Skip to content

Instantly share code, notes, and snippets.

@luckylittle

luckylittle/group_vars.md

Created October 22, 2019 12:10
Show Gist options
  • Save luckylittle/3aa30619b53e1ae54555cb9ede868a80 to your computer and use it in GitHub Desktop.
Save luckylittle/3aa30619b53e1ae54555cb9ede868a80 to your computer and use it in GitHub Desktop.
Download ZIP
Ansible group_vars with alternative directory layout and vault
Raw
group_vars.md

https://docs.ansible.com/ansible/latest/user_guide/playbooks_best_practices.html#alternative-directory-layout

Tested on Red Hat Ansible v2.8.5

├── group_vars
│   └── all
│       └── vars.yml
├── inventories
│   ├── production
│   │   ├── group_vars
│   │   │   └── all
│   │   │       ├── vars.yml
│   │   │       └── vault.yml
│   │   └── hosts
│   └── test
│       ├── group_vars
│       │   └── all
│       │       ├── vars.yml
│       │       └── vault.yml
│       └── hosts
└── site.yml
  • site.yml:
---
- hosts: production
  gather_facts: false
  become: false
  tasks:
    - name: 1.0 | This var is coming from production
      debug:
        msg: "{{ test_var }}"
    - name: 1.1 | This secret is coming from production
      debug:
        msg: "{{ secret }}"

- hosts: test
  gather_facts: false
  become: false
  tasks:
    - name: 2.0 | This var is coming from test
      debug:
        msg: "{{ test_var }}"
    - name: 2.1 | This secret is coming from test
      debug:
        msg: "{{ secret }}"
  • group_vars/all/vars.yml:
test_var: global_group_vars
  • inventories/production/group_vars/all/vars.yml:
test_var: production
  • inventories/production/group_vars/all/vault.yml:
secret: secret-production
  • inventories/production/hosts:
[production]
localhost connection=local
  • inventories/test/group_vars/all/vars.yml:
test_var: test
  • inventories/test/group_vars/all/vault.yml:
secret: secret-test
  • inventories/test/hosts:
[test]
localhost connection=local

Results:

  • production with global group_vars
ansible-playbook -i inventories/production -k site.yml
PLAY [production] ***********************************************************************************************************************************************************

TASK [1.0 | This var is coming from production] *****************************************************************************************************************************
ok: [localhost] => {
    "msg": "global_group_vars"
}

TASK [1.1 | This secret is coming from production] **************************************************************************************************************************
ok: [localhost] => {
    "msg": "secret-production"
}
 [WARNING]: Could not match supplied host pattern, ignoring: test


PLAY [test] *****************************************************************************************************************************************************************
skipping: no hosts matched
  • test with global group_vars
ansible-playbook -i inventories/test -k site.yml
PLAY [production] ***********************************************************************************************************************************************************
skipping: no hosts matched

PLAY [test] *****************************************************************************************************************************************************************

TASK [2.0 | This var is coming from test] ***********************************************************************************************************************************
ok: [localhost] => {
    "msg": "global_group_vars"
}

TASK [2.1 | This secret is coming from test] ********************************************************************************************************************************
ok: [localhost] => {
    "msg": "secret-test"

Removed global group_vars (rm -rf group_vars)

  • production without global group_vars
ansible-playbook -i inventories/production -k site.yml
PLAY [production] ***********************************************************************************************************************************************************

TASK [1.0 | This var is coming from production] *****************************************************************************************************************************
ok: [localhost] => {
    "msg": "production"
}

TASK [1.1 | This secret is coming from production] **************************************************************************************************************************
ok: [localhost] => {
    "msg": "secret-production"
}
 [WARNING]: Could not match supplied host pattern, ignoring: test


PLAY [test] *****************************************************************************************************************************************************************
skipping: no hosts matched
  • test without global group_vars
ansible-playbook -i inventories/test -k site.yml
PLAY [production] ***********************************************************************************************************************************************************
skipping: no hosts matched

PLAY [test] *****************************************************************************************************************************************************************

TASK [2.0 | This var is coming from test] ***********************************************************************************************************************************
ok: [localhost] => {
    "msg": "test"
}

TASK [2.1 | This secret is coming from test] ********************************************************************************************************************************
ok: [localhost] => {
    "msg": "secret-test"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment