Background
We use ansible for all our automated deployments, and have had success in
managing separate environment configuration using group vars. Our
inventories (running locally and also on ansible tower) have hosts
belonging to groups based on application and environment -- for example, we
might run something like this:
ansible-playbook -i inventories/non-prod -l'env-qa:&backend' backend/deploy.
yml
... to deploy to all hosts belonging to the backend group and the env-qa
group, and to pull in config values from group_vars/env-qa.
Recently we've decided to use a single cluster of machines for deploying
applications which belong to different environments - for example, with
apps like Storm, you can run two different qa environments on the same
cluster. Where we're running into problems is that even if we set the limit
flag on ansible-playbook to 'env-qa-1', we're still getting all the
variables belonging to 'env-qa-2' when we actually run the playbook. I've
simplified this below.
Files:
inventories/test
[group-a]
host1
[group-b]
host1
[app]
host1
group_vars/group-a
---
base_directory: /opt/app/a/
group_vars/group-b
---
base_directory: /opt/app/b/
test/test.yml
---
- name: test script
hosts: all
tasks:
- debug: msg="deploying to {{ base_directory }}"
ansible-playbook commands:
$ ansible-playbook -i inventories/test -l'app:&group-a' test/test.yml
PLAY [test script]
************************************************************
GATHERING FACTS
***************************************************************
ok: [host1]
TASK: [debug msg="deploying to {{base_directory}}"] **********
ok: [host1] => {
"msg": "deploying to /opt/app/b/"
}
PLAY RECAP
********************************************************************
host1 : ok=2 changed=0 unreachable=0 failed=0
$ ansible-playbook -i inventories/test -l'app:&group-b' test/test.yml
PLAY [test script]
************************************************************
GATHERING FACTS
***************************************************************
ok: [host1]
TASK: [debug msg="deploying to {{base_directory}}"] **********
ok: [host1] => {
"msg": "deploying to /opt/app/b/"
}
PLAY RECAP
********************************************************************
host1 : ok=2 changed=0 unreachable=0 failed=0
expected behavior:
limiting to group-a returns
"msg": "deploying to /opt/app/a/"
actual behavior:
limiting to group-a returns
"msg": "deploying to /opt/app/b/"
In every other case where we've set a limit, ansible has pulled in the
proper group_vars file. Am I crazy to assume that limiting an inventory to
a particular group also limits the group_vars/ files ansible loads? I can't
think of a reason why you'd want other files (besides *all*) from
group_vars/ loaded if you've explicitly limited the inventory to a
particular group.
Is there a better way of going about this?
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/52a4f118-550b-445d-b544-7167c3fcc095%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
