RH294 - ch10s03

Bookmark this page

Lab: Creating Playbooks

In this review, you create three playbooks. The first playbook, dev_deploy.yml, installs and starts the web server. The second playbook, get_web_content.yml, ensures that the web server is serving content. The third playbook, site.yml, runs the other two playbooks.

Outcomes

Create and execute playbooks to perform tasks on managed hosts.
Use Jinja2 templates, blocks, and handlers in playbooks.

As the student user on the workstation machine, use the lab command to prepare your system for this exercise.

This command prepares your environment and ensures that all required resources are available.

[student@workstation ~]$ lab start review-cr2

Specifications

Create the playbooks specified by this activity in the /home/student/review-cr2 project directory.
Create a playbook named dev_deploy.yml with one play that runs on the webservers host group (which contains the servera.lab.example.com and serverb.lab.example.com managed hosts). Enable privilege escalation for the play. Add the following tasks to the play:
- Install the httpd package.
- Start the httpd service and enable it to start on boot.
- Deploy the template/vhost.conf.j2 template to /etc/httpd/conf.d/vhost.conf on the managed hosts. This task should notify the Restart httpd handler.
- Copy the files/index.html file to the /var/www/vhosts/hostname directory on the managed hosts. Ensure that the destination directory is created if it does not already exist.
- Configure the firewall to allow the httpd service.
- Add a Restart httpd handler to the play that restarts the httpd service.
Create a playbook named get_web_content.yml with one play named Test web content that runs on the workstation managed host. This playbook tests whether the dev_deploy.yml playbook was run successfully and ensures that the web server is serving content. Enable privilege escalation for the play. Structure the play as follows:
- Create a block and rescue task named Retrieve web content and write to error log on failure.
- Inside the block, create a task named Retrieve web content that uses the ansible.builtin.uri module to return content from http://servera.lab.example.com. Register the results in a variable named content.
- Inside the rescue clause, create a task named Write to error file that writes the value of the content variable to the /home/student/review-cr2/error.log file if the block fails. The task must create the error.log file if it does not already exist.
Create a new site.yml playbook that imports the plays from both the dev_deploy.yml and the get_web_content.yml playbooks.
After you have completed the rest of the specifications, run the site.yml playbook. Make sure that all three playbooks run successfully.

Create a playbook named dev_deploy.yml that contains one play that runs on the webservers host group. Enable privilege escalation for the play. Add a task that installs the httpd package.
1. Change into the /home/student/review-cr2 directory.
```
[student@workstation ~]$ cd ~/review-cr2
[student@workstation review-cr2]$
```
2. Create a playbook named dev_deploy.yml with one play that runs on the webservers host group. Enable privilege escalation for the play.
```
---
- name: Install and configure web servers
  hosts: webservers
  become: true

  tasks:
```
3. Add a task that installs the httpd package.
```
    - name: Install httpd package
      ansible.builtin.dnf:
        name: httpd
        state: present
```

Add a task to the dev_deploy.yml playbook that starts the httpd service and enables it to start on boot.

    - name: Start httpd service
      ansible.builtin.service:
        name: httpd
        state: started

Add a task to the dev_deploy.yml playbook that deploys the template/vhost.conf.j2 template to /etc/httpd/conf.d/vhost.conf on the managed hosts. This task should notify the Restart httpd handler.

    - name: Deploy configuration template
      ansible.builtin.template:
        src: templates/vhost.conf.j2
        dest: /etc/httpd/conf.d/vhost.conf
        owner: root
        group: root
        mode: '0644'
      notify: Restart httpd

Add a task to the dev_deploy.yml playbook that copies the files/index.html file to the /var/www/vhosts/{{ ansible_facts['hostname'] }} directory on the managed hosts.
Ensure that the destination directory is created if it does not already exist.
```
    - name: Copy index.html
      ansible.builtin.copy:
        src: files/
        dest: "/var/www/vhosts/{{ ansible_facts['hostname'] }}/"
        owner: root
        group: root
        mode: '0644'
```

Add a task to the dev_deploy.yml playbook that configures the firewall to allow the httpd service.

    - name: Ensure web server port is open
      ansible.posix.firewalld:
        state: enabled
        permanent: true
        immediate: true
        service: http

Add the Restart httpd handler to the dev_deploy.yml playbook that restarts the httpd service.

The completed playbook contains the following content:

---
- name: Install and configure web servers
  hosts: webservers
  become: true

  tasks:
    - name: Install httpd package
      ansible.builtin.dnf:
        name: httpd
        state: present

    - name: Start httpd service
      ansible.builtin.service:
        name: httpd
        state: started

    - name: Deploy configuration template
      ansible.builtin.template:
        src: templates/vhost.conf.j2
        dest: /etc/httpd/conf.d/vhost.conf
        owner: root
        group: root
        mode: '0644'
      notify: Restart httpd

    - name: Copy index.html
      ansible.builtin.copy:
        src: files/
        dest: "/var/www/vhosts/{{ ansible_facts['hostname'] }}/"
        owner: root
        group: root
        mode: '0644'

    - name: Ensure web server port is open
      ansible.posix.firewalld:
        state: enabled
        permanent: true
        immediate: true
        service: http

  handlers:
    - name: Restart httpd
      service:
        name: httpd
        state: restarted

Create a playbook named get_web_content.yml. Add a play named Test web content that runs on the workstation managed host. Enable privilege escalation for the play.
```
---
- name: Test web content
  hosts: workstation
  become: true

  tasks:
```
Add a task named Retrieve web content and write to error log on failure to the play in the get_web_content.yml playbook. Make that task a block that contains a single task named Retrieve web content. The Retrieve web content task must use the ansible.builtin.uri module to return content from the URL http://servera.lab.example.com. Register the retrieved content in a variable named content.
```
---
- name: Test web content
  hosts: workstation
  become: true

  tasks:
    - name: Retrieve web content and write to error log on failure
      block:
        - name: Retrieve web content
          ansible.builtin.uri:
            url: http://servera.lab.example.com
            return_content: yes
          register: content
```

In the get_web_content.yml playbook, add a rescue clause to the block task. Add a task to that rescue clause, named Write to error file, that writes the content variable to the /home/student/review-cr2/error.log file when the Retrieve web content task fails. Create the error.log file if it does not already exist.

The get_web_content.yml playbook now contains the following content:

---
- name: Test web content
  hosts: workstation
  become: true

  tasks:
    - name: Retrieve web content and write to error log on failure
      block:
        - name: Retrieve web content
          ansible.builtin.uri:
            url: http://servera.lab.example.com
            return_content: yes
          register: content
      rescue:
        - name: Write to error file
          ansible.builtin.lineinfile:
            path: /home/student/review-cr2/error.log
            line: "{{ content }}"
            create: true

Create a new site.yml playbook that imports the plays from both the dev_deploy.yml and the get_web_content.yml playbooks.

---
# Deploy web servers
- import_playbook: dev_deploy.yml

# Retrieve web content
- import_playbook: get_web_content.yml

Run the site.yml playbook. You might see some tasks report as changed if you have not yet run the individual playbooks for testing. A second run of the playbook should succeed with no further changes.

[student@workstation review-cr2]$ ansible-navigator run \
> -m stdout site.yml

PLAY ***************************************

TASK [Gathering Facts] *********************************************************
ok: [serverb.lab.example.com]
ok: [servera.lab.example.com]

TASK [Install httpd package] ***************************************************
changed: [servera.lab.example.com]
changed: [serverb.lab.example.com]

TASK [Start httpd service] *****************************************************
changed: [servera.lab.example.com]
changed: [serverb.lab.example.com]

TASK [Deploy configuration template] *******************************************
changed: [servera.lab.example.com]
changed: [serverb.lab.example.com]

TASK [Copy index.html] *********************************************************
changed: [servera.lab.example.com]
changed: [serverb.lab.example.com]

TASK [Ensure web server port is open] ******************************************
changed: [servera.lab.example.com]
changed: [serverb.lab.example.com]

RUNNING HANDLER [Restart httpd] ************************************************
changed: [servera.lab.example.com]
changed: [serverb.lab.example.com]

PLAY [Test web content] ********************************************************

TASK [Gathering Facts] *********************************************************
ok: [workstation]

TASK [Retrieve web content] ****************************************************
ok: [workstation]

PLAY RECAP *********************************************************************
servera.lab.example.com    : ok=7    changed=6    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
serverb.lab.example.com    : ok=7    changed=6    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
workstation                : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Evaluation

As the student user on the workstation machine, use the lab command to grade your work. Correct any reported failures and rerun the command until successful.

[student@workstation ~]$ lab grade review-cr2

Finish

On the workstation machine, change to the student user home directory and use the lab command to complete this exercise. This step is important to ensure that resources from previous exercises do not impact upcoming exercises.

[student@workstation ~]$ lab finish review-cr2

This concludes the section.

Discuss Red Hat Enterprise Linux Automation with Ansible

Go to community

Red Hat Linux Automation with Ansible (RH294)

Haley_Ruccio

24 lip 2023

Learn how to automate Linux system administration tasks with Red Hat Ansible Automation PlatformRed Hat Enterprise Linux Automation with Ansible (RH294) is designed for Linux administrators and developers who need to automate repeatable and error-prone steps for system provisioning, configuration, application deployment, and orchestration. This course is based on Red Hat® Enterprise Linux® 9 and Red Hat Ansible Automation Platform 2.2.Course content summaryInstall Red Hat Ansible Automation Platform on control nodes.Create and update inventories of managed hosts and manage connections to them.Automate administration tasks with Ansible Playbooks and ad hoc commands.Write effective playbooks at scale.Protect sensitive data used by Ansible Automation Platform with Ansible Vault.Reuse code and simplify playbook development with Ansible Roles and Ansible Content Collections.Audience for this courseThis course is geared toward Linux system administrators, DevOps engineers, infrastructure automation engineers, and systems design engineers who are responsible for these tasks:Automating configuration managementEnsuring consistent and repeatable application deploymentProvisioning and deployment of development, testing, and production serversIntegrating with DevOps continuous integration/continuous delivery workflowsPrerequisites for this coursePass the Red Hat Certified System Administrator (RHCSA) exam (EX200), or demonstrate equivalent Red Hat Enterprise Linux knowledge and experience.Take our free assessment to gauge whether this offering is the best fit for your skills.

980

curl finds no route to host?

TPeters

23 lip 2023

I am doing the self-paced course RH294 . With two exercises (Ch.3 final Lab and Ch.4 lab exercise 2) I ran into this problem:after installing and starting a web service, from the classroom web termicaI I cannot reach servera.lab.example.com with curl: "No route to host". This despite the fact that I can ping it, open a shell to it, and install the package on it with Ansible.Anyone else have the same problem?What might be the cause?

1702

Welcome to the Red Hat Linux Automation with Ansible (RH294) group in the Red Hat Learning Community

cschunke

18 lip 2023

We are excited to launch a space dedicated to the Red Hat Training course Red Hat Linux Automation with Ansible! To gain the most value from this group - click the "Join Group" button in the upper right hand corner.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to RH294.Read more about Red Hat Linux Automation with Ansible here.

351

Revision: rh294-9.0-c95c7de