Ansible roles

From Notes_Wiki

Home > CentOS > CentOS 6.x > System administration tools > ansible > Ansible roles

To configure a single machine independently Ansible playbooks can be used. But to configure an entire site and to ensure that site remains in desired configuration, roles are much more useful. With ansible roles vars, handlers, tasks, etc. which were defined in playbook are split into separate files. This allows different servers to implement these roles very easily. Further roles can depend on other roles and can also easily refer to files / templates for use in copy/template module. Finally because the tasks, handlers etc. defined within a role are at top level including other files that have definition of tasks, handlers is also more natural.

For ansible role following directory structure is required:

roles/<role-name>/tasks
This can contain file named main.yaml. If the file exists then the tasks mentioned in the file are executed on all hosts that implement this role.
roles/<role-name>/vars
This can contain file named main.yaml with variables to be made available to tasks executed as part of this role. Hence this vars are loaded before tasks are executed.
roles/<role-name>/handlers
Tasks defined in this role can notify handlers defined in main.yaml file contained in this folder.
roles/<role-name>/files
Files contained in this folder can directly be referred by copy module without requiring specifying proper relative or absolute path
roles/<role-name>/templates
Files contained in this folder can be directly referred by template module without requiring specifying proper relative or absolute path
roles/<role-name>/meta
This contains meta rules in fine main.yaml. One very important rule is to define other roles which this roles depends upon. Hence the role can be made dependent to another role, say common_vars, where all the common variables required by all other roles can be defined centrally.


Site playbook

Site playbook which contains various server playbook can be created as follows:

---
- include: ossec.yaml
- include: ansible.yaml
- include: base1.yaml
- include: glpi.yaml
- include: redmine.yaml

Here base1.yaml which is used for configuring base1 can have playbook such as:

---
- name: Configure base1 machine
  hosts: base1
  roles:
    - common
    - base

Similarly, redmine.yaml which is used for configuring redmine server can have playbook such as:

---
- name: Configure redmine server
  hosts: redmine-server
  roles:
    - common
    - redmine
    - ossec-client


Converting stand alone playbook to roles

Converting stand-alone playbook to role is very easy. First directory named roles/<role-name> need to be created. Then various directories based on sections of playbook such tasks, vars, handlers etc. should be created. If the playbook uses copy or template modules then files and templates sub-folders within parent <role-name> folder should also be created. Now tasks can be copied to main.yaml in tasks folder, vars can be copied to main.yaml in vars folder and handlers can be copied to main.yaml in handlers folder. Copy all files required by copy and template modules to files and templates folders respectively. Change tasks so that copy and templates module refer to source files directly with name without worrying about path.


Defining dependency of role on other-role

To define one role as dependent on other role a folder named 'meta' should be created with <role-name> folder. Further a file main.yaml with following contents can be created inside meta folder:

---
dependencies:
  - role: common_vars


Example roles


Home > CentOS > CentOS 6.x > System administration tools > ansible > Ansible roles