Ansible variables: choosing the right location

Defining variables for your Ansible playbooks and roles can come to be tough as your task grows.

Browsing the Ansible documentation, the range of Ansible variables site is baffling, to say the the very least:

1. command line values (for illustration, -u my_user, these are not variables)
2. part defaults (described in part/defaults/main.yml)
3. inventory file or script group_vars
4. stock team_vars/all
5. playbook group_vars/all
6. inventory team_vars/*
7. playbook group_vars/*
8. inventory file or script host_vars
9. stock host_vars/*
10. playbook host_vars/*
11. host details / cached established_info
12. perform vars
13. enjoy vars_prompt
14. enjoy vars_information
15. position vars (defined in function/vars/principal.yml)
16. block vars (only for tasks in block)
17. activity vars (only for the undertaking)
18. incorporate_vars
19. established_details / registered vars
20. purpose (and include_position) params
21. incorporate params
22. more vars (for instance, -e "user=my_user")(normally get precedence)

There are 22 distinct spots in which to retail store your variables! As your code evolve and develop into additional complex, it can get messy.

Outline your very own subset of variables spots

The easy way

Any time you believe of a variable, it really should be noticeable exactly where it is defined. If not, it’s possible you are spreading your variables in also lots of sites. Start with a little something basic, for occasion possessing only 2 spots where by your variables can be described:

1. role defaults (outlined in purpose/defaults/primary.yml)
2. purpose (and include_purpose) params

roles/serviceA/default.yml: this file defines all variables expected by the part, with some default values. Observe how we can remark variables that are required, but for which we do not want to offer any default price. By doing that, we are documenting just about every variable the function requirements.

servicea_log_dir: /var/log/servicea

servicea_autorestart: yes

serviceA.yml: this file is the playbook in which the purpose is named. We put our custom made configuration there.

- hosts: groupa
  roles:
  - position: serviceA
    vars:
      servicea_user: gollum
      servicea_autorestart: no

We chose 2 areas for our venture: purpose defaults, et part params. It is uncomplicated to know wherever to come across our variable. It must do the job in most conditions.

A far more generic way

Let’s have one more subset of areas.

1. job defaults (outlined in part/defaults/major.yml)
2. inventory group_vars/*

roles/serviceA/default.yml: part defaults, defined in the similar as the past example.

servicea_log_dir: /var/log/servicea

servicea_autorestart: certainly

inventory/group_vars/servicea.yml: these variables are going to be associated with the team referred to as servicea

servicea_person: gollum
servicea_autorestart: no

It is then needed to associate the right way the function to the hosts in which you have outlined the variables (reminder: at runtime, variables are in the end affiliated with a host: there is no teams or part default, only host variables). The playbook:

- hosts: servicea
  roles:
  - purpose: serviceA

Now let us say we want to have numerous roles, servicea and serviceb, to run on a single team referred to as for case in point worker. We could publish the custom made configuration for both of those expert services (servicea and serviceb) in a solitary file: inventory/team_vars/worker.yml but then it is definitely not evident wherever to obtain your personalized variables.

Instead, we can have 1 group for each services, so 1 configuration file per service in the team_vars folder (servicea.yml and serviceb.yml). We then affiliate the employee hosts to the group of our distinct expert services. inventory/hosts:

[worker]
employee01.area
employee02.local
worker03.local
employee04.regional

[servicea:children]
employee

[serviceb:children]
employee

A wrong way

Let’s just choose the 2 previous examples and combine them. We select 3 areas:

1. part defaults (defined in role/defaults/most important.yml)
2. stock group_vars/*
3. job (and include things like_job) params

Let us say we want to modify servicea_log_dir variable. We simply cannot modify the purpose defaults variable, as we want our individual custom benefit. Now do we alter it in the group_vars or in the purpose params? Both of those function, and there is no way to figure out which locale you would pick, unless there is a unique logic at the rear of it. This is not correct and we want to maintain issues straightforward.

Imagine gitops

When picking out the couple of destinations to use, consider about what result it will have on your code versionning.

The gitops methodology may perhaps aid you out. In brief, you want to break up your code in 2 repositories: your code repository, and your ops repository.

Implementing it to Ansible, your code repository is wherever you model your roles or your Ansible collections. Your ops repository is where you version every little thing particular to an instance of your code particularly your stock and customized variables.

When using the easy way, you will have to variation your playbooks in your ops repository, as they contain your personalized variables. When employing the 2nd process we explained, in which every single tailor made variable is in the inventory group vars, you can variation only the inventory in your ops repository.

What matters is that it should be feasible to break up the generic code and the properties that are correct to an occasion. For instance, storing custom variables in the vars folder of a job (eg. roles/servicea/vars/major.yml) is not right.

If you imagine of any variable and know for positive where it has been outlined, then you are probaly doing points appropriate.