Community Blog How to Create Ansible playbook for Deploying Drupal 8

How to Create Ansible playbook for Deploying Drupal 8

In this article, you will get some information on the basics of the Ansible and how Ansible playbook is created.


  1. Two Alibaba Cloud ECS instances with Ubuntu 16.04 64-bit installed. You can follow this Quick Start Guide to create the instances. Let's call the first instance as "web-server" and assume the public IP assigned to the server is "". We will use this server to install Drupal using Drush on NGINX with PHP 7.2. Similarly, we will call our second server as "db-server" having public IP "". We will install MariaDB server on this instance to host the Drupal database. Make sure to use SSH Key based authentication rather than password authentication and use the same key for both the instance.
  2. Important: Firewall or Security group rules configured to allow the port "80", "443" for everyone from the "web-server" instance. For the database server, you will only need to allow access to the private IP address of the "web-server" instance on port "3306".

This tutorial assumes that you have already created both the instance and configured SSH key-based authentication on the instances with the same key. Here are the goals which we will accomplish using Ansible:

  1. Install the MariaDB server and create the database for Drupal on the instance named "db-server".
  2. Install the PHP 7.2 on the instance "web-server".
  3. Clone the Drupal 8 and Drush 9 Github repository and install Drupal on the instance "web-server".
  4. Install the NGINX Web server to host the Drupal site with optional Let's Encrypt SSL on the instance "web-server".

Getting Started with Ansible

In this tutorial, I will assume that you have already installed Ansible on your local computer.

Create a new project directory in which we will store everything related to our project, the playbooks, roles, and other files throughout the tutorial.

mkdir ~/drupal-ansible

Switch to the newly created directory.

cd ~/drupal-ansible

Create a new local Ansible configuration file.

nano ansible.cfg

Populate the file with the following configuration.

inventory = hosts
host_key_checking = false
private_key_file = ~/.ssh/aliyun.pem

Create a new hosts file using the following command.

nano hosts

Populate the file with the following configuration. Make sure to replace the example IP addresses with the actual ones.

web-server  ansible_ssh_host= ansible_ssh_user=root
db-server  ansible_ssh_host= ansible_ssh_user=root


Before we proceed further to create the roles and tasks, let's verify if Ansible can reach our hosts by running the command ansible all -m ping. You should see a similar message if the execution is successful.

aliyun@ubuntu:~/drupal-ansible$ ansible all -m ping
db-server | SUCCESS => {
    "changed": false, 
    "ping": "pong"
web-server | SUCCESS => {
    "changed": false, 
    "ping": "pong"

Now that we know that Ansible can successfully connect to the instances, let start creating the Ansible playbook file. This Ansible playbook file will be used by the "ansible-playbook" command to run the plays.

cd ~/drupal-ansible
nano playbook.yaml

Populate the file with the following YAML code. Make sure to use correct spacing and indentation. Ansible uses two spaces for each indentation.

- hosts: all
  gather_facts: true
  - name: update and upgrade system packages
      upgrade: yes
      update_cache: yes

- hosts: db-server
    - mariadb

- hosts: web-server
  become: true
    - php
    - drupal
    - nginx

In this tutorial, we will also break our playbook into four various roles.

  1. mariadb: It will add MariaDB repository into the system and will install the latest version of MariaDB server. Furthermore, it will also install the MySQL client for Python and then it will create the database and the database user for Drupal.
  2. php: This role will add the PPA for PHP 7.2 and then install PHP 7.2 along with the required modules.
  3. drupal: This role will install the latest version of Composer and Git. It will clone the Drush and Drupal repository and will install the dependencies using Composer. Finally, it will install Drupal with the help of Drush.
  4. nginx: This role will install NGINX web-server and configure it to host the Drupal site. If a domain name is provided, it will also install Certbot and generate and install the SSL certificates automatically.
    Once all our systems are updated, we want to proceed to the installation of MariaDB. Notice that on the next block, we have only provided the "db-server" in the hosts. Thus, the tasks in the "mariadb" role will be executed only on the "db-server" host.

Similarly, we will run the roles "php", "drupal", and "nginx" on the server named "web-server".

For details, you can go to this tutorial.

Related Blog Posts

Deploying Drupal 8 using Ansible Playbook: Part 2

In the previous tutorial of the series, we have already created our playbook which we will run using the Ansible. The playbook itself doesn't do anything but will look for the tasks in roles. In this tutorial, we will start creating the roles for our playbook.

Create a new directory to add the roles in our Ansible playbook by running:

cd ~/drupal-ansible
mkdir roles

Deploying Drupal 8 using Ansible Playbook: Part 3

In previous tutorials of this series, we have created our playbook file and two of the four roles. In the first part of the tutorial, we looked at creating our project and overriding the default Ansible behavior. In the second part of the tutorial, we have written the plays into roles.

In this final part of the tutorial series, we will create the two remaining roles. Once the playbook is created, we will run the playbook using Ansible.

Related Market Product

Drupal powered by Websoft9(LAMP | CentOS7.4)

Websoft9 Drupal is a pre-configured, ready to run image for running Drupal on Alibaba Cloud.Drupal is an open source content management framework (CMF) written in PHP, which consists of content management system (CMS) and PHP development framework (Framework).

Related Documentation

[Vulnerability notice] SQL injection vulnerability in Drupal

Drupal 7 provides a database abstraction API to handle SQL injection attacks in the queries it receives. However, an attacker can construct special requests and use the API to run malicious SQL statements, resulting in privilege escalation, PHP code execution, or other security risks.

Related Products

Elastic Compute Service

Alibaba Cloud Elastic Compute Service (ECS) provides fast memory and the latest Intel CPUs to help you to power your cloud applications and achieve faster results with low latency. All ECS instances come with Anti-DDoS protection to safeguard your data and applications from DDoS and Trojan attacks.

Alibaba Cloud SSL Certificates Service

Alibaba Cloud SSL Certificates Service allows customers to directly apply, purchase and manage SSL certificates on Alibaba Cloud. This service is offered in cooperation with qualified certificate authorities. From this platform, customers can select the expected certificate authority and its certificate products to enjoy full-site HTTPS security solutions.

Related Course

Alibaba Cloud SSL Service Introduction

Learn the basic concept of SSL/TLS and how to choose the proper certificate in Alibaba Cloud to serve your business

0 0 0
Share on

Alibaba Clouder

2,600 posts | 750 followers

You may also like