I’m working with Ansible since March 2014, starting with version 1.1. At work I wrote many playbooks and roles to configure operating systems, applications and continuous delivery pipelines.
I managed AWS instances, VMWare-Cluster and Xen-Hosts with Ansible.
I also maintain some Open Source Ansible roles on GitHub and wrote some Dockerfiles for operating system images that include Ansible (mainly to test the roles).
Over time my team and I gathered some best practices that we try to follow when writing and running Ansible code in production. The following post will show you what I think are these best practices and why.
Of course I’m not the first to write about Ansible Best-Practices. There are other resources that were very informative and helped me immensely:
Ansible’s Best-Practices
Blog-post by Ansible on Best-Practices
Andreas Sommers Best-Practices
On writing Ansible playbooks
Name your tasks ands plays
When writing tasks and plays in Ansible naming them is optional. However you should always give useful names to your tasks ands plays. When you run a playbook without named tasks, you’ll see the following output:
PLAY [localhost]
********************************
TASK [include_vars]
********************************
ok: [localhost]
TASK [yum]
********************************
ok: [localhost]
1
2
3
4
5
6
7
8
9
10
11
PLAY [localhost]
********************************
TASK [include_vars]
********************************
ok: [localhost]
TASK [yum]
********************************
ok: [localhost]
When trying to debug failed tasks it’s really helpful to actually know what task failed and what the task should have been doing. Assigning names to your taks will give the following output.
PLAY [Create a new virtual machine]
********************************
TASK [Include vmware-credentials]
********************************
ok: [localhost]
TASK [Install required packages with yum]
********************************
ok: [localhost]
1
2
3
4
5
6
7
8
9
10
11
PLAY [Create a new virtual machine]
********************************
TASK [Include vmware-credentials]
********************************
ok: [localhost]
TASK [Install required packages with yum]
********************************
ok: [localhost]