Re: [ansible-project] per-environment variables

Thu, 01 May 2014 08:38:08 -0700 

Dnia czw, 1 maj 2014, 11:40:22 Dick Davies pisze:

I'm developing an ansible playbook in Vagrant and then
applying it to a customer environment. Getting pretty far
by using a single playbook (site.yml) and setting per-environment
variables in different inventory files.



Sounds like a bit of abuse of the inventory - I think it's only meant 
for listing hosts and connection details.



dev_hosts = my dev. VMs
live_hosts = customer VM stack

then i can run

ansible-playbook -i (pick one) site.yml

and things by and large work great.

One problem I keep hitting is the 'live' environment needs everything
to go via a proxy. live_hosts has:

....
[all:vars]
http_proxy=http://custproxy:8080
....

and that's absent from dev_hosts.

I use that to template /etc/profile.d/proxy.sh,
so curl etc. are pre-set to use it. I'ts easy to do conditional
logic in that template.

I'd like all the Ansible tasks that support an environment: field
(git / get_url / etc) to only have one set if that var is populated.

I can't just blindly set it or the tasks end up running with a proxy
of nil/null/'' .

But I can't just add this to the inventory:

....
[all:vars]
http_proxy=http://custproxy:8080
proxy_env:
   http_proxy: {{http_proxy}}
....

because it just allows key=var style definitions.

Where's the earliest I can set this up?




I'm not sure if that's the right way, but for environment-specific 
variables I'm using play's vars_files.

vagrant_inventory:
[all:vars]
environment_name=vagrant

site.yml:
- hosts: some_group
  vars_files:
    - vars/{{ environment_name }}.yml


This way I have less clutter in inventory, and I can easily see the 
environment's global settings.
It's also pretty handy for usage with Vault, by adding "- secrets/{{ 
environment_name }}.yml" there (and as secrets for Vagrant aren't that 
secret, that gives you an index of required secrets too :-))


--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/53626A41.8050803%40gmail.com.
For more options, visit https://groups.google.com/d/optout.






















					Reply via email to