Ansible Roles - Concept
51 views
Skip to first unread message
RG
Nov 23, 2022, 8:19:57 AM11/23/22
to Ansible Project
i'd like to migrate my playbooks into ansible roles. I started but a basic question raises.
E.g.
I'd like to implement nfs in a bunch of of linux machines. on one machine i've to configure the nfs-sharing and on the other machines I've to implemt the link to the nfs-sourcing host.
systemA - configure a share for other hosts
systemB,C,D - use the nfs-sharing from system A
I tried to create a role called nfs where i have to configure a few tasks on systemA and the other tasks on systemB,C,D
I've splitted the tasks into 2 vaious task files one for systemA and one for systemB and both will be imported into main.yml in tasks.
---
# tasks file for installing nfs
- import_tasks: install_cmp.yml
- import_tasks: install_machines.yml
- import_tasks: install_cmp.yml
- import_tasks: install_machines.yml
in the run.yml I tried to call the same role twice where I used tags to call the plays for the cmp machine from install_cmp.yml and the tags in install_machines for running the plays for the other machines. however this doesn't work
- hosts: cmp
become: true
tags:
- create_nfs_cmp
- config_exports_cmp
- exportfs_cmp
- symlink_cmp
- symlink_hostsini_cmp
roles:
- nfs
- hosts:
- hardware:!cmp
- vms
become: true
tags:
- create_nfs_machines
- mnt_nfs_machines
roles:
- nfs
become: true
tags:
- create_nfs_cmp
- config_exports_cmp
- exportfs_cmp
- symlink_cmp
- symlink_hostsini_cmp
roles:
- nfs
- hosts:
- hardware:!cmp
- vms
become: true
tags:
- create_nfs_machines
- mnt_nfs_machines
roles:
- nfs
is my concept wrong, do I have to configure to roles one for setting up nfs on cmp and one for implementing nfs on the machines or is it possible to create just one role for installing nfs on with vaious tasks on various machines?
Thx
samuel....@gmail.com
Nov 28, 2022, 11:57:32 AM11/28/22
to Ansible Project
Hi RG,
Here is a solution for that problem which I have used for a long time, maybe before ansible tags were available.
tasks/main.yml:
- name: include client
import_tasks: client.yml
when: run_nfs_client is defined
- name: include server
import_tasks: server.yml
when: run_nfs_server is defined
playbook.yml:
---
- hosts: nfs_clients
become: true
roles:
- {role: 'nfs_role', run_nfs_client: true}
- hosts: nfs_servers
become: true
roles:
- {role: 'nfs_role', run_nfs_server: true}
---
Let's consider tags instead.
You wrote "this doesn't work". What exactly happened?
If you run your playbook with an ordinary call to ansible-playbook, it will follow the default behavior: "--tags all - run all tasks, ignore tags (default behavior)". So, it will 'ignore tags'. If it's ignoring tags, whatever solution you tried to implement with tags won't take effect.
Next, if you run this:
ansible-playbook -t create_nfs_cmp
It will execute on the cmp hosts. But it will run the whole nfs role (unless you have tagged specific tasks).
A step towards a solution could be to add the tags in tasks/main.yml instead.
tasks/main.yml:
- name: include nfs server
import_tasks: install_cmp.yml
tags:
- nfs_server_tag
- name: include nfs clients
import_tasks: install_machines.yml
tags:
- nfs_client_tag
Then if you have a playbook clients.yml as follows:
clients.yml:
- hosts: nfs_clients
become: true
roles:
- nfs_role
and run it:
ansible-playbook -t nfs_client_tag clients.yml
or similarly create this,
ansible-playbook -t nfs_server_tag servers.yml
So, that should work. But how to join them all together in one big playbook without resorting to the trick I mentioned at the beginning? Is that method still necessary?
A confusion with tags is to distinguish between labeling tasks versus choosing which ones will be processed. It's easy to get those two sides of the equation mixed up. In order to select which tags will get processed you have to run the ansible-playbook command with the -t flag.
Here is a solution for that problem which I have used for a long time, maybe before ansible tags were available.
tasks/main.yml:
- name: include client
import_tasks: client.yml
when: run_nfs_client is defined
- name: include server
import_tasks: server.yml
when: run_nfs_server is defined
playbook.yml:
---
- hosts: nfs_clients
become: true
roles:
- {role: 'nfs_role', run_nfs_client: true}
- hosts: nfs_servers
become: true
roles:
- {role: 'nfs_role', run_nfs_server: true}
---
Let's consider tags instead.
You wrote "this doesn't work". What exactly happened?
If you run your playbook with an ordinary call to ansible-playbook, it will follow the default behavior: "--tags all - run all tasks, ignore tags (default behavior)". So, it will 'ignore tags'. If it's ignoring tags, whatever solution you tried to implement with tags won't take effect.
Next, if you run this:
ansible-playbook -t create_nfs_cmp
It will execute on the cmp hosts. But it will run the whole nfs role (unless you have tagged specific tasks).
A step towards a solution could be to add the tags in tasks/main.yml instead.
tasks/main.yml:
- name: include nfs server
import_tasks: install_cmp.yml
tags:
- nfs_server_tag
- name: include nfs clients
import_tasks: install_machines.yml
tags:
- nfs_client_tag
Then if you have a playbook clients.yml as follows:
clients.yml:
- hosts: nfs_clients
become: true
roles:
- nfs_role
and run it:
ansible-playbook -t nfs_client_tag clients.yml
or similarly create this,
ansible-playbook -t nfs_server_tag servers.yml
So, that should work. But how to join them all together in one big playbook without resorting to the trick I mentioned at the beginning? Is that method still necessary?
A confusion with tags is to distinguish between labeling tasks versus choosing which ones will be processed. It's easy to get those two sides of the equation mixed up. In order to select which tags will get processed you have to run the ansible-playbook command with the -t flag.
Robert Grießner
Dec 1, 2022, 4:57:20 PM12/1/22
to ansible...@googlegroups.com
thx samuel, looks good. if there's some time i'll have a try. br, robert
--
You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/aVhsyBXc_vk/unsubscribe.
To unsubscribe from this group and all its topics, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/59451dbb-15ba-433f-97ee-7499057a39d8n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages