Restarting HTTPD Service is not idempotent in nature and also consume more resources suggest a way to rectify this challenge in Ansible Playbook.

4 min readMar 22, 2021

Ansible is a software tool that provides simple but powerful automation for cross-platform computer support. It is primarily intended for IT professionals, who use it for application deployment, updates on workstations and servers, cloud provisioning, configuration management, intra-service orchestration, and nearly anything a systems administrator does on a weekly or daily basis. Ansible doesn’t depend on agent software and has no additional security infrastructure, so it’s easy to deploy.

Because Ansible is all about automation, it requires instructions to accomplish each job. With everything written down in simple script form, it’s easy to do version control.

Idempotency: An operation is idempotent if the result of performing it once is exactly the same as the result of performing it repeatedly without any intervening actions.

Idempotent Playbooks:

When a playbook is executed to configure a system, the system should always have the same, well defined state. If a playbook consists of 10 steps, and the system deviates in step 4 from the desired state, then only this particular step should be applied.

By its nature, Ansible tasks will only change the system if there is something to do. Most Ansible modules provide this idempotency. But some modules can be used in a way that breaks this pattern.

For example: When we run playbook to configure httpd apache webserver, there the httpd service will always start no matter if it is already started in target node. This means that it doesn’t allow idempotancy.

The problem of idempotancy we need to rectify.

To rectify this issue either we can use the when condition which allows to start the service when the condition matches (condition : if httpd listen port changes to other port number) or can use handlers and notify concept which states that when the particular task done the notify will trigger the handlers block of code.

Let’s look into playbook code:-

Here the playbook will run on the same system where Ansible configured that is the target node will be localhost itself.

Handlers are just like regular tasks in an Ansible playbook but are only run if the Task contains a notify directive and also indicates that it changed something. For example, if a config file is changed, then the task referencing the config file templating operation may notify a service restart handler.

The playbook do the following tasks:

Install the httpd package.
Copy the content into the destination folder (/var/www/html/index.html) and this task uses notify which will trigger the handlers when something change in the content of file and then only handlers will restart the httpd service.
Enabling the port number for httpd which firewall will allow.

Here I use simple example to show the idempotent nature for httpd module. But you can use different files to upload like httpd conf file and use jinja concept and make the code more dynamic like asking file name and port number for webserver at runtime of playbook. Instead of Copy module can use template module.

When content of the file is not change, then handlers task will not execute.