How to specify an environment (dev,stage, prod) within playbook so win_lineinfile can insert applicable variable
575 views
Skip to first unread message
java_cat33
Jul 19, 2018, 5:04:00 PM7/19/18
to Ansible Project
Due to a lot of complexities we currently clone our prod systems into a dev and test environment (each environment is completely isolated). I've got Ansible running currently in the dev environment where I've built a bunch of plays.
We're about to deploy the changes made in the dev environment to the test environment - will need to build a new Ansible box - this will have access to the same source control for where the current plays are stored for the dev environment.
The hostnames and IP's are identical in dev/test and prod (for this project).
In one of the playbooks I need to use the win_lineinfile module to insert/replace a line of code in a web.config file - the code that needs to be inserted I want based upon an environment variable (dev, test or prod) so this play can be used in dev/stage and prod. Each environment would need a different section of code in the web.config file.
E.G dev = devintegration.server.example
test = testintegration.server.example
I'm not too sure on how to go about this....
I'm currently running the plays manually - but my next step is to then build projects and run them via AWX.
Karl Auer
Jul 19, 2018, 6:36:28 PM7/19/18
to ansible...@googlegroups.com
Not sure how others do it, but I have vars files called e.g. project_dev.yaml, project_prod.yaml. I load these where needed via include_vars, specifying the file as e.g. "project_{{ env }}.yaml"
Then I specify the environment on the command line using -e, e.g. "-e env=prod"
This has the added advantage of preventing the playbook from running at all if I forget the env variable or if I provide one that doesn't having a matching vars file.
Plus you can (if you want to) refer to the "env" variable in conditions.
Regards, K.
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscribe@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/6ff2a7d1-df01-456d-ab33-80bf5151bb26%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
Karl Auer
Email : ka...@2pisoftware.com
Website: http://2pisoftware.com
GPG/PGP : 958A 2647 6C44 D376 3D63 86A5 FFB2 20BC 0257 5816
Previous: F0AB 6C70 A49D 1927 6E05 81E7 AD95 268F 2AB6 40EA
Email : ka...@2pisoftware.com
Website: http://2pisoftware.com
GPG/PGP : 958A 2647 6C44 D376 3D63 86A5 FFB2 20BC 0257 5816
Previous: F0AB 6C70 A49D 1927 6E05 81E7 AD95 268F 2AB6 40EA
java_cat33
Jul 19, 2018, 6:59:53 PM7/19/18
to Ansible Project
Thanks for your response Karl - that sounds like a clever way of doing it that I'll also try.
Do you also use AWX or Tower? If so - can this environment also be specified when running a play via AWX/Tower?
On Friday, July 20, 2018 at 10:36:28 AM UTC+12, Karl Auer wrote:
Not sure how others do it, but I have vars files called e.g. project_dev.yaml, project_prod.yaml. I load these where needed via include_vars, specifying the file as e.g. "project_{{ env }}.yaml"Then I specify the environment on the command line using -e, e.g. "-e env=prod"This has the added advantage of preventing the playbook from running at all if I forget the env variable or if I provide one that doesn't having a matching vars file.Plus you can (if you want to) refer to the "env" variable in conditions.Regards, K.
On Fri, Jul 20, 2018 at 7:04 AM, java_cat33 <ltd...@gmail.com> wrote:
Due to a lot of complexities we currently clone our prod systems into a dev and test environment (each environment is completely isolated). I've got Ansible running currently in the dev environment where I've built a bunch of plays.We're about to deploy the changes made in the dev environment to the test environment - will need to build a new Ansible box - this will have access to the same source control for where the current plays are stored for the dev environment.The hostnames and IP's are identical in dev/test and prod (for this project).In one of the playbooks I need to use the win_lineinfile module to insert/replace a line of code in a web.config file - the code that needs to be inserted I want based upon an environment variable (dev, test or prod) so this play can be used in dev/stage and prod. Each environment would need a different section of code in the web.config file.E.G dev = devintegration.server.exampletest = testintegration.server.exampleI'm not too sure on how to go about this....I'm currently running the plays manually - but my next step is to then build projects and run them via AWX.
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/6ff2a7d1-df01-456d-ab33-80bf5151bb26%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Karl Auer
Jul 19, 2018, 10:55:13 PM7/19/18
to ansible...@googlegroups.com
Sorry, can't speak about AWX or Tower, I don't know anything about them.
In an automated scenario, you could also generate Ansible code and execute the generated playbooks.
Regards, K.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscribe@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/0afa4513-0d3e-4843-a205-1f25dbdf60c1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Pshem Kowalczyk
Jul 20, 2018, 12:33:48 AM7/20/18
to ansible...@googlegroups.com
We use a similar setup (in our case the variable is called 'domain') with Tower. You can easily specify additional variables with each template you want to run.
In our case, as we have a number of systems that require logins - we use custom credentials, which can supply any variables.
kind regards
Pshem
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/0afa4513-0d3e-4843-a205-1f25dbdf60c1%40googlegroups.com.
J Hawkesworth
Jul 23, 2018, 8:45:53 AM7/23/18
to Ansible Project
I use group_vars for this.
This way when you pick a different inventory you immediately not only access a whole different group of machines, but get all the correct settings for each environment.
in each environment I have a different inventory and in the inventory, all my groups of hosts are added as child groups of a group which contains group variables for this environment.
Here's a simplified example.
$ cat dev.inventory
# dev inventory
[appservers]
host3
host4
[dbservers]
host5
host6
[webservers]
host1
host2
# add host groups to environment-specific group for dev
[dev_group:children]
appservers
dbservers
webservers
## end of dev inventory$ cat test.inventory
# test inventory
[appservers]
host3
host4
[dbservers]
host5
host6
[webservers]
host1
host2
# add host groups to environment-specific group for test environment
[test_group:children]
appservers
dbservers
webservers
# end of test inventory$ cat group_vars/dev_group/settings
---
endpoint_server: devintegration.server.example
$ cat group_vars/test_group/settings
---
endpoint_server: testintegration.server.example
This way when you pick a different inventory you immediately not only access a whole different group of machines, but get all the correct settings for each environment.
Hope this helps,
Jon
Karl Auer
Jul 23, 2018, 8:50:05 AM7/23/18
to ansible...@googlegroups.com
And how do you "pick a different inventory"? with -i on the command line?
Regards, K.
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscribe@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/7f925b52-dd7d-45a2-bfd0-89ec4f6d33a0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
J Hawkesworth
Jul 23, 2018, 8:54:04 AM7/23/18
to Ansible Project
Sometimes, but like OP I have a different ansible machine in each environment so you can set ANSIBLE_INVENTORY=inventory in user profile too.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/7f925b52-dd7d-45a2-bfd0-89ec4f6d33a0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
java_cat33
Jul 23, 2018, 4:27:12 PM7/23/18
to Ansible Project
Thanks for your response Pshem - might have more questions after I get some projects configured....
java_cat33
Jul 23, 2018, 4:29:32 PM7/23/18
to Ansible Project
Thanks Jon - that sounds like another good way of doing it. Could you also combine this into a similar method as mentioned by Karl where an environment must be specified otherwise the plays won't run?
java_cat33
Jul 23, 2018, 5:44:14 PM7/23/18
to Ansible Project
Thinking about this some more - my only concern is a few tasks in the plays depending on the environment - so both methods mentioned above will work fine... I could just have a condition specified in the play for specific tasks.
Is this what you'd normally do?
As an example - in the DEV environment I need to delete a DFS target and re-create it with a different target path - I only want this to be actioned for DEV.
Karl Auer
Jul 23, 2018, 5:52:27 PM7/23/18
to ansible...@googlegroups.com
Regardless of whether you do it with groups or or not, you can always define a variable in one environment and not in another and use a "when.. is defined" condition or similar to decide whether to do something. If you need more granularity, give the variable different values and test the actual value in your when condition.
For something that could be destructive in a production environment, I suggest you try to find a method that will stop your playbook running at all if you forget something, or make sure your default is the non-destructive path. That's why I like my env variable, because the playbook can't run if I forget it altogether. Of course, it still doesn't help me if I accidentally type "prod" instead of "dev"! I get around that by not running my playbooks directly. Instead I use a script that double checks me if I say "prod". It's saved me more than once :-)
Regards, K.
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscribe@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/3b897bfc-6de6-4eaa-a9b7-ca4404880993%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
java_cat33
Jul 23, 2018, 7:20:01 PM7/23/18
to Ansible Project
I do like the safe guard of specifying the environment when running the play - pretty new to Ansible so mistakes could easily happen.
Do you include the vars file within the playbook sub-directory or within a global inventory sub-directory? E.G inventory --> vars --> all -->> project_dev.yaml
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/3b897bfc-6de6-4eaa-a9b7-ca4404880993%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Karl Auer
Jul 23, 2018, 7:27:48 PM7/23/18
to ansible...@googlegroups.com
I have my environment vars file in the playbook directory for the project, but Ansible is very flexible. I'm not sure how you would do it with groups.
There's an argument for NOT putting it anywhere that Ansible can find automatically; that way you force it to be specified explicitly.
Regards, K.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscribe@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/0ee51777-59c7-427b-96ce-e9367e6853d5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
java_cat33
Aug 1, 2018, 5:03:28 AM8/1/18
to Ansible Project
I've added a few variables into the dev.yml file - this is being called via include_vars.
I have a few lines of powershell I want to run via win_shell...... can I user the variable within dev.yml in the win_shell command?
E.G (within dev.yml)
source_repo = \\server1\repo$
within win_shell module.... get-childitem -path " {{ source_repo ))" ....blah blah
So far I'm getting an error about "source repo" being an undefined variable.
java_cat33
Aug 1, 2018, 5:11:23 AM8/1/18
to Ansible Project
OK i just noticed something obvious below - source_repo should just reference a server, need an addtional variable for the path on the server.
I still need to know whether it's possible to use variables within a playbook and reference them in a powershell command via win_shell.
java_cat33
Aug 1, 2018, 5:34:14 AM8/1/18
to Ansible Project
Sorry - I'm mistaken. My original code is fine referencing the UNC path of remote server.
Reply all
Reply to author
Forward
0 new messages