I recently came across this talk from Southeast Linux Fest by Jeff Propes. The talk mostly goes over the shortcomings of Ansible and various tips on how you can mitigate them (hence the name of the talk “Make Ansible Suck Less”). In particular, I found the trick he demonstrated at the beginning to mitigate the possibility of erroneously affecting multiple hosts when running a playbook quite useful.

First, you add a “dummy host” to your inventory, that looks something like this:

_failwhenfound:
  ansible_connection: local

And then, you can make the beginning of your playbooks look something like this:

- name: my playbook
  hosts: all
  order: sorted

  pre_tasks:
    - name: Fail when --limit is not specified
      when: inventory_hostname == '_failwhenfound'
      any_errors_fatal: yes
      fail:
        msg: >
          Error! You must use --limit when running this playbook!

Because the “dummy host” has an underscore at the beginning, it will be checked first when we specify order: sorted. Then we add a pre-task that cancels the execution of the playbook if this host is detected in the inventory to run against. This is perfect for playbooks that are broadly applicable to a wide range of hosts but might be problematic if you executed against all of them at the same time.

Thanks again to Jeff for this tip!