384
edits
Changes
→Investigation 1: The Ansible Package
= Reference =
:* For more detail information about ansible, check out the ansible web site at [https://www.ansible.com. www.ansible.com]
:* [https://www.ansible.com/overview/how-ansible-works Overview on how ansible works]
:* [https://docs.ansible.com/ansible/latest/user_guide/index.html Ansible Latest User Guide]
= System requirements =
* You must have a control machine and a valid Seneca user account on matrix.senecacollege.ca and an VM assigned to you in myvmlab.senecacollege.ca:** control machine (matrix.senecacollege.caor your Fedora)- run ansible to configure your assigned VM in myvmlab.senecacollege.ca
** managed machine(s) (your vm in myvmlab.senecacollege) - to be managed by the control machine
* You should be able to ssh from matrix.senecacollege.ca your control machine as a regular user to your managed machine without supplying a login password.
* Your account on your managed machine is a sudoer and can run sudo with/without password.
* Has Ansible installed on your control machine.
* Has Python 2.7+ installed on your managed machine(s).
= Investigation I1: The Ansible Package =: In this investigation, we explore the main components of the Ansible configuration management system and its operating environment. we We also study a simple playbook for managing the configuration of a CentOS 7.x VM. : You need at least two Linux systems for this lab: your account on matrix.senecacollege.ca to be used as the control machine and your assigned VM in myvmlab.senecacollege.ca as the managed machinesmachine. The Ansible package is already installed on matrix for you.
== Key Concepts when using Ansible==
* YAML - a human-readable data serialization language use used by Ansible's playbooks. To know more, your can check out the [https://en.wikipedia.org/wiki/YAML wikipedia page here] or a simple introduction [[Introduction_to_YAML|here]]
* Control machine - the host on which you use Ansible to execute tasks on the managed machines
* Managed machine - a host that is configured by the control machine
== Part 1: The Ansible package installed on matrix ==
: You only need to have the "ansible" package on your control VM (i.e: On Fedora, Ansible is provided in the ansible package. matrix)Run: <source lang="bash">dnf install ansible</source>: On Matrix, Ansible is already installed for you.
:* Login to matrix with your Seneca account and change to the directory ~/ops445/lab9
:* Issue the following command to check the version of the "ansible" package: <source lang="bash">
<pre>
...
[ops445bops445]jkwok vmlab ansible_host=myvmlab.senecacollege.ca ansible_port=78507890cdee myvm ansible_host=myvmlab.senecacollege.ca ansible_port=78747654
...
</pre>
<pre>
[raymond.chan@mtrx-node02pd lab9]$ ansible jkwok vmlab -i hosts --private-key ~/.ssh/id_rsa -u instructor -m copy -a "src=/home/raymond.chan/ops445/lab9/hosts dest=/tmp/ansible_hosts"jkwok vmlab | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
</pre>
: jkwok '''vmlab''' is the remote machine ID.: '''hosts ''' is the name of the ansible inventory file in the current working directory, you may also specify the inventory file with full path name, e.g. /home/raymond.chan/ops445/lab9/hosts. : '''--private-key id_ras id_rsa''' is the private key for ssh key-based authentication for connecting to the remote machine.: '''-u ''' is for specifying the user account to be used to login to the remote machine.: '''-m copy ''' is to tell ansible to use the "copy" module.: after '''-a''' is the arguments to the copy module, which specify the source file and the destination for the copy action.
: If you got the same "SUCCESS" message, login to the remote machine and check the directory "/tmp" for the file ansible_hosts.
: The following command demonstrates how to install the "epel-release" package with the "yum" module with different module arguments and under different remote user (your result may be differ from what is show below):
<pre>
[raymond.chan@mtrx-node02pd lab9]$ ansible jkwok vmlab -i hosts --private-key ~/.ssh/id_rsa -u instructor -m yum -a "name=epel-release state=present"jkwok vmlab | FAILED! => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
: Add the '-b' option to tell ansible to invoke "sudo" when running the yum command on the remote machine:
<pre>
[raymond.chan@mtrx-node02pd lab9]$ ansible jkwok vmlab -i hosts --private-key ~/.ssh/id_rsa -u instructor -b -m yum -a "name=epel-release state=present"jkwok vmlab | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
}
</pre>
: If you run the same commond command the 2nd time:
<pre>
[raymond.chan@mtrx-node02pd lab9]$ ansible jkwok vmlab -i hosts --private-key ~/.ssh/id_rsa -u instructor -b -m yum -a "name=epel-release state=present"jkwok vmlab | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
: Now run the similar command but with "state=latest":
<pre>
[raymond.chan@mtrx-node02pd lab9]$ ansible jkwok vmlab -i hosts --private-key ~/.ssh/id_rsa -u instructor -b -m yum -a "name=epel-release state=latest"jkwok vmlab | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
}
</pre>
: Depending on the status of the packages installed on your VM, the output may not exactly the same as shown above. Please read and try to understanding the meaning of the text return by ansible. If it's been updated instead, then run the command again.
== Part 4: Gather software and hardware information available on remote machine ==
: One of the core ansible module is called "setup", it is automatically called by ansible playbook to gather useful "facts" about remote hosts that can be used in ansible playbooks. It can also be executed directly by the ansible command (/usr/bin/ansible) to check out what "facts" are available on a remote host.
<pre>
[raymond.chan@mtrx-node02pd lab9]$ ansible jkwok vmlab -i hosts --private-key ~/.ssh/id_rsa -u instructor -m setupjkwok vmlab | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
[[OPS445_Ansible_setup|Click here for complete sample contents of the above]]
= Investigation II2: Ansible Playbook =
== What is a playbook? ==
: * Playbook is one of the core features of Ansible.
: * Playbook tells Ansible what to execute by which user on the remote machine.
: * Playbook is like a to-do list for Ansible
: * Playbook is written in "YAML".
: * Playbook links a task to an ansible module and provide needed arguments to the module which requires them.
---
- name: update motd file
hosts: jkwokvmlab
user: instructor
vars:
apache_version: 2.6
motd_warning: '"WARNING: user used by ICT faculty/students only.'\n"
testserver: yes
tasks:
Sample Run:
<pre>
[raymond.chan@mtrx-node02pd lab9]$ ansible-playbook -i hosts --private-key id_rsa -b motd-play.yml
PLAY [update motd file] *******************************************************************
TASK [Gathering Facts] ********************************************************************
ok: [jkwokvmlab]
TASK [setup a MOTD] ***********************************************************************
changed: [jkwokvmlab]
PLAY RECAP ********************************************************************************
</pre>
<pre>
---
- hosts: 192.168.99.153vmlab user: rootinstructor become: yes
vars:
apache_version: 2.6
motd_warning: '"WARNING: use used by ICT faculty/students only.'\n"
testserver: yes
tasks:
Sample Run:
<pre>
[rchan@centos7 playbooks]$ ansible-playbook -i hosts httpd-play.yml
PLAY [192.168.99.153vmlab] ********************************************************************
TASK [Gathering Facts] **********************************************************ok: [192.168.99.153vmlab]
TASK [install apache] ***********************************************************changed: [192.168.99.153vmlab]
TASK [restart apache] ***********************************************************changed: [192.168.99.153vmlab]
PLAY RECAP **********************************************************************192.168.99.153 vmlab : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
</pre>
= Investigation III3: Using Playbook to configure an OPS445 Linux VM machine =
: Assume you have just installed the latest version of CentOS 7.x on a VM with GNOME Desktop. You need to configure it so that you can use it for doing the Labs for OPS445.
: Study the documentation and examples of following ansible modules:
:* yum
Create an ansible playbook named "config_ops445.yml" using the appropriate modules to perform the following configuration tasks on your assigned VM::* update all the packages Apache (httpd) installed on in the VMInvestigation 2 - Part 2:* install extra packages repository for enterprise Linux:* install python3 (EPEL) if it is not already installed:* remove 'tree' package:* set the host name hostname to your Seneca user name:* install the git packageusername (Seneca ID):* create a new user with your Seneca_id Seneca_ID with sudo access:* configure the new user account you created above so that you can ssh to it without password:* setup a directory structs structure '''using a loop''' for completing and organizing labs as shown below:<source lang="bash"> /home/[seneca_id]/ops445/lab0
/home/[seneca_id]/ops445/lab1
/home/[seneca_id]/ops445/lab2
/home/[seneca_id]/ops445/lab9
</source>
:* create a when it's ready, run your playbook named "config_ops445.yml" :* in order to perform test it, log into the tasks mentioned above.VM with the newly created user (your Seneca_ID), install the 'tree' package with sudo, and check the directory structure with the 'tree' command:* test and if everything is correct, capture its output for a successful run of your playbook to a file named "lab9_[seneca_id].txt"
= Lab 9 Sign-off (Show Instructor) =
== Have the following items ready to show your instructor: ==
: * The Ansible playbook called "config_ops445.yamlyml" for configuring the VM mentioned in Lab 1.: * The result of running the playbook "config_ops445.yamlyml". Save the result in a file called "lab9_[seneca_id].txt"
== Upload the following files to blackboard ==
: * config_ops445.yamlyml
: * lab9_[seneca_id].txt