Understanding var file placements and autoloads
33 views
Skip to first unread message
Colin Byrne
Dec 22, 2015, 10:56:13 PM12/22/15
to Ansible Project
I have two questions regarding variable behavior, given my file structure
First: Why does a task in /roles/provision_ec2/main.yml not automatically load a dictionary (or any list I presume) from /roles/provision_ec2/vars/developer_list.yml? Obviously vars/main.yml is going to get extremely crowded over time, do I have to load any var file not named 'main.yml' manually?
My file structure is like so:
/roles
/common
/provision_ec2
/vars
/main.yml
/developer_list.yml
/tasks
/main.yml
/group_vars
/all
/settings.yml
/productionFirst: Why does a task in /roles/provision_ec2/main.yml not automatically load a dictionary (or any list I presume) from /roles/provision_ec2/vars/developer_list.yml? Obviously vars/main.yml is going to get extremely crowded over time, do I have to load any var file not named 'main.yml' manually?
Second: If I have added /group_vars/all/settings.yml to the ansible-vault, and run a playbook which doesn't call any variables from that file, I have realized I need to put in the vault password every time. It of course makes sense to me why this happens (because /all is loaded every time), but is still annoying. Is there a better way to structure my directories to avoid putting the password in every time? Or do I need to just keep it in another directory and manually load it when necessary?
Thanks a lot for the help.
Brian Coca
Dec 23, 2015, 10:34:14 AM12/23/15
to Ansible Project
>
> First: Why does a task in /roles/provision_ec2/main.yml not automatically
> load a dictionary (or any list I presume) from
> /roles/provision_ec2/vars/developer_list.yml? Obviously vars/main.yml is
> going to get extremely crowded over time, do I have to load any var file not
> named 'main.yml' manually?
it does, as long as oyoou import the role, if you are using an include
> First: Why does a task in /roles/provision_ec2/main.yml not automatically
> load a dictionary (or any list I presume) from
> /roles/provision_ec2/vars/developer_list.yml? Obviously vars/main.yml is
> going to get extremely crowded over time, do I have to load any var file not
> named 'main.yml' manually?
directly to tasks/main.yml you bypass role semantics and it won't get
loaded.
> Second: If I have added /group_vars/all/settings.yml to the ansible-vault,
> and run a playbook which doesn't call any variables from that file, I have
> realized I need to put in the vault password every time. It of course makes
> sense to me why this happens (because /all is loaded every time), but is
> still annoying. Is there a better way to structure my directories to avoid
> putting the password in every time? Or do I need to just keep it in another
> directory and manually load it when necessary?
it does not decrypt the file to see which variables it has?
If you don't want a vault used in every play, don't put it in
inventory, reference it in vars_files: in the plays that need it or
set it in a group_vars dir adjacent to the plays that need it.
--
Brian Coca
Reply all
Reply to author
Forward
0 new messages