First Step in config as code
In the first step we will take one item we will configure like adding "organizations" to the gateway, this is easily done.
We will not create a pipeline yet, yust create the basic code to add the organization to the platform from the command line. In this example, we will configure just one environment, but this is easily extended to the next environment.
requirements
Ensure that the system where we are going to do this has the following installed:
Executables: - python3.11 - ansible-core >= 2.19
Collections: - infra.aap_configuration - ansible.platform
directory structure
Create the folowing directory structure:
.
├── group_vars
│ ├── all
│ │ └── gateway_organization.yml
│ └── dev
│ └── gateway_organization.yml
├── inventory.yaml
├── main.yml
The theory
In the directory structure you see in group_vars there are two directories (can be even more) that holds a file with the same name. This is on purpose, these files are the basis of how we do configuration as code here.
The principle that we used to create this is, that we definine everything just once..
Tha above structure looks like an inventory and will not use it like that, an inventory will overwrite the definitions in all, with the same definitions in dev, forcing us to define things twice when something is in all and we want to keep that in the dev environment.
We will create code to merge these two files, so that we will add thse two together and not having to define anything twice.
So in this example, if an organization is present in group_vars/all/gateway_organization.yml, it will get incorporated in every environment. An extra organization that is only present in the "development" environment is added through the definition in the group_vars/dev/gateway_organization.yml
The files
The files placed in the group_vars directories have the same names, but have a slightly different contents, this difference is the basis of what we do:
all/gateway_organization.yml
---
aap_organizations_all:
- name: ORG_ALL
...
As you can see, there is just the "ORG_ALL" organization name here. As said this organization resides in the "all" group_vars and should be present in every environment.
dev/gateway_organization.yml
---
aap_organizations_dev:
- name: ORG_DEV
...
Here you can see the difference between these files, when comparing them. the name of the resulting variable is different and this way both are availlable to the ansible playbook that we will be starting to run the configuration.
If we would leave the variable names to be equal, we we would have a single variable, holding just the vaule for the "dev" environment, thus losing the "all" value.
The playbook (main.yml)
We will be writing a very basic playbook, where we will not take security into account, so we will have credentials in here, as it is a test and will only be run locally in a test environment.
Never do this in a live environment
---
- name: Configure rhaap platform base
hosts: "{{ instance | default('localhost') }}"
connection: local
gather_facts: false
vars:
aap_hostname: https://<fqdn of test platform>
aap_username: admin
aap_password: <password>
tasks:
# Merge aap_organization_vars
- name: Set the gateway vars
ansible.builtin.set_fact:
aap_organizations: >
{{ aap_organizations_all |
community.general.lists_mergeby(vars['aap_organizations_' + branch_name],
'name', recursive=true, list_merge='append') }}
- name: Run organization configuration
ansible.builtin.include_role:
name: infra.aap_configuration.aap_organizations
This playbook is started using the following command:
ansible-playbook main.yml -i localhost -e branch_name=dev
This playbook has only 2 tasks, the first is to prepare (merge) the variables and secondly to configure the resuting set of variables using the collection into the automation platform specified by the vars in the playbook.
This will:
- merge the variables aap_organizations_all and aap_organizations_dev into aap_organizations
- run the role aap_organizations from the infra.aap_configuration collection
- Both organizations "ORG_ALL" and "ORG_DEV" will be added to the automation platform.
Expand functionality
You can now add more variables to the files, like more organizations or even galaxy credentials to map to the organizations.
Or even add new files, with new(other) variables to configure items in autoamtion platform.
Do not forget to add files in all group_vars directories and add a merge of the vars to the set_fact in the playbook. Also add a include_role for these files, or change the current include_role to the dispatch role, that will run any role as needed.