Ansible Roles Best Practices

Ansible Roles Granularity We recommend building Ansible roles that are highly reusable by configuration, but we also recommend pragmatism as our highest priority. Roles for systems and applications designed to be standalone, or before the Cloud was around, are called “non-native cloud applications”, often those are stateful applications that can not be clustered without sharing […]

Ansible Roles Granularity

We recommend building Ansible roles that are highly reusable by configuration, but we also recommend pragmatism as our highest priority.

Roles for systems and applications designed to be standalone, or before the Cloud was around, are called “non-native cloud applications”, often those are stateful applications that can not be clustered without sharing the underlying storage and in general are not designed to be recreated or distribute the load between servers.

Be pragmatic

For the “non-native cloud applications” apply pragmatism and don’t make a big effort in creating reusable roles, instead, create a single role that makes all the necessary changes and configurations for the application even if it has actions available in other roles. It is better to have a working role than to spend a huge amount of time fixing complicated dependencies.

You can find an example of such a role in the installation of WordPress. That role configures Nginx, PHP, and WordPress and adds Let’s Encrypt – Free SSL/TLS Certificates by requesting a certificate and automating the necessary renewal tasks.

Using a single role instead of three or four roles avoids the complexity that a single Nginx role will have, needing to support too many configurations to be reusable for WordPress and also allowing for a high degree of specialization.

Role dependency (meta folder)

An example of a role defined for re-usability is the add_package role1, it was designed to install default packages defined in all group_vars and it is also used as a dependency for the WordPress role used in the How to use Ansible and Terraform together tutorial.

By defining a dependency with parameters inside the meta folder, we add other roles that should be executed before.

The add_packages role is used at the begging of the playbook installing common software in all machines, and later on by using dependencies to add the specific packages needed for the role.

dependencies:
  - { role: add_packages,
    linux_add_packages_repositories: "{{ wordpress_add_packages_repositories }}",
    linux_add_packages_keys: "{{ wordpress_add_packages_keys }}",
    linux_add_packages_names: "{{wordpress_add_packages_names }}"
    }
  1. Download the source code for the How to use Ansible and Terraform together tutorial. ↩︎
Table of Contents
Primary Item (H2)Sub Item 1 (H3)Sub Item 2 (H4)
Sub Item 3 (H5)
Sub Item 4 (H6)

Related Cloud Tutorials

Ansible Multiple Environment Best Practices
Ansible Multiple Environment Handling multiple infrastructure environments with Ansible is easily done by targeting the environment tag that is included in the mandatory AWS Tags. See AWS Tagging Best Practices. Avoid mixing environments mistakes Have switches, configurations redundancies and different keys for each environment to reduce the possibility of applying changes to the wrong client […]
Ansible Playbook Structure Best Practices
Define and apply a company-wide consistent structure for all your Ansible Playbooks that allows for easy understanding and maximum reutilization
Ansible Dynamic Inventory
Allows you to generate inventory (host and group information) dynamically rather than statically defining it in a static inventory file
AWS Terraform module
IaC
Infrastructure as Code IaC is an approach to managing and provisioning computing infrastructure through machine-readable code and automation, rather than manual processes. In IaC, infrastructure is defined, configured, and managed using code, which can be version-controlled and treated like any other software application. IaC involves: IaC provides several benefits, including improved efficiency, reduced manual errors, […]
LAN, NAT, HOST Only and Tunnel Kubernetes networks
Kubernetes Cluster using Vagrant and Ansible with Containerd (in 3 minutes)
Tutorial and full source code explaining how to create a Kubernetes cluster with Ansible and Vagrant for local development under 3 minutes.
How to use Ansible and Terraform together
This Ansible AWS tutorial shows how to use Ansible and its dynamic inventory to provision the software and configuration of infrastructure that has been created with Terraform.
AWS Public and Private Network in a VPC
AWS VPC, Route 53, RDS MariaDB, EC2 using Ansible and Terraform (1/5)
Tutorial and source code explaining how to provision and configure a VPC, Route 53, RDS MariaDB, Instances and security groups using Ansible and Terraform on AWS to run WordPress in an Ubuntu server with Nginx, PHP, and Let’s Encrypt.

Javier Ruiz

IT Wonder Lab tutorials are based on the rich and diverse experience of Javier Ruiz, who founded and bootstrapped a SaaS company in the energy sector. His company, which was later acquired by a NASDAQ traded company, managed over €2 billion per year of electricity for prominent energy producers across Europe and America. Javier has more than 20 years of experience in building and managing IT companies, developing cloud infrastructure, leading cross-functional teams, and transitioning his own company from on-premises, consulting, and custom software development to a successful SaaS model that scaled globally.

Leave a Reply

Your email address will not be published. Required fields are marked *


linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram