Mastering Ansible Tags: A Practical Guide to Infrastructure Management
When managing complex infrastructure with Ansible, the ability to selectively run specific parts of your playbooks becomes crucial. This is where Ansible tags come in - they allow you to organize and execute tasks with surgical precision. Let's explore how we implemented a comprehensive tagging system in our infrastructure.
The Problem
Our infrastructure includes various components:
- AI services (Ollama, OpenWebUI)
- Monitoring systems
- Development environments
- Basic system configurations
Running the entire playbook for small changes was:
- Time-consuming
- Potentially disruptive
- Resource-intensive
The Solution: Multi-Level Tagging
We implemented a hierarchical tagging system with three levels:
1. High-Level Tags
These tags define broad categories of functionality:
- name: Configure desktops
hosts: desktops
become: true
tags: [desktops]
roles:
- { role: bootstrap, tags: [bootstrap, setup] }
- { role: workstation, tags: [workstation, setup] }
- { role: monitoring, tags: [monitoring, observability] }
- { role: ollama, tags: [ollama, ai, services] }
- { role: open-webui, tags: [open-webui, ai, services, ui] }
2. Role-Level Tags
Each role gets specific tags that describe its purpose:
- bootstrap: [bootstrap, setup]
- workstation: [workstation, setup]
- monitoring: [monitoring, observability]
- ollama: [ollama, ai, services]
- open-webui: [open-webui, ai, services, ui]
3. Task-Level Tags
Individual tasks within roles get granular tags:
- name: Run Ollama container
raw: >
docker run -d
--gpus all
-v /home/dev/.ollama:/root/.ollama
-p 11434:11434
--name ollama
--restart always
ollama/ollama:latest
tags: [docker, container, gpu]
Practical Examples
1. Restart AI Services
To restart only the AI-related containers:
ansible-playbook site.yml --tags "ai,container,health"
2. Update System Configuration
For basic system updates:
ansible-playbook site.yml --tags "setup"
3. Manage Docker Containers
To handle container-specific operations:
ansible-playbook site.yml --tags "container"
4. Debug Services
When troubleshooting is needed:
ansible-playbook site.yml --tags "health,debug"
5. Selective Updates
Update specific components while skipping others:
ansible-playbook site.yml --tags "ollama,container" --skip-tags "open-webui"
Best Practices
-
Hierarchical Organization
- Use broad categories at the play level
- Add specific functionality tags at the role level
- Include technical details at the task level
-
Consistent Naming
- Use lowercase for all tags
- Separate words with hyphens
- Keep names short but descriptive
-
Documentation
- Include tag descriptions in README
- Document common tag combinations
- Provide examples for frequent operations
-
Tag Grouping
- Group related tasks with common tags
- Use multiple tags for cross-cutting concerns
- Consider tag dependencies
Implementation Tips
-
Start Broad, Get Specific
tags: [services, ai, gpu] # From general to specific -
Use Tag Inheritance
- name: AI Services
tags: [ai]
roles:
- { role: ollama, tags: [ollama] } # Inherits 'ai' tag -
Avoid Tag Explosion
- Don't create tags for every possible combination
- Focus on meaningful groupings
- Keep the number of tags manageable
Conclusion
A well-designed tagging system makes infrastructure management more efficient and less error-prone. By organizing tags hierarchically and following consistent naming conventions, we've created a flexible and maintainable automation system.
Remember:
- Tags should serve a clear purpose
- Use combinations for precise control
- Document your tagging strategy
- Keep it simple and consistent
With these practices in place, managing complex infrastructure becomes more manageable and less time-consuming.