v2.0 release. It might be useful to give this kind of feedback to upstream Ansible, though currently it might be a bit early for that.

Revision history for this message

git-harry (git-harry) wrote on 2015-07-06:

@svg - I did sample the roles on galaxy.ansible.com and github.com/ansible/ansible-examples, before creating this bug, and I could not find a group referenced in any of the roles I looked at.

I think there are probably a number of ways direct references to groups in roles could be replaced, I think the specifics would depend on how/why the group is referenced. Three possible alternatives that come to mind are:
    - using 'play_hosts'
    - defining role variables that get set to the list of hosts
    - breaking complex roles up into multiple smaller roles.

Revision history for this message

Kevin Carter (kevin-carter) wrote on 2015-07-07:

This is something that I think we should spec out for the M cycle as it has the potential to impact inventory, vars, and group usage.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2015-10-01:

[Expired for openstack-ansible trunk because there has been no activity for 60 days.]

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.