Ansible Patterns

Archives Ansible Project
1

Hi All,

I’ve been trying to work out the best layout for our playbooks and roles. I’ve been attempting to conform to DRY principles but trying to leave things as loosely coupled as possible.

Our infrastructure involves many similar apps that have minor differences which is why I’ve been looking specifically at how it might be possible to parameterise playbooks/roles to avoid many very similar files.

Initially I had something like this:

apps described in ‘meta roles’ (roles with only meta/main.yml that include other roles)

app1.yml

roles:

  • app1

app2.yml

roles:

  • app2

roles/app1/meta/main.yml

dependencies:

  • { role: pre_deploy_common_stuff }

  • { role: deploy_app_1 }

  • { role: deploy_other_stuff }

  • { role: post_deploy_common_stuff }

roles/app2/meta/main.yml

dependencies:

  • { role: pre_deploy_common_stuff }

  • { role: deploy_app_2 }

  • { role: post_deploy_common_stuff }

Then I tried moving the contents of ‘meta/main.yml’ for each app into playbooks like this:

apps described in playbooks

app1.yml

  • roles:

  • { role: pre_deploy_common_stuff }

  • { role: deploy_app_1 }

  • { role: deploy_other_stuff }

  • { role: post_deploy_common_stuff }

app2.yml

  • roles:

  • { role: pre_deploy_common_stuff }

  • { role: deploy_app_2 }

  • { role: post_deploy_common_stuff }

Then thinking in DRY terms, I tried this:

templated playbook with parameterization

app1.yml

  • vars:
    my_roles:
  • { role: deploy_app_1 }
  • { role: deploy_other_stuff }

include: foo.yml my_roles=“{{ my_roles }}”

app2.yml

  • vars:
    my_roles:
  • { role: deploy_app_2 }

include: foo.yml my_roles=“{{ my_roles }}”

foo.yml

  • roles:
  • { role: pre_deploy_common_stuff }

this won’t work because ‘roles’ expects a list but gets string ‘my_roles’

  • roles: “{{ my_roles }}”

neither will this because with_items doesn’t work in playbooks

  • roles: “{{ item }}”
    with_items: my_roles # or “{{ my_roles }}”

‘role’ is equivalent to including various main.yml files manually.

we still can’t use with_items or pass a list as a single argument to include so

using include: in place of role: wouldn’t work either

  • roles:
  • { role: post_deploy_common_stuff }

a possibility would be to test with_items in a meta/main.yml file but

at that point we’re moving back towards ‘meta role’ territory…!

The last example doesn’t work for reasons described in the comments. I had a quick and nasty go at getting ansible ‘roles:’ to allow lists or with_items but to no avail.

I think the last pattern may work in a ‘meta’ style role (rather than playbook) but I’m hesitant to introduce this concept of meta-roles when it seems like that information should be stored in playbooks.

I’d be interested to hear how other people approach this type of configuration or whether I’ve made any mistakes in my understanding of how to write playbooks/roles.

Thanks!

Rob

2

For those who have not seen this yet, I’d recommend reading:

http://docs.ansible.com/playbooks_best_practices.html

Other discussion of course welcome.

I can’t answer “doesn’t work” comments because I don’t know what “doesn’t work” means.

3

"

neither will this because with_items doesn’t work in playbooks

  • roles: “{{ item }}”
    with_items: my_roles # or “{{ my_roles }}”"

This is not a valid syntax, and the docs doesn’t mention this.

Ultimately, I think this would be easiest if we seperate the “best practices for organization” questions with the “I have questions about syntax” questions. Let’s address the syntax questions first.

4

"

app1.yml

  • vars:
    my_roles:
  • { role: deploy_app_1 }
  • { role: deploy_other_stuff }

include: foo.yml my_roles=“{{ my_roles }}”
"

You also can’t stick an “include” and “vars” together in the same item.

5

Hi,

Apologies for not being clearer. The third example I posted as an example of a potentially nicer way of structuring playbooks/roles if Ansible had the ability to function in that way, i.e: by ‘roles:’ supporting lists or with_items.

You also can’t stick an “include” and “vars” together in the same item.

My mistake.

Thanks,

Rob

6

Yeah, roles are not going to support with_items, it’s basically not possible.

The solution is to pass the variable into the role and loop internally.

The problem is most people try to pass in inventory variables, and that will NOT work, as the number of tasks generated by the system must be equivalent, and it’s not possible to upconvert loops into nested loops.