Difference between revisions of "Ops535 ansible lab"

From CDOT Wiki
Jump to: navigation, search
(Reference)
Line 1: Line 1:
[[Category:OPS535]][[Category:rchan]][[Category:OPS535 Lab]]
+
[[Category:OPS435]][[Category:rchan]][[Category:OPS435 Lab]]
 +
= Objective =
 +
:# Install and configure Ansible on a controller Linux machine
 +
:# Explore Ansible's ad hoc commands
 +
:# Explore Ansible's built-in modules
 +
:# Explore and create Ansible playbooks
 +
 
 
= Overview =
 
= Overview =
Ansible is an IT automation engine that automates cloud provisioning, configuration management, application deployment, intra-service orchestration, and many other IT needs.
+
::Ansible is an agentless IT automation engine for automating cloud provisioning, configuration management, application deployment, intra-service orchestration, and many other IT system administration tasks.
Ansible was designed for multi-tier deployments since day one, and models your IT infrastructure by describing how all of your systems inter-relate, rather than just managing one system at a time.
+
::Ansible uses no additional custom security infrastructure, and it uses a very simple human readable language called 'YAML', to compose an Ansible Playbook which allow you to describes the tasks you want to automate.
 +
 
 +
= Reference =
 +
:* For more detail information about ansible, check out the ansible web site at [http://www.ansible.com. www.ansible.com]
 +
:* [https://www.ansible.com/overview/how-ansible-works Overview]
 +
:* [https://docs.ansible.com/ansible/latest/user_guide/index.html Ansible Latest User Guide]
 +
:* [https://proquest-safaribooksonline-com.libaccess.senecacollege.ca/book/operating-systems-and-server-administration/linux/9781785282300 Ansible Configuration Management] - Second Edition
 +
::* By: Daniel Hall, Publisher: Packt Publishing Pub.  
 +
::* Date: April 27, 2015,ISBN-13: 978-1-78528-230-0
 +
::* Pages in Print Edition: 122
  
Ansible uses no agents and no additional custom security infrastructure, and it uses a very simple language called "YAML", to compose an Ansible Playbook which allow you to describe your automation jobs in a very simple way.
+
= System requirements =
 +
* You must have at lease two networked machines
 +
** control machine - run ansible to configure remote node - need Ansible 2.x (latest version 2.7)
 +
** managed machine(s) - to be managed by the control node
 +
* You should be able to ssh from your control machine as a regular user to any of your remote machines as regular user without supplying a login password.
 +
* You account on the remote machine should be a sudoer and can run sudo without password.
 +
* You should also be to ssh from your control machine as a regular user to any of your remote machines as root without supplying a login password
 +
* Python 2.7+ on all nodes
  
For more detail information about ansible, check out the ansible web site at [http://www.ansible.com. www.ansible.com]
 
  
= Objectives =
+
= Investigation I: Introduction to Ansible =
In this lab, we explore the main components of the Ansible configuration management system and its operating environment. we also develop a simple playbook to manage the configuration of a CentOS 7.x VM. For more detail information about ansible, check out the ansible web site at [https://www.ansible.com. https://www.ansible.com]
+
: In this introduction, we explore the main components of the Ansible configuration management system and its operating environment. we also study a simple playbook for managing the configuration of a CentOS 7.x VM.  
 +
: You need at least two VMs for this lab: one VM to be used as the control machine and one or more VMs to be used as the managed machines. You only need to install Ansible on the control machine.  
  
= Reference =
+
== Key Concepts when using Ansible==
[https://docs.ansible.com/ansible/latest/user_guide/index.html Ansible Latest User Guide]
+
* YAML - a human-readable data serialization language use by Ansible's playbooks. To know more, your can check out the [https://en.wikipedia.org/wiki/YAML wikipedia page here]
== Key Concepts ==
+
* Control machine - the host on which you use Ansible to execute tasks on the managed machines
* YAML - a human-readable data serialization language & is commonly used for configuration files. To know more, your can check out the [https://en.wikipedia.org/wiki/YAML wikipedia page here]
+
* Managed machine - a host that is configured by the control machine
* Control machine - (Management node)
+
* [[OPS435 Sample Ansible Hosts file|Hosts file]] - contains information about machines to be managed - click [[OPS435 Sample Ansible Hosts file | here]] for sample hosts file
* Remote machine - (Controlled node)
+
* Ad hoc commands - a simple one-off task:
* Playbook -
 
* Inventory file -
 
* Hosts file -
 
* Ad hoc commands
 
 
** <u><b>shell commands</b></u>
 
** <u><b>shell commands</b></u>
** ansible 192.168.99.153 -a 'date'
+
*** ansible 192.168.99.153 -a 'date'
** ansible 192.168.99.153 -a 'df'  
+
*** ansible 192.168.99.153 -a 'df'  
** ansible 192.168.99.153 -a 'iptables -L -n -v' -u root
+
*** ansible 192.168.99.153 -a 'iptables -L -n -v' -u root
 +
* Built-in modules - code that performs a particular task such as copy a file, installing a package, etc:
 
** <u><b>copy module</b></u>
 
** <u><b>copy module</b></u>
** ansible 192.169.99.153 -m copy -a "src=/ops435/ansible.txt dest=/tmp/ansible.txt"
+
*** ansible 192.168.99.153 -m copy -a "src=/ops435/ansible.txt dest=/tmp/ansible.txt"
 
** <u><b>Package management</b></u>
 
** <u><b>Package management</b></u>
** ansible 192.168.99.153 -m yum -a "name=epel-release status=latest"
+
*** ansible 192.168.99.153 -m yum -a "name=epel-release state=latest"
 +
* Playbooks - contains one or multiple plays, each play defines a set of repeatable tasks on one or more managed machines. Playbooks are written in YAML. Every play in the playbook is created with environment-specific parameters for the target machines: 
 +
** ansible-playbook -i 192.168.99.153, setup_webserver.yaml
 +
** ansible-playbook firstrun.yaml
 +
== Hardware and software required
 +
== Part 1: Installing Ansible on CentOS 7 ==
 +
: You only need to install the "ansible" package on your control VM.
 +
:* Login as a regular user, change to the directory ~/ops435/lab9
 +
:* Issue the following command to install the "ansible" package: <source lang="bash">
 +
sudo yum install ansible -y
 +
</source>
 +
 
 +
:* You may have to install the following dependent packages:<source lang="bash">
 +
Dependencies Resolved
 +
 
 +
=====================================================================================================================
 +
Package                            Arch                  Version                      Repository            Size
 +
=====================================================================================================================
 +
Installing:
 +
ansible                            noarch                2.9.1-1.el7                  epel                  17 M
 +
Installing for dependencies:
 +
python-babel                        noarch                0.9.6-8.el7                  base                  1.4 M
 +
python-cffi                        x86_64                1.6.0-5.el7                  base                  218 k
 +
python-enum34                      noarch                1.0.4-1.el7                  base                  52 k
 +
python-httplib2                    noarch                0.9.2-1.el7                  extras                115 k
 +
python-idna                        noarch                2.4-1.el7                    base                  94 k
 +
python-jinja2                      noarch                2.7.2-4.el7                  base                  519 k
 +
python-markupsafe                  x86_64                0.11-10.el7                  base                  25 k
 +
python-paramiko                    noarch                2.1.1-9.el7                  base                  269 k
 +
python-ply                          noarch                3.4-11.el7                    base                  123 k
 +
python-pycparser                    noarch                2.14-1.el7                    base                  104 k
 +
python2-cryptography                x86_64                1.7.2-2.el7                  base                  502 k
 +
python2-jmespath                    noarch                0.9.0-3.el7                  extras                39 k
 +
python2-pyasn1                      noarch                0.1.9-7.el7                  base                  100 k
 +
sshpass                            x86_64                1.06-2.el7                    extras                21 k
 +
 
 +
Transaction Summary
 +
=====================================================================================================================
 +
Install  1 Package (+14 Dependent packages)
 +
 
 +
Total download size: 21 M
 +
Installed size: 120 M
 +
Is this ok [y/d/N]:
 +
</source>
 +
 
 +
: To confirm that you have Ansible installed, try the following command:<source lang="python">
 +
[rchan@c7-rchan ~]$ ansible --help
 +
usage: ansible [-h] [--version] [-v] [-b] [--become-method BECOME_METHOD]
 +
              [--become-user BECOME_USER] [-K] [-i INVENTORY] [--list-hosts]
 +
              [-l SUBSET] [-P POLL_INTERVAL] [-B SECONDS] [-o] [-t TREE] [-k]
 +
              [--private-key PRIVATE_KEY_FILE] [-u REMOTE_USER]
 +
              [-c CONNECTION] [-T TIMEOUT]
 +
              [--ssh-common-args SSH_COMMON_ARGS]
 +
              [--sftp-extra-args SFTP_EXTRA_ARGS]
 +
              [--scp-extra-args SCP_EXTRA_ARGS]
 +
              [--ssh-extra-args SSH_EXTRA_ARGS] [-C] [--syntax-check] [-D]
 +
              [-e EXTRA_VARS] [--vault-id VAULT_IDS]
 +
              [--ask-vault-pass | --vault-password-file VAULT_PASSWORD_FILES]
 +
              [-f FORKS] [-M MODULE_PATH] [--playbook-dir BASEDIR]
 +
              [-a MODULE_ARGS] [-m MODULE_NAME]
 +
              pattern
 +
...
 +
</source>
 +
: Take a look of all the available command line options for the "ansible" command. There are a lots of options when running Ansible. Let's move on to try a few simple ones.
  
== Sample runs for some of the Ad hoc commands ==
+
== Part 2: Sample runs for some of the Ad hoc commands ==
 
<pre>
 
<pre>
 
[rchan@centos7 ansible]$ ansible 192.168.99.153 -m copy -a "src=/home/rchan/ops435/ansible/ansible.txt dest=/tmp/ansible.txt"
 
[rchan@centos7 ansible]$ ansible 192.168.99.153 -m copy -a "src=/home/rchan/ops435/ansible/ansible.txt dest=/tmp/ansible.txt"
Line 48: Line 130:
 
     "uid": 1001
 
     "uid": 1001
 
}
 
}
 +
</pre>
 +
: 192.168.99.153 is the remote machine's IP address.
 +
: "-m copy" tells ansible to use the copy module
 +
: after '-a' is the arguments to the copy module, which specify the source file and the destination for the copy action.
 +
: If you got the same "SUCCESS" message, login to the remote machine (in this example, it is 192.168.99.153) and check the directory "/tmp" for the file ansible.txt.
 +
 +
== Part 3: Sample runs for using some Ansible's built-in modules ==
 +
: "yum" is a built-in ansible module. You can get a complete list of all the ansible modules installed on you system with the following command:<source lang="bash">
 +
    ansisble-doc --list_files
 +
</source>
 +
: You can also get the detail information about any ansible module with the following command:<source lang="bash">
 +
    ansible-doc module_name
 +
 +
    e.g. ansible_doc yum
 +
</source>
 +
: The following command demonstrates how to install the "epel-release" package with the "yum" module:
 +
<pre>
 
[rchan@centos7 ansible]$ ansible 192.168.99.153 -m yum -a "name=epel-release state=present"
 
[rchan@centos7 ansible]$ ansible 192.168.99.153 -m yum -a "name=epel-release state=present"
 
192.168.99.153 | SUCCESS => {
 
192.168.99.153 | SUCCESS => {
Line 57: Line 156:
 
     ]
 
     ]
 
}
 
}
 +
 
[rchan@centos7 ansible]$ ansible 192.168.99.153 -m yum -a "name=epel-release state=present" -u root
 
[rchan@centos7 ansible]$ ansible 192.168.99.153 -m yum -a "name=epel-release state=present" -u root
 
192.168.99.153 | SUCCESS => {
 
192.168.99.153 | SUCCESS => {
Line 66: Line 166:
 
     ]
 
     ]
 
}
 
}
 +
 
[rchan@centos7 ansible]$ ansible 192.168.99.153 -m yum -a "name=epel-release state=latest" -u root
 
[rchan@centos7 ansible]$ ansible 192.168.99.153 -m yum -a "name=epel-release state=latest" -u root
 
192.168.99.153 | SUCCESS => {
 
192.168.99.153 | SUCCESS => {
Line 78: Line 179:
 
</pre>
 
</pre>
  
= Pre-Lab arrangement =
+
== Part 4: Gather software and hardware information available on remote machine ==
* You must have at lease two networked machines
+
: One of the main ansible module is called "setup", it is automatically called by ansible playbook to gather useful "facts" about remote hosts that can be used in ansible playbooks. It can also be executed directly by the ansible command (/usr/bin/ansible) to check what "facts" are available to a host.  
** control node - run ansible to configure remote node
 
** remote nodes - to be managed by the control node
 
* You should be to ssh from your control node as a regular user to any of your remote nodes as root user without supplying a login password.
 
* Python 2.7+ on all nodes
 
 
 
= Lab Procedure =
 
== Gather all the information available on remote machine ==
 
 
<pre>
 
<pre>
 
[rchan@centos7 ansible]$ ansible 192.168.99.153 -m setup
 
[rchan@centos7 ansible]$ ansible 192.168.99.153 -m setup
Line 117: Line 211:
 
[[OPS435_Ansible_setup|Click here for complete contents of the above]]
 
[[OPS435_Ansible_setup|Click here for complete contents of the above]]
  
= Questions =
+
= Investigation II: Ansible Playbook =
 +
== What is a playbook? ==
 +
: * Playbook is one of the core features of Ansible.
 +
: * Playbook tells Ansible what to execute by which user on the remote machine.
 +
: * Playbook is like a to-do list for Ansible
 +
: * Playbook is written "YAML".
 +
: * Playbook links a task to an ansible module and provide needed arguments to the module which requires them.
 +
 
 +
==Part 1: A playbook to update the /etc/motd file ==
 +
Name: motd-play.yml
 +
<pre>
 +
---
 +
- hosts: 192.168.99.153
 +
  user: root
 +
  vars:
 +
    apache_version: 2.6
 +
    motd_warning: 'WARNING: use by ICT faculty/students only.'
 +
    testserver: yes
 +
  tasks:
 +
    - name: setup a MOTD
 +
      copy:
 +
        dest: /etc/motd
 +
        content: "{{ motd_warning }}"
 +
</pre>
 +
 
 +
Sample Run:
 +
<pre>
 +
[rchan@centos7 playbooks]$ ansible-playbook motd-play.yml
 +
 
 +
PLAY [192.168.99.153] **********************************************************
 +
 
 +
TASK [Gathering Facts] *********************************************************
 +
ok: [192.168.99.153]
 +
 
 +
TASK [setup a MOTD] ************************************************************
 +
changed: [192.168.99.153]
 +
 
 +
PLAY RECAP *********************************************************************
 +
192.168.99.153            : ok=2    changed=1    unreachable=0    failed=0 
 +
 
 +
</pre>
 +
 
 +
== Part 2: A playbook to install and start Apache Server ==
 +
Name: httpd-play.yml
 +
<pre>
 +
---
 +
- hosts: 192.168.99.153
 +
  user: root
 +
  vars:
 +
    apache_version: 2.6
 +
    motd_warning: 'WARNING: use by ICT faculty/students only.'
 +
    testserver: yes
 +
  tasks:
 +
    - name: install apache
 +
      action: yum name=httpd state=installed
 +
   
 +
    - name: restart apache
 +
      service:
 +
        name: httpd
 +
        state: restarted
 +
</pre>
 +
Sample Run:
 +
<pre>
 +
[rchan@centos7 playbooks]$ ansible-playbook httpd-play.yml
 +
 
 +
PLAY [192.168.99.153] **********************************************************
 +
 
 +
TASK [Gathering Facts] *********************************************************
 +
ok: [192.168.99.153]
 +
 
 +
TASK [install apache] **********************************************************
 +
changed: [192.168.99.153]
 +
 
 +
TASK [restart apache] **********************************************************
 +
changed: [192.168.99.153]
 +
 
 +
PLAY RECAP *********************************************************************
 +
192.168.99.153            : ok=3    changed=2    unreachable=0    failed=0 
 +
 
 +
</pre>
 +
= Investigation III: Using Playbook to config a OPS435 Linux machine =
 +
: You have just installed the latest version of CentOS 7.x on a VM with GNOME Desktop. You need to configure it so that you can use it for doing the Labs for OPS435. The following configuration need to be done on that VM:
 +
:* update all the packages installed on the VM
 +
:* install extra packages repository for enterprise Linux
 +
:* install python3 if it is not already installed
 +
:* set the host name to your Seneca user name
 +
:* install the git package
 +
:* create a new user with your Seneca_id with sudo access
 +
:* configure the new user account so that you can ssh to it without password
 +
:* setup a directory structs for completing and organizing labs as shown below:<source lang="bash">
 +
      /home/[seneca_id]/ops435/lab0
 +
      /home/[seneca_id]/ops435/lab1
 +
      /home/[seneca_id]/ops435/lab2
 +
      /home/[seneca_id]/ops435/lab3
 +
      /home/[seneca_id]/ops435/lab4
 +
      /home/[seneca_id]/ops435/lab5
 +
      /home/[seneca_id]/ops435/lab6
 +
      /home/[seneca_id]/ops435/lab7
 +
      /home/[seneca_id]/ops435/lab8
 +
      /home/[seneca_id]/ops435/lab9
 +
</source>
 +
:* create a playbook named "config_ops435.yml" to perform the tasks mentioned above.
 +
:* test your playbook and capture its output when it complete without error.
  
= Completing the Lab =
+
= Lab 9 Sign-off (Show Instructor) =
 +
== Have the following items ready to show your instructor: ==
 +
: * The Ansible playbook called "config_ops435.yml" for configuring the VM mentioned in Lab 1.
 +
: * The result of running the playbook "config_ops435.yml". Save the result in a file called "lab9_[seneca_id].txt"
 +
== Upload the following files to blackboard ==
 +
: * config_ops435.yml
 +
: * lab9_[seneca_id].txt

Revision as of 21:06, 26 November 2020

Objective

  1. Install and configure Ansible on a controller Linux machine
  2. Explore Ansible's ad hoc commands
  3. Explore Ansible's built-in modules
  4. Explore and create Ansible playbooks

Overview

Ansible is an agentless IT automation engine for automating cloud provisioning, configuration management, application deployment, intra-service orchestration, and many other IT system administration tasks.
Ansible uses no additional custom security infrastructure, and it uses a very simple human readable language called 'YAML', to compose an Ansible Playbook which allow you to describes the tasks you want to automate.

Reference

  • By: Daniel Hall, Publisher: Packt Publishing Pub.
  • Date: April 27, 2015,ISBN-13: 978-1-78528-230-0
  • Pages in Print Edition: 122

System requirements

  • You must have at lease two networked machines
    • control machine - run ansible to configure remote node - need Ansible 2.x (latest version 2.7)
    • managed machine(s) - to be managed by the control node
  • You should be able to ssh from your control machine as a regular user to any of your remote machines as regular user without supplying a login password.
  • You account on the remote machine should be a sudoer and can run sudo without password.
  • You should also be to ssh from your control machine as a regular user to any of your remote machines as root without supplying a login password
  • Python 2.7+ on all nodes


Investigation I: Introduction to Ansible

In this introduction, we explore the main components of the Ansible configuration management system and its operating environment. we also study a simple playbook for managing the configuration of a CentOS 7.x VM.
You need at least two VMs for this lab: one VM to be used as the control machine and one or more VMs to be used as the managed machines. You only need to install Ansible on the control machine.

Key Concepts when using Ansible

  • YAML - a human-readable data serialization language use by Ansible's playbooks. To know more, your can check out the wikipedia page here
  • Control machine - the host on which you use Ansible to execute tasks on the managed machines
  • Managed machine - a host that is configured by the control machine
  • Hosts file - contains information about machines to be managed - click here for sample hosts file
  • Ad hoc commands - a simple one-off task:
    • shell commands
      • ansible 192.168.99.153 -a 'date'
      • ansible 192.168.99.153 -a 'df'
      • ansible 192.168.99.153 -a 'iptables -L -n -v' -u root
  • Built-in modules - code that performs a particular task such as copy a file, installing a package, etc:
    • copy module
      • ansible 192.168.99.153 -m copy -a "src=/ops435/ansible.txt dest=/tmp/ansible.txt"
    • Package management
      • ansible 192.168.99.153 -m yum -a "name=epel-release state=latest"
  • Playbooks - contains one or multiple plays, each play defines a set of repeatable tasks on one or more managed machines. Playbooks are written in YAML. Every play in the playbook is created with environment-specific parameters for the target machines:
    • ansible-playbook -i 192.168.99.153, setup_webserver.yaml
    • ansible-playbook firstrun.yaml

== Hardware and software required

Part 1: Installing Ansible on CentOS 7

You only need to install the "ansible" package on your control VM.
  • Login as a regular user, change to the directory ~/ops435/lab9
  • Issue the following command to install the "ansible" package:
     
    sudo yum install ansible -y
  • You may have to install the following dependent packages:
    Dependencies Resolved
    
    =====================================================================================================================
     Package                             Arch                  Version                       Repository             Size
    =====================================================================================================================
    Installing:
     ansible                             noarch                2.9.1-1.el7                   epel                   17 M
    Installing for dependencies:
     python-babel                        noarch                0.9.6-8.el7                   base                  1.4 M
     python-cffi                         x86_64                1.6.0-5.el7                   base                  218 k
     python-enum34                       noarch                1.0.4-1.el7                   base                   52 k
     python-httplib2                     noarch                0.9.2-1.el7                   extras                115 k
     python-idna                         noarch                2.4-1.el7                     base                   94 k
     python-jinja2                       noarch                2.7.2-4.el7                   base                  519 k
     python-markupsafe                   x86_64                0.11-10.el7                   base                   25 k
     python-paramiko                     noarch                2.1.1-9.el7                   base                  269 k
     python-ply                          noarch                3.4-11.el7                    base                  123 k
     python-pycparser                    noarch                2.14-1.el7                    base                  104 k
     python2-cryptography                x86_64                1.7.2-2.el7                   base                  502 k
     python2-jmespath                    noarch                0.9.0-3.el7                   extras                 39 k
     python2-pyasn1                      noarch                0.1.9-7.el7                   base                  100 k
     sshpass                             x86_64                1.06-2.el7                    extras                 21 k
    
    Transaction Summary
    =====================================================================================================================
    Install  1 Package (+14 Dependent packages)
    
    Total download size: 21 M
    Installed size: 120 M
    Is this ok [y/d/N]:
To confirm that you have Ansible installed, try the following command:
[rchan@c7-rchan ~]$ ansible --help
usage: ansible [-h] [--version] [-v] [-b] [--become-method BECOME_METHOD]
               [--become-user BECOME_USER] [-K] [-i INVENTORY] [--list-hosts]
               [-l SUBSET] [-P POLL_INTERVAL] [-B SECONDS] [-o] [-t TREE] [-k]
               [--private-key PRIVATE_KEY_FILE] [-u REMOTE_USER]
               [-c CONNECTION] [-T TIMEOUT]
               [--ssh-common-args SSH_COMMON_ARGS]
               [--sftp-extra-args SFTP_EXTRA_ARGS]
               [--scp-extra-args SCP_EXTRA_ARGS]
               [--ssh-extra-args SSH_EXTRA_ARGS] [-C] [--syntax-check] [-D]
               [-e EXTRA_VARS] [--vault-id VAULT_IDS]
               [--ask-vault-pass | --vault-password-file VAULT_PASSWORD_FILES]
               [-f FORKS] [-M MODULE_PATH] [--playbook-dir BASEDIR]
               [-a MODULE_ARGS] [-m MODULE_NAME]
               pattern
...
Take a look of all the available command line options for the "ansible" command. There are a lots of options when running Ansible. Let's move on to try a few simple ones.

Part 2: Sample runs for some of the Ad hoc commands

[rchan@centos7 ansible]$ ansible 192.168.99.153 -m copy -a "src=/home/rchan/ops435/ansible/ansible.txt dest=/tmp/ansible.txt"
192.168.99.153 | SUCCESS => {
    "changed": true, 
    "checksum": "837affc90674fb92cdb0ebac6e49ad31a586b37e", 
    "dest": "/tmp/ansible.txt", 
    "gid": 1001, 
    "group": "rchan", 
    "md5sum": "78ae49d77d28d06173cf2194a3909732", 
    "mode": "0664", 
    "owner": "rchan", 
    "secontext": "unconfined_u:object_r:user_home_t:s0", 
    "size": 106, 
    "src": "/home/rchan/.ansible/tmp/ansible-tmp-1542902119.15-117618539513309/source", 
    "state": "file", 
    "uid": 1001
}
192.168.99.153 is the remote machine's IP address.
"-m copy" tells ansible to use the copy module
after '-a' is the arguments to the copy module, which specify the source file and the destination for the copy action.
If you got the same "SUCCESS" message, login to the remote machine (in this example, it is 192.168.99.153) and check the directory "/tmp" for the file ansible.txt.

Part 3: Sample runs for using some Ansible's built-in modules

"yum" is a built-in ansible module. You can get a complete list of all the ansible modules installed on you system with the following command:
    ansisble-doc --list_files
You can also get the detail information about any ansible module with the following command:
    ansible-doc module_name

    e.g. ansible_doc yum
The following command demonstrates how to install the "epel-release" package with the "yum" module:
[rchan@centos7 ansible]$ ansible 192.168.99.153 -m yum -a "name=epel-release state=present"
192.168.99.153 | SUCCESS => {
    "changed": false, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "epel-release-7-11.noarch providing epel-release is already installed"
    ]
}

[rchan@centos7 ansible]$ ansible 192.168.99.153 -m yum -a "name=epel-release state=present" -u root
192.168.99.153 | SUCCESS => {
    "changed": false, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "epel-release-7-11.noarch providing epel-release is already installed"
    ]
}

[rchan@centos7 ansible]$ ansible 192.168.99.153 -m yum -a "name=epel-release state=latest" -u root
192.168.99.153 | SUCCESS => {
    "changed": false, 
    "msg": "", 
    "rc": 0, 
    "results": [
        "All packages providing epel-release are up to date", 
        ""
    ]
}

Part 4: Gather software and hardware information available on remote machine

One of the main ansible module is called "setup", it is automatically called by ansible playbook to gather useful "facts" about remote hosts that can be used in ansible playbooks. It can also be executed directly by the ansible command (/usr/bin/ansible) to check what "facts" are available to a host.
[rchan@centos7 ansible]$ ansible 192.168.99.153 -m setup
192.168.99.153 | SUCCESS => {
    "ansible_facts": {
        "ansible_all_ipv4_addresses": [
            "192.168.122.99", 
            "192.168.99.153"
        ], 
        "ansible_all_ipv6_addresses": [
            "fe80::5054:ff:fe11:6767", 
            "fe80::5054:ff:fe8c:b67c"
        ], 
        "ansible_architecture": "x86_64", 
        "ansible_bios_date": "04/01/2014", 
        "ansible_bios_version": "1.9.1-5.el7_3.2", 
        "ansible_cmdline": {
            "BOOT_IMAGE": "/vmlinuz-3.10.0-862.14.4.el7.x86_64", 
            "LANG": "en_CA.UTF-8", 
            "console": "ttyS0", 
...
        "ansible_userspace_bits": "64", 
        "ansible_virtualization_role": "guest", 
        "ansible_virtualization_type": "kvm", 
        "module_setup": true
    }, 
    "changed": false
}

Click here for complete contents of the above

Investigation II: Ansible Playbook

What is a playbook?

* Playbook is one of the core features of Ansible.
* Playbook tells Ansible what to execute by which user on the remote machine.
* Playbook is like a to-do list for Ansible
* Playbook is written "YAML".
* Playbook links a task to an ansible module and provide needed arguments to the module which requires them.

Part 1: A playbook to update the /etc/motd file

Name: motd-play.yml

---
- hosts: 192.168.99.153
  user: root
  vars:
    apache_version: 2.6
    motd_warning: 'WARNING: use by ICT faculty/students only.'
    testserver: yes
  tasks:
    - name: setup a MOTD
      copy: 
        dest: /etc/motd
        content: "{{ motd_warning }}"

Sample Run:

[rchan@centos7 playbooks]$ ansible-playbook motd-play.yml

PLAY [192.168.99.153] **********************************************************

TASK [Gathering Facts] *********************************************************
ok: [192.168.99.153]

TASK [setup a MOTD] ************************************************************
changed: [192.168.99.153]

PLAY RECAP *********************************************************************
192.168.99.153             : ok=2    changed=1    unreachable=0    failed=0   

Part 2: A playbook to install and start Apache Server

Name: httpd-play.yml

---
- hosts: 192.168.99.153
  user: root
  vars:
    apache_version: 2.6
    motd_warning: 'WARNING: use by ICT faculty/students only.'
    testserver: yes
  tasks:
    - name: install apache
      action: yum name=httpd state=installed
    
    - name: restart apache
      service: 
        name: httpd
        state: restarted

Sample Run:

[rchan@centos7 playbooks]$ ansible-playbook httpd-play.yml

PLAY [192.168.99.153] **********************************************************

TASK [Gathering Facts] *********************************************************
ok: [192.168.99.153]

TASK [install apache] **********************************************************
changed: [192.168.99.153]

TASK [restart apache] **********************************************************
changed: [192.168.99.153]

PLAY RECAP *********************************************************************
192.168.99.153             : ok=3    changed=2    unreachable=0    failed=0   

Investigation III: Using Playbook to config a OPS435 Linux machine

You have just installed the latest version of CentOS 7.x on a VM with GNOME Desktop. You need to configure it so that you can use it for doing the Labs for OPS435. The following configuration need to be done on that VM:
  • update all the packages installed on the VM
  • install extra packages repository for enterprise Linux
  • install python3 if it is not already installed
  • set the host name to your Seneca user name
  • install the git package
  • create a new user with your Seneca_id with sudo access
  • configure the new user account so that you can ssh to it without password
  • setup a directory structs for completing and organizing labs as shown below:
          /home/[seneca_id]/ops435/lab0
          /home/[seneca_id]/ops435/lab1
          /home/[seneca_id]/ops435/lab2
          /home/[seneca_id]/ops435/lab3
          /home/[seneca_id]/ops435/lab4
          /home/[seneca_id]/ops435/lab5
          /home/[seneca_id]/ops435/lab6
          /home/[seneca_id]/ops435/lab7
          /home/[seneca_id]/ops435/lab8
          /home/[seneca_id]/ops435/lab9
  • create a playbook named "config_ops435.yml" to perform the tasks mentioned above.
  • test your playbook and capture its output when it complete without error.

Lab 9 Sign-off (Show Instructor)

Have the following items ready to show your instructor:

* The Ansible playbook called "config_ops435.yml" for configuring the VM mentioned in Lab 1.
* The result of running the playbook "config_ops435.yml". Save the result in a file called "lab9_[seneca_id].txt"

Upload the following files to blackboard

* config_ops435.yml
* lab9_[seneca_id].txt