Hi all
I’m having trouble using all the above variables to get a reliable set of variables that describe a configuration and I would love to hear your thoughts.
Each service I’m provisioning has the same structure:
-
A generic role with installation and configuration tasks
-
Role variables with variables that I don’t care to override (convenience variables, pkg deps, etc)
-
Role default variables for sensible defaults
-
Group vars overrides of role defaults
-
(rare) Host vars overrides of group vars
What I need later working is this:
-
Provisioning a server
-
Reconfiguring the service on the server
-
Configuring clients to the service on different machines
-
Running independent maintenance tasks on the server, using the service’s config info
The first two work really well with this structure. The other two don’t. The problems I have are these:
-
Role variables aren’t accessible when the role is not included, so there isn’t a way to get all the role’s info on subsequent ansible runs. Every variable that’s not overridden in inventory simply can’t be used.
-
There isn’t a reliable way to get the “group’s” configuration, while still being able to maintain servers with exceptions to the general configuration.
Of the above, the first one is obviously the bigger and more important.
My only idea of solving the service vars problem is having a task at the end of the role run that dumps all the role’s config vars into a local facts file. I’d then use ansible_local.mongodb.mongod_replset_name instead of mongod_replset_name throughout my mongo scripts that aren’t a part of the role. This seems dirty though - having two names for the variable (one the role/inventory, one in local facts), one used in the role and one outside of it, while the shorter and more intuitive one being the one I shouldn’t use as I can’t guarantee its availability. Not to mention the risk of them somehow drifting. Same problem if I store them in a service discovery db like consul or etcd.
The second problem is mostly solved with fact caching, the current problems with exceptions is more of a nuisance than an actual blocker for me.
Does anyone have any idea how to tackle this? Am I modeling this wrong? I’d love ideas on both problems.
Thanks a lot