Ansible Roles

Ansible Roles, as the name suggests, define a particular role which a host or a group of hosts is going to serve. Typically, a host is associated with many roles. A single webserver can have the following roles associated with it:

Ansible Playbooks

Playbooks associate roles to the hosts. This is where we will tell Ansible to apply certain roles to a host or a group of hosts.

Not so good way to work with Ansible

Technically, it is possible to write a single yml file where we can define all the tasks and the host details effectively making it a mix of roles and playbook. However, that it is not a good idea to do so because:

However, for the sake of learning, we will write the first yml file in simply like this:

---
- hosts: webserver
  tasks:
  - name: install httpd
    yum: pkg=httpd state=installed

The example above will install Apache web server on our systems. Let us also install some php libraries.

---
- hosts: webserver

  tasks:
  - name: install httpd
    yum: name=httpd state=installed

  - name: install php and libs
    yum: name={{ item }} state=installed
    with_items:
      - php-xml
      - php
      - php-zip
      - php-mbstring
      - php-mysqlnd
      - php-gd

Now we need to download the ownCloud app archive and extract it. We may need to do some more house keeping tasks.

Our final yml will look something like this:

---
- hosts: webserver

  tasks:
  - name: install httpd
    yum: name=httpd state=installed

  - name: install php and libs
    yum: name={{ item }} state=installed
    with_items:
      - php-xml
      - php
      - php-zip
      - php-mbstring
      - php-mysqlnd
      - php-gd

  - name: install additional tools
    yum: name=bzip2 state=installed

  - name: set selinux permissive
    selinux: policy=targeted state=permissive

  - name: get the owncloud tar
    get_url: url=https://download.owncloud.org/community/owncloud-9.0.1.tar.bz2 dest=/var/www/html

  - name: exract the tar
    unarchive: src=/var/www/html/owncloud-9.0.1.tar.bz2 dest=/var/www/html copy=no owner=apache
    notify:
    - restart apache

  handlers:
    - name: restart apache
      service: name=httpd state=restarted

Good Way of Working with Ansible

In the yml file above, we have three different components:

According to Ansible best practices, we should break out these components. The hosts details should be defined in the playbook. The playbook should call the required roles which is where the tasks will go. Lastly, handlers are tasks but are executed at the end and only if they are called by a task. Best practices dictates that handlers should be defined separately.

So for a good setup our directory structure should look like this:

inventory1
variables
playbooks/
    webserver.yml
    database.yml
roles/
    role1/
        tasks/
            main.yml
        handlers/
            main.yml
        templates/
            template.j2
        files/
            file1
        vars/
            main.yml

Understand this structure and try to build this from the ownCloud playbook. We have built the setup as per the best practices. Check it out on github.