Ansible roles
Home > CentOS > CentOS 6.x > System administration tools > ansible > Ansible roles
To configure a single machine independently Ansible playbooks can be used. But to configure an entire site and to ensure that site remains in desired configuration, roles are much more useful. With ansible roles vars, handlers, tasks, etc. which were defined in playbook are split into separate files. This allows different servers to implement these roles very easily. Further roles can depend on other roles and can also easily refer to files / templates for use in copy/template module. Finally because the tasks, handlers etc. defined within a role are at top level including other files that have definition of tasks, handlers is also more natural.
For ansible role following directory structure is required:
- roles/<role-name>/tasks
- This can contain file named main.yaml. If the file exists then the tasks mentioned in the file are executed on all hosts that implement this role.
- roles/<role-name>/vars
- This can contain file named main.yaml with variables to be made available to tasks executed as part of this role. Hence this vars are loaded before tasks are executed.
- roles/<role-name>/handlers
- Tasks defined in this role can notify handlers defined in main.yaml file contained in this folder.
- roles/<role-name>/files
- Files contained in this folder can directly be referred by copy module without requiring specifying proper relative or absolute path
- roles/<role-name>/templates
- Files contained in this folder can be directly referred by template module without requiring specifying proper relative or absolute path
- roles/<role-name>/meta
- This contains meta rules in fine main.yaml. One very important rule is to define other roles which this roles depends upon. Hence the role can be made dependent to another role, say common_vars, where all the common variables required by all other roles can be defined centrally.
Site playbook
Site playbook which contains various server playbook can be created as follows:
--- - include: ossec.yaml - include: ansible.yaml - include: base1.yaml - include: glpi.yaml - include: redmine.yaml
Here base1.yaml which is used for configuring base1 can have playbook such as:
--- - name: Configure base1 machine hosts: base1 roles: - common - base
Similarly, redmine.yaml which is used for configuring redmine server can have playbook such as:
--- - name: Configure redmine server hosts: redmine-server roles: - common - redmine - ossec-client
Converting stand alone playbook to roles
Converting stand-alone playbook to role is very easy. First directory named roles/<role-name> need to be created. Then various directories based on sections of playbook such tasks, vars, handlers etc. should be created. If the playbook uses copy or template modules then files and templates sub-folders within parent <role-name> folder should also be created. Now tasks can be copied to main.yaml in tasks folder, vars can be copied to main.yaml in vars folder and handlers can be copied to main.yaml in handlers folder. Copy all files required by copy and template modules to files and templates folders respectively. Change tasks so that copy and templates module refer to source files directly with name without worrying about path.
Defining dependency of role on other-role
To define one role as dependent on other role a folder named 'meta' should be created with <role-name> folder. Further a file main.yaml with following contents can be created inside meta folder:
--- dependencies: - role: common_vars
Example roles
- ansible common role
- ansible nagios-server role
- ansible nagios-client role
- Automated OSSEC installation using ansible
- ansible named-server role for both public and private DNS
Home > CentOS > CentOS 6.x > System administration tools > ansible > Ansible roles