GOAL

To organize our Ansible Repository, to easily merge all in one.

Ansible Command

For staging environment:

    ansible-playbook -i inventory/staging playbook/site.yml

For production environment:

    ansible-playbook -i inventory/production playbook/site.yml

For test environment:

    ansible-playbook -i inventory/test playbook/site.yml

repository organization

Inventory/                # here we store our inventory file

   production             # inventory file for production servers

   staging                 # inventory file for staging environment

   test                # inventory file for test environment


 

group_vars/

production/

generic                # here we assign variables to generic groups

   comanage               # here we assign variables to comanage groups

   teip                   # here we assign variables to TEIP groups

   loadbalancer           # here we assign variables to loadbalance groups

   vault                  # Vault file, to store password and secret informations   

staging/

...

test/

...

 

host_vars/

   hostname1              # if systems need specific variables, put them here

   hostname2              # ""

  

playbook/

   site.yml                  # master playbook

   webservers.yml            # playbook for webserver tier

   dbservers.yml             # playbook for dbserver tier

 

roles/

    generic/               # this hierarchy represents a "role"

        tasks/            #

            main.yml      #  <-- tasks file can include smaller files if warranted

        handlers/         #

            main.yml      #  <-- handlers file

        templates/        #  <-- files for use with the template resource

            ntp.conf.j2   #  <------- templates end in .j2

        files/            #

            bar.txt       #  <-- files for use with the copy resource

            foo.sh        #  <-- script files for use with the script resource

        vars/             #

            main.yml      #  <-- variables associated with this role

        defaults/         #

            main.yml      #  <-- default lower priority variables for this role

        meta/             #

            main.yml      #  <-- role dependencies

 

repository organization

To separate environment vars, we can use a variable inside inventory file to switch in each repository:

Inventory/staging

TEIP

192.168.1.[2:3]

...

...

...

[all:vars]

environment=staging

playbook

- name: a generic playbook

vars_files:

- ../group_vars/{{environment}}/generic.yml

become: yes

remote_user: root

roles:

- roles/generic

 

Ansible take "environment" variable directly from inventory file. For each environment, there is a "environment" varible with its value ("production", "staging" or "test")

 

work in progress..

 


  • No labels

4 Comments

  1. Niels van Dijk

    The how to keep different secrets per platform (prod/stagin/test)?

  2. Niels van Dijk

    This setup seems to require a roles_path in ansible.cfg

    to make this work (http://docs.ansible.com/ansible/intro_configuration.html#roles-path)

  3. Niels van Dijk

    Ansible seems unhappy about the use of environment as that is an 'internal' variable:

     [WARNING]: The variable 'environment' appears to be used already, which is also used internally for environment variables set on the task/block/play. You should use a different variable name to avoid conflicts with this
    internal variable

    I propose we rename our variable to "platform"

     

     

     

    1. Simone Visconti

      agree