DEVOPS

How to Use Tags in Ansible Playbooks with Examples

- by Hitesh Jethva 128
Ansible-Tags-Example
Post Views: 128

Playbooks often include many tasks, some of which may not be necessary every time you run the playbook. Ansible tags provide a powerful way to manage which tasks run and which ones are skipped. By using tags, you can apply a fine-grained approach to controlling task execution.

Tags are particularly useful when:

  • Execute only a subset of tasks in a playbook.
  • Debug msg output to troubleshoot a specific case without running the entire playbook.
  • Aim to improve efficiency by skipping irrelevant tasks.

In this blog, we’ll explore how to use tags in Ansible, illustrating how you can selectively apply tasks, skip others, and streamline your workflow.

Adding Tags to Tasks

Tags are added to tasks using the tags keyword. You can assign one or multiple tags to a task.

Here is the example yaml playbook:

---
- name: Install and configure a web server
  hosts: web
  tasks:
    - name: Install Apache
      apt:
        name: apache2
        state: present
      tags:
        - install

    - name: Start Apache service
      service:
        name: apache2
        state: started
      tags:
        - configure

    - name: Deploy website content
      copy:
        src: /var/www/html/index.html
        dest: /var/www/html/index.html
      tags:
        - deploy

In this case:

  • install tag applies to the Apache installation task.
  • configure tag applies to starting the Apache service.
  • deploy tag applies to copying the website content.

To run tasks with specific tags, use the –tags option with the ansible-playbook command.

 # ansible-playbook playbook.yml --tags "install,deploy"

This will apply only to the tasks tagged as install and deploy.

Listing Tags

When working with large playbooks, it’s important to know which tags are available. You can list all tags in a playbook using the –list-tags option:

 # ansible-playbook playbook.yml --list-tags

Output:

playbook: playbook.yml

  task tags: 
    - install
    - configure
    - deploy

This command does not execute the playbook; it only displays the tags, helping you decide which tasks to include or exclude during execution.

Skipping Tasks with Tags

If you want to skip specific tasks, use the –skip-tags option:

 # ansible-playbook playbook.yml --skip-tags "deploy"

This skips tasks tagged with deploy while executing all other tasks.

Tagging Blocks

Tags can also be applied to blocks of tasks for conditional execution:

---
- name: Update and configure the system
  hosts: all
  tasks:
    - block:
        - name: Update apt cache
          apt:
            update_cache: yes
        - name: Upgrade all packages
          apt:
            upgrade: dist
      tags:
        - system_update

By tagging the block with system_update, you can run or skip the entire block based on your needs.

Using Tags with Include and Import Statements

Ansible allows you to include or import tasks, files, or roles dynamically. Tags can also be applied to these include/import statements, enabling selective execution.

Example: Tags with Include

- name: Deploy Webserver and Database Configuration
  hosts: web
  tasks:
    - name: Include webserver tasks
      include_tasks: webserver.yml
      tags:
        - webserver

    - name: Include database tasks
      include_tasks: database.yml
      tags:
        - database

To run only the webserver tasks:

 # ansible-playbook site.yml --tags "webserver"

This approach is particularly useful for breaking down large playbooks into smaller, manageable files. You can then use tags to control which set of tasks to execute.

Using Always and Never Tags

1. Always Tag

The always tag ensures that a task is executed regardless of other specified tags. This is useful for critical tasks, such as ensuring connectivity or running cleanup commands.

---
- name: Ensure a directory exists
  file:
    path: /var/log/myapp
    state: directory
  tags:
    - always

Even if you run a playbook with a different set of tags, tasks with the always tag will still execute:

 # ansible-playbook playbook.yml --tags "deploy"

Tasks tagged with always will execute in addition to the deploy tasks.

2. Never Tag

The never tag ensures that a task is never executed, regardless of other specified tags. It is typically used for testing or when you want to temporarily disable a task.

---
- name: Test task (disabled)
  debug:
    msg: "This task should never run"
  tags:
    - never

Even if you attempt to include this task explicitly, it will not execute:

 # ansible-playbook playbook.yml --tags "never"

Conclusion

Ansible tags are a powerful way to organize and control task execution in your playbooks. They enable selective execution, making playbooks more flexible and efficient. By understanding and applying tags effectively, you can streamline your automation workflows, reduce execution time, and improve debugging.

FAQs

1. What happens if no tags are specified when running a playbook?

If no tags are specified, Ansible executes all tasks in the playbook by default.

2. Can I combine --tags and --skip-tags in a single command?

Yes, you can combine them to specify tasks to include and exclude in the same playbook execution.

3. Can I exclude tasks tagged with always?

No, tasks with the always tag cannot be skipped, as they are designed to run regardless of other tags.

Related Posts

Ansible File Module

How to Create Files and Directories with Ansible File Module

Ansible Playbook Dry Run and Check Mode

Ansible Dry Run: How to Run Playbook in “Check Mode”

Ansible Script Module

Run a Script on a Remote Server with Ansible Script Module

About Hitesh Jethva

I am Hitesh Jethva Founder and Author at LinuxBuz.com. I felt in love with Linux when i was started to learn Linux. I am a fan of open source technology and have more than 15+ years of experience in Linux and Open Source technologies.

View all posts by Hitesh Jethva