Roles let you automatically load related vars, files, tasks, handlers, and other Ansible artifacts based on a known file structure. After you group your content into roles, you can easily reuse them and share them with other users.
Prerequisites
In order to execute the automated setup provided by the playbook we’re discussing in this guide, you’ll need:
- One Ansible control node: an Ubuntu 20.04 machine with Ansible installed and configured to connect to your Ansible hosts using SSH keys. Make sure the control node has a regular user with sudo permissions. To set up Ansible, please follow https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#installing-ansible-on-ubuntu
- One or more Ansible Hosts: one or more remote Ubuntu 20.04 servers previously set up.
How do we create Ansible Roles?
To create an Ansible role, use the ansible-galaxy command which has the templates to create it. This will create it under the default directory /etc/ansible
/roles and do the modifications else we need to create each directory and file manually. The client ansible-galaxy is included in Ansible. The Galaxy client allows you to download roles from Ansible Galaxy, and also provides an excellent default framework for creating your own roles.
ansadmin@ThinkPad-X240:~$ sudo ansible-galaxy init /etc/ansible/roles/apache - Role /etc/ansible/roles/apache was created successfully List out the directory created under /etc/ansible/roles. ansadmin@ThinkPad-X240:/etc/ansible/roles$ tree /etc/ansible/roles/apache /etc/ansible/roles/apache defaults main.yml handlers main.yml meta main.yml README.md tasks main.yml tests inventory test.yml vars main.yml 6 directories, 8 files
Here, ansible-galaxy is the command to create the roles using the templates, init is to initialize the role, and here apache is the name of the role. No, we can add files and modify the role according to our use case. List out the directory created under /etc/ansible/roles/apache.
ansadmin@ThinkPad-X240:~$ tree /etc/ansible/roles/apache /etc/ansible/roles/apache defaults main.yml files apache2.original index.html handlers main.yml meta main.yml README.md tasks configure.yml install.yml main.yml service.yml templates tests inventory test.yml vars main.yml 8 directories, 13 files
We have got a clean directory structure with the ansible-galaxy command. Each directory must contain a main.yml file. By default, Ansible will look in each directory within a role for a main.yml file for the relevant content.
Directory Structure:
- tasks – contains the main list of tasks to be executed by the role.
- handlers – contains handlers, which may be used by this role or even anywhere outside this role.
- defaults – default variables for the role.
- vars – other variables for the role. Vars have a higher priority than defaults
- files – contains files required to transfer or deployed to the target machines via this role.
- templates – contains templates that can be deployed via this role.
- meta – defines some data/information about this role (author, dependency, versions, examples, etc,.)
You can see the following playbook example to install and configure apache2 on ubuntu 20.04.
Let’s convert this playbook code into an Ansible role.
--- - hosts: all become: yes tasks: - name: install apache2 package apt: name=apache2 state=latest - name: copy apche configuration file copy: src=/data/httpd.original dest=/etc/httpd/conf/httpd.conf - name: copy index.html file copy: src=/data/index.html dest=/var/www/html notify: - restart apache - name: start and enable httpd service service: name=apache2 state=restarted enables=yes handlers: - name: restart apache service: name=apache2 state=restarted
First, move on to the Ansible roles directory and start editing the yml files.
1.Tasks
Edit main.yml available in the tasks folder to define the tasks to be executed.
ansadmin@ThinkPad-X240:/etc/ansible/roles/apache/tasks$ cat main.yml --- - name: install apache2 package apt: name=apache2 state=latest - name: copy apche configuration file copy: src=/data/httpd.original dest=/etc/httpd/conf/httpd.conf - name: copy index.html file copy: src=/data/index.html dest=/var/www/html notify: - restart apache - name: start and enable httpd service service: name=apache2 state=restarted enables=yes
Altogether, you can add all your tasks in this file or just break the codes even more as below using “import_tasks” statements.
ansadmin@ThinkPad-X240:/etc/ansible/roles/apache/tasks$ cat main.yml --- # tasks file for /etc/ansible/roles/apache - import_tasks: install.yml - import_tasks: configure.yml - import_tasks: service.yml
Let’s create install.yml, confgure.yml, service.yml included in the main.yml with actions in the same directory.
install.yml
ansadmin@ThinkPad-X240:/etc/ansible/roles/apache/tasks$ cat install.yml --- - name: install apche2 package apt: name=apache2 state=latest
configure.yml
ansadmin@ThinkPad-X240:/etc/ansible/roles/apache/tasks$ cat configure.yml --- - name: copy apache configuration file copy: src=files/apache2.original dest=/etc/apache2/sites-available/thenaturepalette.conf - name: copy index.html file copy: src=files/index.html dest=/var/www/thenaturepalette/ - name: rename the default apache configuration file to disable it command: "mv /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/000-default. conf_bak" - name: create symlink for new configuration file file: src: /etc/apache2/sites-available/thenaturepalette.conf dest: /etc/apache2/sites-enabled/thenaturepalette.conf state: link notify: - restart apache
service.yml
--- - name: start and enable apache2 service service: name=apache2 state=restarted enabled=yes
2.Files
Copy the required files (httpd.conf and index.html) to the files directory.
ansadmin@ThinkPad-X240:/etc/ansible/roles/apache/files$ ls -l total 8
-rw-r--r-- 1 root root 284 Feb 13 22:29 apache2.original
-rw-r--r-- 1 root root 46 Feb 14 21:59 index.html
ansadmin@ThinkPad-X240:/etc/ansible/roles/apache/files$ cat apache2.original
ServerAdmin webmaster@localhost ServerName thenaturepalette.xyz ServerAlias www.thenaturepalette.xyz DocumentRoot /var/www/thenaturepalette/ ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ansadmin@ThinkPad-X240:/etc/ansible/roles/apache/files$ cat index.html This is a HTML page for testing ansible role.
3.Handlers
Edit handler’s main.yml to restart the server when there is a change. Because we have already defined it in the tasks with notify option. Use the same name “restart apache” within the main.yml file as below.
ansadmin@ThinkPad-X240:/etc/ansible/roles/apache/handlers$ cat main.yml --- # handlers file for /etc/ansible/roles/apache - name: restart apache service: name=apache2 state=restarted
4.Meta
Edit meta main.yml to add the information about the roles like author, descriptions, license, platforms supported.
ansadmin@ThinkPad-X240:/etc/ansible/roles/apache/meta$ cat main.yml galaxy_info: author: Scarlett description: DevOps testing company: your company (optional) ——skipped
We can list out the files now.
ansadmin@ThinkPad-X240:/etc/ansible/roles/apache$ tree . defaults main.yml files apache2.original index.html handlers main.yml meta main.yml README.md tasks configure.yml install.yml main.yml service.yml templates tests inventory test.yml vars main.yml 8 directories, 13 files
Let’s apply this role into the ansible-playbook “apache_role_playbook.yml” as below to deploy it on the client nodes.
ansadmin@ThinkPad-X240:/etc/ansible/playbooks$ cat apache_role_playbook.yml --- - hosts: all become: yes roles: - apache
We have defined these changes should be run on all nodes, you can also use specific hostnames/IPs if needed. Specify the role name as “apache”, also if you have created multiple roles, you can use the below format to add it.
–apache
–mysql
–ftp
Lets verify for syntax errors:
ansadmin@ThinkPad-X240:/etc/ansible/playbooks$ ansible-playbook apache_role_playbook.yml --syntax-check playbook: apache_role_playbook.yml
No errors were found. Let’s move on to deploy the role.
ansadmin@ThinkPad-X240:/etc/ansible/playbooks$ ansible-playbook apache_role_playbook.yml PLAY [all] **************************************************************************************************************** ******************** TASK [Gathering Facts] **************************************************************************************************************** ******** ok: [13.235.104.239] TASK [apache : install apche2 package] ******************************************************************************************************** changed: [13.235.104.239] TASK [copy apache configuration file] ********************************************************************************************************* changed: [13.235.104.239] TASK [apache : copy index.html file] ********************************************************************************************************** changed: [13.235.104.239] TASK [rename the default apache configuration file to disable it] ***************************************************************************** changed: [13.235.104.239] TASK [apache : create symlink for new configuration file] ************************************************************************************* changed: [13.235.104.239] TASK [start and enable apache2 service] ******************************************************************************************************* changed: [13.235.104.239] PLAY RECAP **************************************************************************************************************** ******************** 13.235.104.239 : ok=7 changed=6 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
That’s it, we have successfully deployed the Apache webserver using Ansible Roles to the client node. Login into the client node and verify the following things.
ansadmin@ip-172-31-37-135:~$ apache2 -v Server version: Apache/2.4.41 (Ubuntu) Server built: 2022-03-16T16:52:53ansadmin@ip-172-31-37-135:~$ systemctl status apache2 apache2.service - The Apache HTTP Server Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2022-03-25 06:30:42 UTC; 20s ago Docs: https://httpd.apache.org/docs/2.4/ Process: 17962 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS) Main PID: 17966 (apache2) Tasks: 55 (limit: 1147) Memory: 4.7M CGroup: /system.slice/apache2.service 17966 /usr/sbin/apache2 -k start 17967 /usr/sbin/apache2 -k start 17968 /usr/sbin/apache2 -k start
You can now test by loading the server IP in the browser, you can see the test index.html page loading fine.
Conclusion
In this guide, we used Ansible to automate the process of installing and configuring Apache on Ubuntu 20.04.
