Ansible Roles, Tasks and Templates

Objective:

  • Create Project, Ansigle Configration File and Inventory.
  • Run Ad-hoc Commands on Managed Nodes
  • Create Templates, Roles, Tasks, Handlers and Playbooks
  • Deploy Applications using Ansible Playbooks

Sequence 1.

Running ad-hoc commands

  1. Login to

    server

    as

    ansible

    Change to

    base

    directory. To list the matching hosts using our inventory file use following command. This will not execute any command on the inventory nodes:

[ansible@server base]$ ansible all --list-hosts

  1. Check the available memory on our managed host using "free -m" command

[ansible@server base]$ ansible all -m shell -a "free -m"

  1. Add some content in a file on tester2

[ansible@server base]$ ansible tester2 -m copy -a "content='Hello, My name is sangwan' dest=~/hello.txt"

Sequence 2: Working with Ansible Roles and Playbooks

Create ansible role - oci

  • To create ansible role, use ansible-galaxy init  to create the role directory structure.
  • We will create the role inside our /roles directory i.e. ~/base/roles/oci

Don't put sensitive information in the role. For that use local playbooks or Ansible Vault.

  1. Create a Directory in your

    base

[ansible@server base]$ mkdir roles [ansible@server base]$ cd roles

  1. Next use ansible-galaxy init command to create ansible role. We will create oci role:

[ansible@server roles]$ ansible-galaxy init oci

  1. Create ansible role command was successful. If installed, use

    tree

    command to list the ansible role directory structure for oci (Install tree command if required with “

    sudo yum install tree -y

[ansible@server roles]$ tree oci

Create ansible tasks

  1. Now we know we want to update /etc/oci file using ansible playbook roles so we must create tasks so we will use the main.yml file present inside tasks folder

[ansible@server oci]$ cd oci [ansible@server oci]$ vi tasks/main.yml

We have defined the template path and destination detail to update /etc/oci

Create ansible template

  1. Create the template content which will be used to update /etc/oci in our ansible roles examples. I will create a new template file under templates directory using some variables:

[ansible@server oci]$ vi templates/oci.j2 Welcome to {{ ansible_hostname }} This file was created on {{ ansible_date_time.date }} Go away if you have no business being here. Contact {{ system_manager }} if anything is wrong or visit www.theskillpedia.com

Create ansible variables for Jinja2 Template

  1. Use defaults folder to define custom variables which is used in our template file templates/oci.j2.

[ansible@server oci]$ vi defaults/main.yml --- # defaults file for oci system_manager: [email protected]

Remove unwanted directories

  1. This step is optional. After deleting the additional directories you can use tree command to list the directory structure of oci roles

[ansible@server oci]$ rm -rf handlers tests vars [ansible@server oci]$ tree

Create ansible role playbook

  1. Now we need a playbook file which will deploy the role to our managed hosts. Create a playbook file oci-role.yml under

    base

    project directory.

[ansible@server oci]$ cd ../.. [ansible@server base]$ vi oci-role.yml --- - name: use oci role playbook hosts: tester2 user: ansible become: true   roles:    - role: oci      system_manager: [email protected]

As you see I have only provided the roles information and no other tasks are specified in the playbook file.

Deploy ansible playbook roles

  1. Now deploy ansible playbook roles to execute the oci role on our managed host.

[ansible@server base]$ ansible-playbook oci-role.yml

In the ansible roles example our ansible deployment was successful.

  1. After ansible playbook deployment, verify the task status on your managed host which for us is tester2

[root@tester2 ~]# cat /etc/oci

So the content from our oci file is updated properly on tester2 at /etc.oci.

Sequence 3. Configure Virtual Hosting with Ansible Role

Create Ansible Role - vhost

  1. We will use our existing ~/base/roles/ project to create ansible roles directory structure using "vhost" role

[ansible@server base]$ cd roles/

  1. To create ansible role vhost use ansible-galaxy init  command as shown below:

[ansible@server roles]$ ansible-galaxy init vhost - vhost was created successfully

  1. You can use tree command to check the structure of the vhost directory:

[ansible@server roles]$ tree [ansible@server roles]$ cd ..

  1. Create ansible tasks
  • In the main.yml inside tasks folder we define the tasks to be performed
  • Install httpd using yum module
  • Start and enable the httpd service using the service module
  • Next source the vhost.conf.j2 file to destination using template module available under templates directory

[ansible@server base]$ vi roles/vhost/tasks/main.yml --- # tasks file for vhost - name: install http yum:    name: httpd    state: latest - name: start and enable httpd service:    name: httpd    state: started    enabled: true - name: install vhost config file template:    src: vhost.conf.j2    dest: /etc/httpd/conf.d/vhost.conf    owner: root    group: root    mode: 0644

  1. In roles we separate tasks with ansible handlers. So in this ansible roles example in handlers/main.yml we instruct ansible to restart httpd once the tasks are done

[ansible@server base]$ vi roles/vhost/handlers/main.yml --- # handlers file for vhost - name: restart httpd service:     name: httpd     state: restarted

  1. Create ansible template for virtual host configuration using variables under templates The variables will be auto filled on destination names.

[ansible@server base]$ vi roles/vhost/templates/vhost.conf.j2 # {{ ansible_managed }}        MasterAdmin webmaster@{{ ansible_fqdn }}        MasterName {{ ansible_fqdn }}        ErrorLog logs/{{ ansible_hostname }}-error.log        CustomLog logs/{{ansible_hostname }}-common.log common        DocumentRoot /var/www/vhosts/{{ ansible_hostname }}/                               Options +Indexes +FollowSymlinks +Includes                Order allow,deny                Allow from all       

  1. Similar to our ansible roles example for oci, we will remove our unwanted directories.

[ansible@server base]$ cd roles/vhost/ [ansible@server vhost]$ rm -rf defaults files tests vars

  1. We have added post_tasks to copy index.html from localhost to destination on managed host (tester2) under /var/www/html//. So we will create an index.html on the 

    server

    which we want to be copied to the destination with our playbook:

[ansible@server vhost]$ cd ../.. [ansible@server base]$ mkdir -p files/html [ansible@server base]$ echo "Welcome to this host" >> files/html/index.html

  1. Create ansible role playbook which will deploy the role to managed hosts.

[ansible@server base]$ vi apache-vhost.yml --- - name: create apache vhost hosts: tester2 roles:     - vhost post_tasks:     - name: install contents from local file       copy:         src: files/html/         dest: "/var/www/vhosts/{{ ansible_hostname }}"

  1. Deploy the ansible playbook roles to execute the vhost role on managed host.

[ansible@server base]$ ansible-playbook apache-vhost.yml

So looks like our ansible playbook roles has successfully executed.

  1. To check if httpd service is active on our managed host tester2

[ansible@server base]$ ansible tester2 -a 'systemctl is-active httpd'

As we see the service active, we can also check the output of vhost.conf which we had populated. Execute the below command on

server

[ansible@server base]$ ansible tester2 -a 'cat /etc/httpd/conf.d/vhost.conf'