About Ansible Roles

Here we play with Ansible Roles, as Ansible is powerful configuration automation tool by running playpook, in addition organizing multiple Ansible contents and playbooks into roles provides a structural and more manageable way to achieve complex tasks for multiple targets or groups.


Ansible Roles can be created by:

  • Method1: Create Ansible roles by ansible-galaxy

Quickly creating a well-defined role directory structure skeleton, we can leverage the command ansible-galaxy init

[root@localhost ansible]# ansible-galaxy init zack-role
 Role zack-role was created successfully
[root@localhost ansible]# tree zack-role
├── defaults
│   └── main.yml
├── files
├── handlers
│   └── main.yml
├── meta
│   └── main.yml
├── README.md
├── tasks
│   └── main.yml
├── templates
├── tests
│   ├── inventory
│   └── test.yml
└── vars
    └── main.yml

defaults: Contain default variables for the role.

files: Contain static files that you want to copy to the target hosts.

handlers: Contain handlers, which are tasks triggered by other tasks.

meta: Contain metadata for the role, such as dependencies.

tasks: Contains a main.yaml file, which includes tasks specific to the “server1” role.

templates: Contain Jinja2 templates.

vars: Contain variables specific to the “server1” role


  • Method2: Manually create roles (server1 & server2) by create on-demand folder structure, Setting up groups in ansible inventory file:
vim /etc/ansible/hosts
# add group server1 as web server, server2 as backend

[server1] # web

[server2]  # backend

# create own roles structure server1 (web) and server2 (backend)
# create zack.html under role server1/files

[root@localhost ansible]# tree roles
├── base
│   └── tasks
│       └── main.yaml
├── server1
│   ├── defaults
│   ├── files
│   │   └── zack.html
│   ├── handlers
│   ├── meta
│   ├── tasks
│   │   └── main.yaml
│   ├── templates
│   └── vars
└── server2
    ├── defaults
    ├── files
    ├── handlers
    ├── meta
    ├── tasks
    │   └── main.yaml
    ├── templates
    └── vars
  • define tasks for role server1 and role server2
cat /etc/ansible/roles/server1/tasks/main.yaml
# web server tasks include: install httpd, enable service, open 80 port, replace index.html, restart httpd service
- name: Install HTTPD package
    name: httpd
    state: present

- name: Enable HTTPD service
    name: httpd
    enabled: yes
    state: started

- name: Open port 80 in firewall
    service: http
    permanent: yes
    state: enabled

- name: replace index.html
    src: zack.html
    dest: /var/www/html/index.html
    owner: root
    group: root
    mode: 0644
  register: httpd_updated

- name: restart httpd service
    name: httpd
    state: restarted
  when: httpd_updated.changed

cat /etc/ansible/roles/server2/tasks/main.yaml

# backend server2 tasks include install epel repo, install iftop and lrzsz

- name: Install epel-release
      - epel-release
    state: latest
- name: Check Yum Repository List
    list: repo

- name: Install usage packages
      - iftop
      - lrzsz
    state: latest
  • define role main playbook zack-role.yaml
# update repo for all hosts, for server1 and server 2, execute each role server1 and server2

- become: true
  hosts: all
  - name: update repository index
    tags: always
      update_cache: yes
    changed_when: false

- import_playbook: /etc/ansible/add-more-user.yaml

- hosts: server1
  become: true
    - server1

- hosts: server2
  become: true
    - server2
  • run playbook for zack-role.yaml
[root@localhost ansible]# ansible-playbook zack-role.yaml

PLAY [all] **************************************************************************************************************************

TASK [Gathering Facts] **************************************************************************************************************
ok: []
ok: []

TASK [update repository index] ******************************************************************************************************
ok: []
ok: []

PLAY [server1] **********************************************************************************************************************

TASK [Gathering Facts] **************************************************************************************************************
ok: []

TASK [server1 : Install HTTPD package] **********************************************************************************************
ok: []

TASK [server1 : Enable HTTPD service] ***********************************************************************************************
ok: []

TASK [server1 : Open port 80 in firewall] *******************************************************************************************
ok: []

TASK [server1 : replace index.html] *************************************************************************************************
ok: []

TASK [server1 : restart httpd service] **********************************************************************************************
skipping: []

PLAY [server2] **********************************************************************************************************************

TASK [Gathering Facts] **************************************************************************************************************
ok: []

TASK [server2 : Install epel-release] ***********************************************************************************************
ok: []

TASK [server2 : Check Yum Repository List] ******************************************************************************************
ok: []

TASK [server2 : Install usage packages] *********************************************************************************************
ok: []

PLAY RECAP **************************************************************************************************************************                 : ok=11   changed=0    unreachable=0    failed=0    skipped=1    rescued=0    ignored=0                 : ok=10   changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
  • Bingo! validate httpd on server1, and iftop & lrzsz installed on server2 by leveraging with ansible roles
[root@localhost ansible]# curl
This is zack test Ansible role web !!!!!!!!!!!   