Section 2

Question 1

Use a command to see what repos are currently configured on your system

Answer 1

subscription-manager repos –list

Question 2

What is needed of the managed nodes?

Answer 2

ssh access and python

Question 3

On all nodes create a directory for ansible’s sudo configuration. Allow it to not have to use a password

How is ansible tower different here?

Answer 3

vi /etc/sudoers.d/ansible

ansible ALL=(ALL) NOPASSWD:ALL

Ansible Tower allows you to store ansible’s password securely so it can use sudo

Question 4

What is a project directory?

Answer 4

A directory for a project that includes everything that project needs to run.

Playbooks
Inventory
Variable Files
Additional files used to include tasks
ansible.cfg configuration files

Question 5

What are your different options for storing your ansible.cfg file?

Answer 5

You can store it where it is by default
In the ansible user’s home directory (If you need different ansible configs for diff users)
In the project’s directory(If each project needs a different configuration)

Question 6

In terms of an inventory file, how would you format:
server(1-16)@example.com

Answer 6

server[1:16]@example.com

Question 7

Let’s say you have created two groups (web, db) and want those to be subgroups to a parent group called servers. How would you format this?

Answer 7

[servers:children]
web
db

Question 8

What are the three different approaches for using groups?

Answer 8

Functional - Group of hosts according to use (web, db)

Regional - based on region (africa, europe)

Staging - According to implementation stage (test, development, prod)

Question 9

What are the implicate host groups

Answer 9

all

localhost

ungrouped - everything not put into a group

Question 10

Show hosts in an inventory called inventory

Show all hosts in the inventory file

Answer 10

ansible-inventory -i /inventory –list-hosts
–list will do so in JSON format

ansible -i inventory all –list

Question 11

Your inventory file used to be used to assign variables, but this is deprecated. What is used in it’s place?

Show an example of variables in the inventory file

Answer 11

[web:vars]
ansibile_user=ansible
ansible:password=123

These should now go int host_vars and group_vars directories

Question 12

What is dynamic inventory?

Answer 12

A script is used to discover inventory hosts in a specific environment.

Create one.

Question 13

If you create a static inventory file, what should you do at the end of it?

Answer 13

Allow it to execute

Question 14

Configure the Ansible Configuration file and explain it

Answer 14

All of this can be used per playbook

[defaults]
remote_user = ansible
host_key_checking = false
inventory = inventory

[privilege_escalation]
become = True
become_method = sudo
become_user = root
become_ask_pass = False

[defaults] - generic info

[privilege_escalation] - How ansible user should require admin privileges to connect to managed hosts

remote_user - user used to connect to managed device

host_key_checking - Should ssh host keys be checked

Question 15

Create an inventory file in your ansible user’s home. It should have the ansible servers ungrouped, two devices in the web and db groups
a servers group with db and web as a part of that group

Show all hosts in this inventory
Show all hosts that aren’t a part of a group
Show a hierarchical overview of the inventory
Show the contents in json format

Answer 15

cd /home/ansible
ansible1
ansible2

[web]
web1
web2

[db]
db[1:2]

[servers:children]
web
db

ansible -i inventory all –list-hosts
ansible -i inventory ungrouped –list-hosts
ansible-inventory -i inventory –graph
ansible-inventory -i inventory –list

Question 16

Create an ansible configuration file in the ansible home directory

show your inventory without using the -i option now

Answer 16

cd /home/ansible
vi ansible.cfg

[defaults]
remote_user = ansible
host_key_checking = false
inventory = inventory

[privilege_escalation]
become = True
become_method = sudo
become_user = root
become_ask_pass = False

copy the inventory file to the main home directory (remember they have to be in the same directory here)

ansible-inventory –list

Question 17

What are ansible ad-hoc commands used for

Answer 17

Setup tasks that bring nodes to a desired state.

Quick test to verify that a playbook was successful

Quick discovery tasks to verify that a node meets certain criteria

It compares the desired state through your command with the current state and sees if anything needs to be changes

Question 18

in terms to the below command, what does the -a stand for?

ansible all -m user -a ‘name=lisa’

Answer 18

-a = arguments

Question 19

Two common modules for ansible are command and raw

Answer 19

command - runs arbitrary commands, no shell (so commands with pipes don’t work) This is the default module.

raw - runs commands directly on top of ssh without using python. Sends over ssh. Best for network devices.

command, shell, and raw or not idempotent

Question 20

How would you create a new default module to run if you wanted something other than command

Answer 20

in ansible.cfg
madule_name = module (whatever module you want here)

Question 21

Say you don’t have python installed on a managed node. How would you install python?

Answer 21

ansible -u root -i inventory ansible3 –ask-pass -m raw -a ‘yum install python3’

Question 22

Using an ad hoc command, copy ‘hello world’ to a managed nodes /etc/motd

Install the latest version of nmap on centos

Use a command to install things on any linux distro

Start and enable httpd

Answer 22

ansible -m copy -a “content=’Hello World’ dest=/etc/motd”

ansible all -m yum -a ‘name=nmap state=latest’

ansible all -m service -a ‘name=httpd state=started enabled=yes’

Question 23

What does the ping module do?

Answer 23

Checks whether hosts have been setup correctly to be managed by Ansible and test connectivity

ansible all -m ping