Newbie needs help re-using a tasklist

[re...@charbonneau.de]

Dear community,

first of all I want to apologize for my lack of knowledge but I'm relatively new to Ansible

and have a weak background regarding scripting/programming. I'm more the operating type and

not the dev guy. ;)

But still, my boss asked tasked me to get familiar with Ansible (because we want to use it

for our cloud deployment in the near future).

So I would really love if you could assist me with a few issues I ran into. I'll try to ask

meaningful questions and I'll also try to give you all the information you need to understand

my problem(s).

So let's start right away.

What is the environment?

1) We are using the latest Ansible build right out of git. Our Ansible master is a Debian Jessie EC2 instance. 

2) We are using Amazon AWS (EC2, RDS, Route53, CodeCommit and some other services).

3) We want to spin up Debian machines (some Apache reverse proxies as well as some application servers with the software our company develops -> we use an embedded Tomcat -> Spring Boot)

What is the issue?

As of now, I have a playbook wich is split up into smaller .yml files. The reason for that is, that we want to "re-use" some of .yml files in other playbooks so we don't have to rewrite everything from scratch as we progress.

- name: Create the APP instance
  hosts: localhost
  connection: local
  remote_user: admin
  become: yes
  gather_facts: no


  vars_files:
    - app_vars.yml


  tasks:
    - include: generic_ec2.yml
    - include: generic_debian.yml
    - include: generic_git.yml
    - include: generic_services.yml
    - include: generic_ssh.yml
    - include: app_ssh.yml
    - include: generic_reboot.yml

This is the main playbook for the app server(s). As you can see, we include one variable files and several task lists. By the way, this works just fine but I wanted to improve certain things.

Therefore I have added one of task lists I struggle to improve.

- name: dist upgrade
  apt: upgrade=dist
  delegate_to: "{{ groups.launched[0] }}"


- name: install apt packages
  apt: name={{ item }} state=latest
  with_items: "{{ aptpackages }}"
  delegate_to: "{{ groups.launched[0] }}"


- name: install apt packages backports
  apt: name={{ item }} default_release=jessie-backports state=latest
  delegate_to: "{{ groups.launched[0] }}"
  with_items: "{{ aptpackagesbackports }}"


- name: autoremove apt packages
  shell: apt-get -y autoremove --purge
  delegate_to: "{{ groups.launched[0] }}"

The issue I have with this is, that I want to re-use this part with a bunch of other playbooks. But not every other type of server needs packages removed or need packages from backports.

So I would like to implement some kind of check if there is something to remove/install or not. If not, Ansible will skip that particular task in the task list.

Our varible files usually look like this:

---
gitrepository: "<git repo>"
gituser: "<git user>"
gitdirectory: "/tmp"


keypair: "<keypair>"
instance_type: "t2.micro"
vpc_subnet_id: "subnet-XXXXXXXX"
security_group_id: 'sg-XXXXXXXX'
image: ami-30e01d5f
region: eu-central-1
volume_size: 9
assign_public_ip: yes
delete_on_termination: "yes"
termination_protection: "no"
hostname: "<hostname>"
publichostname: "<public_hostname>"
tags:
 OS: Debian
 Codename: Jessie
 Name: APPTest1234Micro
 Type: Appserver
aptpackages:
  - ntp
  - locales
  - heirloom-mailx
  - debian-goodies
  - apt-listchanges
  - unattended-upgrades
  - fail2ban
  - lsb-invalid-mta
aptpackagesbackports:
  - openjdk-8-jdk
  - openjdk-8-jre

Any ideas/suggestions?

Best regards

René

[Johannes Kastl]

On 26.01.17 08:28 rene via Ansible Project wrote:

> As of now, I have a playbook wich is split up into smaller .yml
> files. The reason for that is, that we want to "re-use" some of
> .yml files in other playbooks so we don't have to rewrite
> everything from scratch as we progress.

I would try to get familiar with using roles rather than including
yml-files. Easier (for me) and less error prone.

https://docs.ansible.com/playbooks_roles.html

> delegate_to: "{{ groups.launched[0] }}"

Rather than targetting localhost at the beginning and then delegating
everything to hosts, I would try to work the other way.

Side note:
I have only "hosts: {{ target }}" in my playbooks, that way I can
decide on the command line, which hosts to target by using
"ansible-playbook some.yml -e 'target=foobar'".

> The issue I have with this is, that I want to re-use this part with
> a bunch of other playbooks. But not every other type of server
> needs packages removed or need packages from backports.

Add a when condition to only execute the task, if e.g. your variable
aptpackages is defined
when: 'aptpackages is defined'
(indentation equal to the name or apt lines)

Johannes

[re...@charbonneau.de]

Thanks, that helped a lot. :)

[re...@charbonneau.de]

Am Freitag, 27. Januar 2017 08:50:52 UTC+1 schrieb Johannes Kastl:

Add a when condition to only execute the task, if e.g. your variable
aptpackages is defined
when: 'aptpackages is defined'
(indentation equal to the name or apt lines)

Johannes

As mentioned before, your answer helped a lot! Here is the solution I came up with.

- name: install apt packages

  apt: name={{ item }} state=latest

  delegate_to: "{{ groups.launched[0] }}"

  with_items: "{{ aptpackages }}"

  when: not((aptpackages is undefined) or (aptpackages is none) or (aptpackages | trim == ''))

I thought it would be more resilient to check if the variable is just undefined, none existing or empty. Because in all cases I want that action to be skipped. I tested all cases and it works for me. :)

I will also think about the other suggestions you made.

René