Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Sander Van Vugt RHCE > Section 12 > Flashcards

Section 12 Flashcards

1
Q

Configure a New RHEL Managed Node
user password should be configured
a password should be set
Run root commands with no password and in wheel group
Register RHEL subscription
username and pass in ansible vault
add subscriptions rh-gluster-3-client-for-rhel-9-for-x86_64-rpms
and
rhel-8-for-x86_64-appstream-debug-rpms
use tags

A

Add new host info in inventory
Setup whatever you need to get the host running

sudo dnf install sshpass (because we’ll be working with ssh passwords in a non-interactive way)

  • name: Add host to inventory
    hosts: localhost
    tasks:
    • fail:
      msg: “Add the options -e newhost=hostname -e newhostip=ip and try again”
      when: (newhost is undefined) or (newhostip is undefined)
  • name: Add a new host to the inventory
    lineinfile:
    path: inventory
    state: present
    line: “{{ newhost }}”
  • name: Add new host to /etc/hosts
    lineinfile:
    path: /etc/hosts
    state: present
    line: “{{ nowhostip }} {{ newhost }}”
    tags: addhost

second play
- name: Configure a new RHEL host
hosts: “{{ newhost }}”
remote_user: root
become: false
tasks:
- name: Configure user ansible
user:
name: ansible
groups: wheel
append: yes
state: present

  - name: Set user password
     shell: 'echo password | passwd --stdin ansible'

  - name: Enable sudo without password
    lineinfile:
      path: /etc/sudoers
      regexp: '*%wheel'
      line: '%wheel ALL=(ALL) NOPASSWD: ALL'
      validate: /usr/sbin/visudo -cf %s
  • name: Create SSH directory in user ansible home
    file:
    path: /home/ansible/.ssh
    state: directory
    owner: ansible
    group: ansible
    - name: Copy SSH public key to remote host
   copy:
      src: /home/ansible/.ssh/id_rsa.pub
      dest: /home/ansible/.ssh/authorized_keys
  tags: setuphost (He's putting the tags on the same line as the - in - name)

If you want to test so far:
ansible-playbook -C -k site.yml -e newhost=ansible3 -e newhostip=192.168.10.123 (the k asks for root password)

Now let’s go add our RedHat subscription creds to a file
ansible-vault create info.vault.yml
rhsm_user: username
rhsm_pass: user_pass

Now we can finish the original playbook with our final play

  • name: Use subscription manager to register and sertup repos
    hosts: “{{ newhost }}”
    vars_files:
    • info.vault.yml
      tasks:
    • name: Register and subscribe {{ newhost }}
      redhat_subscription:
      username: “{{ rhsm_user }}”
      password: “{{ rhsm_pass }}”
      state: present
    • name: Configure additional repo access
      rhsm_repository:
      name:
      • rh-gluster-3-client-for-rhel-9-x86_64-rpms
      • rhel-8-for-x86_64-appstream-debug-rpms
        state: present
    tags: registerhost

now let’s run it
ansible-playbook -k –ask-vault-pass site.yml -e newhost=ansible3 -e newhostip=192.168.10.123
-

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

In terms of the user module how do you add a primary and secondary groups for a user? How do you not overwrite previous secondary groups?

A

user:
name: anna
create_home: true
groups: wheel,students
append: true
generate_ssh_key: true
ssh_key_bits: 2048
ssh_key_file: .ssh/id_rsa

groups is for extended groups
group would be for primary, but it will make one with the same username automatically.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Sander Van Vugt RHCE (14 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions