red hat certified engineer (rhel 8 rhce)... · 2020. 7. 27. · 8 rhce) course. this course is...
TRANSCRIPT
-
Red Hat Certified Engineer (RHEL 8 RHCE)Course Navigation
Int roduct ionSection 1
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Exam Preparat ion
Conf igure Ansible Managed Nodes
Section 5
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e Ansible Plays and Playbooks
Section 7
Next Sect ions
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
-
Red Hat Certified Engineer (RHEL 8 RHCE)Course Navigation
Creat e and Use Tem plat es t o Creat e
Cust om ized Conf igurat ion Files
Section 9
Creat e and Work w it h RolesSection 10
Managing Parallel ismSection 11
Exam Preparat ion
Prot ect Sensit ive Dat a in Playbooks w it h
Ansible VaultSection 12
Ansible Docum ent at ion
Section 13
Previous Sect ions
ConclusionSection 14
-
Int roduct ionSection 1
IntroductionCourse Navigation
About the Author
About the Course
About the Exam
Back t o Main
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e Ansible Plays and Playbooks
Section 7
About t he Course
About t he Course
Welcome to the Linux Academy Red Hat Cer t if ied Engineer (RHEL 8 RHCE) course.
This course is designed to prepare you to sit and pass the Red Hat Certified Engineer exam (EX294).
As of the creation of this course, there are two versions of the Red Hat Certified Engineer exam - one for Red Hat Enterprise Linux 7 (EX300) and one for Red Hat Enterprise Linux 8 (EX294). This course was created based on the objectives of the RHEL 8 version of the exam which is EX294.
This diagram will be used as a reference point throughout the course and can be used as a study guide as you prepare for the exam.
This course was split up, Rob creating all of the labs, and me teaching the lessons. We thank you for taking this course and look forward to working through the material with you!
Mat t hew PearsonRob Mar t i
Linux Academy Training Architects Next
-
Int roduct ionSection 1
IntroductionCourse Navigation
About the Author
About the Course
About the Exam
Back t o Main
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e Ansible Plays and Playbooks
Section 7
About t he Course
About t he Aut hor
About t he Exam
About t he Exam
Exam Object ives
- It is a hands-on exam that requires you to perform real-world tasks.
- You will have four hours to complete the exam. - You will be given multiple systems and must
install and configure Ansible in order to perform system administration tasks.
- Your work will be evaluated by running the playbooks created in the exam against fresh systems.
- Internet access will not be provided and candidates are not allowed to bring physical or electronic documentation or notes.
- Exam results are usually reported within 3 days.
The exam objectives can be viewed here:
Exam Form at
https://www.redhat.com/en/services/training/ex294-red-hat-certified-engineer-rhce-exam-red-hat-enterprise-linux-8
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Underst and and Use Essent ial Tools
Underst and and use Essent ial Tools
Understanding and using the basic tools for an operating system is essential to administering that system. In this section, we will review these tools and show examples of how to use these on a Red Hat Enterprise Linux 8 host.
Log int o a Rem ot e Servervia SSH
Creat e Files and Direct or ies
Input /Out put Redirect ion
View and Analyze Text
Archive Files and Direct or ies
Escalat e Pr ivi leges
Topics in t h is sect ion include:
NextBack
File and Direct ory Perm issions
Syst em Docum ent at ion
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Underst and and Use Essent ial Tools
Underst and and use Essent ial Tools
- Log int o rem ot e server : ssh user _name@host- Log out of host : exi t
Back
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Underst and and Use Essent ial Tools
Underst and and use Essent ial Tools
- Creat e direct ory: mkdi r - Creat e f i le: t ouch f i l e or v i f i l e- Rem ove direct ory: r m - r di r ect or y or r mdi r
( f or empt y di r ect or y)- Rem ove f i le: r m f i l e
Back
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Underst and and Use Essent ial Tools
Underst and and use Essent ial Tools
- St andard out put (STDOUT): >, >>- St andard input (STDIN): >- Pipes : |
Back
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Underst and and Use Essent ial Tools
Underst and and use Essent ial Tools
- View w it h t ext edit or : v i f i l e- Pr int f i le cont ent s t o STDOUT: cat- Pr int l ines m at ching a pat t ern: gr ep
Back
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Underst and and Use Essent ial Tools
Underst and and use Essent ial Tools
- Com pression opt ions: gzip, bzip, xz, et c.- Creat e archive:
t ar - cvzf ar chi ve_name f i l e1 f i l e2- Ext ract archive:
t ar - xvzf ar chi ve. gz
Back
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Underst and and Use Essent ial Tools
Underst and and use Essent ial Tools
- Becom e t he r oot user : sudo - i or sudo su -- Run com m and as root user : sudo command
Back
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Underst and and Use Essent ial Tools
Underst and and use Essent ial Tools
- Change ownership: chown user : gr oup f i l e- Change perm issions (num er ic): chmod 764 f i l e- Change perm ission (sym bolic): chmod u+r w f i l e- Special perm issions: set ui d (4 or u+s ), set gi d (2 or
g+s ), st i cky bi t (1 or a+t )
Back
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Underst and and Use Essent ial Tools
Underst and and use Essent ial Tools
- m an pages: man command or man sect i on command- info: i nf o command- / usr / shar e/ doc- apropos: apr opos command or man - k command
Back
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Operat e Running Syst em s
Operat e Running Syst em s
Underst and and use Essent ial Tools
1. Edit the kernel boot parameters by pressing e2. Go t o the end of the ?linux? line by pressing Ct r l+e, removing r o cr ash and add r d. br eak enf or ci ng=03. St ar t the system by pressing Ct r l+x4. Rem ount the root of the system: mount - o r emount , r w / sysr oot5. Sw it ch to / sysr oot : chr oot / sysr oot6. Reset the r oot password: passwd7. Enable SELinux relabeling: t ouch / . aut or el abel8. Exit the shell: exi t
Int er rupt Boot Process and Change t he r oot Password
Next Back
- syst emct l power of f- syst emct l r eboot- syst emct l - - hel p | man syst emct l
Shut down and Reboot Syst em s
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Operat e Running Syst em s
Operat e Running Syst em s
Underst and and use Essent ial Tools
- Print a list of active process: ps - ef
- View real-t ime list of processes and resource utilization: t op
- Terminate a running process: k i l l - 15, k i l l - 9, k i l l - l
View Processes and Resource Ut i l izat ion
Next Back
- Check the status of a service: syst emct l st at us ser vi ce_name. ser vi ce
- Start a service: syst emct l st ar t ser vi ce_name. ser vi ce
- Stop a service: syst emct l st at us ser vi ce_name. ser vi ce
- Gain more information: j our nal ct l - xe
St ar t , St op, and Check Net work Service St at us
- Secure Copy: scp f i l e_name user _name@ser ver : / pat h/ t o/ di r
- Secure FTP: sf t p user _name@ser ver
Copy Files Bet ween Rem ot e Syst em s
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Local St orage
Conf igure Local St orage
Operat e Running Syst em s
Underst and and use Essent ial Tools
1. Use f di sk to manipulate partit ion table: f di sk / dev/ devi ce_name
2. Use p to print the partit ion table and o to create a DOS (MBR) partit ion table.
3. Use n to create a new partit ion.4. Set it as a primary partit ion using p and
accept the defaults for partit ion number, first sector, and last sector.
5. List partit ion types using l. Change the partit ion type to Linux LVM (8e) using t .
6. Write the table to disk using w .
Creat e a Par t it ion:
Next Back
- df- l sbl k- bl k i d- f di sk - l
List St orage Devices:
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Local St orage
Conf igure Local St orage
Operat e Running Syst em s
Underst and and use Essent ial Tools
1. Delete logical volume: l vr emove vol _gr oup/ new_l v
2. Delete volume group: vgr emove vol _gr oup
3. Delete physical volume: pvr emove / dev/ devi ce_name
Delet e a Logical Volum e, Volum e Group, and Physical Volum e:
Next Back
1. Create physical volume: pvcr eat e / dev/ devi ce_name
2. List physical volumes: pvs
3. Create volume group: vgcr eat e vol _gr oup / dev/ devi ce_name
4. List volume groups: vgs
5. Create logical volume: l vcr eat e - L 1G - n new_l v vol _gr oup
6. List logical volumes: l vs
Creat e an LVM Logical Volum e:
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Creat e and Conf igure File Syst em s
Creat e and Conf igure File Syst em s
Conf igure Local St orage
Operat e Running Syst em s
Underst and and use Essent ial Tools
1. Increase underlying logical volume: l vext end - L +500M / dev/ vol _gr p/ l og_vol
2. Unmount filesystem: umount / pat h/ t o/ mount3. Run file system check:
e2f sck - f / dev/ vol _gr p/ l og_vol4. Resize file system:
r esi ze2f s / dev/ vol _gr p/ l og_vol5. List mounted file systems: df - h
Ext end Logical Volum es
Next Back
1. Create a file system on a logical volume: mkf s. ext 4 / pat h/ t o/ l v
2. Mount a file system: mount / pat h/ t o/ l v / pat h/ t o/ di r
3. List mounted file systems: df - h4. Add mount information to / et c/ f st ab for
boot persistence:UUI D=UUI D_NUMBER / mount / poi nt f s_t ype def aul t s 0 0
Creat ing and Mount ing File Syst em s
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Creat e and Conf igure File Syst em s
Creat e and Conf igure File Syst em s
Conf igure Local St orage
Operat e Running Syst em s
Underst and and use Essent ial Tools
1. Create directory: mkdi r / new/ di r2. Configure set-GID on directory:
chmod g+s / new/ di r3. Create file in new directory:
t ouch / new/ di r / newFi l e
Creat e Collaborat ive Direct or ies w it h set -GID
Next Back
1. Install required packages: yum i nst al l nf s- ut i l s
2. Start required services: syst emct l st ar t r pcbi nd
3. Show file system exports on the client: showmount - e SERVER_I P
4. Mount a network file system: mount - t nf s SERVER_I P: / ser ver / di r / c l i ent / di r
Mount a Net work File Syst em s
1. Install required packages: yum install vdo 2. Create a vdo volume: vdo cr eat e
- - name=vdo_vol - - devi ce=/ dev/ devName - - vdoLogi cal Si ze=vol _si ze
3. View information on vdo volumes: vdost at s - - hu
Work ing w it h Vir t ual Dat a Opt im izer (VDO)
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Deploy, Conf igure, and Maint ain syst em s
Deploy, Conf igure, and Maint ain syst em s
Creat e and Conf igure File Syst em s
Conf igure Local St orage
Operat e Running Syst em s
Underst and and use Essent ial Tools
- View the crontab: cat / et c/ cr ont ab- Add a task to a user crontab: cr ont ab - e- List tasks in a user 's crontab: cr ont ab - l- Schedule a task using the at command: at t i me- List the scheduled jobs: at q- Delete a job: at r m j ob_num
Schedule Tasks Using at and cr on
Next Back
- View yum repositories: l s - a / et c/ yum. r epos. d
- Install packages: yum i nst al l packageName- Start a service:
syst emct l st ar t name. ser vi ce- Enable a service:
syst emct l enabl e name. ser vi ce- Stop a service: syst emct l st op name. ser vi ce
St ar t , St op, and Enable Services
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Deploy, Conf igure, and Maint ain syst em s
Deploy, Conf igure, and Maint ain syst em s
Creat e and Conf igure File Syst em s
Conf igure Local St orage
Operat e Running Syst em s
Underst and and use Essent ial Tools
1. Install required packages: yum i nst al l chr ony2. Start and enable the chronyd service:
syst emct l st ar t chr onyd && syst emct l enabl e chr onyd
3. Add the NTP server (server SERVER_IP) address to /etc/chrony: v i / et c/ chr ony
4. Restart the chronyd service: syst emct l r est ar t chr onyd
Conf igure Tim e Service Client
Next Back
- Check the current configuration: syst emct l get - def aul t
- Change the current target: syst emct l i sol at e name. t ar get
- Set the default configuration: syst emct l set - def aul t name. t ar get
- Change target to rescue mode: syst emct l r escue
Conf igure Syst em s t o Boot int o Specif ic Target Aut om at ically
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Manage Users and Groups
Manage Users and Groups
Deploy, Conf igure, and Maint ain syst em s
Creat e and Conf igure File Syst em s
Conf igure Local St orage
Operat e Running Syst em s
Underst and and use Essent ial Tools
- Change a password: passwd user name- View password expiry information:
chage - l user name- Set password expiration by max days:
chage - M days user name- Set password expiration by date:
chage - E YYYY- MM- DD user name
Change Passwords
Next Back
- View user information: i d user name gr oups user name / et c/ passwd / et c/ shadow / et c/ gr oup
- Create a user: user add user name- Modify a user: user mod - d - aG - L - U- Delete a user: user del user name
Creat e, Delet e, and Modify Local Users
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Manage Users and Groups
Manage Users and Groups
Deploy, Conf igure, and Maint ain syst em s
Creat e and Conf igure File Syst em s
Conf igure Local St orage
Operat e Running Syst em s
Underst and and use Essent ial Tools
- View the sudoer s file: v i / et c/ sudoer s- Edit the sudoer s file: v i sudo- Grant a user sudo access by adding the following
line to / et c/ sudoer s: user name ALL=( ALL) ALL
- Grant members of a group sudo access by adding the following line to / et c/ sudoer s: %gr oupname ALL=( ALL) ALL
Conf igure Superuser Access
Next Back
- View group information:i d user name gr oups user name / et c/ passwd/ et c/ shadow/ et c/ gr oup
- Create a group: gr oupadd gr oupname- Add user to a group: user mod - g - aG- Modify a group: gr oupmod - n - g- Delete a group: gr oupdel gr oupname
Creat e, Delet e, and Modify Groups
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Manage Secur it y
Manage Secur it y
Manage Users and Groups
Deploy, Conf igure, and Maint ain syst em s
Creat e and Conf igure File Syst em s
Conf igure Local St orage
Operat e Running Syst em s
Underst and and use Essent ial Tools
- Generate public and private key pair: ssh- keygen- Copy a public key to a remote server:
ssh- copy- i d user name@r emot e_host- Default public/private key location:
/ home/ user name/ . ssh/
Conf igure Key Based Aut hent icat ion for SSH
Next Back
- Install firewalld: yum i nst al l f i r ewal l d - Start and enable firewalld:
syst emct l st ar t f i r ewal l d && syst emct l enabl e f i r ewal l d
- View f i r ewal l - cmd options: f i r ewal l - cmd - h | man f i r ewal l - cmd
- List zones: f i r ewal l - cmd - - get - zones ( - - get - def aul t - zone)
- List everything added for or enabled in a zone: f i r ewal l - cmd - - l i s t - al l - - zone=publ i c
- Add a service for a zone: f i r ewal l - cmd - - add- ser vi ce=ser vi ce ( - - per manent )
- Add a port for a zone: f i r ewal l - cmd - - add- por t =por t / pr ot ocol ( - - per manent )
- Reload firewall rules: f i r ewal l - cmd - - r el oad
Conf igure Firewall Set t ings
-
Basic Red Hat Certified Administrator SkillsCourse Navigation
Understand and Use Essential Tools
Operate Running Systems
Configure Local Storage
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Create and Configure File Systems
Deploy, Configure, and Maintain systems
Manage Users and Groups
Manage Security (Part 1)
Back t o Main
Int roduct ionSection 1
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Manage Secur it y
Manage Secur it y
Manage Users and Groups
Deploy, Conf igure, and Maint ain syst em s
Creat e and Conf igure File Syst em s
Conf igure Local St orage
Operat e Running Syst em s
Underst and and use Essent ial Tools
Next Back
- View SELinux modes: get enf or ce- Set mode to permissive or enforcing:
set enf or ce 0 | 1- List booleans: get sebool - a- Turn booleans on or off:
set sebool bool ean on | of f ( - P f or per manent )
- List SELinux contexts: semanage f cont ext - l- View context on files and process:
l s - Z | ps - axZ- Change SELinux context:
semanage f cont ext - a - t cont ext _t ype ' / di r ect or y( / . * ) ?'
- Restore default contexts: r est or econ - R / di r ect or y
- View SELinux policy violations: seal er t - a / var / l og/ audi t / audi t . l og
Work ing w it h SELinux
-
Understand Core Components of AnsibleCourse Navigation
Modules
Inventories
Variables
Facts
Underst and Core Com ponent s of Ansible
Section 3
Plays and Playbooks
Configuration Files
Back t o Main
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Int roduct ionSection 1
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Invent or ies
Invent or ies
- Default location of the hosts file: / et c/ ansi bl e/ host s
- The default location of the hosts file can be set in / et c/ ansi bl e/ ansi bl e. cf g.
- It can be specified using the - i option when running ansi bl e.
- The file can contain individual hosts, groups of hosts, groups of groups, and host and group level variables.
- It can also Can contain variables that determine how you connect to a host.
Invent or ies are what Ansible uses t o locat e and run against m ult iple host s.
Next Back
INI-based inventory file:
mai l . exampl e. com
[ webser ver s]web01. exampl e. comweb02. exampl e. com
[ dbser ver s]db[ 01: 04] . exampl e. com
-
Understand Core Components of AnsibleCourse Navigation
Modules
Inventories
Variables
Facts
Underst and Core Com ponent s of Ansible
Section 3
Plays and Playbooks
Configuration Files
Back t o Main
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Int roduct ionSection 1
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Invent or ies
Invent or ies
Next Back
YAML-based inventory file:
al l : host s: mai l . exampl e. com chi l dr en: webser ver s: host s: web01. exampl e. com web02. exampl e. com dbser ver s: host s: db[ 01: 04] . exampl e. com
-
Understand Core Components of AnsibleCourse Navigation
Modules
Inventories
Variables
Facts
Underst and Core Com ponent s of Ansible
Section 3
Plays and Playbooks
Configuration Files
Back t o Main
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Int roduct ionSection 1
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Modules
Invent or ies
Modules
- Modules are essentially tools for particular tasks. - Modules can take, and usually do take,
parameters.- Modules return JSON.- Run modules from the command line or within a
playbook.- Ansible ships with a significant amount of
modules by default. - Custom modules can be written.
Underst anding Modules
Next Back
-
Understand Core Components of AnsibleCourse Navigation
Modules
Inventories
Variables
Facts
Underst and Core Com ponent s of Ansible
Section 3
Plays and Playbooks
Configuration Files
Back t o Main
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Int roduct ionSection 1
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Var iables
Var iables
Invent or ies
Modules
- Variables names should only contain letters, numbers, and underscores.
- Variables should always start with a letter.- There are three main scopes for variables:
- Global- Host- Play
- They are typically used for configuration values and various parameters.
- Variables can store the return value of executed commands.
- Variables may also be dictionaries.- Ansible provides a number of predefined variables.
Underst anding Var iables in Ansible
Next Back
-
Understand Core Components of AnsibleCourse Navigation
Modules
Inventories
Variables
Facts
Underst and Core Com ponent s of Ansible
Section 3
Plays and Playbooks
Configuration Files
Back t o Main
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Int roduct ionSection 1
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Var iables
Var iables
Invent or ies
Modules
Next Back
Example of Host Level Variables:
I NI f or mat :
[ webser ver s]host 1 ht t p_por t =80 maxRequest sPer Chi l d=500host 2 ht t p_por t =305 maxRequest sPer Chi l d=600
YAML f or mat :
webser ver s: host 1: ht t p_por t : 80 maxRequest sPer Chi l d: 500 host 2: ht t p_por t : 305 maxRequest sPer Chi l d: 600
-
Understand Core Components of AnsibleCourse Navigation
Modules
Inventories
Variables
Facts
Underst and Core Com ponent s of Ansible
Section 3
Plays and Playbooks
Configuration Files
Back t o Main
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Int roduct ionSection 1
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
[ c l oud_user @mspear son4c ansi bl e] $ ansi bl e - i i nv. i ni mspear son2c - m set up
mspear son2c | SUCCESS => { " ansi bl e_f act s" : { " ansi bl e_al l _i pv4_addr esses" : [ " 172. 31. 101. 166" , " 192. 168. 122. 1" ] , " ansi bl e_al l _i pv6_addr esses" : [ " 2600: 1f 18: 502: 2f 01: a37b: b7b5: 61a6: 3659" , " f e80: : 835: c7f f : f e1d: f 35e" ] , " ansi bl e_appar mor " : { " st at us" : " di sabl ed" } , " ansi bl e_ar chi t ect ur e" : " x86_64" , " ansi bl e_bi os_dat e" : " 10/ 16/ 2017" , " ansi bl e_bi os_ver si on" : " 1. 0" , " ansi bl e_cmdl i ne" : { " BOOT_I MAGE" : " ( hd0, msdos2) / boot / vml i nuz- 4. 18. 0- 80. 7. 2. el 8_0. x86_64" , " consol e" : " t t y0" ,
- Facts provide certain information about a given target host.
- Facts are automatically discovered by Ansible when it reaches out to a host.
- Facts can be disabled. - Facts can be cached for use in playbook
executions.
Underst anding Ansible Fact s
Next Back
Fact s
Fact s
Var iables
Invent or ies
Modules
-
Understand Core Components of AnsibleCourse Navigation
Modules
Inventories
Variables
Facts
Underst and Core Com ponent s of Ansible
Section 3
Plays and Playbooks
Configuration Files
Back t o Main
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Int roduct ionSection 1
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
- The goal of a play is to map a group of hosts to some well-defined roles.
- A play can consist of one or more tasks which make calls to Ansible modules.
- A playbook is a series of plays.
Underst anding Plays and Playbooks
Example of an Ansible Playbook:
- - -- host s: webser ver s become: yes t asks: - name: ensur e apache i s at t he l at est ver si on yum: name: ht t pd st at e: l at est - name: wr i t e our cust om apache conf i g f i l e t empl at e: sr c: / sr v/ ht t pd. j 2 dest : / et c/ ht t pd/ conf / ht t pd. conf - name: ensur e t hat apache i s st ar t ed ser vi ce: name: ht t pd st at e: st ar t ed- host s: dbser ver s become: yes t asks: - name: ensur e post gr esql i s at t he l at est ver si on yum: name: post gr esql st at e: l at est - name: ensur e t hat post gr esql i s st ar t ed ser vi ce: name: post gr esql st at e: st ar t ed
Next Back
Plays and Playbooks
Plays and Playbooks
Fact s
Var iables
Invent or ies
Modules
-
Understand Core Components of AnsibleCourse Navigation
Modules
Inventories
Variables
Facts
Underst and Core Com ponent s of Ansible
Section 3
Plays and Playbooks
Configuration Files
Back t o Main
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Int roduct ionSection 1
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Conf igurat ion Files
- Possible locations of Ansible configuration files (in order processed):
- ANSI BLE_CONFI G (environment variable)- ansi bl e. cf g (in the current directory)- ~/ . ansi bl e. cf g (in the home directory)- / et c/ ansi bl e/ ansi bl e. cf g
- A configuration file will not automatically load if it is in a world-writable directory.
- Configuration can be set in environment variables.
The Ansible Conf igurat ion File
Next Back
- The ansi bl e- conf i g command can be used to view configurations:
- l i s t - Prints all configuration options- dump - Dumps configuration- vi ew - View the configuration file
- Commonly used settings:- i nvent or y - Specifies the default inventory file - r ol es_pat h - Sets paths to search in for roles- f or ks - Specifies the amount of hosts configured by
Ansible at the same time (Parallelism):- ansi bl e_managed - Text inserted into templates
which indicate that file is managed by Ansible and changes will be overwritten.
Com m on Ansible Conf igurat ions
Plays and Playbooks
Fact s
Var iables
Invent or ies
Modules
Conf igurat ion Files
-
Install and Configure an Ansible Control NodeCourse Navigation
Create a Static Host Inventory File
Install Required Packages
Create a Configuration File
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Back t o Main
Underst and Core Com ponent s of Ansible
Section 3
Int roduct ionSection 1
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Conf igure Ansible Managed Nodes
Section 5
Scr ipt Adm inist rat ion Tasks
Section 6
Inst all Required Packages
- sudo subscr i pt i on- manager r epos - - enabl e ansi bl e- 2. 8- f or - r hel - 8- x86_64- r pms(if needed)
- sudo yum i nst al l ansi bl e
Inst all Ansible Using YUM
Next Back
1. sudo yum i nst al l gi t2. gi t c l one - - s i ngl e- br anch
- - br anch st abl e- 2. 8 ht t ps: / / gi t hub. com/ ansi bl e/ ansi bl e. gi t
3. cd ansi bl e/4. sour ce . / hacki ng/ env- set up5. pi p2. 7 i nst al l - - user - r
. / r equi r ement s. t xt
Test the installation: ansi bl e 127. 0. 0. 1 - m pi ng
Inst all Ansible f rom Source
Inst all Required Packages
-
Install and Configure an Ansible Control NodeCourse Navigation
Create a Static Host Inventory File
Install Required Packages
Create a Configuration File
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Back t o Main
Underst and Core Com ponent s of Ansible
Section 3
Int roduct ionSection 1
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Conf igure Ansible Managed Nodes
Section 5
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e a St at ic Host Invent ory File
Creat e a St at ic Host Invent ory File
Inst all Required Packages
NextBack
Invent ory FilesA
Ansible Invent ory
- Inventory files may contain hosts, patterns, groups and variables.
- Multiple inventory files may be specified using a directory.
- Inventory files may be specified in INI or YAML format.
An inventory is a list of hosts that Ansible manages.
Default: / et c/ ansi bl e/ host s
Speci?ed by CLI: ansi bl e - i
Can be set in: ansi bl e. cf g
Inventory Locations:
-
Install and Configure an Ansible Control NodeCourse Navigation
Create a Static Host Inventory File
Install Required Packages
Create a Configuration File
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Back t o Main
Underst and Core Com ponent s of Ansible
Section 3
Int roduct ionSection 1
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Conf igure Ansible Managed Nodes
Section 5
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e a St at ic Host Invent ory File
Creat e a St at ic Host Invent ory File
Inst all Required Packages
NextBack
Exam ple Invent ory Files
B
INI-based inventory file:
mai l . exampl e. com ansi bl e_por t =5556 ansi bl e_host =192. 168. 0. 20
[ webser ver s]web01. exampl e. comweb02. exampl e. com
[ webser ver s: var s]ht t p_por t =8080
[ dbser ver s]db[ 01: 99] . exampl e. com
1. Variables should be stored in YAML files located relative to the inventory file.
2. Host and group variables should be stored in the host _var s and gr oup_var s directories respectively (directories must be created).
3. Variable files should be named after the host or group for which they contain variables (files may end in . yml or . yaml ).
Invent ory Var iables Best Pract ices
-
Install and Configure an Ansible Control NodeCourse Navigation
Create a Static Host Inventory File
Install Required Packages
Create a Configuration File
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Back t o Main
Underst and Core Com ponent s of Ansible
Section 3
Int roduct ionSection 1
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Conf igure Ansible Managed Nodes
Section 5
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e a St at ic Host Invent ory File
Creat e a St at ic Host Invent ory File
Inst all Required Packages
NextBack
Exam ple Invent ory Files
C
YAML-based inventory file:
- - -al l : host s: mai l . exampl e. com ansi bl e_por t : 5556 ansi bl e_por t : 192. 168. 0. 20 chi l dr en: webser ver s: host s: web01. exampl e. com web02. exampl e. com var s: ht t p_por t : 8080 dbser ver s: host s: db[ 01: 99] . exampl e. com
-
Install and Configure an Ansible Control NodeCourse Navigation
Create a Static Host Inventory File
Install Required Packages
Create a Configuration File
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Back t o Main
Underst and Core Com ponent s of Ansible
Section 3
Int roduct ionSection 1
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Conf igure Ansible Managed Nodes
Section 5
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e a St at ic Host Invent ory File
Creat e a St at ic Host Invent ory File
Inst all Required Packages
NextBack
Groups of Groups
D
INI-based inventory file:
[ east ]host 1host 2
[ west ]host 3host 4
[ usa: chi l dr en]eastwest
YAML-based inventory file:
al l : chi l dr en: usa: chi l dr en: east : host s: host 1: host 2: west : host s: host 3: host 4:
-
Install and Configure an Ansible Control NodeCourse Navigation
Create a Static Host Inventory File
Install Required Packages
Create a Configuration File
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Back t o Main
Underst and Core Com ponent s of Ansible
Section 3
Int roduct ionSection 1
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Conf igure Ansible Managed Nodes
Section 5
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e a Conf igurat ion File
Default ansi bl e. cf g
Order of preference for ansi bl e. cf g:- ANSI BLE_CONFI G (environment variable)- ansi bl e. cf g (in the current directory)- ~/ . ansi bl e. cf g (in the home directory)- / et c/ ansi bl e/ ansi bl e. cf g
NextBack
# conf i g f i l e f or ansi bl e - - ht t ps: / / ansi bl e. com/# ===============================================# near l y al l par amet er s can be over r i dden i n ansi bl e- pl aybook# or wi t h command l i ne f l ags. ansi bl e wi l l r ead ANSI BLE_CONFI G,# ansi bl e. cf g i n t he cur r ent wor ki ng di r ect or y, . ansi bl e. cf g i n# t he home di r ect or y or / et c/ ansi bl e/ ansi bl e. cf g, whi chever i t# f i nds f i r st[ def aul t s]# some basi c def aul t val ues. . .#i nvent or y = / et c/ ansi bl e/ host s#l i br ar y = / usr / shar e/ my_modul es/#modul e_ut i l s = / usr / shar e/ my_modul e_ut i l s /#r emot e_t mp = ~/ . ansi bl e/ t mp#l ocal _t mp = ~/ . ansi bl e/ t mp#pl ugi n_f i l t er s_cf g = / et c/ ansi bl e/ pl ugi n_f i l t er s. yml#f or ks = 5#pol l _i nt er val = 15#sudo_user = r oot#ask_sudo_pass = Tr ue. . . .
Creat e a St at ic Host Invent ory File
Inst all Required Packages
Creat e a Conf igurat ion File
-
Configure Ansible Managed Nodes
Course Navigation
Validate a Working Configuration Using Ad Hoc Ansible Commands
Create and Distribute SSH Keys to Manage Nodes and Configure Privilege Escalation
Conf igure Ansible Managed Nodes
Section 5
Back t o Main
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e Ansible Plays and Playbooks
Section 7
Creat e and Dist r ibut e SSH Keys t o Manage Nodes and Conf igure Pr ivi lege Escalat ion
Generat e SSH Keys
NextBack
# ssh- keygen
1
. . . Dist r ibut e SSH Keys
# ssh- copy- i d
2
. . .
Escalat e Pr ivi leges
# vi sudouser _name ALL=( ALL) NOPASSWD: ALL
3
Cont rol Node
4
. . .
Managed Node 2
Managed Node 1
Creat e and Dist r ibut e SSH Keys t o Manage Nodes and Conf igure Pr ivi lege Escalat ion
-
Configure Ansible Managed Nodes
Course Navigation
Validate a Working Configuration Using Ad Hoc Ansible Commands
Create and Distribute SSH Keys to Manage Nodes and Configure Privilege Escalation
Conf igure Ansible Managed Nodes
Section 5
Back t o Main
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e Ansible Plays and Playbooks
Section 7
Validat e a Work ing Conf igurat ion Using Ad Hoc Ansible Com m ands
Creat e and Dist r ibut e SSH Keys t o Manage Nodes and Conf igure Pr ivi lege Escalat ion
Validat e a Work ing Conf igurat ion Using Ad Hoc Ansible Com m ands
Syntax: ansi bl e host - i i nvent or y_f i l e - m modul e - a ?ar gument s?
- They are used to execute quick one liners.- They are useful for non-routine tasks.- Execute them using the ansi bl e command
(ansi bl e- pl aybook is used to execute playbooks).
- Arguments require double quotes and are space delimited.
- Commands are executed as the user running Ansible.
- Use the - b option to execute commands as the r oot user.
- The - a option may be used without the - m option to run shell commands.
Ansible Ad Hoc Com m and
Next Back
-
Configure Ansible Managed Nodes
Course Navigation
Validate a Working Configuration Using Ad Hoc Ansible Commands
Create and Distribute SSH Keys to Manage Nodes and Configure Privilege Escalation
Conf igure Ansible Managed Nodes
Section 5
Back t o Main
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e Ansible Plays and Playbooks
Section 7
Validat e a Work ing Conf igurat ion Using Ad Hoc Ansible Com m ands
Creat e and Dist r ibut e SSH Keys t o Manage Nodes and Conf igure Pr ivi lege Escalat ion
Validat e a Work ing Conf igurat ion Using Ad Hoc Ansible Com m ands
- File transfer- Package management- User and group management- Managing services- Fact gathering- General system information- Software deployment from Git- Playbook creation testing
Com m on Uses
Next Back
-
Script Administration TasksCourse Navigation
Create Shell Scripts That Run Ad Hoc Ansible Commands
Create Simple Shell Scripts
Back t o Main
Scr ipt Adm inist rat ion Tasks
Section 6
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Creat e Ansible Plays and Playbooks
Section 7
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
Creat e Sim ple Shell Scr ipt s
Creat e Sim ple Shell Scr ipt s
- The first line must include #! / bi n/ bash.- Comments can be added by using the # symbol. - Execute permission needs to be added to the script.- Execute the script using the absolute path or
. / scr i pt . sh (if the script is in your current directory).
Shell Scr ipt s
Next Back
Simple echo Script:
#! / bi n/ bash# hel l o wor l d scr i pt
echo ?Hel l o wor l d! ! ?
A f or Loop:
#! / bi n/ bash
f or i i n { 1. . 5}do echo " Hel l o $i t i mes! "done
-
Script Administration TasksCourse Navigation
Create Shell Scripts That Run Ad Hoc Ansible Commands
Create Simple Shell Scripts
Back t o Main
Scr ipt Adm inist rat ion Tasks
Section 6
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Creat e Ansible Plays and Playbooks
Section 7
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
Creat e Sim ple Shell Scr ipt s
Creat e Sim ple Shell Scr ipt s
Next Back
A case Statement
#! / bi n/ bash
echo - n " Ent er t he name of a st at e: "
r ead STATE
echo - n " The capi t al c i t y of $STATE i s "
case $STATE i n Geor gi a) echo " At l ant a" ; ; Vi r gi ni a) echo " Ri chmond" ; ; Texas) echo " Aust i n" ; ; Mai ne) echo " August a" ; ; * ) echo " not i n t he dat abase" ; ;esac
-
Script Administration TasksCourse Navigation
Create Shell Scripts That Run Ad Hoc Ansible Commands
Create Simple Shell Scripts
Back t o Main
Scr ipt Adm inist rat ion Tasks
Section 6
Basic Red Hat Cer t if ied Adm inist rat or Sk il ls
Section 2
Underst and Core Com ponent s of Ansible
Section 3
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Creat e Ansible Plays and Playbooks
Section 7
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
Creat e Shell Scr ipt s That Run Ad Hoc Ansible Com m ands
Creat e Shell Scr ipt s That Run Ad Hoc Ansible Com m ands
Next Back
Shell Script with Ad Hoc Ansible Commands
#! / bi n/ bash
# Cr eat e t he user mat t
ansi bl e mspear son3c. myl abser ver . com - i i nv - b - m user - a " name=mat t "
# Cr eat e t he demo di r ect or y i n mat t ?s home di r ect or y
ansi bl e mspear son3c. myl abser ver . com - i i nv - b - m f i l e - a " pat h=/ home/ mat t / demo st at e=di r ect or y owner =mat t gr oup=mat t mode=0755"
# Copy t est Fi l e t o mat t ?s home di r ect or y
ansi bl e mspear son3c. myl abser ver . com - i i nv - b - m copy - a " sr c=/ home/ cl oud_user / ansi bl e/ t est Fi l e dest =/ home/ mat t / t est Fi l e mode=0644 owner =mat t gr oup=mat t "
# I nst al l ht t pd t o t he webser ver s gr oup, t hen st ar t and enabl e t he ht t pd ser vi ce
ansi bl e webser ver s - i i nv - b - m yum - a " name=ht t pd st at e=l at est "
ansi bl e webser ver s - i i nv - b - m ser vi ce - a " name=ht t pd st at e=st ar t ed enabl ed=yes"
Creat e Sim ple Shell Scr ipt s
-
Create Ansible Plays and PlaybooksCourse Navigation
Use Variables to Retrieve the Results of Running a Command
Know How to Work with Commonly Used Ansible Modules
Back t o Main
Creat e Ansible Plays and Playbooks
Section 7
Use Conditionals to Control Play Execution
Configure Error Handling
Create Playbooks to Configure Systems to a Specified State
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Scr ipt Adm inist rat ion Tasks
Section 6
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
Know How t o Work w it h Com m only Used Ansible Modules
Know How t o Work w it h Com m only Used Ansible Modules
- Ping- Validates a server is running and reachable- No required parameters
- Setup- Gather Ansible facts- No required parameters
- Yum- Manage packages with the YUM package
manager- Common parameters (not required):
- name and st at e- Service
- Control services on remote hosts- Common parameters:
- name (required), st at e, and enabl ed- User
- Manage user accounts and attributes- Common parameters:
- name (required), st at e, gr oup, and gr oups
Com m on Modules
Next Back
-
Create Ansible Plays and PlaybooksCourse Navigation
Use Variables to Retrieve the Results of Running a Command
Know How to Work with Commonly Used Ansible Modules
Back t o Main
Creat e Ansible Plays and Playbooks
Section 7
Use Conditionals to Control Play Execution
Configure Error Handling
Create Playbooks to Configure Systems to a Specified State
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Scr ipt Adm inist rat ion Tasks
Section 6
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
Know How t o Work w it h Com m only Used Ansible Modules
Know How t o Work w it h Com m only Used Ansible Modules
- Copy - Copy files to a remote host- Common parameters:
src, dest (required), owner, group, and mode- File
- Manage files and directories- Common parameters:
path (required), state, owner, group, and mode- Git
- Interact with git repositories- Common parameters:
r epo (required), dest (required), and cl one
Com m on Modules (cont .)
Next Back
-
Create Ansible Plays and PlaybooksCourse Navigation
Use Variables to Retrieve the Results of Running a Command
Know How to Work with Commonly Used Ansible Modules
Back t o Main
Creat e Ansible Plays and Playbooks
Section 7
Use Conditionals to Control Play Execution
Configure Error Handling
Create Playbooks to Configure Systems to a Specified State
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Scr ipt Adm inist rat ion Tasks
Section 6
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8 NextBack
Use r egi st er in a playbook
- - -- host s: host name t asks: - name: cr eat e a f i l e f i l e: pat h: / t mp/ t est Fi l e s t at e: t ouch r egi st er : var i abl e - name: di spl ay debug message debug: msg=" Regi st er out put i s { { var i abl e } } "
- Use the r egi st er keyword to store the results of running a command as a variable.
- Variables can be referenced by other tasks in the playbook.
- Registered variables are only valid on the host for the current playbook run.
- Return values differ from module to module.
Regist er t he Result s of Running a Com m and
Use Var iables t o Ret r ieve t he Result s of Running a Com m and
Use Var iables t o Ret r ieve t he Result s of Running a Com m and
Know How t o Work w it h Com m only Used Ansible Modules
-
Create Ansible Plays and PlaybooksCourse Navigation
Use Variables to Retrieve the Results of Running a Command
Know How to Work with Commonly Used Ansible Modules
Back t o Main
Creat e Ansible Plays and Playbooks
Section 7
Use Conditionals to Control Play Execution
Configure Error Handling
Create Playbooks to Configure Systems to a Specified State
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Scr ipt Adm inist rat ion Tasks
Section 6
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
Use Condit ionals t o Cont rol Play Execut ion
Use Condit ionals t o Cont rol Play Execut ion
Use Var iables t o Ret r ieve t he Result s of Running a Com m and
Know How t o Work w it h Com m only Used Ansible Modules
- Handlers take action when called.- Handlers are called when a change is made.- Handlers are called using the notify keyword.- More than one handler can be defined for a
playbook or play.- Multiple handlers can be specified in the notify
section.- Handlers can have multiple tasks. - Regardless of how many tasks notify a handler, it
will only run once.
Handlers
Next Back
-
Create Ansible Plays and PlaybooksCourse Navigation
Use Variables to Retrieve the Results of Running a Command
Know How to Work with Commonly Used Ansible Modules
Back t o Main
Creat e Ansible Plays and Playbooks
Section 7
Use Conditionals to Control Play Execution
Configure Error Handling
Create Playbooks to Configure Systems to a Specified State
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Scr ipt Adm inist rat ion Tasks
Section 6
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
Use Condit ionals t o Cont rol Play Execut ion
Use Condit ionals t o Cont rol Play Execut ion
Use Var iables t o Ret r ieve t he Result s of Running a Com m and
Know How t o Work w it h Com m only Used Ansible Modules
Next Back
Example of a Handler in a Playbook
- - -- host s: mspear son2c become: yes t asks: - name: updat e ht t pd. conf r epl ace: pat h: / et c/ ht t pd/ conf / ht t pd. conf r egexp: ?^Ser ver Admi n. * $? r epl ace: ?Ser ver Admi n cl oud_user @l ocal host ? backup: yes not i f y: ?r est ar t web ser ver ? handl er s: - name: ?r est ar t apache? ser vi ce: name: ht t pd s t at e: r est ar t ed l i s t en: ?r est ar t web ser ver ?
-
Create Ansible Plays and PlaybooksCourse Navigation
Use Variables to Retrieve the Results of Running a Command
Know How to Work with Commonly Used Ansible Modules
Back t o Main
Creat e Ansible Plays and Playbooks
Section 7
Use Conditionals to Control Play Execution
Configure Error Handling
Create Playbooks to Configure Systems to a Specified State
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Scr ipt Adm inist rat ion Tasks
Section 6
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
Use Condit ionals t o Cont rol Play Execut ion
Use Condit ionals t o Cont rol Play Execut ion
Use Var iables t o Ret r ieve t he Result s of Running a Com m and
Know How t o Work w it h Com m only Used Ansible Modules
Next Back
Example of a when statement in a Playbook
- - -- host s: webser ver s become: yes t asks: - name: copy f i l e copy: sr c: / home/ cl oud_user / i ndex. ht ml dest : / var / www/ ht ml / i ndex. ht ml when: ansi bl e_host name == " mspear son3c"
- Allows a task to run or be skipped if certain condit ions are met.
- Parentheses can be used to group condit ions.- Multiple condit ions can be specified as a list. - Mathematical operation comparisons can be used.
The when St at em ent
-
Create Ansible Plays and PlaybooksCourse Navigation
Use Variables to Retrieve the Results of Running a Command
Know How to Work with Commonly Used Ansible Modules
Back t o Main
Creat e Ansible Plays and Playbooks
Section 7
Use Conditionals to Control Play Execution
Configure Error Handling
Create Playbooks to Configure Systems to a Specified State
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Scr ipt Adm inist rat ion Tasks
Section 6
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
Use Condit ionals t o Cont rol Play Execut ion
Use Condit ionals t o Cont rol Play Execut ion
Use Var iables t o Ret r ieve t he Result s of Running a Com m and
Know How t o Work w it h Com m only Used Ansible Modules
Next Back
Example of a l oop in a Playbook
- - -- host s: webser ver s become: yes t asks: - name: cr eat e a l i s t of user s user : name: ?{ { i t em } } ? s t at e: pr esent gr oups: wheel l oop: - v i ol et - gr aham - bet hany
- May be performed using the l oop or wi t h_ keywords
- Standard loop usage- Iterate over a simple list- Iterate over a list of hashes- Iterate over a dictionary
- When statements are processed separately for each item in a loop
Loops
-
Create Ansible Plays and PlaybooksCourse Navigation
Use Variables to Retrieve the Results of Running a Command
Know How to Work with Commonly Used Ansible Modules
Back t o Main
Creat e Ansible Plays and Playbooks
Section 7
Use Conditionals to Control Play Execution
Configure Error Handling
Create Playbooks to Configure Systems to a Specified State
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Scr ipt Adm inist rat ion Tasks
Section 6
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
Conf igure Er ror Handling
Conf igure Er ror Handling
Use Condit ionals t o Cont rol Play Execut ion
Use Var iables t o Ret r ieve t he Result s of Running a Com m and
Know How t o Work w it h Com m only Used Ansible Modules
Next Back
- Ignore errors by using the i gnor e_er r or s keyword.
- Force previously notified handler to run using the f or ce_handl er s keyword.
- Define failure condit ions using the f ai l ed_when keyword.
- Override the ?changed? status result using the changed_when keyword.
- Abort an entire play if any task fails using the any_er r or s_f at al keyword.
- Implement a block in order to logically group tasks and provide error handling using the following keywords:- bl ock- r escue- al ways
Error Handling
-
Create Ansible Plays and PlaybooksCourse Navigation
Use Variables to Retrieve the Results of Running a Command
Know How to Work with Commonly Used Ansible Modules
Back t o Main
Creat e Ansible Plays and Playbooks
Section 7
Use Conditionals to Control Play Execution
Configure Error Handling
Create Playbooks to Configure Systems to a Specified State
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Scr ipt Adm inist rat ion Tasks
Section 6
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
Conf igure Er ror Handling
Conf igure Er ror Handling
Use Condit ionals t o Cont rol Play Execut ion
Use Var iables t o Ret r ieve t he Result s of Running a Com m and
Know How t o Work w it h Com m only Used Ansible Modules
Next Back
Using ignore_errors keyword:
- - -- host s: l abser ver s t asks: - name: copy r emot e f i l es f et ch: sr c: / t mp/ er r or Fi l e dest : / t mp i gnor e_er r or s: yes
Using a block to handle errors:
- - -- host s: l abser ver s t asks: - name: copy r emot e f i l es bl ock: - f et ch: sr c: / t mp/ bl ockFi l e dest : / t mp r escue: - debug: msg: " The f i l e doesn' t exi st on { { ansi bl e_host name } } . " al ways: - debug: msg: " Pl aybook i s f i ni shed! "
-
Create Ansible Plays and PlaybooksCourse Navigation
Use Variables to Retrieve the Results of Running a Command
Know How to Work with Commonly Used Ansible Modules
Back t o Main
Creat e Ansible Plays and Playbooks
Section 7
Use Conditionals to Control Play Execution
Configure Error Handling
Create Playbooks to Configure Systems to a Specified State
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Scr ipt Adm inist rat ion Tasks
Section 6
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
Creat e Playbooks t o Conf igure Syst em s t o a Specif ied St at e
Conf igure Er ror Handling
Use Condit ionals t o Cont rol Play Execut ion
Use Var iables t o Ret r ieve t he Result s of Running a Com m and
Know How t o Work w it h Com m only Used Ansible Modules
Creat e Playbooks t o Conf igure Syst em s t o a Specif ied St at e
Next Back
Example Playbook
- - -- host s: webser ver s become: yes t asks: - name: i nst al l apache yum: name: ht t pd s t at e: l at est - name: cr eat e user and add t hem t o t he apache gr oup user : name: " { { i t em } } " gr oups: apache l oop: - wi l l - myl es - name: cr eat e i ndex. ht ml t empl at e: sr c: / home/ cl oud_user / ansi bl e/ t empl at es/ i ndex. j 2 dest : / var / www/ ht ml / i ndex. ht ml owner : apache gr oup: apache mode: 0644 - name: st ar t and enabl e ht t pd ser vi ce: name: ht t pd s t at e: st ar t ed enabl ed: yes
-
Create Ansible Plays and PlaybooksCourse Navigation
Use Variables to Retrieve the Results of Running a Command
Know How to Work with Commonly Used Ansible Modules
Back t o Main
Creat e Ansible Plays and Playbooks
Section 7
Use Conditionals to Control Play Execution
Configure Error Handling
Create Playbooks to Configure Systems to a Specified State
Inst all and Conf igure an Ansible Cont rol
NodeSection 4
Conf igure Ansible Managed Nodes
Section 5
Scr ipt Adm inist rat ion Tasks
Section 6
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
Creat e Playbooks t o Conf igure Syst em s t o a Specif ied St at e
Conf igure Er ror Handling
Use Condit ionals t o Cont rol Play Execut ion
Use Var iables t o Ret r ieve t he Result s of Running a Com m and
Know How t o Work w it h Com m only Used Ansible Modules
Creat e Playbooks t o Conf igure Syst em s t o a Specif ied St at e
Next Back
Example Playbook (cont.):
- host s: dbser ver s become: yes t asks: - name: i nst al l post r esql yum: name: post gr esql - ser ver s t at e: l at est - name: i ni t i al i ze db cl ust er command: / usr / bi n/ post gr esql - set up - - i ni t db - name: cr eat e user s user : name: " { { i t em } } " gr oups: post gr es l oop: - cor ey - aar on - name: st ar t and enabl e post gr es ser vi ce: name: post gr esql s t at e: st ar t ed enabl ed: yes
-
Script Administration TasksCourse Navigation
Services
Software Packages and Repositories
Back t o Main
Firewall Rules
Storage Devices
File Content
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
File Systems
Archiving
Scheduled Tasks
Security
Users and Groups
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e Ansible Plays and Playbooks
Section 7
Creat e and Use Tem plat es t o Creat e
Cust om ized Conf igurat ion Files
Section 9
Sof t ware Packages and Reposit or ies
Sof t ware Packages and Reposit or ies
Next Back
Examples of the yum module:
- name: i nst al l a package yum: name: package_name st at e: l at est
- name: I nst al l a l i s t of packages yum: name: - package_name - package_name st at e: l at est
- name: I nst al l r pm f r om a r emot e r epo yum: name: ht t p: / / websi t e. com/ pat h/ t o/ r pm st at e: pr esent
- name: I nst al l r pm f r om a l ocal f i l e yum: name: / pat h/ t o/ f i l e. r pm st at e: pr esent
- name: Remove a package yum: name: package_name st at e: absent
The yum Module - Use the yum package manager to install, upgrade, downgrade, remove, and list packages and groups.
-
Script Administration TasksCourse Navigation
Services
Software Packages and Repositories
Back t o Main
Firewall Rules
Storage Devices
File Content
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
File Systems
Archiving
Scheduled Tasks
Security
Users and Groups
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e Ansible Plays and Playbooks
Section 7
Creat e and Use Tem plat es t o Creat e
Cust om ized Conf igurat ion Files
Section 9
Sof t ware Packages and Reposit or ies
Sof t ware Packages and Reposit or ies
Next Back
Examples of the yum_repository module:
- name: Add a r eposi t or y yum_r eposi t or y: name: r epo_name descr i pt i on: Descr i pt i on of r epo baseur l : ht t ps: / / websi t e. com/ f ul l / pat h/ of / base/ ur l gpgcheck: no
- name: Remove a r eposi t or y f r om a r epo f i l e yum_r eposi t or y: name: r epo_name f i l e: r epo_f i l e_name ( wi t hout t he ?. r epo? ext ensi on) st at e: absent
The yum _reposit ory m odule - Add or remove a yum repository.
-
Script Administration TasksCourse Navigation
Services
Software Packages and Repositories
Back t o Main
Firewall Rules
Storage Devices
File Content
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
File Systems
Archiving
Scheduled Tasks
Security
Users and Groups
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e Ansible Plays and Playbooks
Section 7
Creat e and Use Tem plat es t o Creat e
Cust om ized Conf igurat ion Files
Section 9
Services
Next Back
Example of the ser vi ce module:
- name: Show opt i ons f or ser vi ce modul e ser vi ce: name: ser vi ce_name st at e: st ar t ed| st opped| r est ar t ed| r el oaded enabl ed: yes| no ar gs: addi t i onal ar gument s pr ovi ded on t he command l i ne
The service m odule - This controls services on a remote host. The supported init systems are BSD init, OpenRC, SysV, Solaris SMF, systemd, and upstart.
Example of the syst emd module:
- name: Show opt i ons f or syst emd modul e ser vi ce: name: ser vi ce_name st at e: st ar t ed| st opped| r est ar t ed| r el oaded enabl ed: yes| no daemon_r el oad: yes| no f or ce: yes| no
The syst emd m odule - This controls syst emd services on a remote host.
Services
Sof t ware Packages and Reposit or ies
-
Script Administration TasksCourse Navigation
Services
Software Packages and Repositories
Back t o Main
Firewall Rules
Storage Devices
File Content
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
File Systems
Archiving
Scheduled Tasks
Security
Users and Groups
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e Ansible Plays and Playbooks
Section 7
Creat e and Use Tem plat es t o Creat e
Cust om ized Conf igurat ion Files
Section 9
Firewall Rules
Next Back
Example of the f i r ewal l d module:
- name: add f i r ewal l r ul es by ser vi ce f i r ewal l d: zone: publ i c | dmz| i nt er nal | ext er nal | t r ust ed| et c. ser vi ce: ser vi ce_name per manent : yes| no i mmedi at e: yes| no st at e: enabl ed| di sabl ed| pr esent | absent
- name: add f i r ewal l r ul es by por t ( s) f i r ewal l d: zone: publ i c | dmz| i nt er nal | ext er nal | t r ust ed| et c. por t : 8080/ t cp| 170- 179/ udp per manent : yes| no i mmedi at e: yes| no st at e: enabl ed| di sabl ed| pr esent | absent
- name: add f i r ewal l r ul es usi ng a Ri ch Rul e f i r ewal l d: zone: publ i c | dmz| i nt er nal | ext er nal | t r ust ed| et c. r i ch_r ul e: r ul e f ami l y=i pv4 f or war d- por t por t =443 pr ot ocol =t cp t o- por t =8443 per manent : yes| no i mmedi at e: yes| no st at e: enabl ed| di sabl ed| pr esent | absent
The f i r ewal l d m odule - Allows for the addit ion or deletion of running or permanent firewall rules by services or ports (TCP or UDP)
Firewall Rules
Services
Sof t ware Packages and Reposit or ies
-
Script Administration TasksCourse Navigation
Services
Software Packages and Repositories
Back t o Main
Firewall Rules
Storage Devices
File Content
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
File Systems
Archiving
Scheduled Tasks
Security
Users and Groups
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e Ansible Plays and Playbooks
Section 7
Creat e and Use Tem plat es t o Creat e
Cust om ized Conf igurat ion Files
Section 9
St orage Devices
St orage Devices
Firewall Rules
Services
Sof t ware Packages and Reposit or ies
Next Back
Example of the par t ed module:
- name: Show opt i ons f or par t ed modul e par t ed: devi ce: / dev/ sdc| / dev/ nvme1n1 number : 1 st at e: pr esent | absent | i nf o par t _end: 1Gi B| 100% l abel : msdos| gpt f l ags: [ l vm ]
The par t ed m odule - Uses the parted command line tool in order to configure block device partit ions.
Creat e Par t it ions
-
Script Administration TasksCourse Navigation
Services
Software Packages and Repositories
Back t o Main
Firewall Rules
Storage Devices
File Content
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
File Systems
Archiving
Scheduled Tasks
Security
Users and Groups
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e Ansible Plays and Playbooks
Section 7
Creat e and Use Tem plat es t o Creat e
Cust om ized Conf igurat ion Files
Section 9
St orage Devices
St orage Devices
Firewall Rules
Services
Sof t ware Packages and Reposit or ies
Next Back
Example of the lvg module:
- name: show opt i ons f or l vg modul e l vg: f or ce: no| yes pesi ze: 8 pvs: / dev/ nvme1n1p1, / dev/ nvme2n1p1 vg: vg_name st at e: pr esent | absent
The l vg m odule - Create, remove, and resize volume groups
Example of the lvol module:
- name: show opt i ons f or l vol modul e l vol : vg: vg_name l v : l v_name s i ze: 512m| 1g| 100%FREE st at e: pr esent | absent shr i nk: yes| no r esi zef s: no| yes f or ce: no| yes opt s: f r ee f or m opt i ons passed t o t he l vcr eat e command
The l vol m odule - Create, remove, and resize logical volumes
Creat e Logical Volum es
-
Script Administration TasksCourse Navigation
Services
Software Packages and Repositories
Back t o Main
Firewall Rules
Storage Devices
File Content
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
File Systems
Archiving
Scheduled Tasks
Security
Users and Groups
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e Ansible Plays and Playbooks
Section 7
Creat e and Use Tem plat es t o Creat e
Cust om ized Conf igurat ion Files
Section 9
File Cont ent
File Cont ent
St orage Devices
Firewall Rules
Services
Sof t ware Packages and Reposit or ies
Next Back
Example of the f i l e module:
- name: cr eat e a f i l e f i l e: pat h: / pat h/ t o/ f i l e st at e: t ouch
The f i l e m odule - Manage files and file properties.
Example of the copy module:
- name: add cont ent t o speci f i c f i l e copy: cont ent : f i l e_cont ent dest : / pat h/ t o/ f i l e
The copy m odule - Copy files to remote locations.
Manage File Cont ent
Example of the l i nei nf i l e module:
- name: r epl ace a l i ne l i nei nf i l e: pat h: / pat h/ t o/ f i l e r egexp: ?r egul ar _expr essi on? l i ne: l i ne t o i nser t / r epl ace i n t he f i l e
The l i nei nf i l e m odule - Manage lines in text files.
-
Script Administration TasksCourse Navigation
Services
Software Packages and Repositories
Back t o Main
Firewall Rules
Storage Devices
File Content
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
File Systems
Archiving
Scheduled Tasks
Security
Users and Groups
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e Ansible Plays and Playbooks
Section 7
Creat e and Use Tem plat es t o Creat e
Cust om ized Conf igurat ion Files
Section 9
File Cont ent
File Cont ent
St orage Devices
Firewall Rules
Services
Sof t ware Packages and Reposit or ies
Next Back
Example of the r epl ace module:
- name: r epl ace st r i ngs wi t hi n a f i l e r epl ace: pat h: / pat h/ t o/ f i l e r egexp: r egul ar _expr essi on r epl ace: ?st r i ng t hat r epl aces r egexp mat ches?
The r epl ace m odule - Replace all inst ances of a par t icular st r ing w it h in a f i le.
Example of the t empl at e module:
- name: show t empl at e opt i ons t empl at e: sr c: / pat h/ t o/ t empl at e. j 2 dest : / pat h/ t o/ dest owner : owner _name gr oup: gr oup_name mode: f i l e_per mi ssi ons
The t empl at e m odule - Template a file out to a remote server.
Creat e Files and and Replace St r ings (cont .)
-
Script Administration TasksCourse Navigation
Services
Software Packages and Repositories
Back t o Main
Firewall Rules
Storage Devices
File Content
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
File Systems
Archiving
Scheduled Tasks
Security
Users and Groups
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e Ansible Plays and Playbooks
Section 7
Creat e and Use Tem plat es t o Creat e
Cust om ized Conf igurat ion Files
Section 9
File Cont ent
File Cont ent
St orage Devices
Firewall Rules
Services
Sof t ware Packages and Reposit or ies
Next Back
Example of a template file:
Host name = { { ansi bl e_host name } }Oper at i ng Syst em = { { ansi bl e_di st r i but i on } } { { ansi bl e_di st r i but i on_ver si on } }I PV4 Addr ess = { { ansi bl e_def aul t _i pv4. addr ess } }I PV6 Addr ess = { { ansi bl e_def aul t _i pv6. addr ess } }I nt er f aces = { { ansi bl e_i nt er f aces| j oi n( ' , ' ) } }Bl ock Devi ces = { { ansi bl e_devi ces| j oi n( ' , ' ) } }
Creat e Files and and Replace St r ings (cont .)
-
Script Administration TasksCourse Navigation
Services
Software Packages and Repositories
Back t o Main
Firewall Rules
Storage Devices
File Content
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
File Systems
Archiving
Scheduled Tasks
Security
Users and Groups
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e Ansible Plays and Playbooks
Section 7
Creat e and Use Tem plat es t o Creat e
Cust om ized Conf igurat ion Files
Section 9
File Syst em s
Example of the f i l esyst em module:
- name: opt i ons f or f i l esyst em modul e f i l esyst em: f st ype: f s_t ype dev: / pat h/ t o/ devi ce f or ce: no| yes r esi zef s: no| yes opt s: opt i ons t o pass t o t he mkf s command
The f i l esyst em m odule - Create a filesystem.
Creat e a Filesyst em
Example of the mount module:
- name: opt i on f or t he mount modul e mount : pat h: / pat h/ t o/ mount / poi nt sr c: / pat h/ t o/ devi ce f st ype: f s_t ype st at e: mount ed| absent | pr esent | unmount ed opt s: mount opt i ons backup: no| yes
The mount m odule - Control and configure mount points.
Mount a Filesyst em
Next Back
File Syst em s
File Cont ent
St orage Devices
Firewall Rules
Services
Sof t ware Packages and Reposit or ies
-
Script Administration TasksCourse Navigation
Services
Software Packages and Repositories
Back t o Main
Firewall Rules
Storage Devices
File Content
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
File Systems
Archiving
Scheduled Tasks
Security
Users and Groups
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e Ansible Plays and Playbooks
Section 7
Creat e and Use Tem plat es t o Creat e
Cust om ized Conf igurat ion Files
Section 9
Archiving
Archiving
File Syst em s
File Cont ent
St orage Devices
Firewall Rules
Services
Sof t ware Packages and Reposit or ies
Example of the ar chi ve module:
- name: show opt i ons f or ar chi ve modul e ar chi ve: pat h: - / pat h/ t o/ f i l e - / pat h/ t o/ f i l e - / pat h/ t o/ di r - / gl obbed/ pat h/ usi ng/ * excl ude_pat h: - / f i l e/ t o/ excl ude - / di r / t o/ excl ude - / gl ob/ t o/ excl ude/ ex* f or mat : gz| bz2| t ar | xz| z i p dest : / name/ of / ar chi ve. t gz
The ar chi ve m odule - Creates a compressed archive on one or more files or directories.
Creat e an Archive
Next Back
-
Script Administration TasksCourse Navigation
Services
Software Packages and Repositories
Back t o Main
Firewall Rules
Storage Devices
File Content
Use Ansible Modules for Syst em
Adm inist rat ion Tasks Section 8
File Systems
Archiving
Scheduled Tasks
Security
Users and Groups
Scr ipt Adm inist rat ion Tasks
Section 6
Creat e Ansible Plays and Playbooks
Section 7
Creat e and Use Tem plat es t o Creat e
Cust om ized Conf igurat ion Files
Section 9
Archiving
Archiving
File Syst em s
File Cont ent
St orage Devices
Firewall Rules
Services
Sof t ware Packages and Reposit or ies
Next Back
Example of the unar chi ve module:
- name: show opt i ons f or unar chi ve modul e unar chi ve: sr c: / pat h/ t o/ f i l e. z i p| www. websi t e. com/ pat h/ t o/ f i l e. z i p dest : / pat h/ t o/ unpack/ i n r emot e_sr c: no| yes
The unar chi ve m odule - Copy (optional) and unpack an archive.
Un