https://knpuniversity.com/screencast/ansistrano
Pages
Friday, May 4, 2018
Sunday, April 22, 2018
Ansible Getting started (Transcript version 03)
INTRODUCTION
SOLUTION:
This documents gets you scenarios and their solutions for various labs being discussed as a part of getting trained for ansible.
Each individual going through this documents is expected to try typing each code by themselves and try instead of copying them and trying.
SECTION 1 - INTRODUCING ANSIBLE (DAY 01)
EXAMPLE 101:
CHECK PRESENCE OF USERID DUMMY01 IF NOT FOUND CREAT IT AND SET PASSWORD AS
DUMMY01 ELSE NO NEED FOR ANY ACTION, TO BE CARRIED OUT ON ALL TARGETHOSTS
(TRADITIONAL MANUAL WAY)
description:
SOLUTION: IN
SOLUTION BOOK
EXAMPLE 102:
CHECK PRESENCE OF USERID DUMMY01 IF NOT FOUND CREAT IT AND SET PASSWORD AS
DUMMY01 ELSE NO NEED FOR ANY ACTION, TO BE CARRIED OUT ON ALL TARGETHOSTS
(TRADITIONAL MANUAL WAY WITH FOR LOOP)
description:
SOLUTION: IN
SOLUTION BOOK
EXAMPLE 103:
CHECK PRESENCE OF USERID DUMMY01 IF NOT FOUND CREAT IT AND SET PASSWORD AS
DUMMY01 ELSE NO NEED FOR ANY ACTION, TO BE CARRIED OUT ON ALL TARGETHOSTS
(TRADITIONAL MANUAL WAY WITH FOR LOOP AND SSH THROUGH COMMAND EXECUTION)
description:
SOLUTION: IN
SOLUTION BOOK
EXAMPLE 104:
CHECK PRESENCE OF USERID DUMMY01 IF NOT FOUND CREAT IT AND SET PASSWORD AS
DUMMY01 ELSE NO NEED FOR ANY ACTION, TO BE CARRIED OUT ON ALL TARGETHOSTS
(TRADITIONAL MANUAL WAY WITH FOR LOOP USING SHELL SCRIPT EXECUTION)
description:
SOLUTION: IN
SOLUTION BOOK
EXAMPLE 105:
YUM BASED INSTALLATION
description:
SOLUTION: IN
SOLUTION BOOK
EXAMPLE 106:
CHECK PRESENCE OF USERID DUMMY01 IF NOT FOUND CREAT IT AND SET PASSWORD AS
DUMMY01 ELSE NO NEED FOR ANY ACTION, TO BE CARRIED OUT ON ALL TARGETHOSTS
(USING ANSIBLE ADHOC COMMANDS)
description:
SOLUTION: IN
SOLUTION BOOK
EXAMPLE 107:
CHECK PRESENCE OF USERID DUMMY01 IF NOT FOUND CREAT IT AND SET PASSWORD AS
DUMMY01 ELSE NO NEED FOR ANY ACTION, TO BE CARRIED OUT ON ALL TARGETHOSTS
(USING ANSIBLE PLAYBOOK)
description:
SOLUTION: IN
SOLUTION BOOK
SECTION 2 – GETTING STARTED WITH ANSIBLE (DAY 01)
EXAMPLE 201: WORKING ON SINGLE HOST USING AD HOC COMMAND (DEFAULT + CUSTOM INVENTORY LOCAION)
DESCRIPTION:
1) Checking reach-ability of a client machine by hostname
2) Checking reach-ability of a client machine by IP address
3) Checking reach-ability of a client machine not in default inventory
SOLUTION:
EXAMPLE 202: WORKING ON MULTIPLE HOSTS USING AD HOC COMMAND (DEFAULT + CUSTOM INVENTORY LOCAION)
DESCRIPTION:
1) Checking hostname of multiple client machines by hostname regular expression
2) Checking kernel version of multiple client machines by IP address regular expression
3) Checking disk usage status of multiple client machines in a IP address range
4) Checking ssh version of multiple client machines not in default inventory
SOLUTION:
EXAMPLE 203: WORKING ON HOST GROUP USING AD HOC COMMAND (DEFAULT + CUSTOM INVENTORY LOCAION)
DESCRIPTION:
1) Checking permanent mount point details of a group of client machines
2) Checking sshd service status of a group of client machines not in default inventory
SOLUTION:
EXAMPLE 204: WORKING ON NESTED HOST GROUPS USING AD HOC COMMAND (DEFAULT + CUSTOM INVENTORY LOCAION)
DESCRIPTION:
1) Checking snmpd service status of a groups of client machines
2) Checking installed sshd rpm name of a groups of client machines not in default inventory
SOLUTION:
EXAMPLE 205: WORKING WITH PASSWORD BASED INTERACTION (DEFAULT + CUSTOM INVENTORY LOCAION)
DESCRIPTION:
1) Creating user student2 on client machines
2) Setting up password for student2 user as student2 on client machines
3) Creating student2 user on control machine and setting up password as student2
4) Login into control machine as student2 and execute adhoc ansible commands
5) Login into control machine as student2 and execute adhoc ansible commands using ask pasword option
SOLUTION:
EXAMPLE 206: WORKING WITH DYNAMIC INVENTORY (SINLGE HOST + MULTIPLE HOSTS + HOST GROUP + HOST GROUPS)
DESCRIPTION:
1) Executing ping command on inventory file generated in JSON format
SOLUTION:
EXAMPLE 207: USING CUSTOM KEY LOCATION IN AD HOC COMMAND
DESCRIPTION:
1) Creating user student3 on client machines
2) Setting up password for student3 user as student3 on client machines
3) Creating student3 user on control machine and setting up password as student3
4) Login onto control machine as student3 and generate a keypair in /tmp location
5) Login to control machine as student3 and copy required key manually to client machines generated in /tmp location
6) Login into control machine as student3 and execute adhoc ansible commands
7) Login into control machine as student3 and execute adhoc ansible commands using ask pasword option
8) Login into control machine as student3 and execute adhoc ansible commands using key file option
SOLUTION:
EXAMPLE 208: USING FORK IN AD HOC COMMANDS
DESCRIPTION:
1) Checking /etc folder size on client machines
2) Checking /etc folder size on client machines using option fork and passing numeric value to it
SOLUTION:
EXAMPLE 209: USING REMOTE USER IN AD HOC COMMANDS
DESCRIPTION:
1) Executing id command on client machines using student user login on control machine
2) Executing id command on client machines using root user login on control machine
3) Executing id command on client machines by using command line remote user option
SOLUTION:
EXAMPLE 210: USING SUDO IN AD HOC COMMANDS
DESCRIPTION:
1) Executing sshd service restart command on client machines using student user login on control machine
2) Executing sshd service restart command on client machines using root user login on control machine
3) Executing sshd restart command on client machines by using command line remote user option irrespective of user being loggedin on control machine
4) Executing sshd restart command on client machines by using option become
5) Executing sshd restart command on client machines by using options become and ask password
SOLUTION:
SECTION 3 - IMPLEMENTING PLAYBOOKS (DAY 02)
EXAMPLE 301: WORKING ON SINGLE HOST USING PLAYBOOK (DEFAULT + CUSTOM INVENTORY LOCAION)
DESCRIPTION:
1) Checking reach-ability of a client machine by hostname through yml playbook
2) Checking reach-ability of a client machine by IP address through yml playbook
3) Checking reach-ability of a client machine not in default inventory through yml playbook
SOLUTION:
EXAMPLE 302: WORKING ON MULTIPLE HOSTS USING PLAYBOOK (DEFAULT + CUSTOM INVENTORY LOCAION)
DESCRIPTION:
1) Checking hostname of multiple client machines by hostname regular expression through yml playbook
2) Checking kernel version of multiple client machines by IP address regular expression through yml playbook
3) Checking disk usage status of multiple client machines in a IP address range through yml playbook
4) Checking ssh version of multiple client machines not in default inventory through yml playbook
SOLUTION:
EXAMPLE 303: WORKING ON HOST GROUP USING PLAYBOOK (DEFAULT + CUSTOM INVENTORY LOCAION)
DESCRIPTION:
1) Checking permanent mount point details of a group of client machines through yml playbook
2) Checking sshd service status of a group of client machines not in default inventory through yml playbook
SOLUTION:
EXAMPLE 304: WORKING ON NESTED HOST GROUPS USING PLAYBOOK (DEFAULT + CUSTOM INVENTORY LOCAION)
DESCRIPTION:
1) Checking snmpd service status of a groups of client machines through yml file.
2) Checking installed sshd rpm name of a groups of client machines not in default inventory through yml file.
SOLUTION:
EXAMPLE 305: WORKING WITH PASSWORD BASED INTERACTION (DEFAULT + CUSTOM INVENTORY LOCAION)
DESCRIPTION:
1) Creating user student2 on client machines
2) Setting up password for student2 user as student2 on client machines
3) Creating student2 user on control machine and setting up password as student2
4) Login into control machine as student2 and execute ansible playbook
5) Login into control machine as student2 and execute ansible playbook using ask pasword option
SOLUTION:
EXAMPLE 306: WORKING WITH DYNAMIC INVENTORY (SINLGE HOST + MULTIPLE HOSTS + HOST GROUP + HOST GROUPS)
DESCRIPTION:
1) Executing ansible playbook on inventory file generated in JSON format
SOLUTION:
EXAMPLE 307: USING CUSTOM KEY LOCATION IN AD HOC COMMAND
DESCRIPTION:
1) Creating user student3 on client machines
2) Setting up password for student3 user as student3 on client machines
3) Creating student3 user on control machine and setting up password as student3
4) Login onto control machine as student3 and generate a keypair in /tmp location
5) Login to control machine as student3 and copy required key manually to client machines generated in /tmp location
6) Login into control machine as student3 and execute ansible playbook
7) Login into control machine as student3 and execute ansible playbook using ask pasword option
8) Login into control machine as student3 and execute ansible playbook using key file option
SOLUTION:
EXAMPLE 308: USING FORK IN AD HOC COMMANDS
DESCRIPTION:
1) Checking /etc folder size on client machines through yml playbook
2) Checking /etc folder size on client machines using option fork and passing numeric value to it through yml playbook
SOLUTION:
EXAMPLE 309: USING REMOTE USER IN AD HOC COMMANDS
DESCRIPTION:
1) Executing id command on client machines using student user login on control machine through yml playbook
2) Executing id command on client machines using root user login on control machine through yml playbook
3) Executing id command on client machines by using command line remote user option through yml playbook
SOLUTION:
EXAMPLE 310: USING SUDO IN AD HOC COMMANDS
DESCRIPTION:
1) Executing sshd service restart command on client machines using student user login on control machine through yml playbook
2) Executing sshd service restart command on client machines using root user login on control machine through yml playbook
3) Executing sshd restart command on client machines by using command line remote user option irrespective of user being loggedin on control machine through yml playbook
4) Executing sshd restart command on client machines by using option become through yml playbook
5) Executing sshd restart command on client machines by using options become and ask password through yml playbook
SOLUTION:
SECTION 4 – VARIABLES IN PLAYBOOKS (DAY 03)
EXAMPLE 401: USING VARIABLES DEFINED IN PLAYBOOK (TASKS DEFINED)
DESCRIPTION:
SOLUTION:
EXAMPLE 402: USING VARIABLES DEFINED IN PLAYBOOK (VARS DEFINED)
DESCRIPTION:
1) Create a playbook to get httpd and snmpd service installed + started + enabled by defining as seperat tasks
2) Create a playbook to get httpd and snmpd service installed + started + enabled by defining as a seperat task using vars
SOLUTION:
EXAMPLE 403: USING SYSTEM FACTS IN PLAYBOOK
DESCRIPTION:
1) Create a platbook for below tasks
- install httpd
- Enable httpd in startup
- Http service should be accessible to all
- Create index page on each host containing message "hostname - hosted website" where hostname is actual target machines hostname
SOLUTION:
EXAMPLE 404: USING CUSTOM FACTS IN PLAYBOOK (JSON FORMAT)
DESCRIPTION:
SOLUTION:
EXAMPLE 405: USING CUSTOM FACTS IN PLAYBOOK (INI FORMAT)
DESCRIPTION:
SOLUTION:
EXAMPLE 406: USING VARIABLES INCLUDED FROM A FILE IN A PLAYBOOK (TASKS DEFINED)
DESCRIPTION:
SOLUTION:
EXAMPLE 407: USING VARIABLES INCLUDED FROM A FILE IN A PLAYBOOK (VAR_FILE DEFINED)
DESCRIPTION:
SOLUTION:
EXAMPLE 408: USING VARIABLES DEFINED IN INVENTORY FILE (DEFAULT + CUSTOM LOCATION INVENTORY)
DESCRIPTION:
SOLUTION:
EXAMPLE 409: USING VARIABLES DEFINED IN VARS FOLDER
DESCRIPTION:
SOLUTION:
EXAMPLE 410: USING VARIABLES DEFINED IN HOST_VARS AND GROUP_VARS FOLDERS
DESCRIPTION:
SOLUTION:
EXAMPLE 411: USING REGISTERED VARIABLES IN PLAYBOOK
DESCRIPTION:
SOLUTION:
SECTION 5 – ANSIBLE CONTROL MECHANISMS (DAY 04)
EXAMPLE 501: PLAYBOOK WITHOUT LOOP
DESCRIPTION:
SOLUTION:
EXAMPLE 502: USING SIMPLE LOOP IN PLAYBOOK
DESCRIPTION:
SOLUTION:
EXAMPLE 503: USING ITEMISED LOOP IN PLAYBOOK
DESCRIPTION:
SOLUTION:
EXAMPLE 504: USING NESTED LOOP IN PLAYBOOK
DESCRIPTION:
SOLUTION:
EXAMPLE 505: USING WHEN CONDITION IN PLAYBOOK
DESCRIPTION:
SOLUTION:
EXAMPLE 506: USING WHEN CONDITION ON REGISTERED VARIABLES IN PLAYBOOK
DESCRIPTION:
SOLUTION:
EXAMPLE 507: USING WHEN CONDITION ON FACT VARIABLES IN PLAYBOOK
DESCRIPTION:
SOLUTION:
EXAMPLE 508: USING MULTIPLE CONDITIONS ON A SINGLE TASK IN A PLAYBOOK
DESCRIPTION:
SOLUTION:
EXAMPLE 509: USING SIMPLE LOOP WITH WHEN CONDITION
DESCRIPTION:
SOLUTION:
EXAMPLE 510: INVOKING SINGLE HANDLER IN PLAYBOOK
DESCRIPTION:
SOLUTION:
EXAMPLE 511: INVOKING MULTIPLE HANDLERS IN PLAYBOOK
DESCRIPTION:
SOLUTION:
EXAMPLE 512: USINGS TAGGED PLAYBOOK FOR TWO DIFFERENT FLOW OF TASKS BASED ON END GOAL/REUQUIREMENT
DESCRIPTION:
SOLUTION:
EXAMPLE 513: PLAYBOOK FOR IGNORING ERRORS ON FEW TASKS
DESCRIPTION:
SOLUTION:
EXAMPLE 514: FAILING A PLAYBOOK ON A SPECIFIC CONDITION
DESCRIPTION:
SOLUTION:
EXAMPLE 515: USING FORCED HANDLERS IN PLAYBOOK
DESCRIPTION:
SOLUTION:
EXAMPLE 516: USING BLOCK IN PLAYBOOK FOR ERROR HANDLING
DESCRIPTION:
SOLUTION:
SECTION 6 - JINJA (DAY 04)
EXAMPLE 601: USING JINJA TEMPLATING TO PUSH A FILE WITH DYNAMIC CONTENT IN A PLAYBOOK
DESCRIPTION:
SOLUTION:
EXAMPLE 602: USING JINJA LOOP IN A PLAYBOOK
DESCRIPTION:
SOLUTION:
EXAMPLE 602: USING JINJA CONDITION IN A PLAYBOOK
DESCRIPTION:
SOLUTION:
SECTION 7 – ANSIBLE ROLES (DAY 05)
EXAMPLE 701: WRITING A PLAYBOOK FOR INSTALLATION OF APACHE WITH BELOW CRITERIA
DESCRIPTION:
SOLUTION:
EXAMPLE 702: WRITING A PLAYBOOK FOR INSTALLATION OF MARIADB WITH BELOW CRITERIA
DESCRIPTION:
SOLUTION:
EXAMPLE 703: WRITING A PLAYBOOK TO GET APACHE AND MYSQL INSTALLED USING PREVIOUSLY DESCRIBED CRITERIA (WITHOUT ROLE CONCEPT)
DESCRIPTION:
SOLUTION:
EXAMPLE 704: WRITING A PLAYBOOK TO GET APACHE AND MYSQL INSTALLED USING PREVIOUSLY DESCRIBED CRITERIA (WITHOUT ROLE CONCEPT)
DESCRIPTION:
SOLUTION:
EXAMPLE 705: INSTALLING A ROLE FROM GALAXY AND USING IT STANDALONE
DESCRIPTION:
SOLUTION:
EXAMPLE 706: INSTALLING A ROLE FROM GALAXY AND USING IT IN ANOTHER PLAYBOOK LOGIC
DESCRIPTION:
SOLUTION:
EXAMPLE 707: MAKING CUSTOM MADE APACHE AND MYSQL ROLES AVAILABLE AS DEFAULT ROLES
DESCRIPTION:
SOLUTION:
SECTION 8 - ANSIBLE VAULT (DAY 05)
EXAMPLE 801: WRITE PLAYBOOK FOR INSTALLATION OF MARIADB AND SET ROOT PASSWORD FOR THE SAME USING VAULT PROTECTED PASSWORD FILE
1) CREATE A PLAYBOOK AS PER BELOW,
- INSTALL MARIABD ON TARGET SERVER
- START AND ENABLE MARIADB SERVICE
- GET ROOT PASSWORD SET BY DEFINING IT WITHIN PLAYBOOK ITSELF (READABLE)
2) CREATE A PLAYBOOK AS PER BELOW USING VAULT,
- INSTALL MARIABD ON TARGET SERVER
- START AND ENABLE MARIADB SERVICE
- GET ROOT PASSWORD SET BY DEFINING IT WITHIN A SEPARATE FILE ENCRYPTED WITH VAULT (ENCRYPTED)
SOLUTION:
EXAMPLE 802: WRITE PLAYBOOK FOR CREATION OF LIST OF USERS MENTIONED IN FIRST COLUMN OF A FILE AND SET PASSWORD FOR EACH IN SECOND COLUMN OF THE FILE. FILE CONTAINING LIST OF USERS IS PROTECTED BY VAULT
DESCRIPTION:
SOLUTION:
- INSTALL MARIABD ON TARGET SERVER
- START AND ENABLE MARIADB SERVICE
- GET ROOT PASSWORD SET BY DEFINING IT WITHIN PLAYBOOK ITSELF (READABLE)
2) CREATE A PLAYBOOK AS PER BELOW USING VAULT,
- INSTALL MARIABD ON TARGET SERVER
- START AND ENABLE MARIADB SERVICE
- GET ROOT PASSWORD SET BY DEFINING IT WITHIN A SEPARATE FILE ENCRYPTED WITH VAULT (ENCRYPTED)
SOLUTION:
EXAMPLE 802: WRITE PLAYBOOK FOR CREATION OF LIST OF USERS MENTIONED IN FIRST COLUMN OF A FILE AND SET PASSWORD FOR EACH IN SECOND COLUMN OF THE FILE. FILE CONTAINING LIST OF USERS IS PROTECTED BY VAULT
DESCRIPTION:
SOLUTION:
SECTION 9 – BEST PRACTICES (DAY 05)
EXAMPLE 901: USING DELEGATION IN PLAYBOOK
DESCRIPTION:
1) CREATE A PLAYBOOK WHICH VALIDATES A URLS REACHABILITY HOSTED ON TARGET MACHINE FROM LOCALHOST/CONTROL MACHINE, IF FOUND REACHABLE IT WILL NOT DO ANYTHING ELSE IT WILL ATTEMPT TO START THE HTTPD SERVICE ON THAT TARGET HOST
2) CREATE A PLAYBOOK TO CHANGE CONTENT OF /ETC/MOTD FILE WHOSE CONTENT IS DECIDED BASED ON THE CONTENT MENTIONED AGIANST THAT TARGET HOST IN A CONFIG FILE PLACED ALONG WITH PLAYBOOK.
1) CREATE A PLAYBOOK WHICH VALIDATES A URLS REACHABILITY HOSTED ON TARGET MACHINE FROM LOCALHOST/CONTROL MACHINE, IF FOUND REACHABLE IT WILL NOT DO ANYTHING ELSE IT WILL ATTEMPT TO START THE HTTPD SERVICE ON THAT TARGET HOST
2) CREATE A PLAYBOOK TO CHANGE CONTENT OF /ETC/MOTD FILE WHOSE CONTENT IS DECIDED BASED ON THE CONTENT MENTIONED AGIANST THAT TARGET HOST IN A CONFIG FILE PLACED ALONG WITH PLAYBOOK.
SOLUTION:
EXAMPLE 902: USING PARALLELISM IN PLAYBOOK FOR SEQUENCING
DESCRIPTION:
1) YOU ARE GIVEN A REQUIREMENT TO GET A WEBSITE CODE UPDATED ON SET OF WEB SERVERS WHICH ARE LIVE IN PRODUCTION.
2) CREATE A PLAYBOOK WHICH WILL HELP YOU TO ACHIEVE THIS AND WILL FOLLOW BELOW APPROACH/STEPS
3) ENSURE PARTICULAR VERSION OF APACHE IS INSTALLED
4) ENSURE SERVICE FOR HTTPD IS GETTING RESTARTED WELL BEFORE CODE UPDATE
5) ENSURE WEB PAGE IS REACHABLE USING SPECIFIC TARGET WEB SERVER BEFORE CODE UPDATE
6) GET THE CODE UPDATED BY CREATING A BACKUP COPY OF CODE IN CODE BACKUP FOLDER UNDER CURRENT DATE FOLDER
7) RESTART HTTPD SERVICE AND ENSURE ITS STARTED WELL
8) VALIDATE WEB PAGE IS REACHABLE USING SPECIFIC TARGET WEB SERVER BEFORE CODE UPDATE
9) PERFORM STEPS 2 TO 8 ON ONE TARGET WEB SERVER AT A TIME
10) PERFORM STEPS 2 TO 8 ON TWO TARGET WEB SERVER AT A TIME
1) YOU ARE GIVEN A REQUIREMENT TO GET A WEBSITE CODE UPDATED ON SET OF WEB SERVERS WHICH ARE LIVE IN PRODUCTION.
2) CREATE A PLAYBOOK WHICH WILL HELP YOU TO ACHIEVE THIS AND WILL FOLLOW BELOW APPROACH/STEPS
3) ENSURE PARTICULAR VERSION OF APACHE IS INSTALLED
4) ENSURE SERVICE FOR HTTPD IS GETTING RESTARTED WELL BEFORE CODE UPDATE
5) ENSURE WEB PAGE IS REACHABLE USING SPECIFIC TARGET WEB SERVER BEFORE CODE UPDATE
6) GET THE CODE UPDATED BY CREATING A BACKUP COPY OF CODE IN CODE BACKUP FOLDER UNDER CURRENT DATE FOLDER
7) RESTART HTTPD SERVICE AND ENSURE ITS STARTED WELL
8) VALIDATE WEB PAGE IS REACHABLE USING SPECIFIC TARGET WEB SERVER BEFORE CODE UPDATE
9) PERFORM STEPS 2 TO 8 ON ONE TARGET WEB SERVER AT A TIME
10) PERFORM STEPS 2 TO 8 ON TWO TARGET WEB SERVER AT A TIME
SOLUTION:
EXAMPLE 903: SEGREGATING NORMAL AND PRIVILEGED TASKS IN A PLAYBOOK
DESCRIPTION:
1) create a playbook to get below tasks completed (Single Play)
install httpd
Set permission to document root directory so that student user can edit
that page
start and enable httpd service
2)
create another playbook to get below tasks completed (Single play)
place student.html and index.html page in document root directory
ensure both the pages are accessible through URL
3)
create single playbook to get below tasks completed (Two different plays)
install httpd
set permission to document root directory so that student user can edit
that page
start and enable httpd service
place student.html and index.html page in document root directory
ensure both the pages are accessible through URL
4)
create single playbook to get below tasks completed (single play)
install httpd
set permission to document root directory so that student user can edit
that page
start and enable httpd service
place student.html and index.html page in document root directory
ensure both the pages are accessible through URL
SOLUTION:
EXAMPLE 904: EXECUTING SPECIFIC TASK ON ANOTHER HOST DEFINED IN INVENTORY FROM A PLAYBOOK
DESCRIPTION:
1) DEFINE HOST01 AND HOST02 IN INVENTORY FILE
2) INSTALL MARIADB ON HOST01
3) START AND ENABLE MARIABDB ON HOST01
4) RESTORE PROVIDE DATABASE DUMP TO HOST01
5) GET DETAILS OF CONTENT FROM MARIADB OF HOST01 USING SQL QUERY
6) PLACE OBTAINED CONTENT TO APPROPIATE LOCATION IN INDEX FILE ON HOST02
7) RESTART HTTPD ON HOST02
8) ENSURE HTTPD IS WORKING POST REBOOT HOST02
SOLUTION:
2) INSTALL MARIADB ON HOST01
3) START AND ENABLE MARIABDB ON HOST01
4) RESTORE PROVIDE DATABASE DUMP TO HOST01
5) GET DETAILS OF CONTENT FROM MARIADB OF HOST01 USING SQL QUERY
6) PLACE OBTAINED CONTENT TO APPROPIATE LOCATION IN INDEX FILE ON HOST02
7) RESTART HTTPD ON HOST02
8) ENSURE HTTPD IS WORKING POST REBOOT HOST02
EXAMPLE 905: EXECUTING SPECIFIC TASK ON A HOST DEFINED OUTSIDE INVENTORY FROM A PLAYBOOK
DESCRIPTION:
1) DEFINE ONLY HOST01 IN INVENTORY FILE
2) INSTALL MARIADB ON HOST01
3) START AND ENABLE MARIABDB ON HOST01
4) RESTORE PROVIDE DATABASE DUMP TO HOST01
5) GET DETAILS OF HOST02 FROM MARIADB OF HOST01 USING SQL QUERY
6) DEFINE THE HOST02 DYNAMICALLY FOR FURTHER LOGIC
7) PLACE OBTAINED CONTENT TO APPROPIATE LOCATION IN INDEX FILE ON HOST02
8) RESTART HTTPD ON HOST02
9) ENSURE HTTPD IS WORKING POST REBOOT ON HOST02
SOLUTION:
2) INSTALL MARIADB ON HOST01
3) START AND ENABLE MARIABDB ON HOST01
4) RESTORE PROVIDE DATABASE DUMP TO HOST01
5) GET DETAILS OF HOST02 FROM MARIADB OF HOST01 USING SQL QUERY
6) DEFINE THE HOST02 DYNAMICALLY FOR FURTHER LOGIC
7) PLACE OBTAINED CONTENT TO APPROPIATE LOCATION IN INDEX FILE ON HOST02
8) RESTART HTTPD ON HOST02
9) ENSURE HTTPD IS WORKING POST REBOOT ON HOST02
EXAMPLE 906: WRITE A PLAYBOOK TO REBOOT A SERVER ONE BY ONE BY WAITING FOR REBOOTED ONE TO GET ONLINE FOR SSH CONNECTION (ASYNC)
DESCRIPTION:
1) CHECK AND PRINT UPTIME OF CURRENT TARGET SERVER
2) GET CURRENT TARGET SERVER REBOOTED
3) WAIT FOR CURRENT SERVER TO COME BACK ONLINE
4) CHECK AND PRINT UP-TIME OF CURRENT TARGET SERVER
5) PLAYBOOK SHOULD BE ABLE TO RUN “N” TARGET SERVER AT A TIME
SOLUTION:
2) GET CURRENT TARGET SERVER REBOOTED
3) WAIT FOR CURRENT SERVER TO COME BACK ONLINE
4) CHECK AND PRINT UP-TIME OF CURRENT TARGET SERVER
5) PLAYBOOK SHOULD BE ABLE TO RUN “N” TARGET SERVER AT A TIME
ANNEXURE I – FREQUENTLY USED MODULES - EXAMPLES
• PING
• SHELL
• FILE
• COPY
• YUM
• SERVICE
• USER
• PARTED
• FILESYSTEM
• MOUNT
• STAT
• TEMPLATE
• WAIT_FOR
• FIREWALLD
• UNARCHIVE
• SETUP
• FAIL
• HAPROXY
• AWS_S3
• EC2
• EC2_AMI
• AZURE
• VMWARE
Ansible Getting started (Transcript version 02)
PRE-REQUISITS
1) 4 VMS RUNNING ON AS BASE MACHINE WITH MINIMUM CONFIGURATION AS BELOW,
- 512MB RAM (MIN)
- 20GB OS DISK (THIN PROVISIONED)
- OS – “CENTOS” WITH INTERNET BASED REPOSITORY USAGE OR “REDHAT” WITH INHOUSE REPOSITORY SERVER USAGE)
- VALID CONNECTION TO OS REPOSITORIES FOR ALL 4 VMS
- VMS SHOULD BE IN SAME NETWORK OR REACHABLE TO EACH OTHER
2) VIRTUAL BOX ON STUDENTS LAPTOP IS ALSO PREFERABLE IF ITS MINIMUM 8GB WITH ALL ABOVER POINTS WITH CENTOS AS OS OPTION ONLY
INTRODUCTION
0) ORIENTATION TO THE TRAINING ENVIRONMENT AND FLOW
0.1) CONTROL MACHINE
0.2) TARGET MACHINES (CLIENT MACHINES)
0.3) INTERNET BASED REPOSITORY ACCESS
SECTION 1 - INTRODUCING ANSIBLE (DAY 01)
1) WHY ANSIBLE?
1.1) INFRASTRUCTURE AUTOMATION NEEDS OF INDUSTRY
1.2) CONFIGURATION MANAGEMENT NEEDS OF INDUSTRY
1.3) STRENGTHS OF ANSIBLE - CONFIGURATION MANAGEMENT AND ORCHESTRATION
1.4) CONTINUOUS INTEGRATION CAPABILITIES
2) ANSIBLE CONCEPTS AND ARCHITECTURE
2.1) USING SSH EFFECTIVELY (TRADITIONAL WAY)
2.2) AUTOMATING SSH LOGIN BASED INTERATIONS (TRADITIONAL WAY)
2.3) ANSIBLE ARCHITECTURE (SSH AGENT)
3) INDUSTRY EXAMPLES OF ANSIBLE USAGE
3.1) USE CASE 01 – WEB SERVER DEPLOYMENT
3.2) USE CASE 02 – SERVER SECURITY PATCHING
3.3) CASE STUDIES AVAILABLE ON ANSIBLE WEBSITE
3.4) GETTING INTO AUTOMATION MENTALITY
4) INSTALLING ANSIBLE
4.1) YUM BASED INSTALLATION
4.2) COMPILED INSTALLATION
4.3) WHAT ALL THINGS PROVIDED AS PART OF INSTALLATION?
SECTION 1 - LAB WITH EXAMPLES (DAY 01)
SECTION 2 – GETTING STARTED WITH ANSIBLE (DAY 01)
5) ANSIBLE INVENTORY
5.1) WHY INVENTORY?
5.2) DEFINING HOSTS IN INVENTORY
- SINGLE HOST
- MULTIPLE HOSTS
- GROUP OF HOSTS
- GROUP OF GROUPS
5.3) OVERRIDING INVENTORY LOCATION
- INVENTORY LOCATION PRECEDENCE
- USING INVENTORY FILE AT ANY LOCATION
5.4) DYNAMIC INVENTORY
6) ANSIBLE CONFIGURATION FILES
6.1) WHY CONFIGURATION FILES?
6.2) FEW CONFIGURATION OPTIONS
- INVENTORY = /ETC/ANSIBLE/HOSTS
- LIBRARY = /USR/SHARE/MY_MODULES/
- MODULE_UTILS = /USR/SHARE/MY_MODULE_UTILS/
- REMOTE_TMP = ~/.ANSIBLE/TMP
- LOCAL_TMP = ~/.ANSIBLE/TMP
- FORKS = 5
- POLL_INTERVAL = 15
- SUDO_USER = ROOT
- ASK_SUDO_PASS = TRUE
- REMOTE_PORT = 22
- HOST_KEY_CHECKING = FALSE
6.3) OVERRIDING CONFIGURATION OPTIONS
7) ANSIBLE AD HOC COMMANDS
7.1) WHY ANSIBLE AD HOC COMMANDS?
7.2) WHAT IS A TASK?
7.3) HOW SUDO WORKS ON LINUX?
7.4) UNDERSTANDING STRUCTURE OF ANSIBLE AD HOC COMMANDS
- COMMAND
- HOST PATTERN
- MODULE
- ARGUMENTS
- EXTRA OPTIONS
7.5) PING MODULE
7.6) SHELL MODULE
7.7) SCRIPT MODULE
7.8) AD HOC COMMAND EXECUTION (FROM INVENTORY)
- SINGLE HOST
- MULTIPLE HOSTS
- GROUP OF HOSTS
- ALL HOSTS
7.9) AD HOC COMMAND EXECUTION (NOT IN INVENTORY)
- SINGLE HOST
- MULTIPLE HOSTS
- GROUP OF HOSTS
- ALL HOSTS
8) MANAGING DYNAMIC INVENTORIES
8.1) WHY DYNAMIC INVENTORIES?
8.2) SHELL SCRIPT BASED EXAMPLE OF DYNAMIC INVENTORY
9) CONFIGURING CONNECTIONS IN AD HOC COMMANDS
9.1) UNDERSTANDING SSH CONNECTION NEEDS (TRADITIONAL WAY)
9.2) SSH KEY LOCATION
9.3) REMOTE SSH USER
9.4) FORK OR NUMBER OF PARALLEL CONNECTIONS
9.5) POLL INTERVAL
9.6) REMOTE SUDO (PASSWORD BASED + PASSWORDLESS)
SECTION 2 - LAB WITH EXAMPLES (DAY 01)
SECTION 3 - IMPLEMENTING PLAYBOOKS (DAY 02)
10) GETTING STARTED WITH PLAYBOOKS
10.1) WHAT IS YAML?
10.2) UNDERSTANDING PLAYBOOK STRUCTURE (YAML FORMAT)
10.3) SAMPLE AD HOC COMMANS
10.4) WRITING EQUIVALENT PLAYBOOK
10.5) EXECUTING YOUR FIRST PLAYBOOK (SYNTAX VERIFICATION/DEBUG/DRY RUN)
11) ATTRIBUTES IN PLAYBOOK
11.1) HOSTS
11.2) BECOME
11.3) BECOME_USER
11.4) REAMOTE_USER
11.5) GATHER_FACTS
12) USING ANSIBLE DOCUMENTATION
12.1) ANSIBLE-DOC
12.2) ANSIBLE
12.3) ANSIBLE-PLAYBOOK
12.4) ANSIBLE-GALAXY
13) CONFIGURING CONNECTIONS FOR ANSIBLE PLAYBOOK
13.1) UNDERSTANDING SSH CONNECTION NEEDS (TRADITIONAL WAY)
13.2) SSH KEY LOCATION
13.3) REMOTE SSH USER
13.4) FORK OR NUMBER OF PARALLEL CONNECTIONS
13.5) POLL INTERVAL
13.6) REMOTE SUDO (PASSWORD BASED + PASSWORDLESS)
SECTION 3 - LAB WITH EXAMPLES (DAY 02)
SECTION 4 – VARIABLES IN PLAYBOOKS (DAY 03)
14) WHY VARIABLES
14.1) NAMING CONVENTION
14.2) SCOPE OF VARIABLES
- GLOBAL SCOPE
- PLAY SCOPE
- HOST SCOPE
15) TYPE OF VARIABLES (DEPENDING ON PLACES WHERER THOSE ARE DEFINED)
15.1) HOST VARIABLES
- INVENTORY FILE
- INVENTORY FOLDER
15.2) HOSTGROUP VARIABLES
- INVENTORY FILE
- INVENTORY FOLDER
15.3) REGISTERED VARIABLES
15.4) DYNAMIC VARIABLES
15.5) INCLUDED VARIABLES
15.6) CUSTOM VARIABLES
15.7) SYSTEM VARIABLES (FACTS)
16) WORKING WITH FACTS (SYSTEM INFORMATION)
16.1) GATHERING SYSTEM INFORMATION (TRADITIONAL WAY)
16.2) WHEN TO USE FACTS
16.3) FACTS FILTERS
16.4) CUSTOM FACTS
SECTION 4 - LAB WITH EXAMPLES (DAY 03)
SECTION 5 – ANSIBLE CONTROL MECHANISMS (DAY 04)
17) TASKS IN LOOPS
17.1) NO LOOP
17.2) SIMPLE LOOP
17.3) ITEMISED LOOP
17.4) NESTED LOOP
18) TASKS WITH CONDITION/S
18.1) SIMPLE WHEN
18.2) WHEN WITH VARIABLES
18.3) MULTIPLE CONDITIONS IN WHEN
19) HANDLERS (TRIGGERS)
19.1) USING SINGLE HANDLER
19.2) USING MULTIPLE HANDLERS
20) TAGS (LABEL)
20.1) EXECUTING TAGGED TASKS
20.2) EXECUTING UN-TAGGED TASKS
21) WORKING WITH ERRORS
21.1) FAILED_WHEN
21.2) IGNORE_ERRORS
21.3) FORCED_HANDLERS
21.4) BLOCK
SECTION 5 - LAB WITH EXAMPLES (DAY 04)
SECTION 6 - JINJA (DAY 04)
22) WHAT IS TEMPLATES?
23) JINJA TEMPLATES
23.1) DELIMITERS
23.2) LOOPS
23.3) CONDITIONS
24) KNOWN ISSUES
SECTION 6 - LAB WITH EXAMPLES (DAY 04)
SECTION 7 – ANSIBLE ROLES (DAY 05)
25) WHY ROLES NEEDED?
26) STRUCTURE OF A ROLE
27) ROLE WITH DEPENDENCIES
28) TYPE OF ROLES ANSIBLE GALAXY
28.1) CUSTOM ROLES
28.2) ROLES FROM ANSIBLE GALAXY
SECTION 7 - LAB WITH EXAMPLES (DAY 05)
SECTION 8 - ANSIBLE VAULT (DAY 05)
29) WHY VAULT NEEDED?
30) COMMANDS USED
31) USING VAULT WITH AD HOC COMMANDS
32) USING VAULT WITH PLAYBOOKS
SECTION 8 - LAB WITH EXAMPLES (DAY 05)
SECTION 9 – BEST PRACTICES (DAY 05)
33) APPROACH TO WRITE PLAYBOOK
34) DELEGATION
35) PARALLELISM
36) USGIN POWER PREVILEGE
37) INVENTORY FILE PLACEMENT
38) PASSWORD AND KEYS
39) PLAYBOOK BEST PRACTICES
40) TROUBLESHOOTING
SECTION 9 - LAB WITH EXAMPLES (DAY 05)
ANNEXURE I – FREQUENTLY USED MODULES
• PING
• SHELL
• FILE
• COPY
• YUM
• SERVICE
• USER
• PARTED
• FILESYSTEM
• MOUNT
• STAT
• TEMPLATE
• WAIT_FOR
• FIREWALLD
• UNARCHIVE
• SETUP
• FAIL
• HAPROXY
• AWS_S3
• EC2
• EC2_AMI
• AZURE
• VMWARE
ANNEXURE 2 - REFERENCES
REFERENCE LINKS
Subscribe to:
Posts (Atom)