Ansible_roles
Chapter 44: Ansible Roles
Section titled “Chapter 44: Ansible Roles”This chapter covers Ansible roles, role structure, and using Ansible Galaxy.
Role Overview
Section titled “Role Overview”Roles are a way to organize playbooks and other Ansible files for reuse.
┌─────────────────────────────────────────────────────────────────────────────┐│ Ansible Role Concept │├─────────────────────────────────────────────────────────────────────────────┤│ ││ ┌─────────────────────────────────────────────────────────────────────┐ ││ │ Role Structure │ ││ │ │ ││ │ role_name/ │ ││ │ ├── defaults/ │ ││ │ │ └── main.yml # Default variables │ ││ │ ├── files/ │ ││ │ │ └── config.conf # Static files │ ││ │ ├── handlers/ │ ││ │ │ └── main.yml # Handlers │ ││ │ ├── meta/ │ ││ │ │ └── main.yml # Role metadata │ ││ │ ├── tasks/ │ ││ │ │ └── main.yml # Main tasks │ ││ │ ├── templates/ │ ││ │ │ └── config.j2 # Jinja2 templates │ ││ │ ├── tests/ │ ││ │ │ ├── inventory │ ││ │ │ └── test.yml # Test playbooks │ ││ │ └── vars/ │ ││ │ └── main.yml # Role variables │ ││ │ │ ││ └─────────────────────────────────────────────────────────────────────┘ ││ ││ Benefits: ││ ✓ Reusability - Use across projects ││ ✓ Organization - Structured approach ││ ✓ Shareability - Distribute via Galaxy ││ ✓ Dependency management - Role dependencies ││ │└─────────────────────────────────────────────────────────────────────────────┘Creating a Role
Section titled “Creating a Role”Role Directory Structure
Section titled “Role Directory Structure”roles/└── nginx/ ├── defaults/ │ └── main.yml ├── files/ │ └── nginx.conf ├── handlers/ │ └── main.yml ├── meta/ │ └── main.yml ├── tasks/ │ └── main.yml ├── templates/ │ └── nginx.conf.j2 ├── tests/ │ ├── inventory │ └── test.yml └── vars/ └── main.ymldefaults/main.yml
Section titled “defaults/main.yml”---nginx_port: 80nginx_worker_processes: autonginx_worker_connections: 1024nginx_server_names_hash_bucket_size: 64nginx_keepalive_timeout: 65nginx_client_max_body_size: 10M
nginx_packages: - nginx
nginx_user: www-datanginx_group: www-datanginx_config_dir: /etc/nginxtasks/main.yml
Section titled “tasks/main.yml”---- name: Install nginx apt: name: "{{ nginx_packages }}" state: present when: ansible_os_family == "Debian"
- name: Install nginx (RHEL) yum: name: nginx state: present when: ansible_os_family == "RedHat"
- name: Configure nginx template: src: nginx.conf.j2 dest: "{{ nginx_config_dir }}/nginx.conf" validate: nginx -t %s notify: Restart nginx
- name: Enable and start nginx service: name: nginx state: started enabled: yeshandlers/main.yml
Section titled “handlers/main.yml”---- name: Restart nginx service: name: nginx state: restarted
- name: Reload nginx service: name: nginx state: reloadedtemplates/nginx.conf.j2
Section titled “templates/nginx.conf.j2”user {{ nginx_user }} {{ nginx_group }};worker_processes {{ nginx_worker_processes }};
events { worker_connections {{ nginx_worker_connections }};}
http { include /etc/nginx/mime.types; default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout {{ nginx_keepalive_timeout }}; types_hash_max_size {{ nginx_server_names_hash_bucket_size }};
include /etc/nginx/conf.d/*.conf;}vars/main.yml
Section titled “vars/main.yml”---# Variables with higher precedence than defaultsnginx_config_dir: /etc/nginxnginx_user: www-datanginx_group: www-datameta/main.yml
Section titled “meta/main.yml”---galaxy_info: author: Your Name description: Nginx web server role company: Your Company license: MIT min_ansible_version: '2.9' platforms: - name: Ubuntu versions: - all - name: Debian versions: - all - name: EL versions: - 7 - 8 galaxy_tags: - web - nginx - server
dependencies: [] # - role: common # - role: ssl_certsUsing Roles in Playbook
Section titled “Using Roles in Playbook”---- name: Deploy web server hosts: webservers become: yes
roles: - nginx
# With role parameters- name: Deploy web server hosts: webservers become: yes
roles: - role: nginx nginx_port: 8080 nginx_worker_processes: 4 - role: php php_version: "8.1" - role: mysql mysql_port: 3307
# Role with tags- name: Configure webservers hosts: webservers become: yes
roles: - role: nginx tags: [web, nginx] - role: php tags: [web, php]Include Roles (Ansible 2.4+)
Section titled “Include Roles (Ansible 2.4+)”# Using include_role- name: Include nginx role include_role: name: nginx
# With parameters- name: Include role conditionally include_role: name: nginx when: install_nginx | default(true)
# With variables- name: Include role with variables include_role: name: webserver vars: server_port: 8080 server_name: example.comAnsible Galaxy
Section titled “Ansible Galaxy”┌─────────────────────────────────────────────────────────────────────────────┐│ Ansible Galaxy │├─────────────────────────────────────────────────────────────────────────────┤│ ││ ┌─────────────────────────────────────────────────────────────────────┐ ││ │ Ansible Galaxy │ ││ │ │ ││ │ Galaxy is a hub for finding, sharing, and managing Ansible roles │ ││ │ │ ││ │ Commands: │ ││ │ ansible-galaxy search <search_term> │ ││ │ ansible-galaxy info <role_name> │ ││ │ ansible-galaxy install <role_name> │ ││ │ ansible-galaxy list │ ││ │ ansible-galaxy remove <role_name> │ ││ │ │ ││ │ Install from requirements.yml: │ ││ │ ansible-galaxy install -r requirements.yml │ ││ │ │ ││ └─────────────────────────────────────────────────────────────────────┘ ││ │└─────────────────────────────────────────────────────────────────────────────┘Using Galaxy Roles
Section titled “Using Galaxy Roles”# Search for rolesansible-galaxy search nginx
# Install a roleansible-galaxy install geerlingguy.nginx
# Install specific versionansible-galaxy install geerlingguy.nginx,4.3.0
# List installed rolesansible-galaxy listrequirements.yml
Section titled “requirements.yml”---roles: # From Ansible Galaxy - name: geerlingguy.nginx version: "4.3.0"
- name: geerlingguy.php version: "5.1.0"
- name: geerlingguy.mysql version: "4.1.0"
# From GitHub - src: https://github.com/username/ansible-role-nginx name: custom_nginx version: "1.0.0"
# From Git - src: git+https://github.com/company/ansible-role-webserver.git name: company_webserver version: mainRole Dependencies
Section titled “Role Dependencies”---dependencies: - role: common vars: common_packages: - curl - vim - role: nginx - role: php php_version: "8.1"Complete Example
Section titled “Complete Example”# Project structureansible-project/├── inventory│ ├── production│ └── staging├── playbooks/│ ├── site.yml│ └── web.yml├── roles/│ ├── common/│ ├── nginx/│ ├── php/│ └── mysql/└── ansible.cfg---- name: Configure all servers hosts: all roles: - common
- name: Configure webservers hosts: webservers become: yes roles: - nginx - php - composer
- name: Configure databases hosts: databases become: yes roles: - mysqlSummary
Section titled “Summary”In this chapter, you learned:
- Role Concept: What are roles and why use them
- Role Structure: Directory layout and files
- Creating Roles: defaults, tasks, handlers, templates, vars
- Using Roles: Including roles in playbooks
- Ansible Galaxy: Finding and installing community roles
- Role Dependencies: Managing role relationships