Professional Documents
Culture Documents
RH Ce Student
RH Ce Student
8 – EX294
Click to edit Master title style
Introduction
About this course
Click to edit Master title style
• This course doesn't replace my "Ansible Fundamentals" course,
neither my "Automating with Ansible" (Ansible Advanced) course
• Ansible Fundamentals is a brief introduction to key items in Ansible
and is a good course to take before taking this course
• Automating with Ansible focusses on managing datacenter
environments with Ansible, and is about more than just managing
RHEL
• This course prepares for the RHCE 8 Certification, and is the most
complete Ansible course I'm offering
Warning
Click to edit Master title style
• Today (Sept. 3 2019) is the first time I'm teaching this course
• At least some things will go wrong
• As this is the first time I'm teaching this course, I'm very eager to
getting your feedback. Please take the course survey!
• Or send feedback directly to mail@sandervanvugt.nl
Poll questions 1
Click to edit Master title style
Are you currently RHCSA certified?
• yes
• no
Poll Questions 2
Click to edit Master title style
How would you rate your own Ansible experience?
• 0
• 1
• 2
• 3
• 4
• 5
Poll Questions 3
Click to edit Master title style
Which part of the world are you from?
• Africa
• India
• Asia (not India)
• Europe
• North/Middle America
• South America
• Australia/Pacific
• Netherlands
Agenda – day 1
Click to edit Master title style
Day 1
• Introduction
• Setting up an Ansible Managed Environment
• Using Ad-hoc Commands
• Getting started with Playbooks
• Working with Variables and Facts part 1
• Day 1 Homework Assignment
Agenda – day 2
Click to edit Master title style
Day 2
• Day 1 Homework Lab Discussion
• Working with Variables and Facts part 2
• Using Task Control
• Deploying Files with Templates
• Day 2 Homework Lab Explanation
Agenda – day 3
Click to edit Master title style
Day 3
• Day 2 Homework Lab Discussion
• Using Ansible Roles
• Using RHEL System Roles
• Using Ansible in Large Environments
• Day 3 Homework Lab Explanation
Agenda – day 4
Click to edit Master title style
Day 4
• Day 3 Homework Lab Discussion
• Troubleshooting Ansible
• Advanced Ansible Usage Examples
• Exam Tips and Q&A
Lab Setup Requirements
Click to edit Master title style
• Install 3 VM's, using RHEL8 or CentOS 8, and the "Minimal Setup"
installation pattern
• control.example.com, 192.168.4.200
• ansible1.example.com, 192.168.4.201
• ansible2.example.com, 192.168.4.202
• The machines require Internet access
• Create a user with the name ansible
RHCE 8 – EX294
Click to edit Master title style
1. Introduction
RHCE7 vs. RHCE8
Click to edit Master title style
• Until RHCE 7, RHCE was about advanced Linux topics
• In RHCE 8, Ansible is the main topic
• More information is here:
https://www.redhat.com/en/blog/announcing-evolution-red-hat-
certified-engineer-program
EX407 and EX294
Click to edit Master title style
• EX407 was the old Ansible exam
• EX294 has taken over the contents of this exam, so EX407 is no
longer relevant
• EX447 (Advanced Automation) has been added to the certification
options
RHCE 8 – EX294
Click to edit Master title style
2. Setting up an Ansible
Managed Environment
Understanding Ansible
Click to edit Master title style
• Ansible is a Configuration Management solution
• It can be used for configuring a wide range of networked
devices
• With Ansible, you'll use playbooks that define the desired
state of managed machines
• These playbooks ensure that no matter the current state of
the managed machine, the desired state will be implemented
• Playbooks are written in YAML, and in playbooks you'll use
Ansible modules to define the tasks that have to be
accomplished
• One requirement is Python: Ansible uses Python to generate
scripts that are executed on the managed nodes
• Another requirement is access to the managed node,
typically this is done using SSH
Host Requirements
Click to edit Master title style
• The control node is where you install Ansible
• For RHCE 8, you'll install on top of RHEL 8
• Make sure a fixed IP address is set up, as well as a hostname
• The managed nodes are managed by Ansible
• Managed nodes can be anything: servers running RHEL, but also
other Linux distributions, Windows, Network Devices and much
more
• For RHCE 8, you'll need 2 managed nodes pre-installed with RHEL 8
• Ensure host name lookup is configured, /etc/hosts is good enough
• For installation from the repositories, enable the EPEL repository
Course Lab Setup
Click to edit Master title style
• In this course, a 3-node lab setup is used
• control.example.com is the control node. It is not
managed by Ansible, but it manages the other nodes
• ansible1.example.com and ansible2.example.com are
the managed nodes
• To get started, these nodes need a fixed IP address, and
a root user, everything else will be set up later
RHCE 8 – EX294
Click to edit Master title style
[fileservers]
file1.example.com
file2.example.com
[servers:children]
webservers
fileservers
Host Groups Usage
Click to edit Master title style
• Functional host groups
• web
• lamp
• Regional host groups
• europe
• africa
• Staging host groups
• test
• development
• production
Testing Inventory
Click to edit Master title style
• ansible --list-hosts
• ansible file --list-hosts
Little Lab 1
Click to edit Master title style
• Create an inventory file with 4 servers in 2 groups, make sure that
at least one server is NOT included in any groups
• Use ansible -i inventory all --list-hosts
• ansible -i inventory ungrouped --list-hosts
• ansible -i inventory file --list-hosts
• Mention that -i is required as we have not yet specified a default
inventory location, but if we would have used /etc/ansible/hosts it
is not required to use -i
Understanding Dynamic Inventory
Click to edit Master title style
• Dynamic inventory can be used to discover inventory in
dynamic environments such as cloud
• Many community-provided dynamic inventory scripts are
available
• These scripts are referred to in the same way as static
inventory, but must have the execute permission set
• Alternatively, it's relatively easy to write your own
dynamic inventory
RHCE 8 – EX294
Click to edit Master title style
- hosts: all
vars:
web_package: httpd
- hosts: all
vars_files:
- vars/users.yml
Using Variables
Click to edit Master title style
• After defining the variables, it can be used later in the playbook
• Notice that order does matter!
• Refer to a variable as {{ web_package }}
• If the variable is the first element, using quotes is mandatory!
• "{{ web_package }}"
RHCE 8 – EX294
Click to edit Master title style
[servers]
web1.example.com web_package=httpd
[servers:vars]
web_package=httpd
Using Include Files
Click to edit Master title style
• To define host and host group variables, directories should be
created in the current project directory
• Use ~/myproject/host_vars/web1.example.com to include host
specific variables
• Use ~/myproject/group_vars/webservers to include host group
specific variables
• Notice that you don't have to define variables in these
directories in the playbook, they are picked up automatically
RHCE 8 – EX294
Click to edit Master title style
|-group_vars
| |--dbservers
| |- vars
| |- vault
• This replaces the solution that was discussed earlier, where all variables are
stored in a file with the name of the host or host group
Poll Question
Click to edit Master title style
When using Ansible Vault, a password must be provided. Which of the
following is NOT a valid way to do so?
• Just run ansible-vault, it will prompt for a password
• Use the --vault-password-file option when running the ansible-vault create
command
• Write the password to the ansible_vault variable
• Store the password in the playbook
RHCE 8 – EX294
Click to edit Master title style
---
- name: role demo
hosts: all
roles:
- role1
- role2
Defining Role Variables
Click to edit Master title style
• When calling a role, role variables can be defined
---
- name: role variable demo
hosts: all
roles:
- role: role1
- role: role2
var1: cow
var2: goat
RHCE 8 – EX294
Click to edit Master title style
---
- hosts: lamp
tasks:
- include_role:
name: lamp
when: "ansible_facts['os_family'] == 'RedHat'"
Poll Question
Click to edit Master title style
Ansible Roles van be stored in multiple locations. What is the default
location when installing roles from Ansible Galaxy?
• ./roles
• ˜/.ansible/roles
• /etc/ansible/roles
• /usr/share/ansible/roles
RHCE 8 – EX294
Click to edit Master title style