Application Configuration Variables
Ansible has many scopes to store a variable state/value enabling flexibility for configurations in a hardware/virtual machine inventory.
At the time of playbook execution, Ansible applies variable precedence to derive the value/state for a given variable.
Ansible observes an order of precedence to derive the value for a variable.
Basically, a variable definition higher in the precedent list will override the lower level variable setting.
E.g. A variable in the defaults folder inside a role is easily overridden since it resides much lower in the order of precedence. A variable defined in the vars directory of the role overrides previous versions of that variable in the namespace. Host and/or inventory variables override role defaults, but explicit includes such as the vars directory or an include_vars
task override inventory variables. [1].
Suppose we have a group of applications for a given VM, each with it own set of configuration parameters.
For example, consider a stack of applications running on a docker machine.
Take the following docker-compose example:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
version: '3'
services:
web:
image: ansible/awx:18.
container_name: awx_web
depends_on:
- redis
- postgres
ports:
- "80:8052"
hostname: awxweb
user: root
restart: unless-stopped
volumes:
- supervisor-socket:/var/run/supervisor
- rsyslog-socket:/var/run/awx-rsyslog/
- rsyslog-config:/var/lib/awx/rsyslog/
- "~/.awx/awxcompose/SECRET_KEY:/etc/tower/SECRET_KEY"
- "~/.awx/awxcompose/environment.sh:/etc/tower/conf.d/environment.sh"
- "~/.awx/awxcompose/credentials.py:/etc/tower/conf.d/credentials.py"
- "~/.awx/awxcompose/nginx.conf:/etc/nginx/nginx.conf:ro"
- "~/.awx/awxcompose/redis_socket:/var/run/redis/:rw"
environment:
http_proxy:
https_proxy:
no_proxy:
task:
image: ansible/awx:17.1.0
container_name: awx_task
depends_on:
- redis
- web
- postgres
command: /usr/bin/launch_awx_task.sh
hostname: awx
user: root
restart: unless-stopped
volumes:
- supervisor-socket:/var/run/supervisor
- rsyslog-socket:/var/run/awx-rsyslog/
- rsyslog-config:/var/lib/awx/rsyslog/
- "~/.awx/awxcompose/SECRET_KEY:/etc/tower/SECRET_KEY"
- "~/.awx/awxcompose/environment.sh:/etc/tower/conf.d/environment.sh"
- "~/.awx/awxcompose/credentials.py:/etc/tower/conf.d/credentials.py"
- "~/.awx/awxcompose/redis_socket:/var/run/redis/:rw"
environment:
AWX_SKIP_MIGRATIONS: "1"
http_proxy:
https_proxy:
no_proxy:
SUPERVISOR_WEB_CONFIG_PATH: '/etc/supervisord.conf'
redis:
image: redis
container_name: awx_redis
restart: unless-stopped
environment:
http_proxy:
https_proxy:
no_proxy:
command: ["/usr/local/etc/redis/redis.conf"]
volumes:
- "~/.awx/awxcompose/redis.conf:/usr/local/etc/redis/redis.conf:ro"
- "~/.awx/awxcompose/redis_socket:/var/run/redis/:rw"
postgres:
image: postgres:12
container_name: awx_postgres
restart: unless-stopped
volumes:
- "~/.awx/pgdocker/12/data/:/var/lib/postgresql/data:Z"
environment:
POSTGRES_USER: awx
POSTGRES_PASSWORD: pgpass
POSTGRES_DB: awx
http_proxy:
https_proxy:
no_proxy:
volumes:
supervisor-socket:
rsyslog-socket:
rsyslog-config:
|
References
[1]
https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#understanding-variable-precedence