How to check a hosts group membership in Ansible

Written by Claudio Kuenzler - 0 comments

Published on August 11th 2023 - Listed in Ansible Linux

While playing around with group_vars, I noticed that a specific host never applied these group_vars.

Multiple PHP settings were defined in a group_vars:

ck@ansible:~$ cat /pub/ansible/inventory/group_vars/php_small.yaml
php:
  fpm:
    pool:
      pm.max_children: 25
      pm.start_servers: 2
      php_admin_value[apc.shm_size]: 128M
      php_admin_value[opcache.memory_consumption]: 128
      php_admin_value[opcache.max_accelerated_files]: 32531

In the host inventory, the target host (webserver11) is listed under this group name "php_small":

ck@ansible:~$ cat /pub/ansible/inventory/containers
[...]
[php]
:children php_small

[php_small]
webserver11 ansible_ssh_host=10.10.55.1

So I would have assumed that these PHP settings for the group php_small are applied. But when I ran the playbook, the following error showed up:

TASK [PHP - Test host_vars] ******************************************************************************************
fatal: [webserver11]: FAILED! => {"msg": "Unable to look up a name or access an attribute in template string ({{ php.fpm.pool | dict2items }}).\nMake sure your variable name does not contain invalid characters like '-': dict2items requires a dictionary, got <class 'ansible.template.AnsibleUndefined'> instead."}

Meaning: The php.fpm.pool dictionary was not found.

Check group membership of a host with playbook

To verify, that the webserver11 host is REALLY a member of the php_small group, you can add the following debug message as an early task into a playbook:

ck@ansible:~$ cat /pub/ansible/playbooks/group_membership.yaml
---
- name: ANSIBLE - Check group membership - Infiniroot LLC  
  hosts: '{{ target }}'
  tasks:

  - debug:
      msg: "{{ group_names }}"
    ignore_errors: True

When this playbook is run, the group_names (which is an array and can show multiple groups) are shown:

TASK [debug] **************************************************************
ok: [webserver11] => {
    "msg": [
        "webservers"
    ]
}

The output clearly shows that this host (webserver11) is member of the group "webserver", but not of php_small. No wonder my PHP settings are not applied.

Syntax error in inventory is the cause

It turns out to be an error in my inventory file. The group parent/child relationships need to be defined with another syntax as I used above:

ck@ansible:~$ cat /pub/ansible/inventory/containers
[...]
[php:children]
php_small

[php_small]
webserver11 ansible_ssh_host=10.10.55.1

After fixing the inventory file, the group_membership playbook now shows the following groups:

ck@ansible:~$ ansible-playbook /pub/ansible/playbooks/group_membership.yaml --extra-vars="target=webserver11"
[...]
TASK [debug] **************************************************************
ok: [webserver11] => {
    "msg": [
        "webservers",
        "php",
        "php_small"
    ]
}

Mystery solved!

Alternative: Check group membership with ansible-inventory

As a reply to my Toot, Kevin Honka mentioned the possibility to use ansible-inventory. Indeed, the command can be used to do a group listing and nicely presents all the servers present in a group:

ck@ansible:~$ ansible-inventory --graph
[...]
  |--@php:
  |  |--@php_large:
  |  |  |--webserver10
  |  |--@php_small:
  |  |  |--webserver11
  |  |  |--webserver12

Thanks for the hint!

Add a comment

Comments (newest first)

No comments yet.