Managing Ansible Configuration Files

[kiosk@foundation0 ~]$ ssh student@workstation

[student@workstation ~]$ lab manage setup

[student@workstation ~]$ mkdir /home/student/dep-manage

[student@workstation ~]$ cd /home/student/dep-manage/

[student@workstation dep-manage]$ vim ansible.cfg

[defaults]
inventory = ./inventory

[student@workstation dep-manage]$ vim inventory

[myself]
localhost

[intranetweb]
servera.lab.example.com

[everyone:children]
myself
intranetweb

[student@workstation dep-manage]$ ansible everyone --list-hosts

[student@workstation dep-manage]$ ansible all --list-hosts

[student@workstation dep-manage]$ vim ansible.cfg

[defaults]
inventory = ./inventory

[privilege_escalation]
become = true
become_method = sudo
become_user = root
become_ask_pass = true

'-v' see the location of the current configuration file

[student@workstation dep-manage]$ ansible all --list-hosts -v

[student@workstation dep-manage]$ ansible all -m ping

password:student

Running Ad Hoc Commands

[student@workstation dep-manage]$ lab adhoc setup

[student@workstation dep-manage]$ sudo cat /etc/sudoers.d/devops

password:student

[student@workstation dep-manage]$ ssh [email protected]

[devops@servera ~]$ sudo cat /etc/sudoers.d/devops

[student@workstation dep-manage]$ cd /home/student/dep-adhoc/

[student@workstation dep-adhoc]$ cat ansible.cfg

[defaults]
inventory=inventory
[student@workstation dep-adhoc]$ cat inventory 
[myself]
localhost

[intranetweb]
servera.lab.example.com

[everyone:children]
myself
intranetweb

[student@workstation dep-adhoc]$ ansible all -m ping

[student@workstation dep-adhoc]$ ansible localhost -m command -a 'id'

[student@workstation dep-adhoc]$ ansible localhost -m command -a 'id' -u devops

[student@workstation dep-adhoc]$ ansible localhost -m command -a 'cat /etc/motd' -u devops

'--become' option to switch to root

[student@workstation dep-adhoc]$ ansible localhost -m copy -a 'content="Managed by Ansible\n" dest=/etc/motd' -u devops

[student@workstation dep-adhoc]$ ansible localhost -m copy -a 'content="Managed by Ansible\n" dest=/etc/motd' -u devops --become

in the everyone host group

[student@workstation dep-adhoc]$ ansible everyone -m copy -a 'content="Managed by Ansible\n" dest=/etc/motd' -u devops --become

[student@workstation dep-adhoc]$ ansible everyone -m command -a 'cat /etc/motd' -u devops

Managed Dynamic Inventories

[student@workstation dep-adhoc]$ lab deploy-dynamic setup

[student@workstation dep-adhoc]$ cd /home/student/dep-dynamic/

[student@workstation dep-dynamic]$ vim ansible.cfg

[defaults]
inventory = inventory

[student@workstation dep-dynamic]$ mkdir inventory

[student@workstation dep-dynamic]$ wget http://materials.example.com/dynamic/inventorya.py -O inventory/inventorya.py

[student@workstation dep-dynamic]$ wget http://materials.example.com/dynamic/inventoryw.py -O inventory/inventoryw.py

[student@workstation dep-dynamic]$ wget http://materials.example.com/dynamic/hosts -O inventory/hosts

[student@workstation dep-dynamic]$ ansible -i inventory/inventorya.py webservers --list-hosts

[student@workstation dep-dynamic]$ chmod 755 inventory/inventorya.py

[student@workstation dep-dynamic]$ chmod 755 inventory/inventoryw.py

[student@workstation dep-dynamic]$ inventory/inventorya.py --list

[student@workstation dep-dynamic]$ inventory/inventoryw.py --list

[student@workstation dep-dynamic]$ cat inventory/hosts

[student@workstation dep-dynamic]$ ansible webservers --list-hosts

[student@workstation dep-dynamic]$ vim inventory/hosts

[webservers]

[servers:children]
webservers

[student@workstation dep-dynamic]$ ansible webservers --list-hosts

Lab:Deploying Ansible

[student@workstation dep-dynamic]$ lab deploy setup

[student@workstation dep-dynamic]$ yum list installed ansible

[student@workstation dep-dynamic]$ ansible --version

[student@workstation dep-dynamic]$ mkdir /home/student/dep-lab

[student@workstation dep-dynamic]$ cd /home/student/dep-lab/

disable privilege escalation and without password authentication

[student@workstation dep-lab]$ vim ansible.cfg

[defaults]
remote_user = devops
inventory = inventory

[privilege_escalation]
become = False
become_method = sudo
becom_user = root
become_ask_pass = False

[student@workstation dep-lab]$ wget http://materials.example.com/dynamic/inventory -O inventory/inventory

[student@workstation dep-lab]$ wget http://materials.example.com/dynamic/binventory.py -O inventory/binventory.py

[student@workstation dep-lab]$ chmod 755 inventory/binventory.py

[student@workstation dep-lab]$ vim inventory/inventory

[internetweb]

[intranetweb]
servera.lab.example.com
serverc.lab.example.com
serverd.lab.example.com

[everyone:children]
intranetweb
internetweb

[student@workstation dep-lab]$ ansible everyone -m command -a 'id'

[student@workstation dep-lab]$ ansible everyone -m copy -a 'content="This server is managed by Ansible.\n" dest=/etc/motd' --become

[student@workstation dep-lab]$ ansible everyone -m command -a 'cat /etc/motd'

[student@workstation dep-lab]$ lab deploy grade