One draw of Ansible is the ability to use ready-to-use roles doing things. Similar to CPAN, Docker Hub and other places where users share their work with others. Ansible’s solution is Ansible Galaxy where you find roles which you can (in theory) just use like this:
ansible-galaxy install resmo.ntp -p ~/ansible/roles/ mv ~/ansible/roles/resmo.ntp ~/ansible/roles/ntp cat <<_EOF_ >ntp-server.yaml --- - hosts: ntpserver.lan become: yes roles: - role: ntp ntp_config_server: [ntp1.jst.mfeed.ad.jp, ntp2.jst.mfeed.ad.jp] ... _EOF_ ansible-playbook -i hosts.ini ntp-server.yaml
What this does is:
- Install resmo’s ntp role
- Apply this to the host ntpserver.lan
The first run will install the ntp package, configure ntp.conf and start the ntp daemon. The next runs will ideally do nothing, in practice this implementation does restart the ntp daemon regardless.
Danger here is that some modules run as root and do unexpected things, so reading those roles found in the Ansible Galaxy is critical. It’s also a nice learning exercise how to organize things.
In the end, making another server a ntp server now is a snap. And once I have some more of those roles, installing a WordPress blog and a MySQL server including configuring it is as easy as using Docker containers. Except Docker containers don’t touch an existing system and Ansible (by design) does…well, you can’t have everything I guess.