User:Tom/RHCS EX407: Difference between revisions
| Line 298: | Line 298: | ||
==== Dynamic inventory ==== | ==== Dynamic inventory ==== | ||
If an inventory file is marked executable, Ansible will assume it is a dynamic inventory script and will execute the file instead of reading it. | |||
If you want to have both a regualr inventory and a dynamic inventory script, just put them all in the same direcory and configure Ansible to use that directory as the inventory. | |||
==== Roles ==== | ==== Roles ==== | ||
Revision as of 20:54, 9 April 2019
Red Hat Certified Specialist in Ansible Automation exam
Exam based on RedHat 7.3. and Ansible 2.3.
Objectives
- Using Ansible inventories to define groups of hosts
- Creating Ansible playbooks
- Using Ansible playbooks to configure systems to a specified state
- Creating and using Ansible templates to create customized configuration files for hosts
- Creating Ansible roles
- Using Ansible Vault in playbooks to protect sensitive data
- Installing Ansible Tower and using it to manage systems
Study points for the exam
To help you prepare, the exam objectives highlight the task areas you can expect to see covered in the exam. Red Hat reserves the right to add, modify, and remove exam objectives. Such changes will be made public in advance.
Candidates should have the following skills and abilities: Understand core components of Ansible Inventories Modules Variables Facts Plays Playbooks Configuration files
Run ad-hoc Ansible commands Use both static and dynamic inventories to define groups of hosts Utilize an existing dynamic inventory script Create Ansible plays and playbooks Know how to work with commonly used Ansible modules Use variables to retrieve the results of running a commands Use conditionals to control play execution Configure error handling Create playbooks to configure systems to a specified state Selectively run specific tasks in playbooks using tags
Create and use templates to create customized configuration files Work with Ansible variables and facts Create and work with roles Download roles from an Ansible Galaxy and use them Manage parallelism Use Ansible Vault in playbooks to protect sensitive data Install Ansible Tower and use it to manage systems Use provided documentation to look up specific information about Ansible modules and commands
- rhel system roles.
- create repo with rum and gpg key.
- use variables in inventory or playbook.
- copy: content
- --- name hosts tasks.
- inventory children.
Training
- Course introduction - Introduce and review the course.
- Introduce Ansible - Describe the terminology and architecture of Ansible.
- Deploy Ansible - Install Ansible and run ad hoc commands.
- Implement playbooks - Write Ansible plays and execute a playbook.
- Manage variables and inclusions - Describe variable scope and precedence, manage variables and facts in a play, and manage inclusions.
- Implement task control - Manage task control, handlers, and tags in Ansible playbooks.
- Implement Jinja2 templates - Implement a Jinja2 template.
- Implement roles - Create and manage roles.
- Configure complex playbooks - Configure connection types, delegations, and parallelism.
- Implement Ansible Vault - Manage encryption with Ansible Vault.
- Troubleshoot Ansible - Troubleshoot the Ansible control machine and managed nodes.
- Implement Ansible Tower - Implement Ansible Tower.
- Implement Ansible in a DevOps environment - Implement Ansible in a DevOps environment using Vagrant.
- Comprehensive review - Review tasks from the Automation with Ansible course
Zoekuit
This study guide attempts to cover topics for study in the Red Hat EX407 Red Hat Certificate of Expertise in Ansible Automation exam
Understand core components of Ansible
Inventories
[atlanta] host1 host2 [raleigh] host2 host3 [southeast:children] atlanta raleigh [southeast:vars] some_server=foo.southeast.example.com halon_system_timeout=30 self_destruct_countdown=60 escape_pods=2
Supply inventory with -i flag with commands
ansible -i inventory -m shell -a “hostname"
Can be set in ansible.cfg
inventory = /etc/ansible/hosts
Static inventory
defined in ini style [router] hostname1 ansibe_host=192.168.1.1 [webserver] hostname2 ansibe_host=192.168.1.2 [database] hostname3 ansibe_host=192.168.1.3 [appserver] hostname4 ansible_host=192.168.1.4
Dynamic inventory
returns json {
"all": {
"hosts": [
"slaves_slave1"
]
},
"_meta": {
"hostvars": {
"slaves_slave1": {
"ansible_host": "192.168.121.74"
}
}
}
}
Modules
file, stat, lineinfile etc
file module example
Module usage file:
path: /etc/config.cnf state: absent
Short hand
file: path=”/etc/config.cnf” state=”absent”
Variables
Variable can be used in inventories, playbooks, roles, defaults
Facts
Hostvars
Setup module to retrieve facts
Debug module to verify facts
Plays
Individual roles
Playbooks
File with a collection of roles/plays
Configuration files
/etc/ansible/ansible.cfg
Run ad-hoc Ansible commands ansible [groupname] [-i inventory-file] [-m module] [-a arguments] ansible all -i inventory -m shell -a “hostname”
Use both static and dynamic inventories to define groups of hosts
Static inventory take single hosts by line or ini format
Dynamic inventories return information from outside sources like AWS to gather facts about the inventory
Example for creating dynamic inventories
https://www.jeffgeerling.com/blog/creating-custom-dynamic-inventories-ansible
Utilize an existing dynamic inventory script
./inventory.py {} ./inventory.py --list {"all": {"hosts": ["slaves_slave2", "slaves_slave3", "slaves_slave4", "slaves_slave1", "slaves_slave5"]}, "_meta": {"hostvars": {"slaves_slave5": {"ansible_host": "192.168.121.32"}, "slaves_slave4": {"ansible_host": "192.168.121.29"}, "slaves_slave1": {"ansible_host": "192.168.121.218"}, "slaves_slave3": {"ansible_host": "192.168.121.34"}, "slaves_slave2": {"ansible_host": "192.168.121.119"}}}} ./inventory.py --host { "all": { "hosts": [ "slaves_slave1" ] }, "_meta": { "hostvars": { "slaves_slave1": { "ansible_host": "192.168.121.218" } } } }
Create Ansible plays and playbooks
Know how to work with commonly used Ansible modules
Use variables to retrieve the results of running a commands
Use conditionals to control play execution
Configure error handling
fail module - fail:
msg: "The system may not be provisioned according to the CMDB status." when: cmdb_status != "to-be-staged"
Create playbooks to configure systems to a specified state
Selectively run specific tasks in playbooks using tags
Create and use templates to create customized configuration files
Work with Ansible variables and facts
Create and work with roles
Download roles from an Ansible Galaxy and use them
Manage parallelism
Use Ansible Vault in playbooks to protect sensitive data
Install Ansible Tower and use it to manage systems
Use provided documentation to look up specific information about Ansible modules and commands
List of modules
Module example
Inventory
The inventory file describe your hosts in Ansible. ansible.cfg points to the inventory file:
[defaults] inventory = /etc/ansible/hosts
Contents of the inventory file:
[test] beylo db[1:9]-node web[a-t]-node
[prod] dbp webp
[both:children] test prod
Host and group variables inside the inventory. Host variables:
host1 color=red host2 color=blue
Group variables:
[all:vars] ntpserver=ntp1.example.com
[prod:vars] db_user=db2prod db_password=secret
Variables
Ansible looks for host variables in directories host_vars and group_vars. The files are named according to the corresponding host or group of hosts. Ansible expect these directories to be in the directory that contains the playbooks or in the directory adjacent to your inventory file.
File group_vars/prod:
db_user: db2prod db_password: secret
Refer to the variable with {{ db_user }}
Dynamic inventory
If an inventory file is marked executable, Ansible will assume it is a dynamic inventory script and will execute the file instead of reading it. If you want to have both a regualr inventory and a dynamic inventory script, just put them all in the same direcory and configure Ansible to use that directory as the inventory.
Roles
Create the role directorystructure for role nscd with command "ansible-galaxy init nscd"
[root@atlas roles]# pwd
/root/ansible/playbooks/roles
[root@atlas roles]# ansible-galaxy init nscd
- nscd was created successfully
[root@atlas roles]# tree
.
└── nscd
├── defaults
│ └── main.yml
├── files
├── handlers
│ └── main.yml
├── meta
│ └── main.yml
├── README.md
├── tasks
│ └── main.yml
├── templates
├── tests
│ ├── inventory
│ └── test.yml
└── vars
└── main.yml
9 directories, 8 files
[root@atlas roles]#
Commands
ansible-config view Displays the current config file.
dump Shows current settings.
list List all current settings.
ansible-doc Displays information on modules installed in Ansible libraries.
-l List available plugins / modules
ansible hosts -m module -a argument
web -m uptime -o -o condenses output to a single line per host.
ansible demohost -u devops -b -m yum -a 'name=httpd state=present'
ansible --version ansible all --list-hosts
ansible-playbook --check Ececutes playbook, but does not change managed host configuration.
--diff Reports changes made to templated files on managed hosts.
--syntax-check
--start-at-task="this task"
--step
-v Displays output data
-vv Displays input and output data
-vvv Includes information about managed host connections
-vvvv Adds verbosity to connection plugins.
Online documentation http://docs.ansible.com
Ansible Modules
add_host assert authorized_key copy debug file lineinfile mysql_user script shell stat systemd template uri user yum yum_repository
Ansible Files
/etc/ansible/ansible.cfg Describes defaults