RH294 - ch02s04

Bookmark this page

Guided Exercise: Managing Ansible Configuration Files

In this exercise, you edit Ansible configuration files to customize your Ansible environment.

Outcomes

You should be able to create configuration files to configure your Ansible environment with persistent custom settings.

As the student user on the workstation machine, use the lab command to prepare your system for this exercise.

This command prepares your environment and ensures that all required resources are available.

[student@workstation ~]$ lab start playbook-manage

Procedure 2.2. Instructions

Change into the /home/student/playbook-manage directory.

[student@workstation ~]$ cd ~/playbook-manage
[student@workstation playbook-manage]$

Configure automation content navigator.

Create the /home/student/playbook-manage/ansible-navigator.yml file. Configure automation content navigator to use the execution environment image utility.lab.example.com/ee-supported-rhel8:latest and to only pull the image if it is missing. Also configure automation content navigator to disable playbook artifacts. The file should consist of the following content:
```
---
ansible-navigator:
  execution-environment:
    image: utility.lab.example.com/ee-supported-rhel8:latest
    pull:
      policy: missing
  playbook-artifact:
    enable: false
```

Run the ansible-navigator images command to list the available execution environment images.

[student@workstation playbook-manage]$ ansible-navigator images
----------------------------------------------------------------------------------
Execution environment image and pull policy overview
----------------------------------------------------------------------------------
Execution environment image name:     utility.lab.example.com/ee-supported-rhel8:latest
Execution environment image tag:      latest
Execution environment pull arguments: None
Execution environment pull policy:    missing
Execution environment pull needed:    True
----------------------------------------------------------------------------------
Updating the execution environment
...output omitted...
Running the command: podman pull utility.lab.example.com/ee-supported-rhel8:latest
Trying to pull utility.lab.example.com/ee-supported-rhel8:latest...
...output omitted...

After automation content navigator pulls the execution environment image you should see it in the list:

  Image                 Tag     Execution environment    Created      Size
0│ee-supported-rhel8    latest  True                     3 weeks ago  1.34 GB


^b/PgUp page up ^f/PgDn page down ↑↓ scroll esc back [0-9] goto :help help

Press Esc to exit the image list.

In your /home/student/playbook-manage directory, start editing a new file named ansible.cfg.
Create a [defaults] section in that file. In that section, add a line that uses the inventory directive to specify the ./inventory file as the default inventory.
```
[defaults]
inventory = ./inventory
```
Save your work and exit the text editor.
In the /home/student/playbook-manage directory, start editing the new static inventory file, inventory.
The static inventory should contain four host groups:
- [myself] should contain the workstation host.
- [intranetweb] should contain the servera.lab.example.com host.
- [internetweb] should contain the serverb.lab.example.com host.
- [web] must contain the intranetweb and internetweb host groups.
1. In /home/student/playbook-manage/inventory, create the myself host group by adding the following lines:
```
[myself]
workstation
```
2. In /home/student/playbook-manage/inventory, create the intranetweb host group by adding the following lines:
```
[intranetweb]
servera.lab.example.com
```
3. In /home/student/playbook-manage/inventory, create the internetweb host group by adding the following lines:
```
[internetweb]
serverb.lab.example.com
```
4. In /home/student/playbook-manage/inventory, create the web host group by adding the following lines:
```
[web:children]
intranetweb
internetweb
```
5. The final inventory file should consist of the following content:
```
[myself]
workstation

[intranetweb]
servera.lab.example.com

[internetweb]
serverb.lab.example.com

[web:children]
intranetweb
internetweb
```
  Save your work and exit the text editor.

Use the ansible-navigator command to run the provided playbooks and test the configuration of your inventory file's host groups.

The ansible-navigator run command runs an Ansible Playbook, formatted as a YAML file, that contains automation instructions to be run on managed hosts. The following ansible-navigator commands use the configuration files that you edited in preceding steps.

Each of the following playbooks runs the ansible.builtin.ping module on a host or group of hosts to determine if they are ready to be used as managed hosts by Ansible. These tests also validate whether your inventory file is correct.

Run the /home/student/playbook-manage/ping-myself.yml playbook to verify that the workstation machine is in the myself inventory group.

[student@workstation playbook-manage]$ ansible-navigator run \
> -m stdout ping-myself.yml

PLAY [Validate inventory hosts] **********************************************

TASK [Ping workstation] ******************************************************
ok: [workstation]

PLAY RECAP *******************************************************************
workstation                : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Run the /home/student/playbook-manage/ping-intranetweb.yml playbook to verify that the servera.lab.example.com machine is in the intranetweb inventory group.

[student@workstation playbook-manage]$ ansible-navigator run \
> -m stdout ping-intranetweb.yml

PLAY [Validate inventory hosts] **********************************************

TASK [Ping intranetweb] ******************************************************
ok: [servera.lab.example.com]

PLAY RECAP *******************************************************************
servera.lab.example.com    : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Run the /home/student/playbook-manage/ping-internetweb.yml playbook to verify that the serverb.lab.example.com machine is in the internetweb inventory group.

[student@workstation playbook-manage]$ ansible-navigator run \
> -m stdout ping-internetweb.yml

PLAY [Validate inventory hosts] **********************************************

TASK [Ping internetweb] ******************************************************
ok: [serverb.lab.example.com]

PLAY RECAP *******************************************************************
serverb.lab.example.com    : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Run the /home/student/playbook-manage/ping-web.yml playbook to verify that the servera.lab.example.com and serverb.lab.example.com machines are in the web inventory group.

[student@workstation playbook-manage]$ ansible-navigator run \
> -m stdout ping-web.yml

PLAY [Validate inventory hosts] **********************************************

TASK [Ping web] **************************************************************
ok: [servera.lab.example.com]
ok: [serverb.lab.example.com]

PLAY RECAP *******************************************************************
servera.lab.example.com    : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
serverb.lab.example.com    : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Run the /home/student/playbook-manage/ping-all.yml playbook to verify that the workstation, servera.lab.example.com, and serverb.lab.example.com machines are all in the inventory file.

[student@workstation playbook-manage]$ ansible-navigator run \
> -m stdout ping-all.yml

PLAY [Validate inventory hosts] **********************************************

TASK [Ping all] **************************************************************
ok: [serverb.lab.example.com]
ok: [servera.lab.example.com]
ok: [workstation]

PLAY RECAP *******************************************************************
servera.lab.example.com    : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
serverb.lab.example.com    : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
workstation                : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Open the /home/student/playbook-manage/ansible.cfg file in a text editor. Add a [privilege_escalation] section to configure Ansible to automatically use the sudo command to switch from student to root when running tasks on the managed hosts. Ansible should also be configured to prompt you for the password that student uses for the sudo command.
1. Create the [privilege_escalation] section in the /home/student/playbook-manage/ansible.cfg configuration file by adding the following entry:
```
[privilege_escalation]
```
2. Enable privilege escalation by setting the become directive to true.
```
become = true
```
3. Set the privilege escalation to use the sudo command by setting the become_method directive to sudo.
```
become_method = sudo
```
4. Set the privilege escalation user by setting the become_user directive to root.
```
become_user = root
```
5. Enable prompting for the privilege escalation password by setting the become_ask_pass directive to true.
```
become_ask_pass = true
```
6. The complete ansible.cfg file should consist of the following content:
```
[defaults]
inventory = ./inventory

[privilege_escalation]
become = true
become_method = sudo
become_user = root
become_ask_pass = true
```
  Save your work and exit the text editor.

Use the ansible-navigator command to run the /home/student/playbook-manage/ping-intranetweb.yml playbook again to verify that you are now prompted for the sudo password.

When prompted for the sudo password, enter student.

[student@workstation playbook-manage]$ ansible-navigator run \
> -m stdout ping-intranetweb.yml
BECOME password: student

PLAY [Validate inventory hosts] **********************************************

TASK [Ping intranetweb] ******************************************************
ok: [servera.lab.example.com]

PLAY RECAP *******************************************************************
servera.lab.example.com    : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Finish

On the workstation machine, change to the student user home directory and use the lab command to complete this exercise. This step is important to ensure that resources from previous exercises do not impact upcoming exercises.

[student@workstation ~]$ lab finish playbook-manage

This concludes the section.

Discuss Red Hat Enterprise Linux Automation with Ansible

Go to community

Red Hat Linux Automation with Ansible (RH294)

Haley_Ruccio

24 lip 2023

Learn how to automate Linux system administration tasks with Red Hat Ansible Automation PlatformRed Hat Enterprise Linux Automation with Ansible (RH294) is designed for Linux administrators and developers who need to automate repeatable and error-prone steps for system provisioning, configuration, application deployment, and orchestration. This course is based on Red Hat® Enterprise Linux® 9 and Red Hat Ansible Automation Platform 2.2.Course content summaryInstall Red Hat Ansible Automation Platform on control nodes.Create and update inventories of managed hosts and manage connections to them.Automate administration tasks with Ansible Playbooks and ad hoc commands.Write effective playbooks at scale.Protect sensitive data used by Ansible Automation Platform with Ansible Vault.Reuse code and simplify playbook development with Ansible Roles and Ansible Content Collections.Audience for this courseThis course is geared toward Linux system administrators, DevOps engineers, infrastructure automation engineers, and systems design engineers who are responsible for these tasks:Automating configuration managementEnsuring consistent and repeatable application deploymentProvisioning and deployment of development, testing, and production serversIntegrating with DevOps continuous integration/continuous delivery workflowsPrerequisites for this coursePass the Red Hat Certified System Administrator (RHCSA) exam (EX200), or demonstrate equivalent Red Hat Enterprise Linux knowledge and experience.Take our free assessment to gauge whether this offering is the best fit for your skills.

980

curl finds no route to host?

TPeters

23 lip 2023

I am doing the self-paced course RH294 . With two exercises (Ch.3 final Lab and Ch.4 lab exercise 2) I ran into this problem:after installing and starting a web service, from the classroom web termicaI I cannot reach servera.lab.example.com with curl: "No route to host". This despite the fact that I can ping it, open a shell to it, and install the package on it with Ansible.Anyone else have the same problem?What might be the cause?

1702

Welcome to the Red Hat Linux Automation with Ansible (RH294) group in the Red Hat Learning Community

cschunke

18 lip 2023

We are excited to launch a space dedicated to the Red Hat Training course Red Hat Linux Automation with Ansible! To gain the most value from this group - click the "Join Group" button in the upper right hand corner.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to RH294.Read more about Red Hat Linux Automation with Ansible here.

351

Revision: rh294-9.0-c95c7de