Hello Guys, welcome back to DevSecOps Automations!!
In this post, we will be exploring the Custom role create and usage in a playbook, which is a most industry requirement.
It depends on your use cases. It's always recommended to write a role if you have a complex set of tasks consist of handlers and jinja templates. Roles break down a complex playbook into simple and multiple reusable plays easy to read!
In the last post, we have learned about how ansible-galaxy helps us to install, create, modify the ready-made roles which are provided by the Ansible community freely on the Galaxy site.
What are the roles why we should use them in Ansible?
As per my understanding so far following points :
- A role can be defined when we have to do one or many tasks
- It is a set of tasks with a single objective (for example reboot of box - stop all process, reboot, start process)
- You can organize the code in more readable form using roles it is like functions in Python or C
- Here the main objective is that roles can be exchanged within the company playbooks and if it is more genric public can share in community
- You can publish your roles to ansible galaxy community (public roles repository)
- Ansible roles can be defined with specific structure of directories and files, role name can be directory vars directory contains main.yml file to define the variables that can be reused in the role's play
Steps to define your Ansible Custom Roles
Step 1: Create the directory structure using the ansible-galaxy command
Step 2: to make more managable
vim tasks/main.yml
Let's create these files which are mentioned in the main.yml file, first install.yml file with
now back to the root of your project (in my casse path is /home/vagrant/prod) or else /etc/ansible vime apache-site.yml
cd roles ansible-galaxy init apache --offline cd apache/tasks
- include: install.yml - include: configure.yml - include: service.yml
--- # install apache server - name: install apache yum: name: httpd state: latestNext configure.yml file with :
--- - name: httpd configure copy: src=httpd.conf dest=/etc/httpd/conf/httpd.conf notify: - restart apache service - name: send index.html copy: src=index.html dest=/var/www/html/index.html /var/www/html/The third file is service.yml with:
--- - name: start httpd service service: name=httpd state=started
Using static files by roles
Step 3: Let's create two static files as index.html file and httpd.conf filecp /etc/httpd/conf/httpd.conf . vi httpd.conf head httpd.conf # # ============== This is from ANSIBLE Configuration ====================== # This is the main Apache HTTP server configuration file. It contains theThe web-page created from index.html file. cat roles/apache/files/index.html
Namaste Ansible configured Apache
Wishing you great learning... HAPPY A N S I B L E automations!!
Event Handlers - notify from roles
Now go to the apache/handlers where the main.yml entry you can use :--- # Apache handler file - name: restart apache service service: name=httpd state=restartedEnsure that name of the handler should match to the name in the notify section in the configure.yml otherwise it wont trigger. cat main.yml Now update the meta information about this role
cd /home/vagrant/prod/roles vim apache/meta/main.ymlModify the following lines:
author: Pavan Devarakonda description: Sample apache role company: Vybhava Technologies platforms: - name: EL versions: - allNow goto the folder roles check with the tree command for 'apache'
tree apache apache ├── defaults │ └── main.yml ├── files │ ├── httpd.conf │ └── index.html ├── handlers │ └── main.yml ├── meta │ └── main.yml ├── README.md ├── tasks │ ├── configure.yml │ ├── install.yml │ ├── main.yml │ └── service.yml ├── templates ├── tests │ ├── inventory │ └── test.yml └── vars └── main.yml
now back to the root of your project (in my casse path is /home/vagrant/prod) or else /etc/ansible vime apache-site.yml
--- - hosts: web gather_facts: false roles: - apache #- ntp you can add more rolesNow all set to go, check the syntax
ansible-playbook apache-site.yml --syntax-checkRun the playbook:
ansible-playbook apache-site.yml -bHere -b is given to become all the install, configure, service commands need root access, where you can mention this inside playbook 'become: yes'
Once the playbook is executed successfully there will be 3 changes. Validate that
No comments:
Post a Comment