How to Define Variables in Playbook

Variables

Variables Defined in a Playbook
Variables can be defined with some custom value in playbook as shown below. These variables can be used in the playbook by enclosing variable name in {{varname}}.
$ cat db.yml
- hosts: dbservers
become: yes
vars:
dbname: devops
dbuser: mint
dbpass: 12345
tasks:
- name: Ensure mysql server installed
yum: name=mysql-server state=present
- name: Ensure mysql running
service: name=mysqld state=started
- name: Ensure MySQL-python is installed
yum: name=MySQL-python state=present
- name: Create Database
mysql_db: name={{dbname}} state=present
- name: Create user named mint
mysql_user: name={{dbuser}} password={{dbpass}} priv='*.*:ALL'state=present
Variables in group_vars & host_vars
These variables are inventory specific and can only be accessed by host & groups from the inventory located in current directory. You can have multiple inventory in separate directory structure as shown below. Every inventory may have its own group_vars & host_vars directory where we store variables.

Directory layout

production/ ├──group_vars │└──all └──inventory
staging/ ├──group_vars │└──all └──inventory
Variables can be defined into a directory structure. group_vars holds variables that can be used by all the groups. host_vars holds variable specific to the hostname.
1. group_vars/all will contain variables that can be used by all the hosts from the inventory file.
2. group_vars/dbservers variables will be only accessible for the dbservers group and not any other host or group from inventory.
3. host_vars/web1 variables will be only accessible for the web1 host and not any other host from the inventory file.
$ mkdir group_vars
$ vi group_vars/all
# Common Variables for all hosts in the inventory
user: tesla
group: electric
pass: 12345

$ vi group_vars/dbservers
# Variables exposed for the group named dbservers from the inventory file.
dbname: devops
dbuser: mint
dbpass: 12345

$ mkdir host_vars
$ vi host_vars/web1
# Variables exposed for the host named web1 from the inventory file.
user: edison
group: electric
pass: 12345
If we try to access user variable for db1 its value will come from group_vars/all file.

$ ansible -m user -a "name={{user}} password={{pass}}"--sudo db1
"changed": true,
"comment": "",
"createhome": true,
"group": 1002,
"home": "/home/tesla",
"name": "tesla",
"password": "NOT_LOGGING_PASSWORD",
"shell": "",
"state": "present",
"system": false,
"uid": 1002
}
For web1 host we created variables in host_vars/web1. host_vars variable will high higher precedence, so it will ignore user variable from group_vars/all file and pickup value from host_vars/web1 file.

$ ansible -m user -a "name={{user}} password={{pass}}"--sudo web1
web1 | SUCCESS =>{
"changed": true,
"comment": "",
"createhome": true,
"group": 1002,
"home": "/home/edison",
"name": "edison",
"password": "NOT_LOGGING_PASSWORD",
"shell": "",
"state": "present",
"system": false,
"uid": 1002
}

Including Playbooks

Documented by srinivas.
In site.yml, we call other playbooks. Note this is SUPER short, because it’s just including some other playbooks. Remember, playbooks are nothing more than lists of plays:
$ cat site.yml ---
# file: site.yml
- include: webservers.yml
- include: dbservers.yml

Store Output of a command
Register module is used to store output of any module/command and store it into a variable.
---
- hosts: webservers
become: yes
tasks:
- shell: /usr/bin/whoami
register: username
- file: path=/tmp/info.txt owner={{username}}
shell module is used to run Linux shell commands register: username will store the output of shell command in username variable. File module here is assigning ownership to file /tmp/info.txt
Debug module
Debug module is used to print messages or variable values while playbook execution. It helps finding the problem if the variable values are not properly assigned or accessed.
$ cat deb.yml
---
- hosts: all
vars:
http_port: 8087
username: cassini
tasks:
- debug: msg="Inventory hostnames are {{inventory_hostname}}"
- debug: msg="Port variable is {{http_port}} &username is {{username}}"

$ ansible-playbook deb.yml
PLAY [all] ***********************************************************************
TASK [Gathering Facts] ***********************************************************
ok: [web1]
ok: [db1]

TASK [debug] *********************************************************************
ok: [web1] =>{
"changed": false,
"msg": "Inventory hostnames are web1"
}
ok: [db1] =>{
"changed": false,
"msg": "Inventory hostnames are db1"
}

TASK [debug] *********************************************************************
ok: [web1] =>{
"changed": false,
"msg": "Port variable is 8087 &username is cassini"
}
ok: [db1] =>{
"changed": false,
"msg": "Port variable is 8087 &username is cassini"
}

Prompting for Input
Take user input while executing playbook with vars_prompt and store into a variable as shown below.
$ cat prompt.yml
---
- hosts: dbservers
vars:
http_port: 8087
username: cassini
vars_prompt:
- name: "dbpass"
prompt: "Enter password for database."
tasks:
- debug: msg="DB password is {{dbpass}}"

$ ansible-playbook prompt.yml
Enter password for database.:
PLAY [dbservers] *****************************************************************
TASK [Gathering Facts] ***********************************************************
ok: [db1]
TASK [debug] *********************************************************************
ok: [db1] =>{
"changed": false,
"msg": "DB password is deltaq123"
}

Handlers
Handlers are special kind of tasks. In first glimpse, it will look exactly like any other task but the difference is in the execution. Tasks as we have seen so far gets executed as we run our playbook but handlers being in same playbook will only get executed when it gets notified. Notification would be sent from the task if the state of the task is changed: true.
For example, if we copy a file using copy module it gets copied if the destination file is different or not present. In this case the state of the task is changed: true but if the destination file is same as source then the file does not get overwritten and state would be changed: false.
So, if we are notifying a handler from such task the handler will get notified only if the file is copied or else it will not send a notification.
$ cat handler.yml
---
- hosts: webservers
become: yes
tasks:
- name: Copy the website config file
copy: src=httpd.conf dest=/etc/httpd/conf/httpd.conf
notify:
- Apache Restart

handlers:
- name: Apache Restart
service: name=httpd state=restarted

In the above code the handler named “Apache Restart” will only get executed when the httpd.conf file gets copied or else it will not notify the handler.
For more information about Visualpath, visit www.visualpath.in and follow the company on Facebook and Twitter.

Comments