You really should not try to include different playbooks based on
environment levels in my opinion, but keep different *variables* based
on those environments.
Different playbooks would most likely correspond to a branch in git, a
different playbook file, and likely a different inventory source file
(-i production or -i stage).
Using -i production -i stage works great when having a single playbook for both environment (ie: webservers.yml)
When there is a different set of tasks, what you are saying is to use something like : -i stage webservers_stage.yml ?
Also, how would you handle common tasks between stage and production?
Thanks !
The ideal stage stage environment is a model of a production, and only
differs in terms of groupvars/ and hostvars/ files.
You can also target plays super easily too:
hosts: webservers:&stage
all webservers in stage
hosts: webservers:!production
all webservers not in production
So you could have a small play in your playbook (webservers.yml) that
just pays attention to the group.
Remember a playbook can include more than 1 play, and it becomes
easier to do things like this.
Targeting plays this way is great. I am having a single yml file and still can address specific
tasks to specific hosts. Thanks!
There is one thing that do not work with our set up though.
In /common we keep generic playbooks like this one:
install_x.yml
- hosts: Debian_6_x86_64
tasks:
- include: “X_install_debian.yml”
The idea is to have OS agnostic ready to use common playbooks.
We use them by calling
-
hosts: webservers:&prod
user: root
tasks:
-
group_by: key=“${ansible_lsb.id}${ansible_lsb.major_release}${ansible_machine}”
-
include : common/install_x.yml
The problem is that if later in the file, we set up a new group_by
- hosts: webservers:&stage
user: root
tasks:
- group_by: key=“${ansible_lsb.id}${ansible_lsb.major_release}${ansible_machine}”
- include : common/install_x.yml
The group Debian_6_x86_64 will be composed by webservers:&prod AND webservers:&stage
I realise this could be a group_by bug/feature. In another way having to re-create a group using group_by seems a little heavy.
I am very open to any suggestions that would make possible this very purpose: generic reusable playbooks with os type separated tasks.
Thanks again for your time.
Seb
One way to fix this in your case, would be to change
- group_by:
key="${ansible_lsb.id}_${ansible_lsb.major_release}_${ansible_machine}"
To:
- group_by:
key="stage-${ansible_lsb.id}_${ansible_lsb.major_release}_${ansible_machine}"
You can also decide to target just stage or prod in an easier way by
keeping seperate inventory
ansible-playbook foo.yml -i stage
which is a less risky version of:
ansible-playbook foo.yml --limit stage
because if you leave off the limit, it would run on both, and that
would be bad