playbook vs. module vs. roles

Archives Ansible Project
1

As I read through the Ansible documentation (http://docs.ansible.com) I still a bit fuzzy on the playbook vs. module vs. role concept, and where different pieces of the puzzle go. Playbooks contain Ansible code, modules (http://docs.ansible.com/ansible/developing_modules.html) seem to be Python and roles I’m not too sure about.

I’ll give an example: I want to write a playbook to check or update the DNS client configuration on a RHEL 6 or 7 system. For the sake of this example I will say that I only want to update /etc/resolv.conf to ensure the servers and suffix search order are correct. I suppose I could brute force the configuration change by overwriting the /etc/resolv.conf, but keep thinking that there is a more elegant approach. I found a couple of roles (https://github.com/jdauphant/ansible-role-dns, https://github.com/trumant/ansible-resolv) which kinda do what I want, but not quite (I don’t want this topic to be about these specific roles or why the authors wrote what they wrote, I’m just using them as examples.), and I’ve also looked into modules (https://github.com/ansible/ansible-modules-core).

How do I decide what logic goes where? I sense that I need a to start with a suitable role and then build a playbook that wraps around it, yes/no/maybe?

2

Playbooks contain Plays, we sometimes refer to the files that contain plays as playbook, it is also the ‘list of plays that i’m currently running’.

Plays map hosts to tasks.

Tasks perform an action (this action is normally a module).

A module is a plugin/script that follows certain Ansible input/output specs
Modules can be written in any language, Ansible only ships with python and powershell modules.

Roles are ‘reusable subsets of a play’, mainly they group tasks and resources to accomplish a certain goal, they have no host mapping and require being in a play.
You don’t really need to use these to start, they are just a way of organizing, reusing and sharing.

There are more plugins and other stuff you’ll learn as you start dealing with more complex issues.

I personally would use a template to handle /etc/resolv.conf, but if you don’t wan’t to assume ownership of the full file, there are other modules that can just deal with the changes you want (replace, blockinfile, etc)