Skip to content

Implementing Ansible Roles

Avatar photo

In a production environment, we will have hundreds and thousands of different types machines to handle. Hence the type of operations and implementation methods will be different from one to another. You can add different tasks or handlers for each type of operation or host, but managing such a playbook is not an easy job. By using Ansible Roles๏ปฟ๏ปฟ, you can organize your playbook into smaller and separate playbooks.

See all parts of  Automation with Ansible Guides here๏ปฟ

You can include all the required variables, tasks, template file, other files etc in the role directory itself. Hence your ansible project file and directory will be arranged in a more organized manner. Roles can also written in a manner where you forecast the re-use of roles.

  • By using roles, you can easily share your play with other teams by sharing the entire role directory. Eg: you can write a role for install_dbserver or setup_webserver, later can share to public/other teams.
  • Larger projects can create in a modular way and easy to manage.
  • Even different user can create different roles in parallel and share to same project. eg: user1 write a role for install_dbserver and userb focus on setup_webserver role.

Roles Directory Structure

As I mentioned above, content of role are arranged in an orgnaized way as below. The top level directory defines the name of the role itself. You can see, I have two roles named myapache and dbsetup roles in my roles directory. Some of the directories contains main.yml which is the main file containing tasks, variables or handlers.

โ”œโ”€โ”€ ansible.cfg
โ”œโ”€โ”€ apache.yml
โ”œโ”€โ”€ inventory
โ””โ”€โ”€ roles
    โ”œโ”€โ”€ myapache
    โ”‚   โ”œโ”€โ”€ defaults
    โ”‚   โ”‚   โ””โ”€โ”€ main.yml
    โ”‚   โ”œโ”€โ”€ handlers
    โ”‚   โ”‚   โ””โ”€โ”€ main.yml
    โ”‚   โ”œโ”€โ”€ meta
    โ”‚   โ”‚   โ””โ”€โ”€ main.yml
    โ”‚   โ”œโ”€โ”€
    โ”‚   โ”œโ”€โ”€ tasks
    โ”‚   โ”‚   โ””โ”€โ”€ main.yml
    โ”‚   โ”œโ”€โ”€ templates
    โ”‚   โ”‚   โ”œโ”€โ”€ apache_httpdconf.j2
    โ”‚   โ”‚   โ””โ”€โ”€ apache_indexhtml.j2
    โ”‚   โ”œโ”€โ”€ tests
    โ”‚   โ”‚   โ”œโ”€โ”€ inventory
    โ”‚   โ”‚   โ””โ”€โ”€ test.yml
    โ”‚   โ””โ”€โ”€ vars
    โ”‚       โ””โ”€โ”€ main.yml
    โ””โ”€โ”€ dbsetup
        โ”œโ”€โ”€ defaults
        โ”‚   โ””โ”€โ”€ main.yml
        โ”œโ”€โ”€ files
        โ”‚   โ””โ”€โ”€ profile.png
        โ”œโ”€โ”€ handlers
        โ”‚   โ””โ”€โ”€ main.yml
        โ”œโ”€โ”€ meta
        โ”‚   โ””โ”€โ”€ main.yml
        โ”œโ”€โ”€ tasks
        โ”‚   โ””โ”€โ”€ main.yml
        โ”œโ”€โ”€ templates
        โ”‚   โ””โ”€โ”€
        โ”œโ”€โ”€ tests
        โ”‚   โ”œโ”€โ”€ inventory
        โ”‚   โ””โ”€โ”€ test.yml
        โ””โ”€โ”€ vars
            โ””โ”€โ”€ main.yml

Here see the directory details.

  • defaultsmain.yml contains variables for the role which can be overwritten when role is used
  • tasksmain.yml contains the main list of tasks to be executed when using the role.
  • varsmain.yml contains variables for the role
  • files – static files which can be referenced from this role.
  • templatesjinja2 templates which can be used via this role.
  • handlersmain.yml contains handler defenitions
  • metamain.yml defines some meta data for this role like author, license, platform, dependencies etc.
  • tests – contains an inventory and test.yml that can be used for testing this role.

You can define the default variables under defaults/main.yml๏ปฟ and additional role variables inside vars/main.yml๏ปฟ.

How to use roles in your playbook

You can call your role in your main playbooks as below.

- name: Setup apache on serverb
    - role: myapache
      apache_enable: true

You can in above sample, I have mentioned a variable for the role as apache_enable: true.

You can also include multiple roles and variables as lised below.

- name : Setup dbserver and webserver
  hosts: all
    - role: dbsetup
    - role: myapache
      db_server: mariadb
      db_port: 4323
      apache_port: 443

Please note, you can have multiple yml files inside the directories like tasks/main.yml, tasks/webinstall.yml, tasks/enablefw.yml etc.

Role Dependencies

Role dependency is a feature which will allow a role to include other roles as dependencies inside a playbook. Dependencies are defined inside the meta/main.yml file inside role directory, . The file should contain a list of roles and parameters to insert before the specified role, as shown below

- dependencies:
    - { role: myapache, port: 8080 }
- { role: allowfirewall, firewall_port: 8080, enable_fw: true }

Role dependencies are always executed before the role that include them. (That’s what we call dependency right). If the same dependency was mentioned by another role, the dependency will not execute again. You can override this feature by using allow_duplicates: true inside the meta/main.yml file

Control Roles and Tasks Execution

When you include a role in your playbook, tasks inside the role will be executed before the tasks in the playbook. In some cases, you may need to run some other tasks before the role tasks. For that purpose, you can use pre_tasks ๏ปฟand post_tasks ๏ปฟoptions.

- name: Setup apache on serverb
    - debug: 
        msg: "This will run before the roles
    - myapache
    - dbsetup
    - debug:
        msg: "tasks in role completed; this is after roles"
    - debug:
        msg: "All done"

import_role or include_role

From Ansible 2.4 onwards, you can use roles inline with any other tasks in play- like calling a function – by using import_role or include_role feature.

- hosts: all
  - debug:
      msg: "Just a task before I include role"
  - import_role:
      name: myapache
  - include_role:
      name: dbsetup
  - debug:
      msg: "Another tasks after I include role"

Refer Ansible Doc for more details.

Let’s cover Ansible Galaxy in next session.

See all parts of  Automation with Ansible Guides here


The views expressed and the content shared in all published articles on this website are solely those of the respective authors, and they do not necessarily reflect the views of the author’s employer or the techbeatly platform. We strive to ensure the accuracy and validity of the content published on our website. However, we cannot guarantee the absolute correctness or completeness of the information provided. It is the responsibility of the readers and users of this website to verify the accuracy and appropriateness of any information or opinions expressed within the articles. If you come across any content that you believe to be incorrect or invalid, please contact us immediately so that we can address the issue promptly.

Avatar photo
Gineesh Madapparambath is the founder of techbeatly and he is the co-author of The Kubernetes Bible, Second Edition. and the author of ๐—”๐—ป๐˜€๐—ถ๐—ฏ๐—น๐—ฒ ๐—ณ๐—ผ๐—ฟ ๐—ฅ๐—ฒ๐—ฎ๐—น-๐—Ÿ๐—ถ๐—ณ๐—ฒ ๐—”๐˜‚๐˜๐—ผ๐—บ๐—ฎ๐˜๐—ถ๐—ผ๐—ป. He has worked as a Systems Engineer, Automation Specialist, and content author. His primary focus is on Ansible Automation, Containerisation (OpenShift & Kubernetes), and Infrastructure as Code (Terraform). (aka Gini Gangadharan -


1 Response

  1. […] you have learned about Ansible Roles and the importance of using roles. Ansible Galaxy is a public library where you can find thousands […]

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.