Ansible quirks: Delegating a task with a unique remote user

I’ve spent a few hours banging my head against something that – in retrospect – is pretty obvious: “delegate_to” does not respect the “ansible_user” inventory variable.


delegate_to is used to execute a task on a host other than the one targeted for playbook execution.  Compare these three tasks:

- command: echo Hello World

- command: echo Hello World
  delegate_to: localhost

- command: echo Hello World

The first task will execute “echo Hello World” on the system in the inventory that this playbook is being called for.

The second task will simply execute the ‘echo’ on the system running the ansible playbook.

The third task will connect to “” to execute the echo.  But, notably, “” doesn’t even need to be in your inventory, and so the connection to “” does not use any inventory variables, such as “ansible_user”.

“delegate_to” will respect the global “remote_user”, but I often use different non-root user accounts for Ansible connections.  So, if “delegate_to” doesn’t respect “ansible_user”, and if I can’t set a useful global “remote_user”, what can I do?


Once I figured this out, it’s pretty obvious in hindsight:

- command: echo Hello World
  delegate_to: [email protected]

“delegate_to” allows the user to be part of the connection string.  In this example, I will connect to ‘’ as the ‘my_remote_user’ id.  This could also be replaced with an inventory variable for the host the playbook is run for.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s