ansible-playbook
Runs Ansible playbooks, executing the defined tasks on the targeted hosts.
Synopsis
usage: ansible-playbook [-h] [--version] [-v] [--private-key PRIVATE_KEY_FILE]
[-u REMOTE_USER] [-c CONNECTION] [-T TIMEOUT]
[--ssh-common-args SSH_COMMON_ARGS]
[--sftp-extra-args SFTP_EXTRA_ARGS]
[--scp-extra-args SCP_EXTRA_ARGS]
[--ssh-extra-args SSH_EXTRA_ARGS]
[-k | --connection-password-file CONNECTION_PASSWORD_FILE]
[--force-handlers] [--flush-cache] [-b]
[--become-method BECOME_METHOD]
[--become-user BECOME_USER]
[-K | --become-password-file BECOME_PASSWORD_FILE]
[-t TAGS] [--skip-tags SKIP_TAGS] [-C] [-D]
[-i INVENTORY] [--list-hosts] [-l SUBSET]
[-e EXTRA_VARS] [--vault-id VAULT_IDS]
[--ask-vault-password | --vault-password-file VAULT_PASSWORD_FILES]
[-f FORKS] [-M MODULE_PATH] [--syntax-check]
[--list-tasks] [--list-tags] [--step]
[--start-at-task START_AT_TASK]
playbook [playbook ...]
Description
the tool to run Ansible playbooks, which are a configuration and multinode deployment system. See the project home page (https://docs.ansible.com) for more information.
Common Options
- --ask-vault-password, --ask-vault-pass
ask for vault password
- --become-method <BECOME_METHOD>
privilege escalation method to use (default=sudo), use ansible-doc -t become -l to list valid choices.
- --become-password-file <BECOME_PASSWORD_FILE>, --become-pass-file <BECOME_PASSWORD_FILE>
Become password file
- --become-user <BECOME_USER>
run operations as this user (default=root)
- --connection-password-file <CONNECTION_PASSWORD_FILE>, --conn-pass-file <CONNECTION_PASSWORD_FILE>
Connection password file
- --flush-cache
clear the fact cache for every host in inventory
- --force-handlers
run handlers even if a task fails
- --list-hosts
outputs a list of matching hosts; does not execute anything else
- --list-tags
list all available tags
- --list-tasks
list all tasks that would be executed
- --private-key <PRIVATE_KEY_FILE>, --key-file <PRIVATE_KEY_FILE>
use this file to authenticate the connection
- --scp-extra-args <SCP_EXTRA_ARGS>
specify extra arguments to pass to scp only (e.g. -l)
- --sftp-extra-args <SFTP_EXTRA_ARGS>
specify extra arguments to pass to sftp only (e.g. -f, -l)
- --skip-tags
only run plays and tasks whose tags do not match these values
- --ssh-common-args <SSH_COMMON_ARGS>
specify common arguments to pass to sftp/scp/ssh (e.g. ProxyCommand)
- --ssh-extra-args <SSH_EXTRA_ARGS>
specify extra arguments to pass to ssh only (e.g. -R)
- --start-at-task <START_AT_TASK>
start the playbook at the task matching this name
- --step
one-step-at-a-time: confirm each task before running
- --syntax-check
perform a syntax check on the playbook, but do not execute it
- --vault-id
the vault identity to use
- --vault-password-file, --vault-pass-file
vault password file
- --version
show program’s version number, config file location, configured module search path, module location, executable location and exit
- -C, --check
don’t make any changes; instead, try to predict some of the changes that may occur
- -D, --diff
when changing (small) files and templates, show the differences in those files; works great with –check
- -K, --ask-become-pass
ask for privilege escalation password
- -M, --module-path
prepend colon-separated path(s) to module library (default={{ ANSIBLE_HOME ~ “/plugins/modules:/usr/share/ansible/plugins/modules” }})
- -T <TIMEOUT>, --timeout <TIMEOUT>
override the connection timeout in seconds (default=10)
- -b, --become
run operations with become (does not imply password prompting)
- -c <CONNECTION>, --connection <CONNECTION>
connection type to use (default=smart)
- -e, --extra-vars
set additional variables as key=value or YAML/JSON, if filename prepend with @
- -f <FORKS>, --forks <FORKS>
specify number of parallel processes to use (default=5)
- -h, --help
show this help message and exit
- -i, --inventory, --inventory-file
specify inventory host path or comma separated host list. –inventory-file is deprecated
- -k, --ask-pass
ask for connection password
- -l <SUBSET>, --limit <SUBSET>
further limit selected hosts to an additional pattern
- -t, --tags
only run plays and tasks tagged with these values
- -u <REMOTE_USER>, --user <REMOTE_USER>
connect as this user (default=None)
- -v, --verbose
Causes Ansible to print more debug messages. Adding multiple -v will increase the verbosity, the builtin plugins currently evaluate up to -vvvvvv. A reasonable level to start is -vvv, connection debugging might require -vvvv.
Environment
The following environment variables may be specified.
ANSIBLE_INVENTORY
– Override the default ansible inventory file
ANSIBLE_LIBRARY
– Override the default ansible module library path
ANSIBLE_CONFIG
– Override the default ansible config file
Many more are available for most options in ansible.cfg
Files
/etc/ansible/hosts
– Default inventory file
/etc/ansible/ansible.cfg
– Config file, used if present
~/.ansible.cfg
– User config file, overrides the default config if present
License
Ansible is released under the terms of the GPLv3+ License.
See also
ansible(1), ansible-config(1), ansible-console(1), ansible-doc(1), ansible-galaxy(1), ansible-inventory(1), ansible-pull(1), ansible-vault(1)