-
Notifications
You must be signed in to change notification settings - Fork 223
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ansible role is challenging to use for custom per-host configurations #366
Comments
Hi @kbreit, Thanks for the report! If I understand correctly, you'd like to have per-host configuration of role variables. I believe this can be achieved using Ansible host variables or group variables. That way you can assign specific configuration to hosts or groups of hosts. For instance, you can put all your Ubuntu hosts in a group named Would that fit your needs? |
Thank you for the fast response! I know I can use host and group variables and that's my plan. There are two issues with it though. First, I shouldn't have to have the Linux distribution in the inventory as |
Hi again @kbreit, I tried some things around the initial problems you had with Playbook file
which gave me the following result: Ansible playbook run
so I think doing OS-based (or other kinds of ansible fact-based) arbitrary modifications to Would doing something like that help with your issue? |
Hi @kbreit, I have a solution which is working for our team and it was my Datadog customer success contact that clued me into it. We're very early in our journey and I'm new to Ansible but what I have is Jinja-based. In repo.. folder called templates which has structured layouts of checks-yaml which contains the static elements needed for the various config but also {{ replacement_tokens }} where necessary. I have a datadog checks template as such: then I use an include_vars statement to load that file into a var and then the role consumes it. |
@erikhjensen - That's an interesting solution and one I'll give a try to. It's cleaner than anything else I've tried or thought of. I guess my thought still stands that I'd like to see the variables broke out a little more so there's more flexibility and we don't need to resort to jinja2 templating in a situation like mine. Indeed, it would require a very significant change to variable structure and breaking backward compatibility, so I wouldn't expect it for another major release or two even if it was accepted. |
@erikhjensen I'm working on your setup and I think once I get it going it'll be the best option. Here are snippets of what I have but I'm getting syntax errors. Anything obvious I'm missing/?
...
|
Did you template out that first. The pseudo code is Set a bunch of vars based on hostvars etc You can debug out this intermediate result post template and pre include vars to check your result. You’re trying to replicate an yaml structure for checks that you can technically write by hand so you should have a structure in mind and then work towards that. |
I am also having these issues. I was ALL hosts to have some basic checks, there could go in group_vars/all Then I might want nginx servers to have some additional checks, which might go in group_vars/nginx.yaml, however - because of how ansible handles maps, the contents of nginx.yaml would over-ride those in group_vars/all. This gets even more complicated when a host might be in multiple groups. I have ended up duplicating datadog_checks in many areas of my variable structure - but this means when I want to add a new check that applies to all hosts, I need to modify many var files. The core issue I questioned on reddit here: https://www.reddit.com/r/ansible/comments/o6akfn/merging_variables_from_group_varsall_multiple/ This is less of an issue with this datadog role, but more of a problem with how Ansible works IMO. |
We basically also do it like @pookey here. We "categorize" the hosts before calling the datadog.datadog role and combining the vars together. datadog_config: "{{ {} | combine(moded_datadog_config, recursive=True, list_merge='append_rp') }}"
datadog_checks: "{{ {} | combine(moded_datadog_global_checks, recursive=True, list_merge='append_rp') | combine(moded_datadog_os_checks, recursive=True, list_merge='append_rp') | combine(moded_datadog_host_checks, recursive=True, list_merge='append_rp') }}"
Additionally we also then have some additional roles afterwards to generate some new config files (not "managed" by the datadog role). It's also tricky as you can't "decouple" check configurations and agent configurations currently. That said, we also think this is not an ideal solution. Especially with view on the upcomming collection it would be greatly appreciated to have a seperate check role which decouples the agent installation from the check things. Another solution would be to add an additional layer into the datadog_checks and instead of only creating one conf.yml per check enabling additional one's - and through the default ansible/jinja filters even "altering" the dicts. datadog_configs:
postgres:
instance_a: # should create conf.d/postgres.d/instance_a.yml
init_config:
instances:
- name: ...
instance_b: # should create conf.d/postgres.d/instance_b.yml
init_config:
instances:
- name: ... Thought that would be a breaking change so it might get tricky to sanitize that. |
Also, and please correct me if I am wrong, there is currently no way to "remove" a configuration which was previously configured without also using |
I am trying to develop an Ansible playbook which tailors the datadog-agent configuration based on the groups an endpoint is in within Ansible. For example, lets say there are the following two devices:
Using Ansible pre-tasks I need to structure the
datadog_config
anddatadog_checks
variable within Ansible on a per-host basis. Red Hat uses/var/log/messages
and Ubuntu uses something else. For this example, lets assume Ubuntu uses/var/log/syslog
. I want to report contents of those files to Datadog. Plus, Apache and redis need to be configured on each system respectively. A rough playbookvars
section may look like this:However this is specific to my Red Hat configuration and would need a very different structure for Red Hat with Redis. My current though is I would need to develop this structure during pre-tasks using
when
statements checking foros_family
and inventory groups. However, Ansible'sset_fact
module does not allow for updating a data structure andupdate_fact
allows for only modifying mutable objects, which a dict doesn't appear to be. I don't see a good way to accomplish what I'm looking for and think there are better ways the role should work, such as having more built-out variables that aren't a single data structure. For example,datadog_check_nginx
and thennginx_init_config
and whatnot.The text was updated successfully, but these errors were encountered: