User:Tom/RHCS EX407: Difference between revisions

From RoggeWiki
Jump to navigation Jump to search
Line 395: Line 395:
                   -vvv                                  Includes information about managed host connections
                   -vvv                                  Includes information about managed host connections
                   -vvvv                                Adds verbosity to connection plugins.
                   -vvvv                                Adds verbosity to connection plugins.
   
   
  ansible-vault encrypt
  ansible-vault encrypt

Revision as of 20:48, 16 April 2019

Red Hat Certified Specialist in Ansible Automation exam

https://www.redhat.com/en/services/training/ex407-red-hat-certified-specialist-in-ansible-automation-exam

Exam based on RedHat 7.3. and Ansible 2.3.

Objectives

  • Using Ansible inventories to define groups of hosts
  • Creating Ansible playbooks
  • Using Ansible playbooks to configure systems to a specified state
  • Creating and using Ansible templates to create customized configuration files for hosts
  • Creating Ansible roles
  • Using Ansible Vault in playbooks to protect sensitive data
  • Installing Ansible Tower and using it to manage systems

Study points for the exam

To help you prepare, the exam objectives highlight the task areas you can expect to see covered in the exam. Red Hat reserves the right to add, modify, and remove exam objectives. Such changes will be made public in advance.

Candidates should have the following skills and abilities: Understand core components of Ansible Inventories Modules Variables Facts Plays Playbooks Configuration files

Run ad-hoc Ansible commands Use both static and dynamic inventories to define groups of hosts Utilize an existing dynamic inventory script Create Ansible plays and playbooks Know how to work with commonly used Ansible modules Use variables to retrieve the results of running a commands Use conditionals to control play execution Configure error handling Create playbooks to configure systems to a specified state Selectively run specific tasks in playbooks using tags

Create and use templates to create customized configuration files Work with Ansible variables and facts Create and work with roles Download roles from an Ansible Galaxy and use them Manage parallelism Use Ansible Vault in playbooks to protect sensitive data Install Ansible Tower and use it to manage systems Use provided documentation to look up specific information about Ansible modules and commands

  • rhel system roles.
  • create repo with rum and gpg key.
  • use variables in inventory or playbook.
  • copy: content
  • --- name hosts tasks.
  • inventory children.

Training

  • Course introduction - Introduce and review the course.
  • Introduce Ansible - Describe the terminology and architecture of Ansible.
  • Deploy Ansible - Install Ansible and run ad hoc commands.
  • Implement playbooks - Write Ansible plays and execute a playbook.
  • Manage variables and inclusions - Describe variable scope and precedence, manage variables and facts in a play, and manage inclusions.
  • Implement task control - Manage task control, handlers, and tags in Ansible playbooks.
  • Implement Jinja2 templates - Implement a Jinja2 template.
  • Implement roles - Create and manage roles.
  • Configure complex playbooks - Configure connection types, delegations, and parallelism.
  • Implement Ansible Vault - Manage encryption with Ansible Vault.
  • Troubleshoot Ansible - Troubleshoot the Ansible control machine and managed nodes.
  • Implement Ansible Tower - Implement Ansible Tower.
  • Implement Ansible in a DevOps environment - Implement Ansible in a DevOps environment using Vagrant.
  • Comprehensive review - Review tasks from the Automation with Ansible course


Zoekuit

This study guide attempts to cover topics for study in the Red Hat EX407 Red Hat Certificate of Expertise in Ansible Automation exam

Understand core components of Ansible

Inventories 

[atlanta]
host1
host2

[raleigh]
host2
host3 

[southeast:children]
atlanta
raleigh

[southeast:vars]
some_server=foo.southeast.example.com
halon_system_timeout=30
self_destruct_countdown=60
escape_pods=2

Supply inventory with -i flag with commands

ansible -i inventory -m shell -a “hostname"

Can be set in ansible.cfg

inventory = /etc/ansible/hosts

Static inventory

defined in ini style [router] hostname1 ansibe_host=192.168.1.1 [webserver] hostname2 ansibe_host=192.168.1.2 [database] hostname3 ansibe_host=192.168.1.3 [appserver] hostname4 ansible_host=192.168.1.4


Dynamic inventory

returns json { 

 "all": {
   "hosts": [
     "slaves_slave1"
   ]
 },
 "_meta": {
   "hostvars": {
     "slaves_slave1": {
       "ansible_host": "192.168.121.74"
     }
   }
 }

}


Modules

file, stat, lineinfile etc

file module example

Module usage file: 

 path: /etc/config.cnf
 state: absent


Short hand file: path=”/etc/config.cnf” state=”absent”


Variables

Variable can be used in inventories, playbooks, roles, defaults

Facts

Hostvars

Setup module to retrieve facts

Debug module to verify facts

Plays

Individual roles

Playbooks

File with a collection of roles/plays

Configuration files

/etc/ansible/ansible.cfg

Run ad-hoc Ansible commands ansible [groupname] [-i inventory-file] [-m module] [-a arguments] ansible all -i inventory -m shell -a “hostname”


Use both static and dynamic inventories to define groups of hosts

Static inventory take single hosts by line or ini format

Dynamic inventories return information from outside sources like AWS to gather facts about the inventory

Example for creating dynamic inventories

https://www.jeffgeerling.com/blog/creating-custom-dynamic-inventories-ansible

Utilize an existing dynamic inventory script

./inventory.py {} ./inventory.py --list {"all": {"hosts": ["slaves_slave2", "slaves_slave3", "slaves_slave4", "slaves_slave1", "slaves_slave5"]}, "_meta": {"hostvars": {"slaves_slave5": {"ansible_host": "192.168.121.32"}, "slaves_slave4": {"ansible_host": "192.168.121.29"}, "slaves_slave1": {"ansible_host": "192.168.121.218"}, "slaves_slave3": {"ansible_host": "192.168.121.34"}, "slaves_slave2": {"ansible_host": "192.168.121.119"}}}} ./inventory.py --host { "all": { "hosts": [ "slaves_slave1" ] }, "_meta": { "hostvars": { "slaves_slave1": { "ansible_host": "192.168.121.218" } } } }

Create Ansible plays and playbooks

Know how to work with commonly used Ansible modules

Use variables to retrieve the results of running a commands

Use conditionals to control play execution

Configure error handling

fail module - fail: 

   msg: "The system may not be provisioned according to the CMDB status."
 when: cmdb_status != "to-be-staged"


Create playbooks to configure systems to a specified state

Selectively run specific tasks in playbooks using tags

Create and use templates to create customized configuration files

Work with Ansible variables and facts

Create and work with roles

Download roles from an Ansible Galaxy and use them

Manage parallelism

Use Ansible Vault in playbooks to protect sensitive data

Install Ansible Tower and use it to manage systems

Use provided documentation to look up specific information about Ansible modules and commands

List of modules

Module example

Inventory

The inventory file describe your hosts in Ansible. ansible.cfg points to the inventory file: 

[defaults]
inventory = /etc/ansible/hosts

Contents of the inventory file: 

[test]
beylo
db[1:9]-node
web[a-t]-node

[prod]
dbp
webp

[both:children]
test
prod

Host and group variables inside the inventory. Host variables: 

host1 color=red
host2 color=blue

Group variables: 

[all:vars]
ntpserver=ntp1.example.com

[prod:vars]
db_user=db2prod
db_password=secret

Variables

Ansible looks for host variables in directories host_vars and group_vars. The files are named according to the corresponding host or group of hosts. Ansible expect these directories to be in the directory that contains the playbooks or in the directory adjacent to your inventory file.

File group_vars/prod: 

db_user: db2prod
db_password: secret

Refer to the variable with {{ db_user }}

Dynamic inventory

If an inventory file is marked executable, Ansible will assume it is a dynamic inventory script and will execute the file instead of reading it. If you want to have both a regualr inventory and a dynamic inventory script, just put them all in the same direcory and configure Ansible to use that directory as the inventory.

Variables and facts

Define variable in playbook with a vars section. 

vars:
  db_name: db2prd1

Or put the variables in one or more files with: 

vars_files:
  - myvar.yml

And myvar.yml would like: 

db_name: db2prd1

Use the debug module to print out a variable: 

- debug: var=db_name

Iets doen met register?

When Ansible gathers facts, it connects to the host and queries the host for all kinds of details about the host. This information is stored in variables that are called facts. A playnook to print out the operation system of each server: 

- name: print out operating system
  hosts: all
  gather_facts: true
  tasks:
  - debug: var=ansible_distribution

Run the setup module to show all facts associated with a server: 

ansible server1 -m setup

Roles

Create the role directorystructure for role nscd with command "ansible-galaxy init nscd" 

[root@atlas roles]# pwd 
/root/ansible/playbooks/roles
[root@atlas roles]# ansible-galaxy init nscd
- nscd was created successfully
[root@atlas roles]# tree
.
└── nscd
    ├── defaults
    │   └── main.yml
    ├── files
    ├── handlers
    │   └── main.yml
    ├── meta
    │   └── main.yml
    ├── README.md
    ├── tasks
    │   └── main.yml
    ├── templates
    ├── tests
    │   ├── inventory
    │   └── test.yml
    └── vars
       └── main.yml

9 directories, 8 files
[root@atlas roles]#

Commands

ansible-config view       Displays the current config file.
               dump       Shows current settings.
               list       List all current settings.

ansible-doc               Displays information on modules installed in Ansible libraries.
            -l            List available plugins / modules

ansible hosts -m module -a argument
        web -m uptime -o                          -o condenses output to a single line per host.
ansible demohost -u devops -b -m yum -a 'name=httpd state=present'

ansible --version
ansible all --list-hosts
ansible server -m setup                                 Show all facts for host server.
                        -a 'filter=ansible_eth*'        View a subset of facts.

ansible-playbook --check                                Ececutes playbook, but does not change managed host configuration.
                 --diff                                 Reports changes made to templated files on managed hosts.
                 --syntax-check
                 --start-at-task="this task" 
                 --step 
                  -v                                    Displays output data
                  -vv                                   Displays input and output data
                  -vvv                                  Includes information about managed host connections
                  -vvvv                                 Adds verbosity to connection plugins.

ansible-vault encrypt
              create 
              edit

Online documentation http://docs.ansible.com

Ansible Modules

add_host
assert
authorized_key
copy
debug
file
lineinfile
local_action
mysql_user
script
shell
stat
systemd
template
uri
user
yum
yum_repository
wait_for

Ansible Files

/etc/ansible/ansible.cfg        Describes defaults
Retrieved from "https://wiki.roggeman.nl/index.php?title=User:Tom/RHCS_EX407&oldid=6597"