1,760
edits
Changes
→Lab 9 Sign-off (Show Instructor)
[[Category:OPS435]][[Category:rchan]][[Category:OPS435 Lab]]
= Objective =
:# Confirm and review the Ansible package installed on matrix.senecacollege.ca
* Ad hoc commands - a simple one-off task:
** <u><b>shell commands</b></u>
*** ansible 192.168.99.153 remote_machine_id [-a 'date'*** ansible 192.168.99.153 i inventory] [-a 'df' *** ansible 192.168.99.153 -a 'iptables private-L key id_rsa] [-n u remote_user] -va 'date' -u root
* Ansible modules - code that performs a particular task such as copy a file, installing a package, etc:
** <u><b>copy module</b></u>
*** ansible 192.168.99.153 remote_machine_id -m copy -a "src=/ops435/ansible.txt dest=/tmp/ansible.txt"
** <u><b>Package management</b></u>
*** ansible 192.168.99.153 remote_machine_id -m yum -a "name=epel-release state=latest"
* Playbooks - contains one or multiple plays, each play defines a set of repeatable tasks on one or more managed machines. Playbooks are written in YAML. Every play in the playbook is created with environment-specific parameters for the target machines:
** ansible-playbook remote_machine_id [-i 192.168.99.153, inventory] setup_webserver.yaml** ansible-playbook remote_machine_id [-i inventory] firstrun.yaml
== Part 1: The Ansible package installed on matrix ==
== Part 2: Sample runs for some of the Ad hoc commands ==
The following commands are based on the following entries in the ansible inventory file called "hosts" in the current working directory:
<pre>
...
[ops435b]
jkwok ansible_host=myvmlab.senecacollege.ca ansible_port=7850
cdee ansible_host=myvmlab.senecacollege.ca ansible_port=7874
...
</pre>
<pre>
[rchanraymond.chan@centos7 ansiblemtrx-node02pd lab9]$ ansible 192.168.99.153 jkwok -i hosts --private-key id_rsa -u instructor -m copy -a "src=/home/rchanraymond.chan/ops435/ansiblelab9/ansible.txt hosts dest=/tmp/ansible.txtansible_hosts"192.168.99.153 jkwok | SUCCESS CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" },
"changed": true,
"checksum": "837affc90674fb92cdb0ebac6e49ad31a586b37ebc4ffa4127e3af3228e61f0ddc4fca87c5e548a4", "dest": "/tmp/ansible.txtansible_hosts", "gid": 10011003, "group": "rchaninstructor", "md5sum": "78ae49d77d28d06173cf2194a390973217e94f6ee9ce0920ebf835bd4f6250a7",
"mode": "0664",
"owner": "rchan", "secontext": "unconfined_u:object_r:user_home_t:s0instructor", "size": 106423, "src": "/home/rchaninstructor/.ansible/tmp/ansible-tmp-15429021191616732233.1549-236519-11761853951330935150082693243/source",
"state": "file",
"uid": 10011003
}
</pre>
: 192jkwok is the remote machine ID.168: hosts is the name of the ansible inventory file in the current working directory, you may also specify the inventory file with full path name, e.99g.153 /home/raymond.chan/ops435/lab9/hosts. : --private-key id_ras is the private key for ssh key-based authentication for connecting to the remote machine.: -u is for specifying the user account to be used to login to the remote machine's IP address.: "-m copy" tells is to tell ansible to use the "copy " module.
: after '-a' is the arguments to the copy module, which specify the source file and the destination for the copy action.
: If you got the same "SUCCESS" message, login to the remote machine (in this example, it is 192.168.99.153) and check the directory "/tmp" for the file ansible.txtansible_hosts.
== Part 3: Sample runs for using some Ansible's built-in modules ==
: You can get a complete list of all the ansible modules installed on you system with the following command:<source lang="bash">
ansible-doc --list_files
</source>
: "yum" is a built-in stable ansible module. You can get the detail information about any ansible module with the ansible-doc, try the following commandcommands to see the documentation and examples for using the copy and yum modules:<source lang="bash"> ansible-doc copy
ansible-doc yum
</source>
: The following command demonstrates how to install the "epel-release" package with the "yum" module with different module arguments and under different remote user (your result may be differ from what is show below):
<pre>
[rchanraymond.chan@centos7 ansiblemtrx-node02pd lab9]$ ansible 192.168.99.153 jkwok -i hosts --private-key id_rsa -u instructor -m yum -a "name=epel-release state=present"192.168.99.153 jkwok | SUCCESS FAILED! => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" },
"changed": false,
"changes": {
"installed": [
"epel-release"
]
},
"msg": "You need to be root to perform this command.\n",
"rc": 1,
"results": [
"Loaded plugins: fastestmirror\n"
]
}
</pre>
: Add the '-b' option to tell ansible to invoke "sudo" when running the yum command on the remote machine:
<pre>
[raymond.chan@mtrx-node02pd lab9]$ ansible jkwok -i hosts --private-key id_rsa -u instructor -b -m yum -a "name=epel-release state=present"
jkwok | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"changes": {
"installed": [
"epel-release"
]
},
"msg": "",
"rc": 0,
"results": [
"Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.netflash.net\n * extras: mirror.netflash.net\n * updates: mirror.calgah.com\nResolving Dependencies\n--> Running transaction check\n---> Package epel-release.noarch 0:7-11 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n epel-release noarch 7-11 extras 15 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package\n\nTotal download size: 15 k\nInstalled size: 24 k\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : epel-release-7-11.noarch 1/1 \n Verifying : epel-release-7-11.noarch providing 1/1 \n\nInstalled:\n epel-release is already installed.noarch 0:7-11 \n\nComplete!\n"
]
}
</pre>: If you run the same commond the 2nd time:<pre>[rchanraymond.chan@centos7 ansiblemtrx-node02pd lab9]$ ansible 192.168.99.153 jkwok -i hosts --private-key id_rsa -u instructor -b -m yum -a "name=epel-release state=present" -u root192.168.99.153 jkwok | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" },
"changed": false,
"msg": "",
]
}
</pre>: Now run the similar command but with "state=latest":<pre>[rchanraymond.chan@centos7 ansiblemtrx-node02pd lab9]$ ansible 192.168.99.153 jkwok -i hosts --private-key id_rsa -u instructor -b -m yum -a "name=epel-release state=latest" -u root192.168.99.153 jkwok | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" },
"changed": false,
"changes": {
"installed": [],
"updated": []
},
"msg": "",
"rc": 0,
}
</pre>
: Depending on the status of the packages installed on your VM, the output may not exactly the same as shown above. Please read and try to understanding the meaning of the text return by ansible.
== Part 4: Gather software and hardware information available on remote machine ==
: One of the main core ansible module is called "setup", it is automatically called by ansible playbook to gather useful "facts" about remote hosts that can be used in ansible playbooks. It can also be executed directly by the ansible command (/usr/bin/ansible) to check out what "facts" are available to on a remote host.
<pre>
[rchanraymond.chan@centos7 ansiblemtrx-node02pd lab9]$ ansible 192.168.99.153 jkwok -i hosts --private-key id_rsa -u instructor -m setup192.168.99.153 jkwok | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"19210.168102.122114.99", "192.168.99.153140"
],
"ansible_all_ipv6_addresses": [
"fe80::505421d:ffd8ff:fe11feb7:6767", "fe80::5054:ff:fe8c:b67c20cc"
],
"ansible_apparmor": {
"status": "disabled"
},
"ansible_architecture": "x86_64",
"ansible_bios_date": "0411/0126/20142012", "ansible_bios_version": "1.9.1-5.el7_3.2", "ansible_cmdline": { "BOOT_IMAGE": "/vmlinuz-3.10.0-862.14.4.el7.x86_64", "LANG": "en_CA.UTF-8", "console": "ttyS0",
...
"ansible_userspace_bits": "64",
"ansible_virtualization_role": "guest",
"ansible_virtualization_type": "kvmVirtualPC", "discovered_interpreter_python": "/usr/bin/python", "gather_subset": [ "all" ],
"module_setup": true
},
"changed": false
}
</pre>
[[OPS435_Ansible_setup|Click here for complete sample contents of the above]]
= Investigation II: Ansible Playbook =
Name: motd-play.yml
<pre>
[raymond.chan@mtrx-node02pd lab9]$ cat motd-play.yml
---
- name: update motd file hosts: 192.168.99.153jkwok user: rootinstructor become: yes
vars:
apache_version: 2.6
motd_warning: 'WARNING: use user by ICT faculty/students only.'
testserver: yes
tasks:
- name: setup a MOTD
copy:
dest: /etc/motd
content: "{{ motd_warning }}"
</pre>
Sample Run:
<pre>
[rchanraymond.chan@centos7 playbooksmtrx-node02pd lab9]$ ansible-playbook -i hosts --private-key id_rsa -b motd-play.yml
PLAY [192.168.99.153update motd file] *******************************************************************
TASK [Gathering Facts] ********************************************************************ok: [192.168.99.153jkwok]
TASK [setup a MOTD] ***********************************************************************changed: [192.168.99.153jkwok]
PLAY RECAP ********************************************************************************192.168.99.153 : jkwok ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
</pre>
Try to run it the 2nd time and pay attention to the result. What conclusion can you draw?
== Part 2: A playbook to install and start Apache Server ==
</pre>
= Investigation III: Using Playbook to configure an OPS435 Linux VM machine =
: Assume you have just installed the latest version of CentOS 7.x on a VM with GNOME Desktop. You need to configure it so that you can use it for doing the Labs for OPS435. The : Study the documentation and examples of following ansible modules::* copy:* file :* hostname:* template:* user:* yum Create an ansible playbook using the appropriate modules to perform the following configuration tasks need to be done on that your assigned VM:
:* update all the packages installed on the VM
:* install extra packages repository for enterprise Linux
= Lab 9 Sign-off (Show Instructor) =
For the Winter 2021 Semeter, this lab is optional and if you complete and submit this lab by April 7, 2021, you could get a maximum bonus of 2%. Please confirm this with your instructor.
== Have the following items ready to show your instructor: ==
: * The Ansible playbook called "config_ops435.yaml" for configuring the VM mentioned in Lab 1.