I have the exact same issue with my nagios generation experiment (
here if anyones interested - https://github.com/rasputnik/ansible-autonagios/issues/2 I use a sub-template per group to assemble a single .cfg per host, see the bottom of https://github.com/rasputnik/ansible-autonagios/blob/master/roles/autonagios/templates/host-template.cfg.j2 ) set_fact within other roles sounds a bit intrusive, but there has to be some binding between the roles and their service check templates anyway. At least this way it's clear to see which role vars are used by the templates. Big downside to this approach is the requirement to stick your nagios role at the end of the play. Not just from a speed perspective; I've had issues in the past with hostvars where a downed machine will break the play and it will be even harder to workaround with all this inter-host dependency. I'm probably going to go with group_vars/ to solve this; my checks are group-based, the other roles can use the same vars which prevents drift, and since all vars used by Nagios are now inventory based I don't need to touch any other hosts during the play. On 27 October 2016 at 16:37, <[email protected]> wrote: > Hi, > I'd like for roles I assign to a host to append some data to this hosts > configuration, facts, or something else, readable by other roles. > > To be concrete, a web server role should specify config for local_firewall, > router_firewall and nagios_server roles > Right now if I add a web server role to a machine, I have to edit its > host_vars by hand, and add something like (simplified): > > firewall: > tcp: > http: 80 > https: 443 > > nagios: > groups: > - http > - ssh > > checks: > - ping > > (nagios dict is read by nagios_server role running on a separate machine, > and firewall config is read by a local iptables role but also by a > router/firewall/NAT role also running on a separate machine) > > Central repetitive config I need to update per-role is inconvenient by > itself, but with more roles it gets very messy, I'm supposing I'm not the > only one dealing with this, so I'd like to ask about the best practices? > > I know about role dependencies but these don't work remotely (router/nagios) > and I don't want to append to some state from 5000 roles, I think I should > be able to generate this state on demand. > > and I know about set_fact in roles, but using it would again mean that I > have to run all the roles on all machines because "These variables will be > available to subsequent plays during an ansible-playbook run, but will not > be saved across executions" and also, I'd like to append to the config (a > let's say firewall dict?), and not rewrite it entirely with each set_fact > > Am I missing something? How should I approach this? > Thanks! > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/8cb96e49-4605-4f2d-8183-7a0ab3547cf8%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAK5eLPQFXrAF%2BuzxdCDtkXOPHWimqM9zHCjgkdiHcnYcHB4qPw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
