Warp Terminal

In Ansible, variables allow you to define values dynamically, making your playbooks more flexible and reusable. By using variables effectively, you can easily customize your configuration management and streamline repetitive tasks.

In this guide, we’ll explore different ways to include and use variables in Ansible with detailed examples.

Why use variables in Ansible?

Variables in Ansible allow you to:

  • Simplify configuration and reduce redundancy.
  • Manage different environments (e.g., development, staging, production) with ease.
  • Make playbooks more readable and maintainable by reducing hard-coding.

Using include_vars

The include_vars module allows to include variables from an external file into your playbooks. This is useful when you want to organize your variables in separate files for better readability and reusability.

Example:

Consider a file named app_vars.yml with the following content:

# app_vars.yml
app_name: "MyApp"
app_version: "1.0.0"

You can include these variables in a playbook using include_vars:

- name: Include variables from a file
  hosts: all
  tasks:
    - name: Include app variables
      include_vars: app_vars.yml

    - name: Use included variables
      debug:
        msg: "Deploying {{ app_name }} version {{ app_version }}"

This playbook will include the variables from app_vars.yml and use them during the deployment.

Including variables conditionally

Sometimes you need to include variables based on specific conditions. The include_vars module allows you to include a file conditionally, depending on factors such as host groups or environment variables.

Example:

Assuming you have two variable files for different environments:

  • dev_vars.yml for development
  • prod_vars.yml for production

Here’s how you can include these variables conditionally:

- name: Include environment-specific variables
  hosts: all
  tasks:
    - name: Include variables based on environment
      include_vars: "{{ env }}_vars.yml"
      when: env is defined

    - name: Use included environment variables
      debug:
        msg: "Environment: {{ env }}"

In this example, the value of env will determine which variable file gets included.

Including variables for each item in a loop

You may have scenarios where you want to include different variable files for each item in a loop. This can be helpful when managing multiple configurations dynamically.

Example:

Suppose you have separate variable files for different applications:

  • app1_vars.yml
  • app2_vars.yml

You can include these variable files using a loop:

- name: Include variables for each app
  hosts: all
  tasks:
    - name: Include app-specific variables
      include_vars: "{{ item }}_vars.yml"
      loop:
        - app1
        - app2

    - name: Use included variables
      debug:
        msg: "Configured app: {{ app_name }}"

In this example, include_vars will loop through each item and include the respective variable file.

Including variables from external files

Organizing variables in separate files keeps your playbooks clean and modular. You can include variables from external files using either vars_files or include_vars.

Example:

Define a variable file named common_vars.yml:

# common_vars.yml
timezone: "UTC"

Include this file in your playbook:

- name: Include external variables
  hosts: all
  vars_files:
    - common_vars.yml
  tasks:
    - name: Display timezone
      debug:
        msg: "The configured timezone is {{ timezone }}"

Using vars_files makes it easy to include common variables across multiple tasks and roles.

Including variables from an Ansible Vault

Ansible Vault allows you to encrypt sensitive data, such as passwords or API keys. You can use include_vars to include these variables securely.

Example:

Create an encrypted file named vault.yml:

Add your sensitive variables:

# vault.yml
db_password: "supersecret"

Include the encrypted file in your playbook:

- name: Include variables from Ansible Vault
  hosts: all
  tasks:
    - name: Include encrypted variables
      include_vars: vault.yml

    - name: Display database password
      debug:
        msg: "The database password is {{ db_password }}"

You will need to provide the vault password when running the playbook to decrypt and use the variables.

Using set_fact to define variables at runtime

The set_fact module is used to define variables dynamically during the playbook run. This is particularly useful for generating values based on task output or other runtime conditions.

Example:

- name: Set variables at runtime
  hosts: all
  tasks:
    - name: Set a fact
      set_fact:
        app_status: "deployed"

    - name: Use runtime variable
      debug:
        msg: "The application is {{ app_status }}"

The set_fact module sets app_status at runtime, making it available for use in subsequent tasks.

Conclusion

Incorporating variables effectively in Ansible allows for flexibility and control, enhancing playbook adaptability to different environments and requirements.

Whether loading variables from external files, setting values at runtime, or managing secure data with Ansible Vault, each method serves a specific purpose in handling dynamic content.

✍️

Author: Hitesh Jethwa has more than 15+ years of experience with Linux system administration and DevOps. He likes to explain complicated topics in easy to understand way.

Similar Posts