Score:0

Ansible role, is it possible to define variables conditionally?

ng flag

I've got an Ansible role that use a lot of variables, and as those variables are conditioned after the server config (like what OS version it is using) my directory "MyRole/vars" is full of different files for different cases.

In "MyRole/vars" i have:

  • RedHat6_install.yml
  • Redhat7_install.yml
  • RedHat8_install.yml
  • RedHat6_uninstall.yml
  • RedHat7_uninstall.yml
  • RedHat8_uninstall.yml

And so on...

I was wondering if it is possible to group variables in one file and make a condition for it like:

main.yml:

    - uninstall_var_1
      when: >
            ansible_distribution_major_version == 6
    - uninstall_var_2
      when: >
            ansible_distribution_major_version == 7
    - uninstall_var_3
      when: >
            ansible_distribution_major_version == 8

and so on...
br flag
See [al_include_os_vars_path.yml](https://github.com/vbotka/ansible-lib/blob/master/tasks/al_include_os_vars_path.yml) how to use *first_found* and [al_include_os_vars_path_incr.yml](https://github.com/vbotka/ansible-lib/blob/master/tasks/al_include_os_vars_path_incr.yml) to include increments.
Score:0
cz flag

There are probably better ways to do this, and I look forward to seeing them, but what I'm currently doing looks a lot like this. Taken from a custom fail2ban role I'm using:

The vars look like this. I have vars files for each {{ansible_os_family}} and then overrides for any {{ansible_distribution}}_{{ansible_distribution_major_version}} that might need them.

$ ls -l
lrwxrwxrwx. 1 error error 24 May  7 07:51 fail2ban_os_CentOS_6.yml -> fail2ban_os_RedHat_6.yml
lrwxrwxrwx. 1 error error 22 May  7 07:51 fail2ban_os_CentOS.yml -> fail2ban_os_RedHat.yml
-rw-rw-r--. 1 error error 64 May  7 07:51 fail2ban_os_Debian.yml
-rw-rw-r--. 1 error error 64 May  7 07:51 fail2ban_os_Fedora.yml
-rw-rw-r--. 1 error error 62 May  7 07:51 fail2ban_os_RedHat_6.yml
-rw-rw-r--. 1 error error 64 May  7 07:51 fail2ban_os_RedHat.yml
-rw-rw-r--. 1 error error 62 May  7 07:51 fail2ban_os_Ubuntu_14.yml
-rw-rw-r--. 1 error error 65 May  7 07:51 fail2ban_os_Ubuntu.yml
$ cat fail2ban_os_Ubuntu.yml 
fail2ban_backend: systemd
fail2ban_banaction: iptables-multiport
$ cat fail2ban_os_Fedora.yml 
fail2ban_backend: systemd
fail2ban_banaction: firewallcmd-ipset

To load these files, roles/fail2ban/tasks/main.yml starts out like this:

---
- include_vars: fail2ban_os_{{ansible_os_family}}.yml
  ignore_errors: True

- include_vars: fail2ban_os_{{ansible_distribution}}_{{ansible_distribution_major_version}}.yml
  ignore_errors: True

Which means the variable files need not exist. Of course, if the variables needed are not defined somewhere, the later tasks will fail, and then you can go define whatever you missed.

To keep things consistent and maintainable, the general OS family vars files contain vars representing the most recent supported distros, and overrides for specific distro versions are for older distros.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.