Ansible inventory, role variables and facts

I’ve been struggling a bit to understand how to use inventory, role variables and facts in the playbooks i’ve been working on (mostly around provisioning opencontrail on top of kubernetes/openshift-origin). I finally came up with a model that made sense to me. This is probably well understood by everyone else but i couldn’t quite grok it until i worked out the following example.

User configuration options should be set:
– In group_vars/all.yml for settings that affect all hosts;
– In the inventory file, for host and group variables;

As in this example:

It is useful to establish a convention for variables that are specific to the deployment (e.g. user settable variables). In this case i’m using flag_<var> as a convention for deployment specific variables.

Most of these would have defaults. In order to set the defaults, the playbook defines a role variable (flag_user_<var> in this example). The playbook role then uses flag_user_<var> rather than the original flag_<var>.

Role variables can use jinja template logic operations as well as filters. The most common operation is to use a <code>default</code> filter as in the example playbook bellow. But more complex logic can be built using {%if <expression> %}{% endif %} blocks.

Facts can then be used for variables that depend on the result of command execution. While it is possible to use set_fact in order to set variables, establishing a clear convention that facts are the result of command execution seems desirable.
While it may seem useful to use the set_fact action to set variables that have no dependencies on task execution
since it supports the when statement while role variables do not (although include_vars does), it helps to establish a simple convention that a “fact” is the result of a task observation.

My conclusion is that, for the playbooks that i write/maintain, I’m going to try to establish a set of rules before starting to actually write the tasks.

  1. Naming convention for user settable variables.
  2. Naming convention for role variables (i.e. user setting + default value).
  3. Limit set_fact to variables that depend on the outcome of task execution.

Please leave a comment if you have a different suggestion that improves maintainability of a playbook’s role specifications.