DO374 - ch05s06

Set up directories that contain multiple host variable files for some of your managed hosts, and override the name used in the inventory file with a different name or IP address for at least one of your hosts.

Outcomes

Split the location of host variable files across multiple directories to improve maintainability.

As the student user on the workstation machine, use the lab command to prepare your system for this exercise.

This command ensures that Ansible is installed on workstation and also prepares the /home/student/inventory-variables directory for this exercise.

[student@workstation ~]$ lab start inventory-variables

Procedure 5.3. Instructions

Get familiar with the Ansible project and its current state.

As the student user on the workstation machine, change to the /home/student/inventory-variables directory.
```
[student@workstation ~]$ cd ~/inventory-variables/
```

List the files that the lab command has prepared for you.

[student@workstation inventory-variables]$ tree -L 1 -F
.
├── ansible.cfg
├── ansible-navigator.yml
├── deploy_apache.yml 
├── deploy_haproxy.yml 
├── deploy_webapp.yml 
├── inventory.yml 
├── roles/
└── site.yml

	The `deploy_apache.yml` playbook installs the Apache HTTP Server and configures the firewall for the hosts in the `web_servers` group.
	The `deploy_haproxy.yml` playbook installs HAProxy on the `lb_servers` host group, which only includes the `servera` host. This playbook also configures the firewall and declares the `serverb` and `serverc` hosts as back ends for HAProxy.
	The `deploy_webapp.yml` playbook deploys some initial web content on the hosts in the `web_servers` group.
	The `inventory.yml` file declares the `serverb` and `serverc` hosts as members of that host group.
	The global `site.yml` playbook invokes the three preceding playbooks.

Review the inventory.yml file.

[student@workstation inventory-variables]$ cat inventory.yml
lb_servers:
  hosts:
    servera.lab.example.com:

web_servers:
  hosts:
    server[b:c].lab.example.com:

The deploy_haproxy.yml playbook declares two variables: haproxy_appservers, which provides the HAProxy configuration; and firewall_rules, which defines the firewall configuration. Move those two variables into inventory variable files.

Review the deploy_haproxy.yml playbook.

[student@workstation inventory-variables]$ cat deploy_haproxy.yml
---
- name: Ensuring HAProxy is deployed
  hosts: lb_servers
  become: true
  gather_facts: false

  tasks:
    - name: Ensure HAProxy is installed and configured
      ansible.builtin.include_role:
        name: haproxy
      vars:
        haproxy_appservers:
          - name: serverb.lab.example.com
            ip: 172.25.250.11
            port: 80
          - name: serverc.lab.example.com
            ip: 172.25.250.12
            port: 80

    - name: Ensure the firewall ports are opened
      ansible.builtin.include_role:
        name: firewall
      vars:
        firewall_rules:
          - port: 80/tcp

Create the group_vars/lb_servers/ directory to hold the variable files for the lb_servers host group.
```
[student@workstation inventory-variables]$ mkdir -p group_vars/lb_servers
```

Create the group_vars/lb_servers/haproxy.yml variable file to store the HAProxy configuration. Copy and paste the haproxy_appservers variable definition from the deploy_haproxy.yml playbook.

[student@workstation inventory-variables]$ cat group_vars/lb_servers/haproxy.yml
---
haproxy_appservers:
  - name: serverb.lab.example.com
    ip: 172.25.250.11
    port: 80
  - name: serverc.lab.example.com
    ip: 172.25.250.12
    port: 80

Create the group_vars/lb_servers/firewall.yml variable file to store the firewall configuration. Copy and paste the firewall_rules variable definition from the deploy_haproxy.yml playbook.
```
[student@workstation inventory-variables]$ cat group_vars/lb_servers/firewall.yml
---
firewall_rules:
  - port: 80/tcp
```

Edit the deploy_haproxy.yml playbook and then remove the two variables. The resulting file should consist of the following content:

---
- name: Ensuring HAProxy is deployed
  hosts: lb_servers
  become: true
  gather_facts: false

  tasks:
    - name: Ensure HAProxy is installed and configured
      ansible.builtin.include_role:
        name: haproxy

    - name: Ensure the firewall ports are opened
      ansible.builtin.include_role:
        name: firewall

The deploy_apache.yml playbook declares the firewall_rules variable that defines the firewall configuration for the web servers. Move those two variables into an inventory variable file.

Review the deploy_apache.yml playbook.

[student@workstation inventory-variables]$ cat deploy_apache.yml
---
- name: Ensuring Apache HTTP Server is deployed
  hosts: web_servers
  become: true
  gather_facts: false

  tasks:
    - name: Ensure Apache HTTP Server is installed and started
      ansible.builtin.include_role:
        name: apache

    - name: Ensure the firewall ports are opened
      ansible.builtin.include_role:
        name: firewall
      vars:
        firewall_rules:
          # Allow HTTP requests from the load_balancer
          - zone: internal
            service: http
          - zone: internal
            source: "172.25.250.10"

Create the group_vars/web_servers/ directory to hold the variable files for the web_servers host group.
```
[student@workstation inventory-variables]$ mkdir -p group_vars/web_servers
```

Create the group_vars/web_servers/firewall.yml variable file to store the firewall configuration. Copy and paste the firewall_rules variable definition from the deploy_apache.yml playbook.

[student@workstation inventory-variables]$ cat group_vars/web_servers/firewall.yml
---
firewall_rules:
  # Allow HTTP requests from the load_balancer
  - zone: internal
    service: http
  - zone: internal
    source: "172.25.250.10"

Edit the deploy_apache.yml playbook and then remove the firewall_rules variable. The resulting file should consist of the following content:

---
- name: Ensuring Apache HTTP Server is deployed
  hosts: web_servers
  become: true
  gather_facts: false

  tasks:
    - name: Ensure Apache HTTP Server is installed and started
      ansible.builtin.include_role:
        name: apache

    - name: Ensure the firewall ports are opened
      ansible.builtin.include_role:
        name: firewall

Edit the inventory.yml static inventory file so that Ansible displays the servera.lab.example.com host as load_balancer in its output. The resulting file should consist of the following content:
```
lb_servers:
  hosts:
    load_balancer:
      ansible_host: servera.lab.example.com

web_servers:
  hosts:
    server[b:c].lab.example.com:
```

Run the site.yml playbook and confirm that the web deployment was successful.

Use the ansible-navigator run command to run the site.yml playbook.

[student@workstation inventory-variables]$ ansible-navigator run \
> site.yml --mode stdout

PLAY [Ensuring HAProxy is deployed] ********************************************

TASK [Ensure HAProxy is installed and configured] ******************************

TASK [haproxy : Ensure the HAProxy packages are installed] *********************
changed: [load_balancer]

TASK [haproxy : Ensure HAProxy is started and enabled] *************************
changed: [load_balancer]

TASK [haproxy : Ensure HAProxy configuration is set] ***************************
changed: [load_balancer]
...output omitted...

Use the curl command to confirm that the HAProxy server distributes the HTTP requests between the two Apache HTTP Servers.

[student@workstation inventory-variables]$ curl http://servera.lab.example.com
This is serverb.lab.example.com. (version v1.0)
[student@workstation inventory-variables]$ curl http://servera.lab.example.com
This is serverc.lab.example.com. (version v1.0)

Finish

On the workstation machine, change to the student user home directory and use the lab command to complete this exercise. This step is important to ensure that resources from previous exercises do not impact upcoming exercises.

[student@workstation ~]$ lab finish inventory-variables

This concludes the section.

Discuss Developing Advanced Automation with Red Hat Ansible Automation Platform

Go to community

Welcome to the Developing Advanced Automation with Red Hat Ansible Automation (DO374) group!

Deanna

12 wrz 2023

We are excited to launch a space dedicated to the Red Hat Training course Developing Advanced Automation with Red Hat Ansible Automation Platform! To gain the most value from this group - click the "Join Group" button in the upper right hand corner of the group home page.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to DO374.Read more about Developing Advanced Automation with Red Hat Ansible Automation Platform here.

2367

Revision: do374-2.2-82dc0d7