Ansible Pilot

Ansible Best Practices: ignore_errors in Ansible Playbooks

Understanding the Consequences of ignore_errors Ansible Directive and the Possible Remediations

November 4, 2023
Access the Complete Video Course and Learn Quick Ansible by 200+ Practical Lessons


In the realm of IT automation, Ansible is a powerful tool that helps streamline tasks and manage infrastructure efficiently. While Ansible makes automation accessible and user-friendly, it’s essential to follow best practices to ensure the reliability and predictability of your automation workflows. One critical aspect of writing Ansible playbooks is error handling, and that’s where the ignore_errors Ansible Lint rule comes into play. This rule checks that playbooks do not use the ignore_errors directive to ignore all errors. In this article, we’ll explore the rationale behind this rule and best practices for handling errors in Ansible playbooks.

The Role of ignore_errors in Ansible

In Ansible playbooks, the ignore_errors directive is employed to instruct Ansible to continue execution even when a task fails. This directive can be beneficial in specific scenarios, but it should be used judiciously. Using ignore_errors to bypass all errors across all tasks in a playbook is generally discouraged. Here’s why relying too heavily on ignore_errors is problematic:

  1. Concealing Failures: When you ignore all errors across tasks, you essentially hide any failures that occur during playbook execution. This can lead to the execution of tasks that shouldn’t run, potentially causing further problems down the line.

  2. Incorrect Task Status: The use of ignore_errors can wrongly mark tasks as “succeeded” even when they encounter errors. This can be misleading and prevent operators from identifying the actual source of issues.

  3. Unintended Side Effects: Tasks that fail can have consequences. Ignoring these errors means that you may unknowingly leave the system in an inconsistent state, leading to unexpected issues and behavior.

Best Practices for Handling Errors

To ensure that your Ansible playbooks handle errors effectively, consider the following best practices:

  1. Use ignore_errors Selectively Instead of applying ignore_errors globally to all tasks, use it selectively. This means using ignore_errors only when it makes sense and the failure of a particular task doesn’t disrupt the overall playbook execution. You should have a clear and documented reason for using ignore_errors on a specific task.

  2. Utilize register for Error Handling When a task could potentially generate errors, consider using the register module to capture the task’s output, including error messages and other relevant information. By registering the task’s output, you can later evaluate it, decide on appropriate actions, and handle errors in a controlled and predictable manner.

  3. Define Error Conditions For tasks where errors may occur, define precise error conditions using the failed_when directive. Specify under what circumstances the task should be considered as having failed. This allows you to have fine-grained control over error handling while preventing unintended side effects.

  4. Consider ansible_check_mode Another approach to controlling the use of ignore_errors is by checking whether the playbook is in “check mode.” When ansible_check_mode is true, it indicates that the playbook is being run in a mode where no changes are applied to the system. During check mode, you may decide to ignore specific errors that would otherwise be critical during normal execution.

  5. Regularly Review and Update Ansible playbooks are often integral parts of dynamic and evolving infrastructures. It’s crucial to regularly review your playbooks and error-handling strategies to ensure that they remain relevant and effective. As your infrastructure and requirements change, so should your error-handling mechanisms.

Problematic Code

This Ansible playbook demonstrates the usage of the ignore_errors directive in a task.

- name: Example playbook
  hosts: all
    - name: Run apt-get update
      ansible.builtin.command: apt-get update
      ignore_errors: true # <- Ignores all errors, including important failures.

Let’s break down what this playbook does:


The ignore_errors: true directive can be problematic because it effectively suppresses all errors and failures, regardless of their significance. While it might be suitable in some cases, such as when you want to proceed with other tasks even if this one fails, it should be used with caution.

Using ignore_errors should be a deliberate choice and carefully considered. In practice, you may want to use it when dealing with tasks where failures are expected and do not impact the overall success of the playbook. However, in scenarios where tasks have critical implications, blindly ignoring all errors can lead to hidden issues and unexpected consequences.

Operators should exercise caution when applying ignore_errors, ensuring that it aligns with the intended behavior and goals of the playbook. In cases where specific errors should be tolerated while others should result in a playbook failure, it’s better to use failed_when or register to handle errors more selectively and accurately.

Ansible Lint Output:

WARNING  Listing 3 violation(s) that are fatal
command-instead-of-module: apt-get used in place of apt-get module
ignore-error.yml:5 Task/Handler: Run apt-get update

ignore-errors: Use failed_when and specify error conditions instead of using ignore_errors.
ignore-error.yml:5 Task/Handler: Run apt-get update

no-changed-when: Commands should not change things if nothing needs doing.
ignore-error.yml:5 Task/Handler: Run apt-get update

Read documentation for instructions on how to ignore specific rule violations.

                       Rule Violation Summary                       
 count tag                       profile rule associated tags       
     1 command-instead-of-module basic   command-shell, idiom       
     1 ignore-errors             shared  unpredictability           
     1 no-changed-when           shared  command-shell, idempotency 

Failed: 3 failure(s), 0 warning(s) on 1 files. Last profile that met the validation criteria was 'min'.

The Best Resources For Ansible


Video Course

Printed Book


Correct Code

These are three example Ansible playbooks, each demonstrating different aspects of Ansible playbook configuration:

Playbook 1: Using ansible_check_mode

- name: Example playbook
  hosts: all
    - name: Run apt-get update
      ansible.builtin.command: apt-get update
      ignore_errors: "{{ ansible_check_mode }}" # <- Ignores errors in check mode.

Playbook 2: Registering Errors

- name: Example playbook
  hosts: all
    - name: Run apt-get update
      ansible.builtin.command: apt-get update
      ignore_errors: true
      register: ignore_errors_register # <- Stores errors and failures for evaluation.

Playbook 3: Handling Failures with failed_when

- name: Example playbook
  hosts: all
    - name: Disable apport
      become: true
        line: "enabled=0"
        dest: /etc/default/apport
        mode: 0644
        state: present
      register: default_apport
      failed_when: default_apport.rc !=0 and not default_apport.rc == 257 # <- Defines conditions that constitute a failure.


In the world of IT automation, error handling is a critical aspect of ensuring that tasks are executed reliably and infrastructure is managed effectively. While the ignore_errors directive in Ansible has its use cases, relying on it too heavily can lead to problems such as concealed failures and unintended consequences. By adhering to best practices such as selective use of ignore_errors, the intelligent use of register, precise error condition definitions with failed_when, consideration of ansible_check_mode, and regular playbook reviews, you can maintain the predictability and stability of your Ansible playbooks while effectively managing errors.

Subscribe to the YouTube channel, Medium, and Website, X (formerly Twitter) to not miss the next episode of the Ansible Pilot.


Learn the Ansible automation technology with some real-life examples in my

My book Ansible By Examples: 200+ Automation Examples For Linux and Windows System Administrator and DevOps

BUY the Complete PDF BOOK to easily Copy and Paste the 250+ Ansible code

Want to keep this project going? Please donate

Access the Complete Video Course and Learn Quick Ansible by 200+ Practical Lessons
Follow me

Subscribe not to miss any new releases