RH294 - ch07s06

Bookmark this page

Guided Exercise: Deploying Roles from External Content Sources

In this exercise, you use the ansible-galaxy command to download and install an Ansible role.

Outcomes

Create a requirements file to specify role dependencies for a playbook.
Install roles specified in a requirements file.
List downloaded roles by using the ansible-galaxy command.

As the student user on the workstation machine, use the lab command to prepare your system for this exercise.

This command prepares your environment and ensures that all required resources are available.

[student@workstation ~]$ lab start role-galaxy

Procedure 7.2. Instructions

Change into the /home/student/role-galaxy directory.

[student@workstation ~]$ cd ~/role-galaxy
[student@workstation role-galaxy]$

Create a role requirements file in your project directory that downloads the student.bash_env role. This role configures the default initialization files for the Bash shell that are used for newly created users and stored in the /etc/skel directory. The role adjusts the shell prompt and configures an environment variable that is used by the less command.
Create a file called requirements.yml in the roles subdirectory. The URL of the role's Git repository is: git@workstation.lab.example.com:student/bash_env.
To see how the role affects the behavior of production hosts, use the main branch of the repository. Set the local name of the role to student.bash_env.
Ensure that the roles/requirements.yml file contains the following content:
```
---
# requirements.yml

- src: git@workstation.lab.example.com:student/bash_env
  scm: git
  version: main
  name: student.bash_env
```

Use the ansible-galaxy command to process the new requirements file that installs the student.bash_env role.

List the contents of the roles subdirectory before the role is installed, so that you can compare its current state to command results.
```
[student@workstation role-galaxy]$ ls roles/
requirements.yml
```

Use the ansible-galaxy command to download and install the roles listed in the roles/requirements.yml file into the roles subdirectory of your project.

[student@workstation role-galaxy]$ ansible-galaxy install \
> -r roles/requirements.yml -p roles
Starting galaxy role install process
- extracting student.bash_env to /home/student/role-galaxy/roles/student.bash_env
- student.bash_env (main) was installed successfully

List the contents of the roles subdirectory after the role is installed. Confirm that a new subdirectory called student.bash_env, matching the name value specified in the requirements file, is present.
```
[student@workstation role-galaxy]$ ls roles/
requirements.yml  student.bash_env
```

Use the ansible-galaxy list command to list the project roles in the roles subdirectory.

[student@workstation role-galaxy]$ ansible-galaxy list -p roles
# /home/student/role-galaxy/roles
- student.bash_env, main
# /usr/share/ansible/roles
- linux-system-roles.certificate, (unknown version)
- linux-system-roles.cockpit, (unknown version)
- linux-system-roles.crypto_policies, (unknown version)
- linux-system-roles.firewall, (unknown version)
- linux-system-roles.ha_cluster, (unknown version)
- linux-system-roles.kdump, (unknown version)
- linux-system-roles.kernel_settings, (unknown version)
...output omitted...
[WARNING]: - the configured path /home/student/.ansible/roles does not exist.

Important

If you do not specify the option -p roles to your ansible-galaxy list command, the role that you installed is not listed because the roles subdirectory is not in your default roles_path.

[student@workstation role-galaxy]$ ansible-galaxy list
# /usr/share/ansible/roles
- linux-system-roles.certificate, (unknown version)
- linux-system-roles.cockpit, (unknown version)
- linux-system-roles.crypto_policies, (unknown version)
- linux-system-roles.firewall, (unknown version)
- linux-system-roles.ha_cluster, (unknown version)
- linux-system-roles.kdump, (unknown version)
- linux-system-roles.kernel_settings, (unknown version)
...output omitted...
[WARNING]: - the configured path /home/student/.ansible/roles does not exist.

Create a playbook named use-bash_env-role.yml that uses the student.bash_env role. The playbook must have the following contents:
```
---
- name: Use student.bash_env role playbook
  hosts: devservers
  vars:
    default_prompt: '[\u on \h in \W dir]\$ '
  pre_tasks:
    - name: Ensure test user does not exist
      ansible.builtin.user:
        name: student2
        state: absent
        force: yes
        remove: yes

  roles:
    - student.bash_env

  post_tasks:
    - name: Create the test user
      ansible.builtin.user:
        name: student2
        state: present
        password: "{{ 'redhat' | password_hash('sha512', 'mysecretsalt') }}"
```
You must create a user account to see the effects of the configuration change. The pre_tasks and post_tasks section of the playbook ensure that the student2 user account is deleted and created each time the playbook is run.
When you run the use-bash_env-role.yml playbook, the student2 account is created with a password of redhat.
Note
The user2 password is generated using a filter. Filters take data and modify it; here, the string redhat is modified by passing it to the password_hash filter in order to convert the value into a SHA512-protected password hash. Filters are an advanced topic not covered in this course.

Run the use-bash_env-role.yml playbook.

The student.bash_env role creates standard template configuration files in /etc/skel on the managed host. The files it creates include .bashrc, .bash_profile, and .vimrc.

[student@workstation role-galaxy]$ ansible-navigator run \
> -m stdout use-bash_env-role.yml

PLAY [Use student.bash_env role playbook] **************************************

TASK [Gathering Facts] *********************************************************
ok: [servera.lab.example.com]

TASK [Ensure test user does not exist] *****************************************
ok: [servera.lab.example.com]

TASK [student.bash_env : put away .bashrc] *************************************
changed: [servera.lab.example.com]

TASK [student.bash_env : put away .bash_profile] *******************************
changed: [servera.lab.example.com]

TASK [student.bash_env : put away .vimrc] **************************************
changed: [servera.lab.example.com]

TASK [Create the test user] ****************************************************
changed: [servera.lab.example.com]

PLAY RECAP *********************************************************************
servera.lab.example.com    : ok=6    changed=4    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Use SSH to log in to the servera machine as the student2 user. Observe the custom prompt for the student2 user, and then disconnect from the servera machine.

[student@workstation role-galaxy]$ ssh student2@servera
...output omitted...
[student2 on servera in ~ dir]$ exit
logout
Connection to servera closed.
[student@workstation role-galaxy]$

Run the playbook using the development version of the student.bash_env role.

The development version of the role is located in the dev branch of the Git repository. The development version of the role uses a new variable, prompt_color.

Before running the playbook, add the prompt_color variable to the vars section of the playbook and set its value to blue.

Update the roles/requirements.yml file, and set the version value to dev. Ensure that the roles/requirements.yml file contains the following content:
```
---
# requirements.yml

- src: git@workstation.lab.example.com:student/bash_env
  scm: git
  version: dev
  name: student.bash_env
```
Modify the ~/role-galaxy/ansible.cfg and add the roles_path setting to the [defaults] section of the file. This sets the default roles path and enable you to omit the -p roles option when typing ansible-galaxy commands.
When completed, the file contains then following content:
```
[defaults]
inventory=inventory
remote_user=devops
become_ask_pass=False
roles_path=roles

[privilege_escalation]
become=True
become_method=sudo
become_user=root
```

Remove the existing version of the student.bash_env role from the roles subdirectory.

[student@workstation role-galaxy]$ ansible-galaxy remove student.bash_env
- successfully removed student.bash_env

Use the ansible-galaxy install command to install the role by using the updated requirements file.

[student@workstation role-galaxy]$ ansible-galaxy install \
> -r roles/requirements.yml
Starting galaxy role install process
- extracting student.bash_env to /home/student/role-galaxy/roles/student.bash_env
- student.bash_env (dev) was installed successfully

Modify the use-bash_env-role.yml file. Add the prompt_color variable with a value of blue to the vars section of the playbook. Ensure that the file contains the following content:

---
- name: Use student.bash_env role playbook
  hosts: devservers
  vars:
    prompt_color: blue
    default_prompt: '[\u on \h in \W dir]\$ '
  pre_tasks:
...output omitted...

Run the use-bash_env-role.yml playbook.

[student@workstation role-galaxy]$ ansible-navigator run \
> -m stdout use-bash_env-role.yml

PLAY [Use student.bash_env role playbook] **************************************

TASK [Gathering Facts] *********************************************************
ok: [servera.lab.example.com]

TASK [Ensure test user does not exist] *****************************************
changed: [servera.lab.example.com]

TASK [student.bash_env : put away .bashrc] *************************************
changed: [servera.lab.example.com]

TASK [student.bash_env : put away .bash_profile] *******************************
ok: [servera.lab.example.com]

TASK [student.bash_env : put away .vimrc] **************************************
ok: [servera.lab.example.com]

TASK [Create the test user] ****************************************************
changed: [servera.lab.example.com]

PLAY RECAP *********************************************************************
servera.lab.example.com    : ok=6    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Use SSH to log in to the servera machine as the student2 user. The custom prompt for the student2 user now displays with blue characters.
```
[student@workstation role-galaxy]$ ssh student2@servera
...output omitted...
[student2 on servera in ~ dir]$
```

Log out from servera.

[student2 on servera in ~ dir]$ exit
logout
Connection to servera closed.
[student@workstation role-galaxy]$

Finish

On the workstation machine, change to the student user home directory and use the lab command to complete this exercise. This step is important to ensure that resources from previous exercises do not impact upcoming exercises.

[student@workstation ~]$ lab finish role-galaxy

This concludes the section.

Discuss Red Hat Enterprise Linux Automation with Ansible

Go to community

Red Hat Linux Automation with Ansible (RH294)

Haley_Ruccio

24 lip 2023

Learn how to automate Linux system administration tasks with Red Hat Ansible Automation PlatformRed Hat Enterprise Linux Automation with Ansible (RH294) is designed for Linux administrators and developers who need to automate repeatable and error-prone steps for system provisioning, configuration, application deployment, and orchestration. This course is based on Red Hat® Enterprise Linux® 9 and Red Hat Ansible Automation Platform 2.2.Course content summaryInstall Red Hat Ansible Automation Platform on control nodes.Create and update inventories of managed hosts and manage connections to them.Automate administration tasks with Ansible Playbooks and ad hoc commands.Write effective playbooks at scale.Protect sensitive data used by Ansible Automation Platform with Ansible Vault.Reuse code and simplify playbook development with Ansible Roles and Ansible Content Collections.Audience for this courseThis course is geared toward Linux system administrators, DevOps engineers, infrastructure automation engineers, and systems design engineers who are responsible for these tasks:Automating configuration managementEnsuring consistent and repeatable application deploymentProvisioning and deployment of development, testing, and production serversIntegrating with DevOps continuous integration/continuous delivery workflowsPrerequisites for this coursePass the Red Hat Certified System Administrator (RHCSA) exam (EX200), or demonstrate equivalent Red Hat Enterprise Linux knowledge and experience.Take our free assessment to gauge whether this offering is the best fit for your skills.

980

curl finds no route to host?

TPeters

23 lip 2023

I am doing the self-paced course RH294 . With two exercises (Ch.3 final Lab and Ch.4 lab exercise 2) I ran into this problem:after installing and starting a web service, from the classroom web termicaI I cannot reach servera.lab.example.com with curl: "No route to host". This despite the fact that I can ping it, open a shell to it, and install the package on it with Ansible.Anyone else have the same problem?What might be the cause?

1702

Welcome to the Red Hat Linux Automation with Ansible (RH294) group in the Red Hat Learning Community

cschunke

18 lip 2023

We are excited to launch a space dedicated to the Red Hat Training course Red Hat Linux Automation with Ansible! To gain the most value from this group - click the "Join Group" button in the upper right hand corner.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to RH294.Read more about Red Hat Linux Automation with Ansible here.

351

Revision: rh294-9.0-c95c7de

Red Hat Enterprise Linux Automation with Ansible

Guided Exercise: Deploying Roles from External Content Sources

Important

Note