Ansible: Roles

Ansible_Logo

Posted By: admin April 23, 2024

Roles is a feature provided by Ansible were once a standardized directory structure is created, you can automatically load related vars, files, tasks, handlers, and other Ansible artifacts. Using roles we have opportunities to reuse code from playbooks that you wrote previously. We can copy a role from project to project by copying the directory, then calling the role within a play.

Below is an example of know directory structure of role:

ansible-roles

 

In the above directory structure, the files subdirectory contains fixed content files and the templates subdirectory contains templates such as one in Jinja format, etc that the role can deploy.

You can create the directory structure and files needed for a new role by using standard Linux
commands, or alternatively we can use command-line utilities such as ansible-galaxy to automate the process of new role
creation.

Ansible Galaxy is a free site for downloading all kinds of community-developed Ansible roles, and can thus speed-up your automation projects.

The ansible-galaxy client tool allows you to download roles from Ansible Galaxy and provides an excellent default framework for creating your own roles.

The below comment creates a role for myhost

[root@centos9vm ~]# ansible-galaxy init myvhost

[root@centos9vm ~]# ls -l myvhost/

==== ==
total 4
drwxr-xr-x. 2 root root 22 Apr 17 14:21 defaults
drwxr-xr-x. 2 root root 6 Apr 17 14:21 files
drwxr-xr-x. 2 root root 22 Apr 22 17:40 handlers
drwxr-xr-x. 2 root root 22 Apr 17 14:21 meta
-rw-r–r–. 1 root root 1328 Apr 17 14:21 README.md
drwxr-xr-x. 2 root root 22 Apr 22 22:33 tasks
drwxr-xr-x. 2 root root 27 Apr 22 21:59 templates
drwxr-xr-x. 2 root root 39 Apr 17 14:21 tests
drwxr-xr-x. 2 root root 22 Apr 17 14:21 vars

==== =

Let us create a yml file that creates 3 task under the myvhost/tasks folder. One is to install httpd, another to start httpd, and creates a config file in the managed node using template.

[root@centos9vm roles]# cat myvhost/tasks/main.yml

==== ===
– – –
# tasks file for myvhost
– name: Ensure httpd is installed
   ansible.builtin.dnf:
      name: httpd
      state: latest

– name: Start httpd service
   ansible.builtin.service:
      name: httpd
      state: started
      enabled: true

– name: vhost file is installed
   ansible.builtin.template:
      src: vhost.conf.j2
      dest: /etc/httpd/conf.d/vhost.conf
      owner: root
      group: root
      mode: 0644
   notify: Restart httpd

=== ===

If we notice in the above file, we have a task to use “vhost.conf.j2“, but have not provided a full path of the jinja file. As we are using roles, ansible will search for the file in the “template” directory created.

[root@centos9vm roles]# cat myvhost/templates/vhost.conf.j2

===== ====
# {{ ansible_managed }}

<VirtualHost *:80>
    ServerAdmin webmaster@{{ ansible_fqdn }}
    ServerName {{ ansible_fqdn }}
    ErrorLog logs/{{ ansible_hostname }}-error.log
    CustomLog logs/{{ ansible_hostname }}-common.log common
    DocumentRoot /var/www/vhosts/{{ ansible_hostname }}/
    <Directory /var/www/vhosts/{{ ansible_hostname }}/>
         Options +Indexes +FollowSymlinks +Includes
         Order allow,deny
         Allow from all
   </Directory>
</VirtualHost>

===== ===

As we can notice in the first yml file “myvhost/tasks/main.yml” the last task calls a handler named “Restart httpd“. The expectancy is that role will search for the handlers in the “handlers” directory.

[root@centos9vm roles]# cat myvhost/handlers/main.yml

===== ====
– – –
# handlers file for myvhost

– name: Restart httpd
   ansible.builtin.service:
      name: httpd
      state: restarted

===== ===

Now let us tie and execute all these using role feature, by creating a playbook.

[root@centos9vm roles]# cat use-vhost-role.yml

==== === ==
– – –
– name: Use vhost role playbook
   hosts: 192.168.48.129
   pre_tasks:
      – name: pre_tasks message
         ansible.builtin.debug:
            msg: ‘Ensure web server configuration.’

   roles:
      – myvhost

   post_tasks

   – name: post_tasks message
      ansible.builtin.debug:
         msg: ‘Web server is configured.’

=== === ==

If we notice above the roles block calls myhost role, which in turn will execute tasks from “tasks” folder in the directory structure.

Now let us run the playbook and see the results.

[root@centos9vm ~]# ansible-navigator run -m stdout use-vhost-role.yml

==== ======

PLAY [Use vhost role playbook] *************************************************

TASK [Gathering Facts] *********************************************************
ok: [192.168.48.129]

TASK [pre_tasks message] *******************************************************
ok: [192.168.48.129] => {
“msg”: “Ensure web server configuration.”
}

TASK [myvhost : Ensure httpd is installed] *************************************
changed: [192.168.48.129]

TASK [myvhost : Start httpd service] *******************************************
changed: [192.168.48.129]

TASK [myvhost : vhost file is installed] ***************************************
changed: [192.168.48.129]

RUNNING HANDLER [myvhost : Restart httpd] **************************************
changed: [192.168.48.129]

TASK [HTML content is included] ************************************************
ok: [192.168.48.129]

TASK [post_tasks message] ******************************************************
ok: [192.168.48.129] => {
“msg”: “Web server is configured.”
}

PLAY RECAP *********************************************************************
192.168.48.129 : ok=8 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0