Mak

Hi,

I am just learning Ansible, coming from Puppet and having looked into Salt a bit. The simplicity is refreshing, but I was surprised by the number of files and directories I needed to create in order to use roles. (Maybe they are designed only to be used if you grow beyond a certain complexity level, but the docs suggest them as best practice.)

The tasks, handlers and vars directories seem a bit overkill:

• If roles/x/tasks/main.yml exists, tasks listed therein will be added to the play
• If roles/x/handlers/main.yml exists, handlers listed therein will be added to the play
• If roles/x/vars/main.yml exists, variables listed therein will be added to the play

Would a pull request be accepted that also looks for these files:

• roles/x/tasks.yml
• roles/x/handlers.yml
• roles/x/vars.yml

Regards,
Joost

PS. The section Group By Roles in the Best Practices confused me for a while after having read about roles.

You can choose to just create one of the many directories and will be fine if you do that.

I don’t think they are overkill.

Hi Michael,

What I meant was that the tasks, handlers and vars directories
themselves seem overkill. Why force a directory that only contains one
file?

Regards,
Joost

I don’t know about anyone else, but I tend to have a main.yml which then includes multiple other files that are also in the same directory.

Otherwise a huge main.yml becomes quite unwieldy to manage. In that way, I find having separate directories works really well.

Mark

Hi Mark,

Ah, so that is common, then. I take it task includes with relative
filenames are looked up in the tasks/ directory then. (That was one
detail that was missing from the docs.)

Regards,
Joost

Hi,

We tend to have a “common” role, and stuff like “ubuntu-common”, “redhat-common” , etc. And inside those tasks folders we have multiple little playbooks for stuff like configuring NTP, ssmtp, resolv.conf, various little packages and tweaks. And those are then included via the main.yml.

Makes it all very sturdy,

Thanks to both Marks for their use-cases. I think I should think about
roles as being more granular than I initially thought.

My use-case is apparently slightly different. The docs say: "Grouping
content by roles also allows easy sharing of roles with other users."
Reuse is often simpler when elements are smaller, and I have many
small reusable "modules", that set up fail2ban, SSH, Postfix,
elasticsearch, etc. They are often just a few tasks, one handler and
one or two files and templates. Because these components are small,
the "unnecessary" directories are starting to wear me down.

Maybe I am missing some other organisational structure in Ansible?

Regards,
Joost

I don’t think it matters if you are missing something or not, roles are going to be the way they are, because they expand out into greater usages and mean we don’t have two ways to do the same thing.

Ansible is very much intended to be a minimal system, it always has been that way, and we’re not going to introduce a “half playbook” that includes a combo roles/tasks/vars in one file.

Roles pathing is very useful for the way a task file can include other files in the right directories and you can break things up into smaller pieces.

Hi Michael,

I don't think I proposed a combo roles/tasks/vars file, but I won't
argue my case further.

Thanks for thinking along!

Regards,
Joost

Hi Mark,

Did you mean you are including playbooks in the role/x/tasks/main.yml
file? If I include a playbook, Ansible complains: "ERROR: tasks is not
a legal parameter in an Ansible task or handler".

If you meant to say you have little task lists, do you also find you
are mirroring the same structure in the handlers directory?

Regards,
Joost

No, what he means is from roles/x/tasks/main.yml you can do

“-include: other.yml”

and have another task file pulled in.

You can’t include playbooks from tasks.

Yes that exactly:

inside roles/x/tasks/main.yml:

• include ssh.yml
• include: smtp.yml
• include: ssh.yml
  etc.

And those yml’s are right next to the main.yml

All look like this:

Hi Mark,

Detailed explanation. I would have expected the ssh, smtp, etc. tasks
to be usable outside of the x role, and thus pulled from outside the
role directory. Probably imprinting from Puppet and the like.
Interesting to see another perspective. I'll try it out.

Thanks!

Regards,
Joost

I wanted the site.yml to be “pretty” when you look at it.

Therefore I do not want to “clutter” it with:

roles:

• ssh
• smtp
• ntp
• apache
• banner
• motd
• defaultbash
• dir_colors
• etc,
• etc.

see? That list can become way too long for my taste.

Yes, totally, that’s it!

You can easily have a common.yml that includes a lot of tiny task files that all live in the same task directory.

Hey guys, we’ve configured aws through configuration, and everything is working fine. We’re trying to now load/deploy all the code to our aws servers. We were told to use main.yml, but when we run this command:

ansible-playbook -vvv ~/repos/edx-configuration/playbooks/roles/edxapp/tasks/main.yml -e ‘region=eu-west-1 key=edX name=edx-configuration’

We are getting:

ERROR: file is not a legal parameter in an Ansible Playbook

Would you have any suggestions?

Thanks very much,

Max

It looks like you’re trying to run the role directly, which is not correct. You should create a playbook and include the roles there. For example:

Are there any pre-written playbooks that will configure the site as intended across all the 12 AWS instances that were created using the Cloudformation method mentioned here: https://github.com/edx/configuration/wiki/AWS-Installation?

@jamescammarata I’m not sure I understand what you mean, could you please elaborate further?

Please review the getting started documentation on our site as well as the playbook documentation here:

http://www.ansibleworks.com/docs/playbooks.html

Roles are typically a group of related commands, and do not contain the full information required to run a play.