Ansible roles.
A role bundles tasks, handlers, templates, files, and variables into one reusable directory layout β and Ansible auto-loads each subdir's main.yml. Watch the tree light up subdir by subdir, then pull a community role off Galaxy with a requirements.yml lockfile.
Ansible roles animated tutorial. The standard role directory layout β tasks, handlers, templates, files, vars, defaults, and meta main.yml files that Ansible auto-loads. Using roles in a play with parameters, import_role versus include_role, defaults versus vars variable precedence, installing community roles and collections from Ansible Galaxy, pinning them in requirements.yml, role dependencies in meta/main.yml, and Fully-Qualified Collection Names (FQCN). RHCE EX294 ready.A role is just a fixed directory layout Ansible knows how to auto-load. Watch a role's tree light up subdir by subdir β tasks, handlers, templates, defaults vs vars β then pull one off Galaxy with requirements.yml.
- Β·Comfortable writing Ansible playbooks and tasks
- Β·Know what handlers and templates (.j2) are
- Β·Basic ansible.cfg / inventory familiarity
Scaffold a role with the standard layout, use it in a play with parameters, place variables correctly in defaults vs vars, and install community roles and collections from Galaxy via requirements.yml.
pace: 11 minutes
ββ tasks/main.ymlauto-loadedββ handlers/main.ymlauto-loadedββ templates/ββ files/ββ vars/main.ymlauto-loadedββ defaults/main.ymlauto-loadedββ meta/main.ymlauto-loaded- hosts: webservers
roles:
- webserverWhy roles β stop copy-pasting
A role is a self-contained, reusable bundle of tasks, handlers, templates, files, and variables that follows a STANDARD directory layout. Drop a role into a project and Ansible auto-loads main.yml from each subdir β there are no include paths to wire up by hand. Roles keep your playbooks short: a 200-line web setup collapses to one line, `roles: [webserver]`. And because the layout is a fixed convention, a role you write and a role pulled off Ansible Galaxy plug in exactly the same way.
$ansible-galaxy init webserver$ls roles/webserver/$roles:\n - webserverA role is just a convention β a fixed directory layout where Ansible auto-loads tasks, handlers, templates, and defaults from each subdir's main.yml. Learn the layout once and every role β yours or one pulled off Galaxy β drops into a play with a single line: roles: [webserver].
$ansible-galaxy init NAME$roles/NAME/tasks/main.yml$handlers/main.yml$templates/ (by basename)$files/ (copy src)$vars/main.yml$defaults/main.yml$meta/main.yml$roles:\n - role: NAME\n k: v$- import_role: name=NAME$- include_role: name=NAME$ansible-galaxy role install X$ansible-galaxy install -r requirements.yml$ansible-galaxy collection install ns.coll$ns.coll.module (FQCN)Which role subdir is auto-loaded as the role's main task list?
You want a role variable users can easily override from inventory. Put it in defaults/ or vars/?
What does `ansible-galaxy init webserver` do?
import_role vs include_role β what's the difference?
These aren't graded β they're just for active recall, which is what actually makes the lesson stick.
Ansible Vault
Roles and group_vars often hold passwords and keys. Learn to encrypt sensitive data right in your repo with Ansible Vault β so secrets ship safely beside your playbooks.
keep going β these pair well with what you just learned.
Ansible control node & inventory
Ansible is agentless β one control node pushes work to a fleet over SSH. Install ansible-core, write an inventory with groups, ping the fleet, and fire ad-hoc commands. RHCE-ready.
Ansible playbooks & YAML
Plays, tasks, and idempotency. Watch a playbook run task-by-task β ok, changed, skipped β then run it again and watch everything go green with 0 changed. RHCE-ready.
Ansible core modules
file, user, copy, dnf, service β the modules that do the real work. Declare the desired state and let Ansible converge to it, idempotently. RHCE-ready.