Date: 23 Feb 2025
Tasks: Creating Soft Links Using Ansible
The Nautilus DevOps team is practicing some of the Ansible modules and creating and testing different Ansible playbooks to accomplish tasks. Recently they started testing an Ansible file module to create soft links on all app servers. Below you can find more details about it.
Write a playbook.yml under /home/thor/ansible directory on jump host, an inventory file is already present under /home/thor/ansible directory on jump host itself. Using this playbook accomplish below given tasks:
- Create an empty file /opt/itadmin/blog.txt on app server 1; its user owner and group owner should be tony. Create a symbolic link of source path /opt/itadmin to destination /var/www/html.
- Create an empty file /opt/itadmin/story.txt on app server 2; its user owner and group owner should be steve. Create a symbolic link of source path /opt/itadmin to destination /var/www/html.
- Create an empty file /opt/itadmin/media.txt on app server 3; its user owner and group owner should be banner. Create a symbolic link of source path /opt/itadmin to destination /var/www/html.
Note: Validation will try to run the playbook using command ansible-playbook -i inventory playbook.yml so please make sure playbook works this way without passing any extra arguments.
Solution :
---
- name: Create files and symbolic links on app servers
hosts: all
become: yes
tasks:
- name: Create blog.txt on app server 1
file:
path: /opt/itadmin/blog.txt
state: touch
owner: tony
group: tony
when: inventory_hostname == 'stapp01'
- name: Create symbolic link on app server 1
file:
src: /opt/itadmin
dest: /var/www/html
state: link
when: inventory_hostname == 'stapp01'
- name: Create story.txt on app server 2
file:
path: /opt/itadmin/story.txt
state: touch
owner: steve
group: steve
when: inventory_hostname == 'stapp02'
- name: Create symbolic link on app server 2
file:
src: /opt/itadmin
dest: /var/www/html
state: link
when: inventory_hostname == 'stapp02'
- name: Create media.txt on app server 3
file:
path: /opt/itadmin/media.txt
state: touch
owner: banner
group: banner
when: inventory_hostname == 'stapp03'
- name: Create symbolic link on app server 3
file:
src: /opt/itadmin
dest: /var/www/html
state: link
when: inventory_hostname == 'stapp03'
Date: 24 Feb 2025
Tasks: Managing ACLs Using Ansible
There are some files that need to be created on all app servers in Stratos DC. The Nautilus DevOps team want these files to be owned by user root only however, they also want that the app specific user to have a set of permissions on these files. All tasks must be done using Ansible only, so they need to create a playbook. Below you can find more information about the task.
Create a playbook named playbook.yml under /home/thor/ansible directory on jump host, an inventory file is already present under /home/thor/ansible directory on Jump Server itself.
Create an empty file blog.txt under /opt/finance/ directory on app server 1. Set some acl properties for this file. Using acl provide read '(r)' permissions to group tony (i.e entity is tony and etype is group).
Create an empty file story.txt under /opt/finance/ directory on app server 2. Set some acl properties for this file. Using acl provide read + write '(rw)' permissions to user steve (i.e entity is steve and etype is user).
Create an empty file media.txt under /opt/finance/ on app server 3. Set some acl properties for this file. Using acl provide read + write '(rw)' permissions to group banner (i.e entity is banner and etype is group).
Note: Validation will try to run the playbook using command ansible-playbook -i inventory playbook.yml so please make sure the playbook works this way, without passing
Solutions:
---
- name: Create files and set ACL permissions on app servers
hosts: all
become: yes
tasks:
- name: Create blog.txt on app server 1
file:
path: /opt/finance/blog.txt
state: touch
owner: root
group: root
mode: '0644'
when: inventory_hostname == "stapp01"
- name: Set ACL for blog.txt (Read permission for group tony)
acl:
path: /opt/finance/blog.txt
entity: tony
etype: group
permissions: r
state: present
when: inventory_hostname == "stapp01"
- name: Create story.txt on app server 2
file:
path: /opt/finance/story.txt
state: touch
owner: root
group: root
mode: '0644'
when: inventory_hostname == "stapp02"
- name: Set ACL for story.txt (Read + Write for user steve)
acl:
path: /opt/finance/story.txt
entity: steve
etype: user
permissions: rw
state: present
when: inventory_hostname == "stapp02"
- name: Create media.txt on app server 3
file:
path: /opt/finance/media.txt
state: touch
owner: root
group: root
mode: '0644'
when: inventory_hostname == "stapp03"
- name: Set ACL for media.txt (Read + Write for group banner)
acl:
path: /opt/finance/media.txt
entity: banner
etype: group
permissions: rw
state: present
when: inventory_hostname == "stapp03"
# ansible-playbook -i inventory playbook.yml
Date: 27 Feb 2025
Tasks: Ansible Manage Services
Developers are looking for dependencies to be installed and run on Nautilus app servers in Stratos DC. They have shared some requirements with the DevOps team. Because we are now managing packages installation and services management using Ansible, some playbooks need to be created and tested. As per details mentioned below please complete the task:
- On jump host create an Ansible playbook /home/thor/ansible/playbook.yml and configure it to install httpd on all app servers.
- After installation make sure to start and enable httpd service on all app servers.
- The inventory /home/thor/ansible/inventory is already there on jump host.
- Make sure user thor should be able to run the playbook on jump host.
Note: Validation will try to run playbook using command ansible-playbook -i inventory playbook.yml so please make sure playbook works this way, without passing any extra arguments.
# cat webserver-installation.yml
---
- name: Web Server Installation.
hosts: All
become: true
become_user: root
gather_facts: false
tasks:
- name: Installation of Apache Package
yum:
name: httpd
state: present
- name: HTTP Service
service:
name: httpd
state: started
enabled: true
# ansible-playbook -i inventory playbook.yml
No comments:
Post a Comment