RH294 - ch03s02

Bookmark this page

Guided Exercise: Managing Variables

In this exercise, you define and use variables in a playbook.

Outcomes

Define variables in a playbook.
Create tasks that use defined variables.

As the student user on the workstation machine, use the lab command to prepare your system for this exercise.

This command prepares your environment and ensures that all required resources are available.

[student@workstation ~]$ lab start data-variables

Procedure 3.1. Instructions

Change into the /home/student/data-variables directory.

[student@workstation ~]$ cd ~/data-variables
[student@workstation data-variables]$

Over the next several steps, you create a playbook that consists of a single play that installs the Apache web server and opens the ports for the service to be reachable. The play also queries the web server to ensure it is up and running.

Create a playbook named playbook.yml. Create a play named "Deploy and start Apache HTTPD service", target the host group webserver as the managed hosts, and define the following variables in its vars section:

Table 3.2. Variables

Variable	Description
`web_pkg`	Web server package to install
`firewall_pkg`	Firewall package to install
`web_service`	Web service to manage
`firewall_service`	Firewall service to manage
`python_pkg`	Required package for the `uri` module
`rule`	The service name to open

---
- name: Deploy and start Apache HTTPD service
  hosts: webserver
  vars:
    web_pkg: httpd
    firewall_pkg: firewalld
    web_service: httpd
    firewall_service: firewalld
    python_pkg: python3-PyMySQL
    rule: http

Create the tasks block and create the first task, using the ansible.builtin.dnf module to make sure the latest versions of the required packages are installed.
```
  tasks:
    - name: Required packages are installed and up to date
      ansible.builtin.dnf:
        name:
          - "{{ web_pkg }}"
          - "{{ firewall_pkg }}"
          - "{{ python_pkg }}"
        state: latest
```
Note
You can use ansible-navigator doc ansible.builtin.dnf -m stdout to review the syntax for the ansible.builtin.dnf module. (If you have the ansible-core package installed, you can also use ansible-doc ansible.builtin.dnf.)
The documentation shows that the module's name directive can take a list of packages that the module should work with, so that you do not need separate tasks to make sure that each package is up-to-date.
Create two tasks that make sure that the httpd and firewalld services are started and enabled.
```
    - name: The {{ firewall_service }} service is started and enabled
      ansible.builtin.service:
        name: "{{ firewall_service }}"
        enabled: true
        state: started

    - name: The {{ web_service }} service is started and enabled
      ansible.builtin.service:
        name: "{{ web_service }}"
        enabled: true
        state: started
```
Note
The ansible.builtin.service module works differently from the ansible.builtin.dnf module, as documented by ansible-doc ansible.builtin.service. Its name directive takes the name of exactly one service to work with.
You can write a single task that ensures both services are started and enabled, using the loop keyword covered later in this course.

Add a task that ensures specific content exists in the /var/www/html/index.html file.

    - name: Web content is in place
      ansible.builtin.copy:
        content: "Example web content"
        dest: /var/www/html/index.html

Add a task that uses the ansible.posix.firewalld module to ensure that the firewall ports are open for the firewalld service named in the rule variable.

    - name: The firewall port for {{ rule }} is open
      ansible.posix.firewalld:
        service: "{{ rule }}"
        permanent: true
        immediate: true
        state: enabled

Create a new play that queries the web service to ensure that everything has been correctly configured. It must run on workstation. Because of that Ansible fact, Ansible does not have to change identity, so set the become module to false.
You can use the ansible.builtin.uri module to inspect a URL. For this task, verify that a status code of 200 is returned to confirm that the web server on servera.lab.example.com is running and correctly configured.
```
- name: Verify the Apache service
  hosts: workstation
  become: false
  tasks:
    - name: Ensure the webserver is reachable
      ansible.builtin.uri:
        url: http://servera.lab.example.com
        status_code: 200
```

When completed, the playbook contains the following content: Review the playbook and confirm that both plays are correct.

---
- name: Deploy and start Apache HTTPD service
  hosts: webserver
  vars:
    web_pkg: httpd
    firewall_pkg: firewalld
    web_service: httpd
    firewall_service: firewalld
    python_pkg: python3-PyMySQL
    rule: http

  tasks:
    - name: Required packages are installed and up to date
      ansible.builtin.dnf:
        name:
          - "{{ web_pkg  }}"
          - "{{ firewall_pkg }}"
          - "{{ python_pkg }}"
        state: latest

    - name: The {{ firewall_service }} service is started and enabled
      ansible.builtin.service:
        name: "{{ firewall_service }}"
        enabled: true
        state: started

    - name: The {{ web_service }} service is started and enabled
      ansible.builtin.service:
        name: "{{ web_service }}"
        enabled: true
        state: started

    - name: Web content is in place
      ansible.builtin.copy:
        content: "Example web content"
        dest: /var/www/html/index.html

    - name: The firewall port for {{ rule }} is open
      ansible.posix.firewalld:
        service: "{{ rule }}"
        permanent: true
        immediate: true
        state: enabled

- name: Verify the Apache service
  hosts: workstation
  become: false
  tasks:
    - name: Ensure the webserver is reachable
      ansible.builtin.uri:
        url: http://servera.lab.example.com
        status_code: 200

Before you run the playbook, use the ansible-navigator run --syntax-check command to verify its syntax. If it reports any errors, correct them before moving to the next step. You should see output similar to the following:
```
[student@workstation data-variables]$ ansible-navigator run \
> -m stdout playbook.yml --syntax-check
playbook: /home/student/data-variables/playbook.yml
```

Use the ansible-navigator run command to run the playbook. Watch the output as Ansible installs the packages, starts and enables the services, and ensures the web server is reachable.

[student@workstation data-variables]$ ansible-navigator run \
> -m stdout playbook.yml

PLAY [Deploy and start Apache HTTPD service] ***********************************

TASK [Gathering Facts] *********************************************************
ok: [servera.lab.example.com]

TASK [Required packages are installed and up to date] **************************
changed: [servera.lab.example.com]

TASK [The firewalld service is started and enabled] ****************************
ok: [servera.lab.example.com]

TASK [The httpd service is started and enabled] ********************************
changed: [servera.lab.example.com]

TASK [Web content is in place] *************************************************
changed: [servera.lab.example.com]

TASK [The firewall port for http is open] **************************************
changed: [servera.lab.example.com]

PLAY [Verify the Apache service] ***********************************************

TASK [Gathering Facts] *********************************************************
ok: [workstation]

TASK [Ensure the webserver is reachable] ***************************************
ok: [workstation]

PLAY RECAP *********************************************************************
servera.lab.example.com    : ok=6    changed=4    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
workstation                : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Finish

On the workstation machine, change to the student user home directory and use the lab command to complete this exercise. This step is important to ensure that resources from previous exercises do not impact upcoming exercises.

[student@workstation ~]$ lab finish data-variables

This concludes the section.

Discuss Red Hat Enterprise Linux Automation with Ansible

Go to community

Red Hat Linux Automation with Ansible (RH294)

Haley_Ruccio

24 lip 2023

Learn how to automate Linux system administration tasks with Red Hat Ansible Automation PlatformRed Hat Enterprise Linux Automation with Ansible (RH294) is designed for Linux administrators and developers who need to automate repeatable and error-prone steps for system provisioning, configuration, application deployment, and orchestration. This course is based on Red Hat® Enterprise Linux® 9 and Red Hat Ansible Automation Platform 2.2.Course content summaryInstall Red Hat Ansible Automation Platform on control nodes.Create and update inventories of managed hosts and manage connections to them.Automate administration tasks with Ansible Playbooks and ad hoc commands.Write effective playbooks at scale.Protect sensitive data used by Ansible Automation Platform with Ansible Vault.Reuse code and simplify playbook development with Ansible Roles and Ansible Content Collections.Audience for this courseThis course is geared toward Linux system administrators, DevOps engineers, infrastructure automation engineers, and systems design engineers who are responsible for these tasks:Automating configuration managementEnsuring consistent and repeatable application deploymentProvisioning and deployment of development, testing, and production serversIntegrating with DevOps continuous integration/continuous delivery workflowsPrerequisites for this coursePass the Red Hat Certified System Administrator (RHCSA) exam (EX200), or demonstrate equivalent Red Hat Enterprise Linux knowledge and experience.Take our free assessment to gauge whether this offering is the best fit for your skills.

980

curl finds no route to host?

TPeters

23 lip 2023

I am doing the self-paced course RH294 . With two exercises (Ch.3 final Lab and Ch.4 lab exercise 2) I ran into this problem:after installing and starting a web service, from the classroom web termicaI I cannot reach servera.lab.example.com with curl: "No route to host". This despite the fact that I can ping it, open a shell to it, and install the package on it with Ansible.Anyone else have the same problem?What might be the cause?

1702

Welcome to the Red Hat Linux Automation with Ansible (RH294) group in the Red Hat Learning Community

cschunke

18 lip 2023

We are excited to launch a space dedicated to the Red Hat Training course Red Hat Linux Automation with Ansible! To gain the most value from this group - click the "Join Group" button in the upper right hand corner.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to RH294.Read more about Red Hat Linux Automation with Ansible here.

351

Revision: rh294-9.0-c95c7de

Red Hat Enterprise Linux Automation with Ansible

Guided Exercise: Managing Variables

Note

Note