Ansible's roles allow grouping the content, which can be reused and easily share with other users. The role consists of vars, files, tasks, and other artifacts in a standard directory structure which have these subdirectories.
Tasks
Handlers
Library
Default
Vars
Files
Templates
Meta
We can use roles in the playbook or task with the help of Include and Import. To know more about Import/Include, you can check here
At Playbook level with the roles
At task level with include_roles
At task level with import_roles
Playbook
Roles at playbook level are imported statically and executes the playbook in this order
Pre tasks
Roles listed in the playbook
Tasks define in the playbook and any handler triggered by the tasks
Post tasks define after the role
---
- hosts: webservers
roles:
- aws
Task with Include
---
- hosts: all
tasks:
- name: Use a dynamic roles
include_roles:
name: role_name
Task with Import
---
- hosts: all
tasks:
- name: Use a static roles
import_role:
name: role_name
---
- hosts: all
tasks:
- name: Include the some_role role
include_role:
name: some_role
when: "ansible_facts['os_family'] == 'Ubuntu'"
Ansible's roles are really helpful to group the similar content and use in the different playbook and give the feasibility to the user to share with other which saves a lot of work. It's worth using them and shares your roles in the community to help others.
In Ansible playbooks are a collection of different tasks. It's a good idea to break the tasks into the different files, which make it easier to include/import these task in different playbooks. Now the question is when to use include or import and how these two are different from each other?
Ansible provides four distributed
– Variables
– Task
– Playbook
– Role
Include
Including variables, tasks, or role adds them into the playbook dynamically. This means when Ansible processes these files as they come up they are included in the current playbook as its variable, task, or role. So, these can be affected by the previous tasks.
Playbook's can not be used with the include
Import
Importing task, playbook, or role add them into playbook statically. Ansible pre-processes these files before it runs any task in the playbook, which means these are not affected by other tasks.
Tip: Import variables if you want to use these more than once in the playbook.
Import and Include differ with the way Ansible loads these files into the playbook. So, it is good to use the one which best fits your use case.
Ansible stops executing on the host whenever it receives a non-zero return code from a command. We can handle these situations with the helps of settings and tools to behave as it we want.
Ignoring Errors
Ansible stops executing commands on the host when it receives non-zero code, but we can ignore these errors and run the rest of the tasks as it is.
- name: I will cause an error
...configs
ignore_errors: yes
Failed when
Ansible let you define the condition when you want explicitly fail when a certain condition is true.
- name: Fail task under certain condition true
command: ls/tmp/dir_not_exist
register: result
failed_when: result.rc == 0
Aborting on first erroranyerrorsfatal finishes the fatal task on all hosts in the current batch, then stops executing on all hosts.
Handling errors with blocks
Ansible let you control errors in a block with rescue and always section. In rescue, we can define tasks which we want to run when an earlier task in a block fails. You can also think of rescue as except and always as finally in other languages to handle errors.
task:
- name: tasks to be run
block:
- name: task 1
// code
- name: task 2
// code
- name: task 3
// code
rescue:
- name: Run when one of the above task fails
// code
always:
- name: Always run
// code
Ansible provide ignore, rescue, always, failed_when to easily handle the behavior of playbook when we face any errors. We can use these commands/settings to gracefully record errors and take specific action.
Ansible's tags are helpful to run a specific part of the playbook, rather running the whole playbook. Using tags, you can run or skip the tasks.
Tags can be added to one task or multiple tasks or role, block etc. Let see how to do that
Adding tags to a task
tasks:
- name: Assign the var
apt:
name: apache2
state: latest
tags:
- vars
- name: Enable and run httpd
apt:
name: httpd
state: started
enabled: 'yes'
tags:
- httpd
- vars
Special tags
Ansible have two special tags, never and always. If you add always tag to task, play, Ansible will always run the task or play, unless explicitly asked to skip with the help of (—skip-tags always)
On the other hand, never tag if assign to a task or play, Ansible will skip that task or play unless you explicitly asked it (—tags never).
Running the Playbook with tags
will run tasks with tag git : ansible-playbook example.yml --tags "git"
will not run tasks with tag git : ansible-playbook example.yml --skip-tags "git"
list all the tags : ansible-playbook example.yml --list-tags
run all tasks, ignore tags (default behavior): --tags all
run only tasks with either the tag tag1 or the tag tag2: --tags [tag1, tag2]
run all tasks, except those with either the tag tag3 or the tag tag4:
--skip-tags [tag3, tag4]
run only tasks with at least one tag: --tags tagged
run only tasks with no tags: --tags untagged
That's all about the Ansible tags. Now go and tag your tasks :).
While running your Ansible playbook, we can have the option of passing the argument from the command line. With the help of this, we define a generic playbook and use command line arguments to control the play. Let see how
Let's first start with the playbook, where we have defined the variable x is the playbook.
Inventory(Hosts) file contains the information of the Ansible nodes. We can group based on our use case like web servers, DB servers and uses these groups to execute commands on them. But you have to create a group in the inventory file, let see how to do that.
What is Ansible
Ansible is a simple IT automation tool that make application
and system easier to deploy and maintain. With the help of Ansible, you can automate task like network configuration, code deployment and cloud management. Ansible is an agent less system, which means that you don't need to install any software on the client system.
Inventory
Inventory file is the one which contains the lists of the host servers on which Ansible works, it can be the IP Addresses, Domain name ...
Hosts
It contains the IP addresses or Fully qualified domain name of the node servers which you want to configure.
Ansible.cfg
This file contains the configuration for the Ansible, like the path of the Inventory file and values for the default variable in the Ansible
Ansible Nodes
Ansible's nodes are the client system on which we want to execute, deploy or maintain the code(servers on which we want to work).
Ansible Engine
Ansible engine/master/controller from which we manage all the server nodes.
