Ansible and the Galaxy, roles

May 31, 2015 min read

According to their site,

Ansible is a radically simple IT automation engine that automates cloud provisioning, configuration management, application deployment, intra-service orchestration, and many other IT needs.

If you want to know how to start with Ansible here’s a good tutorial, you could also start in their official documentation. If you don’t know anything about Ansible, please follow the previous links, this post is a bit more advanced.

Two weekends ago I read the preview of the new Ansible book from O’Reilly. It was a good introduction of concepts, but still needs a lot of content to be finished, for example It doesn’t say anything about roles yet, the cornerstone of Ansible.

I gotta say this was a great experience for me, and just what I needed to simplify a lot my work as a sysadmin. Coming from the Puppet world, Ansible configuration was very simple to understand (just YAML, ini files and jinja templates), and the learning curve much easier than the Puppet one. The layer Ansible adds is very thin and debugging simpler because of It.

The most powerful feature in Ansible are roles. Roles are pieces of functionality you can share with others. They can be very flexible, configurable and reusable.

This feature becomes brilliant when you combine it with the Ansible Galaxy, a repository of roles you can just install with a line in the terminal. You can also install roles from Git repositories.

> ansible-galaxy install bennojoy.mysql

# downloading role 'mysql', owned by bennojoy

So I installed mysql role by bennojoy, Let’s see how to use It.

In my case I am using this Vagrantfile to test the configuration easily.

Vagrant.configure(2) do |config| = "ubuntu/trusty64"

  config.vm.provision "ansible" do |ansible|
    ansible.playbook = "site.yml"

The site.yml will be our main Ansible configuration file.

- name: Example
  hosts: all
  remote_user: vagrant
  sudo: true

    - mysql.yml

    - bennojoy.mysql

Briefly, hosts defines which hosts will this playbook(Ansible’s configuration, deployment and orchestration language) be run, the user will be vagrant and Ansible should use sudo to run It. We added our installed bennojoy.mysql role in the roles section, and we will override the necessary variables defined in this role in the mysql.yml file.

# mysql.yml
mysql_db: [{ name: acme_db }]
mysql_users: [{ name: acme, pass: acme, priv: "acme.*:ALL" }]

We defined a user acme with permissions ALL for the db acme_db. When we run this playbook, Ansible will create the user and the database defined in the hosts we decide. In our example, they will be created in our machine created by Vagrant.

If you want to know more about how variables work you could read about It in the Ansible doc site.

Combining roles is the easiest way to install elastic search, Wordpress, Ghost, Sentry and other services. It’s also a very good way of having your service configuration tidy, under version control systems and your machines organized.

Give it a try!