Tuesday, August 3, 2021

Ansible 9 Custom Roles - Reusability

Hello Guys, welcome back to DevSecOps Automations!!
In this post, we will be exploring the Custom role create and usage in a playbook, which is a most industry requirement.


It depends on your use cases. It's always recommended to write a role if you have a complex set of tasks consist of handlers and jinja templates. Roles break down a complex playbook into simple and multiple reusable plays easy to read!

In the last post, we have learned about how ansible-galaxy helps us to install, create, modify the ready-made roles which are provided by the Ansible community freely on the Galaxy site.

What are the roles why we should use them in Ansible?

As per my understanding so far following points :
  1. A role can be defined when we have to do one or many tasks
  2. It is a set of tasks with a single objective (for example reboot of box - stop all process, reboot, start process)
  3. You can organize the code in more readable form using roles it is like functions in Python or C 
  4. Here the main objective is that roles can be exchanged within the company playbooks and if it is more genric public can share in community
  5. You can publish your roles to ansible galaxy community (public roles repository)
  6. Ansible roles can be defined with specific structure of directories and files, role name can be directory vars directory contains main.yml file to define the variables that can be reused in the role's play

Steps to define your Ansible Custom Roles  

Step 1: Create the directory structure using the ansible-galaxy command
cd roles
ansible-galaxy init apache --offline
cd apache/tasks

Step 2: to make more managable vim tasks/main.yml
- include: install.yml
- include: configure.yml
- include: service.yml

Let's create these files which are mentioned in the main.yml file, first install.yml file with
---
# install apache server
- name: install apache
  yum:
    name: httpd
    state: latest
Next configure.yml file with :
---
 - name: httpd configure
   copy: src=httpd.conf dest=/etc/httpd/conf/httpd.conf
   notify:
     - restart apache service

 - name: send index.html
   copy: src=index.html dest=/var/www/html/index.html
   /var/www/html/      

The third file is service.yml with:
---
 - name: start httpd service
   service: name=httpd state=started

Using static files by roles

Step 3: Let's create two static files as index.html file and httpd.conf file
 cp /etc/httpd/conf/httpd.conf .
 vi httpd.conf
 head httpd.conf
#
# ============== This is from ANSIBLE Configuration ======================
# This is the main Apache HTTP server configuration file.  It contains the
The web-page created from index.html file. cat roles/apache/files/index.html

Namaste Ansible configured Apache

Wishing you great learning... HAPPY A N S I B L E automations!!


Event Handlers - notify from roles

Now go to the apache/handlers where the main.yml entry you can use :
---
# Apache handler file
- name: restart apache service
  service: name=httpd state=restarted
Ensure that name of the handler should match to the name in the notify section in the configure.yml otherwise it wont trigger. cat main.yml Now update the meta information about this role
cd /home/vagrant/prod/roles
vim apache/meta/main.yml
Modify the following lines:
  author: Pavan Devarakonda
  description: Sample apache role
  company: Vybhava Technologies
  platforms:
  - name: EL
    versions:
    - all
Now goto the folder roles check with the tree command for 'apache'
tree apache
apache
├── defaults
│   └── main.yml
├── files
│   ├── httpd.conf
│   └── index.html
├── handlers
│   └── main.yml
├── meta
│   └── main.yml
├── README.md
├── tasks
│   ├── configure.yml
│   ├── install.yml
│   ├── main.yml
│   └── service.yml
├── templates
├── tests
│   ├── inventory
│   └── test.yml
└── vars
    └── main.yml

now back to the root of your project (in my casse path is /home/vagrant/prod) or else /etc/ansible vime apache-site.yml
---
- hosts: web
  gather_facts: false
  roles:
    - apache
    #- ntp you can add more roles
Now all set to go, check the syntax
ansible-playbook apache-site.yml --syntax-check
Run the playbook:
ansible-playbook apache-site.yml -b
Here -b is given to become all the install, configure, service commands need root access, where you can mention this inside playbook 'become: yes'
 
Once the playbook is executed successfully there will be 3 changes. Validate that
 



No comments:

Categories

Kubernetes (24) Docker (20) git (13) Jenkins (12) AWS (7) Jenkins CI (5) Vagrant (5) K8s (4) VirtualBox (4) CentOS7 (3) docker registry (3) docker-ee (3) ucp (3) Jenkins Automation (2) Jenkins Master Slave (2) Jenkins Project (2) containers (2) create deployment (2) docker EE (2) docker private registry (2) dockers (2) dtr (2) kubeadm (2) kubectl (2) kubelet (2) openssl (2) Alert Manager CLI (1) AlertManager (1) Apache Maven (1) Best DevOps interview questions (1) CentOS (1) Container as a Service (1) DevOps Interview Questions (1) Docker 19 CE on Ubuntu 19.04 (1) Docker Tutorial (1) Docker UCP (1) Docker installation on Ubunutu (1) Docker interview questions (1) Docker on PowerShell (1) Docker on Windows (1) Docker version (1) Docker-ee installation on CentOS (1) DockerHub (1) Features of DTR (1) Fedora (1) Freestyle Project (1) Git Install on CentOS (1) Git Install on Oracle Linux (1) Git Install on RHEL (1) Git Source based installation (1) Git line ending setup (1) Git migration (1) Grafana on Windows (1) Install DTR (1) Install Docker on Windows Server (1) Install Maven on CentOS (1) Issues (1) Jenkins CI server on AWS instance (1) Jenkins First Job (1) Jenkins Installation on CentOS7 (1) Jenkins Master (1) Jenkins automatic build (1) Jenkins installation on Ubuntu 18.04 (1) Jenkins integration with GitHub server (1) Jenkins on AWS Ubuntu (1) Kubernetes Cluster provisioning (1) Kubernetes interview questions (1) Kuberntes Installation (1) Maven (1) Maven installation on Unix (1) Operations interview Questions (1) Oracle Linux (1) Personal access tokens on GitHub (1) Problem in Docker (1) Prometheus (1) Prometheus CLI (1) RHEL (1) SCM (1) SCM Poll (1) SRE interview questions (1) Troubleshooting (1) Uninstall Git (1) Uninstall Git on CentOS7 (1) Universal Control Plane (1) Vagrantfile (1) amtool (1) aws IAM Role (1) aws policy (1) caas (1) chef installation (1) create organization on UCP (1) create team on UCP (1) docker CE (1) docker UCP console (1) docker command line (1) docker commands (1) docker community edition (1) docker container (1) docker editions (1) docker enterprise edition (1) docker enterprise edition deep dive (1) docker for windows (1) docker hub (1) docker installation (1) docker node (1) docker releases (1) docker secure registry (1) docker service (1) docker swarm init (1) docker swarm join (1) docker trusted registry (1) elasticBeanStalk (1) global configurations (1) helm installation issue (1) mvn (1) namespaces (1) promtool (1) service creation (1) slack (1)