RH294 - ch02s09

Bookmark this page

Lab: Implementing an Ansible Playbook

In this lab, you configure and perform administrative tasks on managed hosts using a playbook.

Outcomes

You should be able to construct and run an Ansible Playbook to install, configure, and verify the status of web and database services on a managed host.

As the student user on the workstation machine, use the lab command to prepare your system for this exercise.

This command prepares your environment and ensures that all required resources are available.

[student@workstation ~]$ lab start playbook-review

The /home/student/playbook-review working directory has been created on the workstation machine for the Ansible project. The directory has already been populated with an ansible.cfg configuration file and an inventory file. The managed host, serverb.lab.example.com, is already defined in this inventory file.

Procedure 2.5. Instructions

Change into the /home/student/playbook-review directory and create a new playbook called internet.yml. Add the necessary entries to start a first play named Enable internet services and specify its intended managed host, serverb.lab.example.com. Add the necessary entry to enable privilege escalation, and one to start a task list.
Add the following entry to the beginning of the /home/student/playbook-review/internet.yml file to begin the YAML format.
---
Add the following entry to denote the start of a play named Enable internet services.
- name: Enable internet services
Add the following entry to indicate that the play applies to the serverb.lab.example.com managed host. Make sure that the beginning of the entry is indented two spaces.
hosts: serverb.lab.example.com
Add the following entry to enable privilege escalation. Indent the beginning of the entry two spaces.
become: true
Add the following entry to define the beginning of the tasks list. Indent the beginning of the entry two spaces.
tasks:
Add the necessary entries to the /home/student/playbook-review/internet.yml file to define a task that installs the latest versions of the firewalld, httpd, mariadb-server, php, and php-mysqlnd packages. Indent the beginning of the entry four spaces.
- name: Latest version of all required packages installed ansible.builtin.dnf: name: - firewalld - httpd - mariadb-server - php - php-mysqlnd state: latest

Add the necessary entries to the /home/student/playbook-review/internet.yml file to define the firewall configuration tasks. They should ensure that the firewalld service is enabled and running, and that access is allowed to the http service. Indent the beginning of these entries four spaces.

    - name: firewalld enabled and running
      ansible.builtin.service:
        name: firewalld
        enabled: true
        state: started

    - name: firewalld permits http service
      ansible.posix.firewalld:
        service: http
        permanent: true
        state: enabled
        immediate: yes

Add the necessary entries to ensure the httpd and mariadb services are enabled and running. Indent the beginning of these entries four spaces.

    - name: httpd enabled and running
      ansible.builtin.service:
        name: httpd
        enabled: true
        state: started

    - name: mariadb enabled and running
      ansible.builtin.service:
        name: mariadb
        enabled: true
        state: started

Add the necessary entry that uses the ansible.builtin.copy module to copy the /home/student/playbook-review/index.php file to the /var/www/html/ directory on the managed host. Ensure the file mode is set to 0644. Indent the beginning of these entries four spaces.
- name: Test php page is installed ansible.builtin.copy: src: index.php dest: /var/www/html/index.php mode: 0644
Define another play in the /home/student/playbook-review/internet.yml file for a task to be performed on the control node. This play tests access to the web server that should be running on the serverb.lab.example.com managed host. This play does not require privilege escalation, and runs on the workstation.lab.example.com managed host.
Add the following entry to denote the start of a second play named Test internet web server.
- name: Test internet web server
Add the following entry to indicate that the play applies to the workstation managed host. Indent the beginning of the entry two spaces.
hosts: workstation
Add the following entry after the hosts keyword to disable privilege escalation for the second play. Indent the beginning of the entry two spaces.
become: false
Add the following entry to the /home/student/playbook-review/internet.yml file to define the beginning of the tasks list. Indent the beginning of the entry two spaces.
tasks:
Add the necessary entry that tests the web service running on serverb from the control node using the ansible.builtin.uri module. Look for a return status code of 200. Indent the beginning of the entry four spaces.
- name: Connect to internet web server ansible.builtin.uri: url: http://serverb.lab.example.com status_code: 200

Validate the syntax of the internet.yml playbook.

[student@workstation playbook-review]$ ansible-navigator run \
> -m stdout internet.yml --syntax-check
playbook: /home/student/playbook-review/internet.yml

Use the ansible-navigator run command to run the playbook. Read through the generated output to ensure that all tasks completed successfully.

[student@workstation playbook-review]$ ansible-navigator run \
> -m stdout internet.yml
PLAY [Enable internet services] ************************************************

TASK [Gathering Facts] *********************************************************
ok: [serverb.lab.example.com]

TASK [Latest version of all required packages installed] ***********************
changed: [serverb.lab.example.com]

TASK [firewalld enabled and running] *******************************************
ok: [serverb.lab.example.com]

TASK [firewalld permits http service] ******************************************
changed: [serverb.lab.example.com]

TASK [httpd enabled and running] ***********************************************
changed: [serverb.lab.example.com]

TASK [mariadb enabled and running] *********************************************
changed: [serverb.lab.example.com]

TASK [Test php page is installed] *************************************************
changed: [serverb.lab.example.com]

PLAY [Test internet web server] ************************************************

TASK [Gathering Facts] *********************************************************
ok: [workstation]

TASK [Connect to internet web server] ******************************************
ok: [workstation]

PLAY RECAP *********************************************************************
serverb.lab.example.com    : ok=7    changed=5    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
workstation                : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Evaluation

Grade your work by running the lab grade playbook-review command from your workstation machine. Correct any reported failures and rerun the command until successful.

[student@workstation ~]$ lab grade playbook-review

Finish

On the workstation machine, change to the student user home directory and use the lab command to complete this exercise. This step is important to ensure that resources from previous exercises do not impact upcoming exercises.

[student@workstation ~]$ lab finish playbook-review

This concludes the section.

Discuss Red Hat Enterprise Linux Automation with Ansible

Go to community

Red Hat Linux Automation with Ansible (RH294)

Haley_Ruccio

24 lip 2023

Learn how to automate Linux system administration tasks with Red Hat Ansible Automation PlatformRed Hat Enterprise Linux Automation with Ansible (RH294) is designed for Linux administrators and developers who need to automate repeatable and error-prone steps for system provisioning, configuration, application deployment, and orchestration. This course is based on Red Hat® Enterprise Linux® 9 and Red Hat Ansible Automation Platform 2.2.Course content summaryInstall Red Hat Ansible Automation Platform on control nodes.Create and update inventories of managed hosts and manage connections to them.Automate administration tasks with Ansible Playbooks and ad hoc commands.Write effective playbooks at scale.Protect sensitive data used by Ansible Automation Platform with Ansible Vault.Reuse code and simplify playbook development with Ansible Roles and Ansible Content Collections.Audience for this courseThis course is geared toward Linux system administrators, DevOps engineers, infrastructure automation engineers, and systems design engineers who are responsible for these tasks:Automating configuration managementEnsuring consistent and repeatable application deploymentProvisioning and deployment of development, testing, and production serversIntegrating with DevOps continuous integration/continuous delivery workflowsPrerequisites for this coursePass the Red Hat Certified System Administrator (RHCSA) exam (EX200), or demonstrate equivalent Red Hat Enterprise Linux knowledge and experience.Take our free assessment to gauge whether this offering is the best fit for your skills.

980

curl finds no route to host?

TPeters

23 lip 2023

I am doing the self-paced course RH294 . With two exercises (Ch.3 final Lab and Ch.4 lab exercise 2) I ran into this problem:after installing and starting a web service, from the classroom web termicaI I cannot reach servera.lab.example.com with curl: "No route to host". This despite the fact that I can ping it, open a shell to it, and install the package on it with Ansible.Anyone else have the same problem?What might be the cause?

1702

Welcome to the Red Hat Linux Automation with Ansible (RH294) group in the Red Hat Learning Community

cschunke

18 lip 2023

We are excited to launch a space dedicated to the Red Hat Training course Red Hat Linux Automation with Ansible! To gain the most value from this group - click the "Join Group" button in the upper right hand corner.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to RH294.Read more about Red Hat Linux Automation with Ansible here.

351

Revision: rh294-9.0-c95c7de