Section 5 and further Flashcards
Create a cronjob which:
Schedules a job as root
Runs every thursday at 10 am
the job should be:
/home/iafzal/cfile.sh
vim cronjob.yml
- name: Create cronjob
hosts: all
tasks:
- name: Cronjob
cron:
name: This job is scheduled by Ansible
minute: “0”
hour: “0”
day: “”
month: “”
weekday: “4”
user: root
job: “/home/iafzal/cfile.sh”
From Client
crontab -l
to make the job run every day, just delete the day line. Only add the parameters for things that you’re adding a number to
Download Tomcat via a playbook
Create a directory for it
Modify the permissions for the downloaded file
vim tomcat.yml
- name: tomcat download
hosts: localhost
tasks: - name: Directory creation
file:
path: /opt/tomcat
state: directory
mode: 0755
owner: root
group: root - name: Tomcat Download
get_url:
url: https://dlcdn.apache.org/tomcat/tomcat-8/v8.5.78/bin/apache-tomcat-8.5.78.tar.gz
dest: /opt/tomcat
mode: 0755
group: delsinm
owner: delsinm
Add a disk to one of your servers that’s two gigs
you will need to get parted and mount. (community.general and posix)
Create and mount new storage
ansible-galaxy collection install community.general <- this installs parted
ansible-galaxy collection install ansible.posix <- for mount
vim newstorage.yml
- name: Create and mount new storage
hosts: all
tasks:
- name: create new partition
parted:
name: files
label: gpt
device: /dev/sdb
number: 1
state: present (absent to delete)
part_start: 1MiB
part_ends: 1GiB
- name: Create file system
filesystem:
dev: /dev/sdb1
fstype: xfs - name: create mount directory
file:
path: /data
state: directory - name: Mount Filesystem
path: /data
mount: src: /dev/sdb1
fstype: xfs
state: mounted
yup
To do the rest of the disk
part_type: primary
number: 1
resize: yes (if the partition already exists)
if not, just have:
start: 2048 with no end:
Create the user George on a remote client via playbook
directory should be /home/george
Shell for george should be /bin/bash
vim adduser.yml
- name: Create user
hosts: all
tasks:
- name: Create users
user:
name: george
home: /home/george
shell: /bin/bash
Look up more options
Add and update password for a user
REMEMBER YOU CAN’T PASS A CLEARTEXT PASSWORD VIA MODULE
Pass it via variable
v8im changepass.yml
- name: Add or update password
hosts: all
tasks:
- name: Change “george’s” password
user:
name: george
update_password: always
password: “{{ newpassword|password_hash( ‘sha512’ ) }}”
newpassword - just a variable
password_hash() <- password encryption so traffic isn’t visible
ansible-playbook changepass.yml –extra-vars newpassword=abc123
As you can see here, we are actually creating the variable that the playbook will use.
LOOK OVER THE DOCS TO GET USED TO FINDING HOW TO WRITE THESE ON YOUR OWN
Kill a running process via playbook
Ignore any errors
Hold result in registry variable
Use shell module to kill the registered variable
This should loop through Process IDs killing them one by one
vim killprocess.yml
- name: Kill process
hosts: 192.168.10.142
tasks: - name: get running processes from remote host
ignore_errors: yes
shell: “ps -few | grep top | awk ‘{print $2}’”
register: running_process - name: Kill the processes
ignore_errors: yes
shell: “kill {{ item }}”
with_items: “{{ running_process.stdout_lines }}”
grep top - we use this because “top” will be running on the client and we want to kill it.
The variable item signifies that you want to loop through something
with_items tells ansible what to loop through.
The suffix .stdout_lines tells ansible to turn the output into a list to cycle through. Otherwise it would read your output as one line.
How would you start a playbook at a specific task
ansible-playbook yamlfile.yml –start-at-task ‘task name’
What is the syntax for ad-hoc commands?
ansible [target] -m [module] -a “[module options]”
aliases, groups, all <- these can work for target
for instance ping:
ansible localhost -m ping
Create a file on all remote clients via ad-hoc command
ansible all -m file -a “path=/home/delsinm/adhoc1 state=touch mode=700”
Delete a file on all remote clients via ansible ad-hoc command
ansible all -m file -a “path=/home/delsinm/file.txt state=absent”
Via ansible ad-hoc commands copy a file over from the control node to the remote clients
ansible all -m copy -a “src=/home/delsinm/this.txt dest=/home/delsinm/”
Install httpd via ansible ad-hoc command
start httpd and enable it
Check httpd’s status via the shell module
remove the httpd package
ansible all -m yum -a “name=httpd state=present”
ansible all -m service -a “name=httpd state=started enabled=yes”
ansible all -m shell -a “systemctl status httpd”
ansible all -m yum -a “name=httpd state=absent”
Create a user via ansible ad-hoc command
name jsmith
shell bash
create a directory for the little guy
Put the user in the wheel group
Delete the user
ansible all -m user -a “name=jsmith home=/home/jsmith shell=/bin/bash state=present”
go to remote client
id jsmith
ansible all -m user -a “name=jsmith group=wheel”
ansible all -m user -a “name=jsmith state=absent”
Get all system info on all remote clients
reboot a node without using shell or another similar module
ansible all -m setup
ansible client1 -a ‘‘sbin/reboot’
This is a particular command that you don’t need the shell module for.
What are handlers?
They are executed at the end of the play once all tasks are finished. These are used to start, reload, restart, and stop services.
This will only run if something is changed.
These only run when notified. There has to be an indicator in the playbook.
These should have globally unique names.
