I am trying to reuse an existing role by using the include_role feature in ansible but I can not seem to find a way to pass the files inside the files/testrole1.yaml folder from the calling role and it always uses the files from the common role.
Here is the structure and code I came up with so far:
---
- name: importing tasks from role1
include_role:
name: service-deploy-role1
tasks_from: "{{item}}"
loop:
- install
- setup
The above code always uses the testrole1.yaml file. Is is possible to pass the testrole2.yml when I call the install task from the service-deploy-role1?
I could figure out the solution:
---
- name: workaround
set_fact:
role_location: "{{ role_path }}"
- name: debug role path
debug:
msg: "{{ role_location }}"
- name: importing tasks from role1
include_role:
name: service-deploy-role1
tasks_from: "{{item}}"
vars:
role_dir: "{{ role_location }}"
loop:
- install
- setup
I've run into an issue assuming a role when using the environment setting to set proxies on a task.
For example, if I use a custom module with proxy_env set:
- name: compare values from api
my_custom_module:
module_data: "{{ some_var }}"
register: cpmared_vals
environment: "{{ proxy_env }}"
I get this error:
botocore.exceptions.NoCredentialsError: Unable to locate credentials
however if I remove 'environment: "{{ proxy_env }}"' it works.
This is what proxy_env looks like:
proxy_env:
https_proxy: "http://corp-proxy.com:80"
http_proxy: "http://corp-proxy.com:80"
no_proxy: "internal-apps.com"
Thanks
An Ansible role supports Debian Stretch and Buster.
It is not able to do the job on Jessie or older versions.
Which is the best way to tell the user that the role cannot be used on a given old version?
Do nothing in main.yml file (controlling the distro version using when: declarations)
Let the role explicitly fail using the fail module
Do not check for a supported distro version and let tasks fail themselves
Developers should place the supported/tested versions in the Readme. Then users should always read the Readme. Then, common sense should be used.
But we all know that's not the case.
You could configure the host(s) which are too old skip to the role, to ensure the hosts do not execute any command for that role. But the way to go would be to built another role, or update that role, to let that playbook support that OS version.
This method is the least desired one: Do not check for a supported distro version and let tasks fail themselves. Because when you go down this path, then some unsupported tasks are executed on the host and then you can't guarantee the state of the system anymore. In short; you'll create a mess.
To simply prevent the nightmare, indeed, let the play fail:
- name: fail when using older version
fail:
msg: "You fail because reason, woohoo"
when: ansible_distribution is Ubuntu and ansible_distribution_version is 10.04
Q: "What is the best way to manage unsupported distros in an Ansible role?"
A: It's a good idea to end the host or play when the platform and version is not supported. In most cases, this means such a platform and version hasn't been tested yet. It's up to the user to add a new platform and version to the metadata, test it and optionally contribute to the development.
In a role, it's possible to read the variable galaxy_info from the role's file meta/main.yml and test the supported platforms and versions.
$ cat roles/role_1/meta/main.yml
galaxy_info:
author: your name
description: your role description
company: your company (optional)
license: license (GPL-2.0-or-later, MIT, etc)
min_ansible_version: 2.9
platforms:
- name: Ubuntu
versions:
- bionic
- cosmic
- disco
- eoan
galaxy_tags: []
dependencies: []
For example the tasks in the role below
$ cat roles/role_1/tasks/main.yml
---
- name: Print OS and distro Ansible variables collected by setup
debug:
msg:
- "ansible_os_family: {{ ansible_os_family }}"
- "ansible_distribution: {{ ansible_distribution }}"
- "ansible_distribution_major_version: {{ ansible_distribution_major_version }}"
- "ansible_distribution_version: {{ ansible_distribution_version }}"
- "ansible_distribution_release: {{ ansible_distribution_release }}"
- name: Include roles' meta data
include_vars:
file: "{{ role_path }}/meta/main.yml"
- name: Test the distribution is supported. End the host if not.
set_fact:
supported_distributions: "{{ galaxy_info.platforms|json_query('[].name') }}"
- debug:
var: supported_distributions
- block:
- debug:
msg: "{{ ansible_distribution }} not supported. End of host."
- meta: end_host
when: ansible_distribution not in supported_distributions
- name: Test the release is supported. End the host if not.
set_fact:
supported_releases: "{{ (galaxy_info.platforms|
selectattr('name', 'match', ansible_distribution)|
list|first).versions }}"
- debug:
var: supported_releases
- block:
- debug:
msg: "{{ ansible_distribution_release}} not supported. End of host."
- meta: end_host
when: ansible_distribution_release not in supported_releases
- name: The distribution and release is supported. Continue play.
debug:
msg: "{{ ansible_distribution }} {{ ansible_distribution_release }} is supported. Continue play."
with the playbook
- hosts: localhost
gather_facts: true
roles:
- role_1
give
"msg": [
"ansible_os_family: Debian",
"ansible_distribution: Ubuntu",
"ansible_distribution_major_version: 19",
"ansible_distribution_version: 19.04",
"ansible_distribution_release: disco"
]
"supported_distributions": [
"Ubuntu"
]
"supported_releases": [
"bionic",
"cosmic",
"disco",
"eoan"
]
"msg": "Ubuntu disco is supported. Continue play."
I want to create playbook to download only any package installed by ansible.
There is a lot of yum state=installed tasks in my ansible roles. Is there a way to include that roles without state=installed, but with download_only and download_dir instead?
ansible 2.8
No. It is not possible. Use variables. For example
- yum:
state: "{{ my_role1_yum_state|default(omit) }}"
download_only: "{{ my_role1_yum_download_only|default(omit) }}"
download_dir: "{{ my_role1_yum_download_dir|default(omit) }}"
...
I have Ansible 2.4.0. I am trying to configure Jenkins proxy based on Ansible Jenkins DevOps Roles documentation:
- hosts: master
roles:
- jenkins_configure_proxy:
jenkins_home: "{{ jenkins_home }}"
proxy_host: "{{ proxy_host }}"
proxy_port: "{{ proxy_port }}"
become: true
environment: "{{proxy_env}}"
When trying to execute ansible_playbook I get:
ERROR! role definitions must contain a role name
The error appears to have been in '/Users/me/projects/jenkins/jenkins.yml': line 10, column 7, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
roles:
- jenkins_configure_proxy:
^ here
That pretty strange, because other roles like jenkins_plugin work fine.
What am I doing wrong?
You use role syntax without parameters to apply role with parameters, see example:
- roles:
# without or with default parameters
- jenkins_configure_proxy
# with custom parameters
- role: jenkins_configure_proxy
jenkins_home: "{{ jenkins_home }}"
proxy_host: "{{ proxy_host }}"