Ansible

 Write a playbook  ~/playbooks/logrotate.yml  to configure log-rotation on remote hosts. Complete the following tasks: grab the module from GitHub:  https://github.com/arillso/ansible.logrotate  Use ansible-galaxy install command install inside  /home/thor/playbooks/roles  If you stumbled upon the issue,  could not find/use git , install git in the ansible-runner first and install the role. configure your log rotation rules as: daily rotate 3 compress …to rotate a log file that would present on location  /var/log/myapp.log That means rotate daily, compress the log file and keep the last three rotations. Check on the options section that the role provides. Since this role depends on facts on remote hosts, make sure to gather facts is not false. nstall the role using ansible-galaxy ansible-galaxy install git + https :// github .com / arillso / ansible .logrotate --roles-path ~/ playbooks / roles Update  roles/ansible.logrotate/default...

  Write a playbook  /home/thor/playbooks/install_from_source.yml  to install a tool:  mosh  from the source: https://github.com/mobile-shell/mosh  on all servers inside the inventory  /home/thor/playbooks/inventory . A normal install from source flow is: git clone https://github.com/mobile-shell/mosh cd mosh ./autogen.sh ./configure make && make install To compile mosh from source, you need these dependencies: git make autoconf automake protobuf-devel libutempter-devel ncurses-devel openssl-devel gcc gcc-c++ Create  install_from_source.yml  playbook and add below given code --- - hosts: all tasks: - package: name: " {{ item }} " state: present with_items: - git - make - autoconf - automake - protobuf-devel - libutempter-devel - ncurses-devel - openssl-devel - gcc - gcc-c++ - git: rep...

  01 02 03 04 skip_next Write a playbook:  ~/playbooks/add_user_with_ssh.yml  to create a user:  deploy  on remote hosts. Its a best practice to ssh using public-key than to use a plain text password. Copy the public key:  ~/playbooks/devops.pub  to remote hosts inside deploy user's authorized_keys. Use inventory file:  ~/playbooks/inventory . Create  add_user_with_ssh.yml  playbook and add below given code --- - hosts: all tasks: - user: name: deploy state: present - authorized_key: user: deploy key: " {{ lookup('file', 'devops.pub') }} " state: present

Perform the following tasks: Install ansible using the package manager if not installed. Generate your ssh key to path  ~/.ssh/id_rsa Push the public key: ( ~/.ssh/id_rsa.pub ) on the remote servers listed in:  ~/playbooks/inventory Test your setup is working with:  ansible all -m ping -i /home/thor/playbooks/inventory Use password:  Passw0rd  to ssh onto the remote hosts. Remember the remote hosts are managed by the  root  user.   Generate your ssh key ssh-keygen -t rsa Updated the inventory as per below given code node00 ansible_host= 172.20.1.100 ansible_user=root ansible_ssh_pass=Passw 0 rd node01 ansible_host= 172.20.1.101 ansible_user=root ansible_ssh_pass=Passw 0 rd

02 03 skip_next Using an Ansible playbook install  firewalld  on  node00  node, start its service as well. Name the playbook as  firewall.yml  and keep it under  ~/playbooks and also white list  node01  host's IP address  172.20.1.101  on  node00 Use the following YAML file to create a playbook called  firewall.yml  as follows:- --- - hosts: node00 tasks: - yum: name=firewalld state=installed - service: name=firewalld state=started - firewalld: source: 172.20 .1 .101 state: enabled zone: internal permanent: yes immediate: yes

  Task Solution 45:59 01 02 03 skip_next We have two nodes that are managed by Ansible. There is an inventory file  ~/playbooks/inventory  on  Ansible controller  which has all these two nodes added. Create a playbook  ~/playbooks/blocks.yml  on  Ansible controller  to  install httpd web server  and  start its service . Create the playbook using blocks to logically group the tasks (installation and service start). Create  blocks.yml  playbook and add below given code --- - hosts: all tasks: - name: Install and configure httpd web server block: - yum: name: httpd state: latest - service: name: httpd state: started

 We have 2 managed nodes that are part of different DNS domains with a distinct DNS server for each. Using the sample resolv.conf located at  ~/playbooks/dns , generate a new resolv.conf file and copy it to the respective nodes using the  template  module. Update the template file located at  ~/playbooks/dns/templates/resolv.conf.j2  to print the nameserver details as shown in the  sample_resolv.conf  file. DNS server to be used is specified in the  inventory file . Use this template to create a playbook called  update_dns_server.yml . This playbook should generate the new resolv.conf and copy to the temp file  /tmp/resolv.conf  on the respective nodes . Updated  resolv.conf.j2  templates as per below given code nameserver {{ dns_server }}; options ndots: 0 Updated  update_dns_server.yml  playbook as per below given code --- - hosts: storage_nodes tasks: - name: copy resolv.conf to nodes ...

 It is a recommended practice to apply the security updates on the system in periodic intervals. Write a playbook  /home/thor/playbooks/patch_system.yml  to ensure servers listed in  /home/thor/playbooks/inventory  are up to date with periodic security updates. In CentOS, ensure the playboook installs and configures the  yum-cron  package to fit the need. Confiure the  yum-cron  config file:  /etc/yum/yum-cron.conf  as  update_cmd = security , to auto-update security packages and ensure  yum-cron  service is restarted afterwards. Create  patch_system.yml  playbook and add below given code --- - hosts: all tasks: - package: name: yum-cron state: present - lineinfile: path: /etc/yum/yum-cron.conf regexp: "^update_cmd" line: "update_cmd = security" - service: name: yum-cron state: restarted

  Write a playbook to copy the secret file located at  /home/thor/playbooks/secret_file.txt  to all remote hosts at location:  /root/.secret_file.txt Your playbook must be located at:   /home/thor/playbooks/copy_secrets.yml Use inventory file:   /home/thor/playbooks/inventory . The secret file is encrypted, please use the vault password from the script   /home/thor/playbooks/get_vault_pass.py   while you execute the playbook. Create  copy_secrets.yml  playbook and add below given code --- - hosts: all tasks: - name: copy a secret file to remote hosts copy: src: secret_file.txt dest: /root/.secret_file.txt

 Write a playbook  /home/thor/playbooks/configure_webserver.yml  which installs  nginx  web server and serves a html file:  index.html  from directory  /usr/share/nginx/html  on remote servers. You are provided with  /home/thor/playbooks/index.html  that you should copy to remote  web  servers listed on inventory  /home/thor/playbooks/inventory . Ensure that nginx is serving the file, that you copied. Create  configure_webserver.yml   playbook and add below given code --- - hosts: all tasks: - package: name: nginx state: present - copy: src: index.html dest: /usr/share/nginx/html/index.html - service: name: nginx state: started