Ansible's philosophy about running playbooks against localhost and use lot of delegate_to in roles

Archives Ansible Project
1

Hi !

I’m currently thinking what is the best way to build a complete infrastructure based on Ansible 2.

For example, take an installation of WordPress which need Apache and MySQL :

1/ I have 3 standalones roles which uses for each task delegate_to with a variable :

  • role apache

  • role mysql

  • role wordpress (dependencies : apache & mysql)

2/ I have 1 playbook which call multiples times the wordpress role with differents variables (servers, instance name, …) for the differents WordPress instances. The host used to run the playbook is localhost.

The overall solution looks good, roles are decoupled, reusables and the maintenance will not be a nightmare.

But in the documentation (intro to playbooks), I’ve read that “the goal of a play is to map a group of hosts to some well defined roles” and what I do is to map forever to localhost.

Is my solution is acceptable in the Ansible’s philosophy ? My goal is not to thinking, virtual machine but services.

Best regards,

Sylvain

2

i would say that to make your roles more reusable, don't use
delegate_to but set the play to localhost or connection=local.

3

Thanks for your reply.

My play run already on localhost. If I don’t use delegate_to, this will be hard to make actions on servers.

My roles are parametrized to take server in parameters among others so my roles are already reusable but I’m ok to say that it will be more clean to suppress delegate_to directives for each tasks in my roles.
So I must find a way to respect my philosophy to think services and not servers : I want do know easily what’s the service’s dependancies (which servers ? which databases names ? which users ? and so on).

Another plan to follow the principe of “a play is to map a group of hosts to some well defined roles” :

  • I remove delegate_to from roles
  • I specify in my playbook for each host, which roles and which params the service need

Like this, I must specify apache and mysql roles on my playbook so I no longer use dependancies in roles/wordpress/meta/.
Too bad, It was a great usage of this functionnality I think.

If I disregard theses considerations and for one wordpress instance : why not ?
But if I want more and know easily what is the service’s dependancies, I must make lot of cut and paste. It’s not nice (In first solution, I have only one line { role : wordpress ; db_server : bdd1 , … }
If I made one playbook for one instance, it will be more readable but there will be too copy and paste for me.

Have another point of view or idea to stay with Ansible’s philosophy ?

Sylvain

4

Nobody else ? :frowning: