Ansible methods for configuring application variables

Application Configuration Variables

Ansible has many scopes to store a variable state/value enabling flexibility for configurations in a hardware/virtual machine inventory.

At the time of playbook execution, Ansible applies variable precedence to derive the value/state for a given variable.

Ansible observes an order of precedence to derive the value for a variable.

Basically, a variable definition higher in the precedent list will override the lower level variable setting.

E.g. A variable in the defaults folder inside a role is easily overridden since it resides much lower in the order of precedence. A variable defined in the vars directory of the role overrides previous versions of that variable in the namespace. Host and/or inventory variables override role defaults, but explicit includes such as the vars directory or an include_vars task override inventory variables. [1].

Suppose we have a group of applications for a given VM, each with it own set of configuration parameters.

For example, consider a stack of applications running on a docker machine.

Take the following docker-compose example:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86


version: '3'
services:

  web:
    image: ansible/awx:18.
    container_name: awx_web
    depends_on:
      - redis
      - postgres
    ports:
      - "80:8052"
    hostname: awxweb
    user: root
    restart: unless-stopped
    volumes:
      - supervisor-socket:/var/run/supervisor
      - rsyslog-socket:/var/run/awx-rsyslog/
      - rsyslog-config:/var/lib/awx/rsyslog/
      - "~/.awx/awxcompose/SECRET_KEY:/etc/tower/SECRET_KEY"
      - "~/.awx/awxcompose/environment.sh:/etc/tower/conf.d/environment.sh"
      - "~/.awx/awxcompose/credentials.py:/etc/tower/conf.d/credentials.py"
      - "~/.awx/awxcompose/nginx.conf:/etc/nginx/nginx.conf:ro"
      - "~/.awx/awxcompose/redis_socket:/var/run/redis/:rw"
    environment:
      http_proxy: 
      https_proxy: 
      no_proxy: 

  task:
    image: ansible/awx:17.1.0
    container_name: awx_task
    depends_on:
      - redis
      - web
      - postgres
    command: /usr/bin/launch_awx_task.sh
    hostname: awx
    user: root
    restart: unless-stopped
    volumes:
      - supervisor-socket:/var/run/supervisor
      - rsyslog-socket:/var/run/awx-rsyslog/
      - rsyslog-config:/var/lib/awx/rsyslog/
      - "~/.awx/awxcompose/SECRET_KEY:/etc/tower/SECRET_KEY"
      - "~/.awx/awxcompose/environment.sh:/etc/tower/conf.d/environment.sh"
      - "~/.awx/awxcompose/credentials.py:/etc/tower/conf.d/credentials.py"
      - "~/.awx/awxcompose/redis_socket:/var/run/redis/:rw"
    environment:
      AWX_SKIP_MIGRATIONS: "1"
      http_proxy: 
      https_proxy: 
      no_proxy: 
      SUPERVISOR_WEB_CONFIG_PATH: '/etc/supervisord.conf'

  redis:
    image: redis
    container_name: awx_redis
    restart: unless-stopped
    environment:
      http_proxy: 
      https_proxy: 
      no_proxy: 
    command: ["/usr/local/etc/redis/redis.conf"]
    volumes:
      - "~/.awx/awxcompose/redis.conf:/usr/local/etc/redis/redis.conf:ro"
      - "~/.awx/awxcompose/redis_socket:/var/run/redis/:rw"

  postgres:
    image: postgres:12
    container_name: awx_postgres
    restart: unless-stopped
    volumes:
      - "~/.awx/pgdocker/12/data/:/var/lib/postgresql/data:Z"
    environment:
      POSTGRES_USER: awx
      POSTGRES_PASSWORD: pgpass
      POSTGRES_DB: awx
      http_proxy: 
      https_proxy: 
      no_proxy: 


volumes:
  supervisor-socket:
  rsyslog-socket:
  rsyslog-config:

References

[1] https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#understanding-variable-precedence