Red Hat Certified Engineer

Course Navigation (RHEL 8 RHCE)

I n t r odu ct ion
Section 1

Basic Red Hat Cer t if ied

Adm in ist r at or Sk ills
Section 2

Un der st an d Cor e
Com pon en t s of An sible
Section 3

I n st all an d Con f igu r e

an An sible Con t r ol
Node
Section 4

Con f igu r e An sible

M an aged Nodes
Section 5

Scr ipt Adm in ist r at ion

Task s
Section 6

Cr eat e An sible Plays

an d Playbook s
Section 7

Use An sible M odu les

f or Syst em
Adm in ist r at ion Task s
Section 8

Exam Pr epar at ion Next Sect ion s

 Red Hat Certified Engineer
Course Navigation (RHEL 8 RHCE)
Cr eat e an d Use
Tem plat es t o Cr eat e
Cu st om ized
Con f igu r at ion Files
Section 9

Cr eat e an d Wor k
w it h Roles
Section 10

M an agin g Par allelism

Section 11

Pr ot ect Sen sit ive Dat a

in Playbook s w it h
An sible Vau lt
Section 12

An sible
Docu m en t at ion
Section 13

Con clu sion

Section 14

Exam Pr epar at ion Pr eviou s Sect ion s

 Introduction
Course Navigation Abou t t h e Cou r se

I n t r odu ct ion
Section 1

Abou t the
About t h eCourse
Cou r se

About the Author

About the Exam

Basic Red Hat Cer t if ied Welcom e to the Linux Academ y Red Hat Cer t if ied En gin eer (RHEL
Adm in ist r at or Sk ills 8 RHCE) course.
Section 2

This course is designed to prepare you to sit and pass the Red Hat
Un der st an d Cor e Certified Engineer exam (EX294).
Com pon en t s of An sible
Section 3 As of the creation of this course, there are two versions of the Red
Hat Certified Engineer exam - one for Red Hat Enterprise Linux 7
I n st all an d Con f igu r e (EX300) and one for Red Hat Enterprise Linux 8 (EX294). This course
an An sible Con t r ol was created based on the objectives of the RHEL 8 version of the
Node exam which is EX294.
Section 4
This diagram will be used as a reference point throughout the
course and can be used as a study guide as you prepare for the
Con f igu r e An sible
M an aged Nodes exam .
Section 5
This course was split up, Rob creating all of the labs, and m e
teaching the lessons. We thank you for taking this course and look
Scr ipt Adm in ist r at ion
forward to working through the m aterial with you!
Task s
Section 6
M at t h ew Pear son
Rob M ar t i
Cr eat e An sible Plays
an d Playbook s Linux Academ y Training Architects
Section 7
Next

Back t o M ain
 Introduction
Course Navigation Abou t t h e Exam

I n t r odu ct ion
Section 1

Abou t the
About t h eCourse
Cou r se

Abou t the
About t h eAuthor
Au t h or Exam For m at
About
Abou t the
t h eExam
Exam - It is a hands-on exam that requires you to
perform real-world tasks.
Basic Red Hat Cer t if ied
Adm in ist r at or Sk ills
- You will have four hours to com plete the exam .
Section 2 - You will be given m ultiple system s and m ust
install and configure Ansible in order to
Un der st an d Cor e perform system adm inistration tasks.
Com pon en t s of An sible
Section 3
- Your work will be evaluated by running the
playbooks created in the exam against fresh
I n st all an d Con f igu r e
system s.
an An sible Con t r ol - Internet access will not be provided and
Node candidates are not allowed to bring physical or
Section 4
electronic docum entation or notes.
- Exam results are usually reported within 3 days.
Con f igu r e An sible
M an aged Nodes
Section 5 The exam objectives can be viewed here:

Scr ipt Adm in ist r at ion Exam Object ives

Task s
Section 6

Cr eat e An sible Plays

an d Playbook s
Section 7

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation Un der st an d an d Use Essen t ial Tools

I n t r odu ct ion
Section 1 Topics in t h is sect ion in clu de:

Basic Red Hat Cer t if ied

Adm in ist r at or Sk ills Understanding and using the basic tools for an operating
Section 2 system is essential to adm inistering that system . In this section,
we will review these tools and show exam ples of how to use
Un der st an dand
Understand an dUse
u se
these on a Red Hat Enterprise Linux 8 host.
Essen t ialTools
Essential Tools

Operate Running
System s
Log in t o a Cr eat e Files I n pu t / Ou t pu t
Configure Local Storage
Rem ot e Ser ver an d Redir ect ion
Create and Configure File via SSH Dir ect or ies
System s

Deploy, Configure, and

Maintain system s

Manage Users and

Groups View an d Ar ch ive Files Escalat e
Manage Security (Part 1) An alyze Text an d Pr ivileges
Dir ect or ies
Un der st an d Cor e
Com pon en t s of An sible
Section 3

File an d Syst em
I n st all an d Con f igu r e
Dir ect or y Docu m en t at ion
an An sible Con t r ol
Node Per m ission s
Section 4

Back Next

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation Un der st an d an d Use Essen t ial Tools

I n t r odu ct ion
Section 1

Basic Red Hat Cer t if ied

Adm in ist r at or Sk ills
Section 2

Un der st an dand
Understand an dUse
u se
Essen t ialTools
Essential Tools

Operate Running
System s
- Log in t o r em ot e ser ver : s s h us er _name@hos t
Configure Local Storage - Log ou t of h ost : ex i t

Create and Configure File

System s

Deploy, Configure, and

Maintain system s
Back
Manage Users and
Groups
Manage Security (Part 1)

Un der st an d Cor e
Com pon en t s of An sible
Section 3

I n st all an d Con f igu r e

an An sible Con t r ol
Node
Section 4

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation Un der st an d an d Use Essen t ial Tools

I n t r odu ct ion
Section 1

Basic Red Hat Cer t if ied

Adm in ist r at or Sk ills
Section 2

Un der st an dand
Understand an dUse
u se
Essen t ialTools
Essential Tools

Operate Running
System s
- Cr eat e dir ect or y: mk di r <di r ec t or y _name>
Configure Local Storage - Cr eat e f ile: t ouc h f i l e or v i f i l e
- Rem ove dir ect or y: r m - r di r ec t or y or r mdi r
Create and Configure File ( f or empt y di r ec t or y )
System s - Rem ove f ile: r m f i l e

Deploy, Configure, and

Maintain system s
Back
Manage Users and
Groups
Manage Security (Part 1)

Un der st an d Cor e
Com pon en t s of An sible
Section 3

I n st all an d Con f igu r e

an An sible Con t r ol
Node
Section 4

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation Un der st an d an d Use Essen t ial Tools

I n t r odu ct ion
Section 1

Basic Red Hat Cer t if ied

Adm in ist r at or Sk ills
Section 2

Un der st an dand
Understand an dUse
u se
Essen t ialTools
Essential Tools

Operate Running
System s
- St an dar d ou t pu t (STDOUT): >, >>
Configure Local Storage - St an dar d in pu t (STDI N): <, <<
- St an dar d er r or (STDERR): 2>, 2>>
Create and Configure File - Pipes : |
System s

Deploy, Configure, and

Maintain system s
Back
Manage Users and
Groups
Manage Security (Part 1)

Un der st an d Cor e
Com pon en t s of An sible
Section 3

I n st all an d Con f igu r e

an An sible Con t r ol
Node
Section 4

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation Un der st an d an d Use Essen t ial Tools

I n t r odu ct ion
Section 1

Basic Red Hat Cer t if ied

Adm in ist r at or Sk ills
Section 2

Un der st an dand
Understand an dUse
u se
Essen t ialTools
Essential Tools

Operate Running
System s
- View w it h t ext edit or : vi f i l e
Configure Local Storage - Pr in t f ile con t en t s t o STDOUT: c at
- Pr in t lin es m at ch in g a pat t er n : gr ep
Create and Configure File
System s

Deploy, Configure, and

Maintain system s
Back
Manage Users and
Groups
Manage Security (Part 1)

Un der st an d Cor e
Com pon en t s of An sible
Section 3

I n st all an d Con f igu r e

an An sible Con t r ol
Node
Section 4

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation Un der st an d an d Use Essen t ial Tools

I n t r odu ct ion
Section 1

Basic Red Hat Cer t if ied

Adm in ist r at or Sk ills
Section 2

Un der st an dand
Understand an dUse
u se
Essen t ialTools
Essential Tools

Operate Running
System s
- Com pr ession opt ion s: gzip, bzip, xz, et c.
Configure Local Storage - Cr eat e ar ch ive:
t ar - c v z f ar c hi v e_name f i l e1 f i l e2
Create and Configure File - Ext r act ar ch ive:
System s t ar - x v z f ar c hi v e. gz
Deploy, Configure, and
Maintain system s
Back
Manage Users and
Groups
Manage Security (Part 1)

Un der st an d Cor e
Com pon en t s of An sible
Section 3

I n st all an d Con f igu r e

an An sible Con t r ol
Node
Section 4

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation Un der st an d an d Use Essen t ial Tools

I n t r odu ct ion
Section 1

Basic Red Hat Cer t if ied

Adm in ist r at or Sk ills
Section 2

Un der st an dand
Understand an dUse
u se
Essen t ialTools
Essential Tools

Operate Running
System s
- Becom e t h e r oot u ser : s udo - i or s udo s u -
Configure Local Storage - Ru n com m an d as r oot u ser : s udo c ommand

Create and Configure File

System s

Deploy, Configure, and

Maintain system s
Back
Manage Users and
Groups
Manage Security (Part 1)

Un der st an d Cor e
Com pon en t s of An sible
Section 3

I n st all an d Con f igu r e

an An sible Con t r ol
Node
Section 4

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation Un der st an d an d Use Essen t ial Tools

I n t r odu ct ion
Section 1

Basic Red Hat Cer t if ied

Adm in ist r at or Sk ills
Section 2

Un der st an dand
Understand an dUse
u se
Essen t ialTools
Essential Tools

Operate Running
System s
- Ch an ge ow n er sh ip: c hown us er : gr oup f i l e
Configure Local Storage - Ch an ge per m ission s (n u m er ic): c hmod 764 f i l e
- Ch an ge per m ission (sym bolic): c hmod u+r w f i l e
Create and Configure File - Special per m ission s: s et ui d (4 or u+s ), s et gi d (2 or
System s g+s ), s t i c k y bi t (1 or a+t )
Deploy, Configure, and
Maintain system s
Back
Manage Users and
Groups
Manage Security (Part 1)

Un der st an d Cor e
Com pon en t s of An sible
Section 3

I n st all an d Con f igu r e

an An sible Con t r ol
Node
Section 4

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation Un der st an d an d Use Essen t ial Tools

I n t r odu ct ion
Section 1

Basic Red Hat Cer t if ied

Adm in ist r at or Sk ills
Section 2

Un der st an dand
Understand an dUse
u se
Essen t ialTools
Essential Tools

Operate Running
System s
- m an pages: man c ommand or man s ec t i on c ommand
Configure Local Storage - in f o: i nf o c ommand
- / us r / s har e/ doc
Create and Configure File - apr opos: apr opos c ommand or man - k c ommand
System s

Deploy, Configure, and

Maintain system s
Back
Manage Users and
Groups
Manage Security (Part 1)

Un der st an d Cor e
Com pon en t s of An sible
Section 3

I n st all an d Con f igu r e

an An sible Con t r ol
Node
Section 4

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation Oper at e Ru n n in g Syst em s

I n t r odu ct ion Sh u t dow n an d Reboot Syst em s

Section 1
- s y st emc t l power of f
- s y st emc t l r eboot
Basic Red Hat Cer t if ied - s y st emc t l - - hel p | man sy st emc t l
Adm in ist r at or Sk ills
Section 2

Un der st an dand
Understand an dUse
u se I n t er r u pt Boot Pr ocess an d Ch an ge t h e r oot Passw or d
Essen t ialTools
Essential Tools

Oper at eRunning
Operate Ru n n in g 1. Edit the kernel boot param eters by pressing e
Syst ems s
System
2. Go t o the end of the ?linux? line by pressing Ct r l+e,
Configure Local Storage rem oving r o c r as h and add r d. br eak enf or c i ng=0
Create and Configure File 3. St ar t the system by pressing Ct r l+x
System s 4. Rem ou n t the root of the system :
Deploy, Configure, and mount - o r emount , r w / s ys r oot
Maintain system s
5. Sw it ch to / sy s r oot :
Manage Users and chr oot / s y sr oot
Groups
6. Reset the r oot password:
Manage Security (Part 1)
pas s wd
Un der st an d Cor e 7. En able SELinux relabeling:
Com pon en t s of An sible t ouc h / . aut or el abel
Section 3 8. Exit the shell:
ex i t
I n st all an d Con f igu r e
an An sible Con t r ol
Node
Section 4

Back Next

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation Oper at e Ru n n in g Syst em s

I n t r odu ct ion St ar t , St op, an d Ch eck Net w or k Ser vice St at u s

Section 1

- Check the status of a service:

Basic Red Hat Cer t if ied s y s t emc t l st at us ser vi ce_name. ser vi ce
Adm in ist r at or Sk ills - Start a service:
Section 2
s y s t emc t l st ar t s er v i c e_name. s er vi c e
Un der st an dand
Understand an dUse
u se - Stop a service:
Essen t ialTools
Essential Tools
s y s t emc t l st at us ser vi ce_name. ser vi ce
Oper at eRunning
Operate Ru n n in g
Syst ems s
System - Gain m ore inform ation:
j our nal c t l - x e
Configure Local Storage

Create and Configure File View Pr ocesses an d Resou r ce Ut ilizat ion

System s

Deploy, Configure, and - Print a list of active process:

Maintain system s
ps - ef
Manage Users and
Groups
- View real-tim e list of processes and resource
Manage Security (Part 1) utilization:
t op
Un der st an d Cor e
Com pon en t s of An sible
- Term inate a running process:
Section 3 k i l l - 15, ki l l - 9, ki l l - l

Copy Files Bet w een Rem ot e Syst em s

I n st all an d Con f igu r e
an An sible Con t r ol - Secure Copy:
Node scp f i l e_name user _name@ser ver : / pat h/ t o/ di r
Section 4
- Secure FTP:
sf t p user _name@ser ver

Back Next

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation Con f igu r e Local St or age

I n t r odu ct ion List St or age Devices:

Section 1

- df
Basic Red Hat Cer t if ied - l sbl k
Adm in ist r at or Sk ills
Section 2 - bl ki d
Un der st an dand
Understand an dUse
u se - f di sk - l
Essen t ialTools
Essential Tools

Oper at eRunning
Operate Ru n n in g
Syst ems s
System
Con f igu r eLocal
Configure Local St or age
Storage
Cr eat e a Par t it ion :

Create and Configure File

System s
1. Use f di sk to m anipulate partition table:
Deploy, Configure, and
f di sk / dev/ devi ce_name
Maintain system s 2. Use p to print the partition table and o
Manage Users and to create a DOS (MBR) partition table.
Groups
Manage Security (Part 1) 3. Use n to create a new partition.
4. Set it as a prim ary partition using p and
Un der st an d Cor e
Com pon en t s of An sible accept the defaults for partition num ber,
Section 3
first sector, and last sector.
5. List partition types using l. Change the
I n st all an d Con f igu r e
an An sible Con t r ol partition type to Linux LVM (8e) using t .
Node 6. Write the table to disk using w .
Section 4

Back Next

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation Con f igu r e Local St or age

I n t r odu ct ion Cr eat e an LVM Logical Volu m e:

Section 1
1. Create physical volum e:
pvcr eat e / dev/ devi ce_name
Basic Red Hat Cer t if ied 2. List physical volum es:
Adm in ist r at or Sk ills
Section 2 pvs
Un der st an dand
Understand an dUse
u se 3. Create volum e group:
Essen t ialTools
Essential Tools
vgcr eat e vol _gr oup / dev/ devi ce_name
Oper at eRunning
Operate Ru n n in g
Syst ems s
System
4. List volum e groups:
Con f igu r eLocal
Local St or age vgs
Configure Storage
5. Create logical volum e:
Create and Configure File
System s l vcr eat e - L 1G - n new_l v vol _gr oup
Deploy, Configure, and 6. List logical volum es:
Maintain system s
l vs
Manage Users and
Groups
Delet e a Logical Volu m e, Volu m e Gr ou p, an d
Manage Security (Part 1)
Ph ysical Volu m e:
Un der st an d Cor e
Com pon en t s of An sible
1. Delete logical volum e:
Section 3 l vr emove vol _gr oup/ new_l v
2. Delete volum e group:
I n st all an d Con f igu r e vgr emove vol _gr oup
an An sible Con t r ol
Node 3. Delete physical volum e:
Section 4
pvr emove / dev/ devi ce_name

Back Next

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation Cr eat e an d Con f igu r e File Syst em s

I n t r odu ct ion Cr eat in g an d M ou n t in g File Syst em s

Section 1

1. Create a file system on a logical volum e:

Basic Red Hat Cer t if ied
mkf s. ext 4 / pat h/ t o/ l v
Adm in ist r at or Sk ills 2. Mount a file system :
Section 2
mount / pat h/ t o/ l v / pat h/ t o/ di r
Un der st an dand
Understand an dUse
u se 3. List m ounted file system s: df - h
Essen t ialTools
Essential Tools
4. Add m ount inform ation to / et c/ f st ab for
Oper at eRunning
Operate Ru n n in g
Syst ems s
boot persistence:
System
UUI D=UUI D_NUMBER / mount / poi nt
Con f igu r eLocal
Configure Local St or age
Storage
f s_t ype def aul t s 0 0
Cr eat eand
Create an dConfigure
Con f igu rFile
e File
Syst ems s
System Ext en d Logical Volu m es
Deploy, Configure, and
Maintain system s 1. Increase underlying logical volum e:
Manage Users and
l vext end - L +500M / dev/ vol _gr p/ l og_vol
Groups 2. Unm ount filesystem : umount / pat h/ t o/ mount
Manage Security (Part 1) 3. Run file system check:
Un der st an d Cor e
e2f sck - f / dev/ vol _gr p/ l og_vol
Com pon en t s of An sible 4. Resize file system :
Section 3 r esi ze2f s / dev/ vol _gr p/ l og_vol
5. List m ounted file system s: df - h
I n st all an d Con f igu r e
an An sible Con t r ol
Node
Section 4

Back Next

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation Cr eat e an d Con f igu r e File Syst em s

I n t r odu ct ion M ou n t a Net w or k File Syst em s

Section 1
1. Install required packages:
yum i nst al l nf s- ut i l s
Basic Red Hat Cer t if ied 2. Start required services:
Adm in ist r at or Sk ills
Section 2 syst emct l st ar t r pcbi nd
3. Show file system exports on the client:
Un der st an dand
Understand an dUse
u se
Essen t ialTools
Essential Tools showmount - e SERVER_I P
Oper at eRunning
Operate Ru n n in g 4. Mount a network file system : mount - t nf s
Syst ems s
System SERVER_I P: / ser ver / di r / cl i ent / di r
Con f igu r eLocal
Configure Local St or age
Storage
Cr eat eand
an dConfigure
Con f igu rFile
e File Cr eat e Collabor at ive Dir ect or ies w it h set -GI D
Create
Syst ems s
System 1. Create directory: mkdi r / new/ di r
Deploy, Configure, and 2. Configure set-GID on directory:
Maintain system s
chmod g+s / new/ di r
Manage Users and
Groups
3. Create file in new directory:
Manage Security (Part 1)
t ouch / new/ di r / newFi l e

Un der st an d Cor e
Com pon en t s of An sible Wor k in g w it h Vir t u al Dat a Opt im izer (VDO)
Section 3
1. Install required packages: yum install vdo
2. Create a vdo volum e: vdo cr eat e
I n st all an d Con f igu r e
- - name=vdo_vol - - devi ce=/ dev/ devName
an An sible Con t r ol
Node - - vdoLogi cal Si ze=vol _si ze
Section 4 3. View inform ation on vdo volum es:
vdost at s - - hu

Back Next

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation Deploy, Con f igu r e, an d M ain t ain syst em s

I n t r odu ct ion St ar t , St op, an d En able Ser vices

Section 1
- View yum repositories:
l s - a / et c/ yum. r epos. d
Basic Red Hat Cer t if ied
Adm in ist r at or Sk ills
- Install packages: yum i nst al l packageName
Section 2 - Start a service:
Un der st an dand
Understand an dUse
u se syst emct l st ar t name. ser vi ce
Essen t ialTools
Essential Tools - Enable a service:
Oper at eRunning
Operate Ru n n in g syst emct l enabl e name. ser vi ce
Syst ems s
System
- Stop a service: syst emct l st op name. ser vi ce
Con f igu r eLocal
Configure Local St or age
Storage
Cr eat eand
Create an dConfigure
Con f igu rFile
e File
Syst ems s
System
Deploy,Configure,
Deploy, Con f igu r e,
andan d
M ain t ainsystem
Maintain syst em
s s Sch edu le Task s Usin g at an d cr on
Manage Users and - View the crontab: cat / et c/ cr ont ab
Groups
Manage Security (Part 1) - Add a task to a user crontab: cr ont ab - e
- List tasks in a user 's crontab: cr ont ab - l
Un der st an d Cor e
- Schedule a task using the at com m and: at t i me
Com pon en t s of An sible
Section 3 - List the scheduled jobs: at q
- Delete a job: at r m j ob_num
I n st all an d Con f igu r e
an An sible Con t r ol
Node
Section 4

Back Next

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation Deploy, Con f igu r e, an d M ain t ain syst em s

I n t r odu ct ion Con f igu r e Syst em s t o Boot in t o Specif ic Tar get

Section 1
Au t om at ically
- Check the current configuration:
Basic Red Hat Cer t if ied syst emct l get - def aul t
Adm in ist r at or Sk ills - Change the current target:
Section 2
syst emct l i sol at e name. t ar get
Un der st an dand
Understand an dUse
u se
Essen t ialTools
Tools
- Set the default configuration:
Essential
Oper at eRunning
Ru n n in g
syst emct l set - def aul t name. t ar get
Operate
Syst ems s
System - Change target to rescue m ode:
Con f igu r eLocal
Configure Local St or age
Storage syst emct l r escue
Cr eat eand
Create an dConfigure
Con f igu rFile
e File
Syst ems s
System
Deploy,Configure,
Deploy, Con f igu r e,
andan d
M ain t ainsystem
Maintain syst em
s s Con f igu r e Tim e Ser vice Clien t
Manage Users and
Groups 1. Install required packages: yum i nst al l chr ony
Manage Security (Part 1) 2. Start and enable the chronyd service:
syst emct l st ar t chr onyd && syst emct l
Un der st an d Cor e
Com pon en t s of An sible enabl e chr onyd
Section 3 3. Add the NTP server (server SERVER_IP) address to
/etc/chrony: vi / et c/ chr ony
I n st all an d Con f igu r e 4. Restart the chronyd service:
an An sible Con t r ol
syst emct l r est ar t chr onyd
Node
Section 4

Back Next

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation M an age User s an d Gr ou ps

I n t r odu ct ion Cr eat e, Delet e, an d M odif y Local User s

Section 1

- View user inform ation:

i d us er name
Basic Red Hat Cer t if ied
Adm in ist r at or Sk ills gr oups us er name
Section 2 / et c / pas s wd
/ et c / s hadow
Un der st an dand
Understand an dUse
u se
Essen t ialTools
Tools
/ et c / gr oup
Essential
Oper at eRunning
Ru n n in g
- Create a user: user add user name
Operate
Syst ems s
System - Modify a user: user mod - d - aG - L - U
Con f igu r eLocal
Configure Local St or age
Storage - Delete a user: user del user name
Cr eat eand
Create an dConfigure
Con f igu rFile
e File
Syst ems s
System
Deploy,Configure,
Deploy, Con f igu r e,
andan d
M ain t ainsystem
Maintain syst em
s s
Ch an ge Passw or ds
M an ageUsers
Manage User sand
an d
Gr ou ps
Groups
Manage Security (Part 1) - Change a password: passwd user name
- View password expiry inform ation:
Un der st an d Cor e
chage - l user name
Com pon en t s of An sible
Section 3 - Set password expiration by m ax days:
chage - M days user name
I n st all an d Con f igu r e - Set password expiration by date:
an An sible Con t r ol chage - E YYYY- MM- DD user name
Node
Section 4

Back Next

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation M an age User s an d Gr ou ps

I n t r odu ct ion Cr eat e, Delet e, an d M odif y Gr ou ps

Section 1

- View group inform ation:

i d user name
Basic Red Hat Cer t if ied gr oups user name
Adm in ist r at or Sk ills
/ et c/ passwd
Section 2
/ et c/ shadow
Un der st an dand
Understand an dUse
u se / et c/ gr oup
Essen t ialTools
Essential Tools

Oper at eRunning
Operate Ru n n in g - Create a group: gr oupadd gr oupname
Syst ems s
System - Add user to a group: user mod - g - aG
Con f igu r eLocal
Local St or age
Configure Storage - Modify a group: gr oupmod - n - g
Cr eat eand
Create an dConfigure
Con f igu rFile
e File - Delete a group: gr oupdel gr oupname
Syst ems s
System
Deploy,Configure,
Deploy, Con f igu r e,
andan d
M ain t ainsystem
Maintain syst em
s s Con f igu r e Su per u ser Access
M an ageUsers
Manage User sand
an d
Gr ou ps - View the sudoer s file: vi / et c/ sudoer s
Groups
Manage Security (Part 1) - Edit the sudoer s file: vi sudo
- Grant a user sudo access by adding the following
Un der st an d Cor e
line to / et c/ sudoer s :
Com pon en t s of An sible
Section 3 user name ALL=( ALL) ALL
- Grant m em bers of a group sudo access by adding
I n st all an d Con f igu r e the following line to / et c/ sudoer s :
an An sible Con t r ol %gr oupname ALL=( ALL) ALL
Node
Section 4

Back Next

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation M an age Secu r it y

I n t r odu ct ion Con f igu r e Fir ew all Set t in gs

Section 1
- Install firewalld: yum i nst al l f i r ewal l d
- Start and enable firewalld:
Basic Red Hat Cer t if ied syst emct l st ar t f i r ewal l d &&
Adm in ist r at or Sk ills
Section 2
syst emct l enabl e f i r ewal l d
- View f i r ewal l - cmd options:
Un der st an dand
Understand an dUse
u se
Essen t ialTools
Essential Tools f i r ewal l - cmd - h | man f i r ewal l - cmd
Oper at eRunning
Operate Ru n n in g - List zones: f i r ewal l - cmd - - get - zones
Syst ems s
System ( - - get - def aul t - zone)
Con f igu r eLocal
Configure Local St or age
Storage - List everything added for or enabled in a zone:
Cr eat eand
Create an dConfigure
Con f igu rFile
e File f i r ewal l - cmd - - l i st - al l - - zone=publ i c
Syst ems s
System - Add a service for a zone:
Deploy,Configure,
Deploy, Con f igu r e,
andan d f i r ewal l - cmd - - add- ser vi ce=ser vi ce
M ain t ainsystem
Maintain syst em
s s
( - - per manent )
M an ageUsers
Manage User sand
an d
Gr ou ps - Add a port for a zone:
Groups
Manage
f i r ewal l - cmd - - add- por t =por t / pr ot ocol
M an ageSecurity
Secu r it y(Part 1)
( - - per manent )
Un der st an d Cor e - Reload firewall rules: f i r ewal l - cmd - - r el oad
Com pon en t s of An sible
Section 3
Con f igu r e Key Based Au t h en t icat ion f or SSH
- Generate public and private key pair: ssh- keygen
I n st all an d Con f igu r e
an An sible Con t r ol - Copy a public key to a rem ote server:
Node ssh- copy- i d user name@r emot e_host
Section 4
- Default public/private key location:
/ home/ user name/ . ssh/

Back Next

Back t o M ain
 Basic Red Hat Certified Adm inistrator Skills
Course Navigation M an age Secu r it y

I n t r odu ct ion Wor k in g w it h SELin u x

Section 1

- View SELinux m odes: get enf or ce

Basic Red Hat Cer t if ied - Set m ode to perm issive or enforcing:
Adm in ist r at or Sk ills set enf or ce 0 | 1
Section 2
- List booleans: get sebool - a
Un der st an dand
Understand an dUse
u se - Turn booleans on or off:
Essen t ialTools
Essential Tools
set sebool bool ean on | of f
Oper at eRunning
Operate Ru n n in g
Syst ems s
( - P f or per manent )
System
Con f igu r eLocal
Local St or age
- List SELinux contexts: semanage f cont ext - l
Configure Storage
- View context on files and process:
Cr eat eand
Create an dConfigure
Con f igu rFile
e File
Syst ems s
System
l s - Z | ps - axZ
Deploy,Configure,
Deploy, Con f igu r e,
andan d - Change SELinux context:
M ain t ainsystem
Maintain syst em
s s semanage f cont ext - a - t cont ext _t ype
M an ageUsers
Manage User sand
an d ' / di r ect or y( / . * ) ?'
Gr ou ps
Groups
- Restore default contexts:
Manage
M an ageSecurity
Secu r it y(Part 1)
r est or econ - R / di r ect or y
Un der st an d Cor e - View SELinux policy violations:
Com pon en t s of An sible seal er t - a / var / l og/ audi t / audi t . l og
Section 3

I n st all an d Con f igu r e

an An sible Con t r ol
Node
Section 4

Back Next

Back t o M ain
 Understand Core Com ponents of Ansible
Course Navigation I n ven t or ies

I n t r odu ct ion I n ven t or ies ar e w h at An sible u ses t o locat e an d

Section 1 r u n again st m u lt iple h ost s.
- Default location of the hosts file:
Basic Red Hat Cer t if ied / et c/ ansi bl e/ host s
Adm in ist r at or Sk ills
Section 2
- The default location of the hosts file can be set in
/ et c/ ansi bl e/ ansi bl e. cf g.
Un der st an d Cor e - It can be specified using the - i option when
Com pon en t s of An sible running ansi bl e.
Section 3
- The file can contain individual hosts, groups of
I n ven t or ies
Inventories hosts, groups of groups, and host and group level
Modules
variables.
Variables
- It can also Can contain variables that determ ine
Facts
how you connect to a host.
Plays and Playbooks

Configuration Files INI-based inventory file:

I n st all an d Con f igu r e

an An sible Con t r ol mai l . ex ampl e. c om
Node
[ webs er v er s ]
Section 4
web01. ex ampl e. c om
web02. ex ampl e. c om
Con f igu r e An sible [ dbs er v er s ]
M an aged Nodes db[ 01: 04] . ex ampl e. c om
Section 5

Back Next

Back t o M ain
 Understand Core Com ponents of Ansible
Course Navigation I n ven t or ies

I n t r odu ct ion
Section 1 YAML-based inventory file:

Basic Red Hat Cer t if ied

al l :
Adm in ist r at or Sk ills hos t s :
Section 2 mai l . ex ampl e. c om
c hi l dr en:
webs er v er s :
Un der st an d Cor e hos t s :
Com pon en t s of An sible web01. ex ampl e. c om
Section 3 web02. ex ampl e. c om
dbs er v er s :
I n ven t or ies
Inventories
hos t s :
Modules db[ 01: 04] . ex ampl e. c om
Variables
Facts
Plays and Playbooks

Configuration Files

I n st all an d Con f igu r e

an An sible Con t r ol
Node
Section 4

Con f igu r e An sible

M an aged Nodes
Section 5

Back Next

Back t o M ain
 Understand Core Com ponents of Ansible
Course Navigation M odu les

I n t r odu ct ion
Un der st an din g M odu les
Section 1

- Modules are essentially tools for particular tasks.

Basic Red Hat Cer t if ied - Modules can take, and usually do take,
Adm in ist r at or Sk ills param eters.
Section 2
- Modules return JSON.
Un der st an d Cor e
- Run m odules from the com m and line or within a
Com pon en t s of An sible playbook.
Section 3
- Ansible ships with a significant am ount of
I n ven t or ies
Inventories m odules by default.
Modules
M odu les - Custom m odules can be written.
Variables
Facts
Plays and Playbooks

Configuration Files

I n st all an d Con f igu r e

an An sible Con t r ol
Node
Section 4

Con f igu r e An sible

M an aged Nodes
Section 5

Back Next

Back t o M ain
 Understand Core Com ponents of Ansible
Course Navigation Var iables

I n t r odu ct ion Un der st an din g Var iables in An sible

Section 1
- Variables nam es should only contain letters,
num bers, and underscores.
Basic Red Hat Cer t if ied - Variables should always start with a letter.
Adm in ist r at or Sk ills
Section 2
- There are three m ain scopes for variables:
- Global
Un der st an d Cor e - Host
Com pon en t s of An sible - Play
Section 3

I n ven t or ies
Inventories - They are typically used for configuration values
Modules
M odu les
and various param eters.
Variables
Var iables
- Variables can store the return value of executed
Facts
com m ands.
Plays and Playbooks
- Variables m ay also be dictionaries.
Configuration Files
- Ansible provides a num ber of predefined variables.
I n st all an d Con f igu r e
an An sible Con t r ol
Node
Section 4

Con f igu r e An sible

M an aged Nodes
Section 5

Back Next

Back t o M ain
 Understand Core Com ponents of Ansible
Course Navigation Var iables

I n t r odu ct ion
Section 1
Exam ple of Host Level Variables:
Basic Red Hat Cer t if ied
Adm in ist r at or Sk ills I NI f or mat :
Section 2
[ webs er v er s ]
hos t 1 ht t p_por t =80 max Reques t s Per Chi l d=500
Un der st an d Cor e hos t 2 ht t p_por t =305 max Reques t s Per Chi l d=600
Com pon en t s of An sible
Section 3 YAML f or mat :

I n ven t or ies
Inventories webs er v er s :
hos t 1:
Modules
M odu les
ht t p_por t : 80
Variables
Var iables max Reques t s Per Chi l d: 500
Facts hos t 2:
ht t p_por t : 305
Plays and Playbooks max Reques t s Per Chi l d: 600
Configuration Files

I n st all an d Con f igu r e

an An sible Con t r ol
Node
Section 4

Con f igu r e An sible

M an aged Nodes
Section 5

Back Next

Back t o M ain
 Understand Core Com ponents of Ansible
Course Navigation Fact s

I n t r odu ct ion Un der st an din g An sible Fact s

Section 1
- Facts provide certain inform ation about a given
target host.
Basic Red Hat Cer t if ied - Facts are autom atically discovered by Ansible
Adm in ist r at or Sk ills
Section 2 when it reaches out to a host.
- Facts can be disabled.
Un der st an d Cor e - Facts can be cached for use in playbook
Com pon en t s of An sible executions.
Section 3

I n ven t or ies
Inventories [ c l oud_us er @ms pear s on4c ans i bl e] $ ans i bl e - i i nv . i ni
Modules ms pear s on2c - m s et up
M odu les
Variables
Var iables ms pear s on2c | SUCCESS => {
" ans i bl e_f ac t s " : {
Facts
Fact s " ans i bl e_al l _i pv 4_addr es s es " : [
Plays and Playbooks " 172. 31. 101. 166" ,
" 192. 168. 122. 1"
Configuration Files ],
" ans i bl e_al l _i pv 6_addr es s es " : [
I n st all an d Con f igu r e " 2600: 1f 18: 502: 2f 01: a37b: b7b5: 61a6: 3659" ,
an An sible Con t r ol " f e80: : 835: c 7f f : f e1d: f 35e"
Node ],
Section 4 " ans i bl e_appar mor " : {
" s t at us " : " di s abl ed"
},
" ans i bl e_ar c hi t ec t ur e" : " x 86_64" ,
Con f igu r e An sible
" ans i bl e_bi os _dat e" : " 10/ 16/ 2017" ,
M an aged Nodes " ans i bl e_bi os _v er s i on" : " 1. 0" ,
Section 5 " ans i bl e_c mdl i ne" : {
" BOOT_I MAGE" :
" ( hd0, ms dos 2) / boot / v ml i nuz - 4. 18. 0- 80. 7. 2. el 8_0. x 86_64" ,
" c ons ol e" : " t t y 0" ,

Back Next

Back t o M ain
 Understand Core Com ponents of Ansible
Course Navigation Plays an d Playbook s

I n t r odu ct ion Un der st an din g Plays an d Playbook s

Section 1 - The goal of a play is to m ap a group of hosts to som e
well-defined roles.
Basic Red Hat Cer t if ied - A play can consist of one or m ore tasks which m ake calls
Adm in ist r at or Sk ills to Ansible m odules.
Section 2 - A playbook is a series of plays.

Un der st an d Cor e Exam ple of an Ansible Playbook:

Com pon en t s of An sible
Section 3 ---
- hos t s : webs er v er s
I n ven t or ies
Inventories bec ome: y es
Modules t as k s :
M odu les
- name: ens ur e apac he i s at t he l at es t v er s i on
Variables
Var iables y um:
name: ht t pd
Facts
Fact s s t at e: l at es t
- name: wr i t e our c us t om apac he c onf i g f i l e
Plays and
Plays an d Playbooks
Playbook s
t empl at e:
Configuration Files s r c : / s r v / ht t pd. j 2
des t : / et c / ht t pd/ c onf / ht t pd. c onf
- name: ens ur e t hat apac he i s s t ar t ed
I n st all an d Con f igu r e s er v i c e:
name: ht t pd
an An sible Con t r ol
s t at e: s t ar t ed
Node - hos t s : dbs er v er s
Section 4 bec ome: y es
t as k s :
- name: ens ur e pos t gr es ql i s at t he l at es t v er s i on
y um:
Con f igu r e An sible name: pos t gr es ql
M an aged Nodes s t at e: l at es t
Section 5 - name: ens ur e t hat pos t gr es ql i s s t ar t ed
s er v i c e:
name: pos t gr es ql
s t at e: s t ar t ed

Back Next

Back t o M ain
 Understand Core Com ponents of Ansible
Course Navigation Con f igu r at ion Files

I n t r odu ct ion
Th e An sible Con f igu r at ion File
Section 1

- Possible locations of Ansible configuration files (in order

Basic Red Hat Cer t if ied processed):
Adm in ist r at or Sk ills - ANSI BLE_CONFI G (environm ent variable)
Section 2 - ansi bl e. c f g (in the current directory)
- ~/ . ans i bl e. c f g (in the hom e directory)
Un der st an d Cor e - / et c / ansi bl e/ ans i bl e. cf g
Com pon en t s of An sible - A configuration file will not autom atically load if it is in a
Section 3
world-writable directory.
I n ven t or ies
Inventories - Configuration can be set in environm ent variables.
Modules
M odu les
Variables
Var iables Com m on An sible Con f igu r at ion s
Facts
Fact s
Plays and
Plays an d Playbooks
Playbook s - The ansi bl e- c onf i g com m and can be used to view
configurations:
Configuration
Con f igu r at ionFiles
Files
- l i st - Prints all configuration options
I n st all an d Con f igu r e - dump - Dum ps configuration
an An sible Con t r ol - v i ew - View the configuration file
Node - Com m only used settings:
Section 4
- i nvent or y - Specifies the default inventory file
- r ol es _pat h - Sets paths to search in for roles
Con f igu r e An sible
- f or k s - Specifies the am ount of hosts configured by
M an aged Nodes
Section 5 Ansible at the sam e tim e (Parallelism ):
- ansi bl e_managed - Text inserted into tem plates
which indicate that file is m anaged by Ansible and
changes will be overwritten.

Back Next

Back t o M ain
 Install and Configure an Ansible Control Node
Course Navigation I n st all Requ ir ed Pack ages

I n t r odu ct ion
I n st all An sible Usin g YUM
Section 1

- sudo subscr i pt i on- manager r epos - - enabl e

Basic Red Hat Cer t if ied ansi bl e- 2. 8- f or - r hel - 8- x86_64- r pms
Adm in ist r at or Sk ills (if needed)
Section 2

- sudo yum i nst al l ansi bl e

Un der st an d Cor e
Com pon en t s of An sible
Section 3 I n st all An sible f r om Sou r ce

I n st all an d Con f igu r e 1. sudo yum i nst al l gi t

an An sible Con t r ol 2. gi t cl one - - si ngl e- br anch
Node
Section 4
- - br anch st abl e- 2. 8
ht t ps: / / gi t hub. com/ ansi bl e/ ansi bl e. gi t
I n st allRequired
Install Requ ir edPackages
Pack ages 3. cd ansi bl e/
Create a Static Host 4. sour ce . / hacki ng/ env- set up
Inventory File
5. pi p2. 7 i nst al l - - user - r
Create a Configuration
. / r equi r ement s. t xt
File

Con f igu r e An sible Test the installation:

M an aged Nodes
Section 5
ansi bl e 127. 0. 0. 1 - m pi ng

Scr ipt Adm in ist r at ion

Task s
Section 6

Back Next

Back t o M ain
 Install and Configure an Ansible Control Node
Course Navigation Cr eat e a St at ic Host I n ven t or y File

I n t r odu ct ion A I n ven t or y Files

Section 1

Basic Red Hat Cer t if ied

Adm in ist r at or Sk ills
Section 2 An sible An inventory is a list of
I n ven t or y hosts that Ansible m anages.

Un der st an d Cor e
Com pon en t s of An sible - Inventory files m ay contain hosts, patterns,
Section 3 groups and variables.
- Multiple inventory files m ay be specified
I n st all an d Con f igu r e using a directory.
an An sible Con t r ol - Inventory files m ay be specified in INI or
Node
Section 4
YAML form at.

I n st allRequired
Install Requ ir edPackages
Pack ages
Inventory Locations:
Create
Cr eat eaaStatic
St at icHost
Host
Inventory
I n ven t or yFile
File
Default:
Create a Configuration / et c / ans i bl e/ hos t s
File
Speci?ed by CLI:
Con f igu r e An sible ans i bl e - i <f i l ename>
M an aged Nodes
Section 5 Can be set in:
ans i bl e. c f g

Scr ipt Adm in ist r at ion

Task s
Section 6

Back Next

Back t o M ain
 Install and Configure an Ansible Control Node
Course Navigation Cr eat e a St at ic Host I n ven t or y File

I n t r odu ct ion B Exam ple

Section 1
I n ven t or y Files

Basic Red Hat Cer t if ied

Adm in ist r at or Sk ills
Section 2
INI-based inventory file:

Un der st an d Cor e
Com pon en t s of An sible mai l . ex ampl e. c om ans i bl e_por t =5556
Section 3 ans i bl e_hos t =192. 168. 0. 20

[ webs er v er s ]
I n st all an d Con f igu r e web01. ex ampl e. c om
web02. ex ampl e. c om
an An sible Con t r ol
Node [ webs er v er s : v ar s ]
Section 4
ht t p_por t =8080

I n st allRequired
Install Requ ir edPackages
Pack ages
[ dbs er v er s ]
Create
Cr eat eaaStatic
St at icHost
Host db[ 01: 99] . ex ampl e. c om
Inventory
I n ven t or yFile
File
Create a Configuration I n ven t or y Var iables Best Pr act ices
File
1. Variables should be stored in YAML files located relative to
Con f igu r e An sible the inventory file.
M an aged Nodes
2. Host and group variables should be stored in the
Section 5
hos t _v ar s and gr oup_var s directories respectively
(directories m ust be created).
Scr ipt Adm in ist r at ion
Task s
3. Variable files should be nam ed after the host or group for
Section 6 which they contain variables (files m ay end in . yml or
. yaml ).

Back Next

Back t o M ain
 Install and Configure an Ansible Control Node
Course Navigation Cr eat e a St at ic Host I n ven t or y File

I n t r odu ct ion C Exam ple

Section 1
I n ven t or y Files

Basic Red Hat Cer t if ied

Adm in ist r at or Sk ills
Section 2
YAML-based inventory file:

Un der st an d Cor e
Com pon en t s of An sible ---
Section 3 al l :
hos t s :
mai l . ex ampl e. c om
ans i bl e_por t : 5556
I n st all an d Con f igu r e
ans i bl e_por t : 192. 168. 0. 20
an An sible Con t r ol c hi l dr en:
Node webs er v er s :
Section 4 hos t s :
web01. ex ampl e. c om
I n st allRequired
Install Requ ir edPackages
Pack ages web02. ex ampl e. c om
v ar s :
Create
Cr eat eaaStatic
St at icHost
Host
Inventory ht t p_por t : 8080
I n ven t or yFile
File
dbs er v er s :
Create a Configuration hos t s :
File db[ 01: 99] . ex ampl e. c om

Con f igu r e An sible

M an aged Nodes
Section 5

Scr ipt Adm in ist r at ion

Task s
Section 6

Back Next

Back t o M ain
 Install and Configure an Ansible Control Node
Course Navigation Cr eat e a St at ic Host I n ven t or y File

I n t r odu ct ion D Gr ou ps of
Section 1
Gr ou ps

Basic Red Hat Cer t if ied

Adm in ist r at or Sk ills
Section 2 INI-based inventory file:

Un der st an d Cor e [ eas t ]

Com pon en t s of An sible hos t 1
Section 3 hos t 2

[ wes t ]
hos t 3
I n st all an d Con f igu r e hos t 4
an An sible Con t r ol
Node [ us a: c hi l dr en]
Section 4 eas t
wes t
I n st allRequired
Install Requ ir edPackages
Pack ages

Create
Cr eat eaaStatic
St at icHost
Host
Inventory
I n ven t or yFile
File YAML-based inventory file:

Create a Configuration
File al l :
c hi l dr en:
us a:
Con f igu r e An sible
c hi l dr en:
M an aged Nodes eas t :
Section 5 hos t s :
hos t 1:
hos t 2:
Scr ipt Adm in ist r at ion wes t :
Task s hos t s :
Section 6 hos t 3:
hos t 4:

Back Next

Back t o M ain
 Install and Configure an Ansible Control Node
Course Navigation Cr eat e a Con f igu r at ion File

I n t r odu ct ion
Section 1 Def au lt ansi bl e. cf g

# c onf i g f i l e f or ans i bl e - - ht t ps : / / ans i bl e. c om/

Basic Red Hat Cer t if ied # ===============================================
Adm in ist r at or Sk ills # near l y al l par amet er s c an be ov er r i dden i n
Section 2 ans i bl e- pl ay book
# or wi t h c ommand l i ne f l ags . ans i bl e wi l l r ead
ANSI BLE_CONFI G,
Un der st an d Cor e # ans i bl e. c f g i n t he c ur r ent wor k i ng di r ec t or y ,
Com pon en t s of An sible . ans i bl e. c f g i n
Section 3 # t he home di r ec t or y or / et c / ans i bl e/ ans i bl e. c f g,
whi c hev er i t
# f i nds f i r s t
I n st all an d Con f igu r e [ def aul t s ]
# s ome bas i c def aul t v al ues . . .
an An sible Con t r ol
#i nv ent or y = / et c / ans i bl e/ hos t s
Node
#l i br ar y = / us r / s har e/ my _modul es /
Section 4
#modul e_ut i l s = / us r / s har e/ my _modul e_ut i l s /
#r emot e_t mp = ~/ . ans i bl e/ t mp
I n st allRequired
Install Requ ir edPackages
Pack ages
#l oc al _t mp = ~/ . ans i bl e/ t mp
Create
Cr eat eaaStatic
St at icHost
Host #pl ugi n_f i l t er s _c f g = / et c / ans i bl e/ pl ugi n_f i l t er s . y ml
Inventory
I n ven t or yFile
File #f or k s = 5
#pol l _i nt er v al = 15
Create
Cr eat eaaConfiguration
Con f igu r at ion #s udo_us er = r oot
File
File #as k _s udo_pas s = Tr ue
....
Con f igu r e An sible
M an aged Nodes
Section 5
Or der of pr ef er en ce f or ansi bl e. cf g:
- ANSI BLE_CONFI G (environm ent variable)
Scr ipt Adm in ist r at ion - ansi bl e. cf g (in the current directory)
Task s - ~/ . ansi bl e. cf g (in the hom e directory)
Section 6 - / et c/ ansi bl e/ ansi bl e. cf g

Back Next

Back t o M ain
 Configure Ansible Managed Nodes
Cr eat e an d Dist r ibu t e SSH Keys t o M an age Nodes an d Con f igu r e
Course Navigation Pr ivilege Escalat ion
Basic Red Hat Cer t if ied
Adm in ist r at or Sk ills
Section 2

Un der st an d Cor e
Com pon en t s of An sible
Section 3 1 2

I n st all an d Con f igu r e Gen er at e SSH Keys ... Dist r ibu t e SSH Keys
an An sible Con t r ol
Node
Section 4 # s s h- k ey gen # s s h- c opy - i d

Con f igu r e An sible

...
M an aged Nodes
Section 5

Cr eat eand
Create an dDistribute
Dist r ibu t e
SSH 4 3
SSH Keys
Keys t o M anNodes
to Manage age
and
NodesConfigure
an d ConPrivilege
f igu r e
Escalation
Pr ivilege Escalat ion Con t r ol Node ... Escalat e Pr ivileges
Validate a Working
Configuration Using Ad M an aged Node 1
Hoc Ansible Com m ands # v i s udo
us er _name ALL=( ALL) NOPASSWD: ALL

Scr ipt Adm in ist r at ion M an aged Node 2

Task s
Section 6

Cr eat e An sible Plays

an d Playbook s
Section 7

Back Next

Back t o M ain
 Configure Ansible Managed Nodes
Validat e a Wor k in g Con f igu r at ion Usin g Ad Hoc An sible Com m an ds
Course Navigation

Basic Red Hat Cer t if ied

Adm in ist r at or Sk ills An sible Ad Hoc Com m an d
Section 2
Syntax:
Un der st an d Cor e ansi bl e host - i i nvent or y_f i l e - m modul e
Com pon en t s of An sible - a ?ar gument s?
Section 3

- They are used to execute quick one liners.

I n st all an d Con f igu r e
- They are useful for non-routine tasks.
an An sible Con t r ol
Node - Execute them using the ansi bl e com m and
Section 4
(ansi bl e- pl aybook is used to execute
playbooks).
Con f igu r e An sible - Argum ents require double quotes and are space
M an aged Nodes
Section 5 delim ited.
Cr eat eand
an dDistribute
Dist r ibu t e
- Com m ands are executed as the user running
Create SSH
SSH Keys
Keys t o M anNodes
to Manage age Ansible.
and
NodesConfigure
an d ConPrivilege
f igu r e
Escalation
Pr ivilege Escalat ion
- Use the - b option to execute com m ands as the
Validate
r oot user.
Validat eaaWorking
Wor k in g
Configuration
Con f igu r at ionUsing
Usin gAdAd - The - a option m ay be used without the - moption
Hoc
Hoc Ansible
An sibleCom Commmands
an ds to run shell com m ands.
Scr ipt Adm in ist r at ion
Task s
Section 6

Cr eat e An sible Plays

an d Playbook s
Section 7

Back Next

Back t o M ain
 Configure Ansible Managed Nodes
Validat e a Wor k in g Con f igu r at ion Usin g Ad Hoc An sible Com m an ds
Course Navigation

Basic Red Hat Cer t if ied

Adm in ist r at or Sk ills Com m on Uses
Section 2
- File transfer
Un der st an d Cor e - Package m anagem ent
Com pon en t s of An sible - User and group m anagem ent
Section 3
- Managing services
- Fact gathering
I n st all an d Con f igu r e
an An sible Con t r ol - General system inform ation
Node - Software deploym ent from Git
Section 4
- Playbook creation testing

Con f igu r e An sible

M an aged Nodes
Section 5

Cr eat eand
Create an dDistribute
Dist r ibu t e
SSH
SSH Keys
Keys t o M anNodes
to Manage age
and
NodesConfigure
an d ConPrivilege
f igu r e
Escalation
Pr ivilege Escalat ion
Validate
Validat eaaWorking
Wor k in g
Configuration
Con f igu r at ionUsing
Usin gAdAd
Hoc
Hoc Ansible
An sibleCom Commmands
an ds

Scr ipt Adm in ist r at ion

Task s
Section 6

Cr eat e An sible Plays

an d Playbook s
Section 7

Back Next

Back t o M ain
 Script Adm inistration Tasks
Course Navigation Cr eat e Sim ple Sh ell Scr ipt s
Basic Red Hat Cer t if ied
Adm in ist r at or Sk ills Sh ell Scr ipt s
Section 2
- The first line m ust include #! / bi n/ bash.
Un der st an d Cor e - Com m ents can be added by using the # sym bol.
Com pon en t s of An sible - Execute perm ission needs to be added to the script.
Section 3
- Execute the script using the absolute path or
. / scr i pt . sh (if the script is in your current
I n st all an d Con f igu r e
an An sible Con t r ol directory).
Node
Section 4 Sim ple echo Script:

Con f igu r e An sible #! / bi n/ bas h

M an aged Nodes # hel l o wor l d s c r i pt
Section 5
ec ho ?Hel l o wor l d! ! ?

Scr ipt Adm in ist r at ion

Task s
Section 6 A f or Loop:

Cr eat eSim
Create Simple
pleShell
Sh ell
Scr ipt s
Scripts #! / bi n/ bas h
Create Shell Scripts That
Run Ad Hoc Ansible f or i i n { 1. . 5}
Com m ands do
ec ho " Hel l o $i t i mes ! "
Cr eat e An sible Plays done
an d Playbook s
Section 7

Use An sible M odu les

f or Syst em
Adm in ist r at ion Task s Back Next
Section 8

Back t o M ain
 Script Adm inistration Tasks
Course Navigation Cr eat e Sim ple Sh ell Scr ipt s
Basic Red Hat Cer t if ied
Adm in ist r at or Sk ills
Section 2 A case Statem ent

Un der st an d Cor e
Com pon en t s of An sible #! / bi n/ bas h
Section 3
ec ho - n " Ent er t he name of a s t at e: "

r ead STATE
I n st all an d Con f igu r e
an An sible Con t r ol
ec ho - n " The c api t al c i t y of $STATE i s "
Node
Section 4 c as e $STATE i n
Geor gi a)
ec ho " At l ant a"
Con f igu r e An sible ;;
M an aged Nodes Vi r gi ni a)
Section 5 ec ho " Ri c hmond"
;;
Tex as )
Scr ipt Adm in ist r at ion ec ho " Aus t i n"
Task s ;;
Section 6 Mai ne)
ec ho " Augus t a"
Cr eat eSim
Create Simple
pleShell
Sh ell ;;
Scr ipt s
Scripts *)
ec ho " not i n t he dat abas e"
Create Shell Scripts That ;;
Run Ad Hoc Ansible es ac
Com m ands

Cr eat e An sible Plays

an d Playbook s
Section 7

Use An sible M odu les

f or Syst em
Adm in ist r at ion Task s Back Next
Section 8

Back t o M ain
 Script Adm inistration Tasks
Course Navigation Cr eat e Sh ell Scr ipt s Th at Ru n Ad Hoc An sible Com m an ds
Basic Red Hat Cer t if ied
Adm in ist r at or Sk ills
Section 2 Shell Script with Ad Hoc Ansible Com m ands

Un der st an d Cor e
#! / bi n/ bas h
Com pon en t s of An sible
Section 3
# Cr eat e t he us er mat t

ans i bl e ms pear s on3c . my l abs er v er . c om - i i nv - b - m

I n st all an d Con f igu r e us er - a " name=mat t "
an An sible Con t r ol
Node # Cr eat e t he demo di r ec t or y i n mat t ?s home
Section 4 di r ec t or y

ans i bl e ms pear s on3c . my l abs er v er . c om - i i nv - b - m

Con f igu r e An sible f i l e - a " pat h=/ home/ mat t / demo s t at e=di r ec t or y
M an aged Nodes owner =mat t gr oup=mat t mode=0755"
Section 5
# Copy t es t Fi l e t o mat t ?s home di r ec t or y

Scr ipt Adm in ist r at ion ans i bl e ms pear s on3c . my l abs er v er . c om - i i nv - b - m

Task s c opy - a " s r c =/ home/ c l oud_us er / ans i bl e/ t es t Fi l e
Section 6 des t =/ home/ mat t / t es t Fi l e mode=0644 owner =mat t
gr oup=mat t "
Cr eat eSim
Create Simple
pleShell
Sh ell
Scr ipt s
Scripts # I ns t al l ht t pd t o t he webs er v er s gr oup, t hen s t ar t
and enabl e t he ht t pd s er v i c e
Create
Cr eat eShell
Sh ellScripts
Scr ipt sThat
Th at
Run
Ru n Ad
Ad Hoc
HocAnsible
An sible ans i bl e webs er v er s - i i nv - b - m y um - a " name=ht t pd
Com mmands
an ds s t at e=l at es t "

Cr eat e An sible Plays ans i bl e webs er v er s - i i nv - b - m s er v i c e - a

an d Playbook s " name=ht t pd s t at e=s t ar t ed enabl ed=y es "
Section 7

Use An sible M odu les

f or Syst em
Adm in ist r at ion Task s Back Next
Section 8

Back t o M ain
 Create Ansible Plays and Playbooks
Course Navigation Kn ow How t o Wor k w it h Com m on ly Used An sible M odu les

I n st all an d Con f igu r e

an An sible Con t r ol Com m on M odu les
Node
Section 4 - Ping
- Validates a server is running and reachable
Con f igu r e An sible - No required param eters
M an aged Nodes
Section 5
- Setup
- Gather Ansible facts
Scr ipt Adm in ist r at ion - No required param eters
Task s - Yum
Section 6
- Manage packages with the YUM package
m anager
Cr eat e An sible Plays
an d Playbook s - Com m on param eters (not required):
Section 7 - name and st at e
Kn ow How
Know Howtot oWork
Wor kwith
w it h - Service
Commmonly
on lyUsed
UsedAnsible
An sible
Com
M odu les
- Control services on rem ote hosts
Modules
- Com m on param eters:
Use Variables to Retrieve
the Results of Running a - name (required), st at e, and enabl ed
Com m and - User
Use Conditionals to - Manage user accounts and attributes
Control Play Execution
- Com m on param eters:
Configure Error Handling
- name (required), st at e, gr oup, and gr oups
Create Playbooks to
Configure System s to a
Specified State

Use An sible M odu les

f or Syst em
Adm in ist r at ion Task s
Section 8 Back Next

Back t o M ain
 Create Ansible Plays and Playbooks
Course Navigation Kn ow How t o Wor k w it h Com m on ly Used An sible M odu les

I n st all an d Con f igu r e

an An sible Con t r ol Com m on M odu les (con t .)
Node
Section 4 - Copy
- Copy files to a rem ote host
Con f igu r e An sible - Com m on param eters:
M an aged Nodes
Section 5
src, dest (required), owner, group, and m ode
- File
Scr ipt Adm in ist r at ion - Manage files and directories
Task s - Com m on param eters:
Section 6
path (required), state, owner, group, and m ode
- Git
Cr eat e An sible Plays
an d Playbook s - Interact with git repositories
Section 7 - Com m on param eters:
Kn ow How
Know Howtot oWork
Wor kwith
w it h r epo (required), dest (required), and cl one
Comm
Com monly
on lyUsed
UsedAnsible
An sible
M odu les
Modules
Use Variables to Retrieve
the Results of Running a
Com m and
Use Conditionals to
Control Play Execution

Configure Error Handling

Create Playbooks to
Configure System s to a
Specified State

Use An sible M odu les

f or Syst em
Adm in ist r at ion Task s
Section 8 Back Next

Back t o M ain
 Create Ansible Plays and Playbooks
Course Navigation Use Var iables t o Ret r ieve t h e Resu lt s of Ru n n in g a Com m an d

I n st all an d Con f igu r e

an An sible Con t r ol Regist er t h e Resu lt s of Ru n n in g a Com m an d
Node
Section 4 - Use the r egi st er keyword to store the results
of running a com m and as a variable.
Con f igu r e An sible - Variables can be referenced by other tasks in
M an aged Nodes
Section 5
the playbook.
- Registered variables are only valid on the host
Scr ipt Adm in ist r at ion for the current playbook run.
Task s - Return values differ from m odule to m odule.
Section 6

Cr eat e An sible Plays Use r egi st er in a playbook

an d Playbook s
Section 7
---
Kn ow How
Know Howtot oWork
Wor kwith
w it h
- hos t s : hos t name
Comm
Com monly
on lyUsed
UsedAnsible
An sible
M odu les t as k s :
Modules - name: c r eat e a f i l e
Use Variables
Use Var iablestot oRetrieve
Ret r ieve f i l e:
t h e Results
the Resu lt sofofRunning
Ru n n in ga a pat h: / t mp/ t es t Fi l e
Comm
Com mand
an d s t at e: t ouc h
r egi s t er : v ar i abl e
Use Conditionals to - name: di s pl ay debug mes s age
Control Play Execution debug: ms g=" Regi s t er out put i s
Configure Error Handling { { v ar i abl e } } "

Create Playbooks to
Configure System s to a
Specified State

Use An sible M odu les

f or Syst em
Adm in ist r at ion Task s
Section 8 Back Next

Back t o M ain
 Create Ansible Plays and Playbooks
Course Navigation Use Con dit ion als t o Con t r ol Play Execu t ion

I n st all an d Con f igu r e

an An sible Con t r ol Han dler s
Node
Section 4
- Handlers take action when called.
- Handlers are called when a change is m ade.
- Handlers are called using the notify keyword.
Con f igu r e An sible
M an aged Nodes - More than one handler can be defined for a
Section 5
playbook or play.
- Multiple handlers can be specified in the notify
Scr ipt Adm in ist r at ion
section.
Task s
Section 6 - Handlers can have m ultiple tasks.
- Regardless of how m any tasks notify a handler, it
Cr eat e An sible Plays will only run once.
an d Playbook s
Section 7

Kn ow How
Know Howtot oWork
Wor kwith
w it h
Comm
Com monly
on lyUsed
UsedAnsible
An sible
M odu les
Modules
Use Variables
Use Var iablestot oRetrieve
Ret r ieve
t h e Results
the Resu lt sofofRunning
Ru n n in ga a
Comm
Com mand
an d
Use Conditionals
Use Con dit ion alstot o
Con t r olPlay
Control PlayExecution
Execu t ion

Configure Error Handling

Create Playbooks to
Configure System s to a
Specified State

Use An sible M odu les

f or Syst em
Adm in ist r at ion Task s
Section 8 Back Next

Back t o M ain
 Create Ansible Plays and Playbooks
Course Navigation Use Con dit ion als t o Con t r ol Play Execu t ion

I n st all an d Con f igu r e

an An sible Con t r ol
Node
Section 4

Con f igu r e An sible

Exam ple of a Handler in a Playbook
M an aged Nodes
Section 5
---
- hos t s : ms pear s on2c
Scr ipt Adm in ist r at ion
bec ome: y es
Task s t as k s :
Section 6 - name: updat e ht t pd. c onf
r epl ac e:
pat h:
Cr eat e An sible Plays / et c / ht t pd/ c onf / ht t pd. c onf
an d Playbook s r egex p: ?^ Ser v er Admi n. * $?
Section 7 r epl ac e: ?Ser v er Admi n
c l oud_us er @l oc al hos t ?
Kn ow How
Know Howtot oWork
Wor kwith
w it h
bac k up: y es
Comm
Com monly
on lyUsed
UsedAnsible
An sible
not i f y : ?r es t ar t web s er v er ?
M odu les
Modules handl er s :
Use Variables
Use Var iablestot oRetrieve
Ret r ieve - name: ?r es t ar t apac he?
t h e Results
the Resu lt sofofRunning
Ru n n in ga a s er v i c e:
Comm
Com mand
an d name: ht t pd
s t at e: r es t ar t ed
Use Conditionals
Use Con dit ion alstot o l i s t en: ?r es t ar t web s er v er ?
Con t r olPlay
Control PlayExecution
Execu t ion

Configure Error Handling

Create Playbooks to
Configure System s to a
Specified State

Use An sible M odu les

f or Syst em
Adm in ist r at ion Task s
Section 8 Back Next

Back t o M ain
 Create Ansible Plays and Playbooks
Course Navigation Use Con dit ion als t o Con t r ol Play Execu t ion

I n st all an d Con f igu r e

an An sible Con t r ol Th e when St at em en t
Node
Section 4
- Allows a task to run or be skipped if certain
conditions are m et.
Con f igu r e An sible
- Parentheses can be used to group conditions.
M an aged Nodes - Multiple conditions can be specified as a list.
Section 5
- Mathem atical operation com parisons can be used.

Scr ipt Adm in ist r at ion

Task s
Section 6
Exam ple of a when statem ent in a Playbook

Cr eat e An sible Plays ---

an d Playbook s - hos t s : webs er v er s
Section 7 bec ome: y es
t as k s :
Kn ow How
Know Howtot oWork
Wor kwith
w it h - name: c opy f i l e
Comm
Com monly
on lyUsed
UsedAnsible
An sible c opy :
M odu les
Modules sr c:
Use Variables
Var iablestot oRetrieve
Ret r ieve / home/ c l oud_us er / i ndex . ht ml
Use
t h e Results
Resu lt sofofRunning
Ru n n in ga a des t : / v ar / www/ ht ml / i ndex . ht ml
the
Comm mand
an d when: ans i bl e_hos t name ==
Com
" ms pear s on3c "
Use Conditionals
Use Con dit ion alstot o
Con t r olPlay
Control PlayExecution
Execu t ion

Configure Error Handling

Create Playbooks to
Configure System s to a
Specified State

Use An sible M odu les

f or Syst em
Adm in ist r at ion Task s
Section 8 Back Next

Back t o M ain
 Create Ansible Plays and Playbooks
Course Navigation Use Con dit ion als t o Con t r ol Play Execu t ion

I n st all an d Con f igu r e

an An sible Con t r ol Loops
Node
Section 4
- May be perform ed using the l oop or
wi t h_<l ookup> keywords
Con f igu r e An sible
- Standard loop usage
M an aged Nodes - Iterate over a sim ple list
Section 5
- Iterate over a list of hashes
- Iterate over a dictionary
Scr ipt Adm in ist r at ion
- When statem ents are processed separately for each
Task s
Section 6 item in a loop

Cr eat e An sible Plays Exam ple of a l oop in a Playbook

an d Playbook s
---
Section 7
- hos t s : webs er v er s
Kn ow How
Howtot oWork
Wor kwith
w it h bec ome: y es
Know
Commmonly
on lyUsed
UsedAnsible
An sible t as k s :
Com
M odu les - name: c r eat e a l i s t of us er s
Modules
us er :
Use Variables
Use Var iablestot oRetrieve
Ret r ieve name: ?{ { i t em } } ?
t h e Results
the Resu lt sofofRunning
Ru n n in ga a s t at e: pr es ent
Comm
Com mand
an d gr oups : wheel
Use Conditionals
Con dit ion alstot o l oop:
Use
Con t r olPlay
PlayExecution
Execu t ion - v i ol et
Control
- gr aham
Configure Error Handling - bet hany

Create Playbooks to
Configure System s to a
Specified State

Use An sible M odu les

f or Syst em
Adm in ist r at ion Task s
Section 8 Back Next

Back t o M ain
 Create Ansible Plays and Playbooks
Course Navigation Con f igu r e Er r or Han dlin g

I n st all an d Con f igu r e

an An sible Con t r ol Er r or Han dlin g
Node
Section 4
- Ignore errors by using the i gnor e_er r or s
keyword.
Con f igu r e An sible
- Force previously notified handler to run using the
M an aged Nodes f or ce_handl er s keyword.
Section 5
- Define failure conditions using the f ai l ed_when
keyword.
Scr ipt Adm in ist r at ion
- Override the ?changed? status result using the
Task s
Section 6 changed_when keyword.
- Abort an entire play if any task fails using the
Cr eat e An sible Plays any_er r or s_f at al keyword.
an d Playbook s
Section 7
- Im plem ent a block in order to logically group tasks
and provide error handling using the following
Kn ow How
Know Howtot oWork
Wor kwith
w it h
Comm
Com monly
on lyUsed
UsedAnsible
An sible keywords:
M odu les
Modules - bl ock
Use Variables
Use Var iablestot oRetrieve
Ret r ieve - r escue
t h e Results
the Resu lt sofofRunning
Ru n n in ga a
Comm mand
an d
- al ways
Com
Use Conditionals
Use Con dit ion alstot o
Con t r olPlay
Control PlayExecution
Execu t ion

Con f igu r eError

Configure Er r orHandling
Han dlin g

Create Playbooks to
Configure System s to a
Specified State

Use An sible M odu les

f or Syst em
Adm in ist r at ion Task s
Section 8 Back Next

Back t o M ain
 Create Ansible Plays and Playbooks
Course Navigation Con f igu r e Er r or Han dlin g

I n st all an d Con f igu r e

an An sible Con t r ol Using ignore_errors keyword:
Node
Section 4 ---
- hos t s : l abs er v er s
t as k s :
Con f igu r e An sible - name: c opy r emot e f i l es
M an aged Nodes f et c h:
Section 5 s r c : / t mp/ er r or Fi l e
des t : / t mp
i gnor e_er r or s : y es
Scr ipt Adm in ist r at ion
Task s
Section 6
Using a block to handle errors:

Cr eat e An sible Plays ---

an d Playbook s - hos t s : l abs er v er s
Section 7 t as k s :
- name: c opy r emot e f i l es
Kn ow How
Know Howtot oWork
Wor kwith
w it h bl oc k :
Comm
Com monly
on lyUsed
UsedAnsible
An sible
- f et c h:
M odu les
Modules s r c : / t mp/ bl oc k Fi l e
Use Variables
Var iablestot oRetrieve
Ret r ieve des t : / t mp
Use
t h e Results
Resu lt sofofRunning
Ru n n in ga a r es c ue:
the
Comm mand
an d - debug:
Com
ms g: " The f i l e does n' t
Use Conditionals
Use Con dit ion alstot o ex i s t on { { ans i bl e_hos t name } } . "
Con t r olPlay
Control PlayExecution
Execu t ion al way s :
Con f igu r eError
Er r orHandling
Han dlin g - debug:
Configure
ms g: " Pl ay book i s
Create Playbooks to f i ni s hed! "
Configure System s to a
Specified State

Use An sible M odu les

f or Syst em
Adm in ist r at ion Task s
Section 8 Back Next

Back t o M ain
 Create Ansible Plays and Playbooks
Course Navigation Cr eat e Playbook s t o Con f igu r e Syst em s t o a Specif ied St at e

I n st all an d Con f igu r e

an An sible Con t r ol Exam ple Playbook
Node
Section 4
---
- hos t s : webs er v er s
bec ome: y es
Con f igu r e An sible
t as k s :
M an aged Nodes - name: i ns t al l apac he
Section 5 y um:
name: ht t pd
s t at e: l at es t
Scr ipt Adm in ist r at ion - name: c r eat e us er and add t hem t o t he
Task s apac he gr oup
Section 6 us er :
name: " { { i t em } } "
gr oups : apac he
Cr eat e An sible Plays l oop:
an d Playbook s - wi l l
Section 7 - my l es
- name: c r eat e i ndex . ht ml
Kn ow How
Know Howtot oWork
Wor kwith
w it h t empl at e:
Comm
Com monly
on lyUsed
UsedAnsible
An sible sr c:
M odu les
Modules / home/ c l oud_us er / ans i bl e/ t empl at es / i ndex . j 2
Use Variables
Var iablestot oRetrieve
Ret r ieve des t : / v ar / www/ ht ml / i ndex . ht ml
Use
t h e Results
Resu lt sofofRunning
Ru n n in ga a owner : apac he
the
Comm mand
an d gr oup: apac he
Com
mode: 0644
Use Conditionals
Use Con dit ion alstot o - name: s t ar t and enabl e ht t pd
Con t r olPlay
Control PlayExecution
Execu t ion s er v i c e:
Con f igu r eError
Er r orHandling
Han dlin g name: ht t pd
Configure
s t at e: s t ar t ed
Create
Cr eat ePlaybooks
Playbook stot o enabl ed: y es
Configure
Con f igu r eSystem
Syst ems stot oa a
Specified
Specif iedState
St at e

Use An sible M odu les

f or Syst em
Adm in ist r at ion Task s
Section 8 Back Next

Back t o M ain
 Create Ansible Plays and Playbooks
Course Navigation Cr eat e Playbook s t o Con f igu r e Syst em s t o a Specif ied St at e

I n st all an d Con f igu r e

an An sible Con t r ol Exam ple Playbook (cont.):
Node
Section 4
- hos t s : dbs er v er s
bec ome: y es
t as k s :
Con f igu r e An sible
- name: i ns t al l pos t r es ql
M an aged Nodes y um:
Section 5 name: pos t gr es ql - s er v er
s t at e: l at es t
- name: i ni t i al i z e db c l us t er
Scr ipt Adm in ist r at ion c ommand: / us r / bi n/ pos t gr es ql - s et up
Task s - - i ni t db
Section 6 - name: c r eat e us er s
us er :
name: " { { i t em } } "
Cr eat e An sible Plays gr oups : pos t gr es
an d Playbook s l oop:
Section 7 - c or ey
- aar on
Kn ow How
Know Howtot oWork
Wor kwith
w it h - name: s t ar t and enabl e pos t gr es
Comm
Com monly
on lyUsed
UsedAnsible
An sible s er v i c e:
M odu les
Modules name: pos t gr es ql
Use Variables
Var iablestot oRetrieve
Ret r ieve s t at e: s t ar t ed
Use
t h e Results
Resu lt sofofRunning
Ru n n in ga a enabl ed: y es
the
Comm
Com mand
an d
Use Conditionals
Use Con dit ion alstot o
Con t r olPlay
Control PlayExecution
Execu t ion

Con f igu r eError

Configure Er r orHandling
Han dlin g

Create
Cr eat ePlaybooks
Playbook stot o
Configure
Con f igu r eSystem
Syst ems stot oa a
Specified
Specif iedState
St at e

Use An sible M odu les

f or Syst em
Adm in ist r at ion Task s
Section 8 Back Next

Back t o M ain
 Script Adm inistration Tasks
Course Navigation Sof t w ar e Pack ages an d Reposit or ies
Scr ipt Adm in ist r at ion
Task s Th e yumM odu le - Use the yumpackage m anager to
Section 6
install, upgrade, downgrade, rem ove, and list packages
and groups.
Cr eat e An sible Plays
an d Playbook s
Section 7 Exam ples of the yum m odule:

Use An sible M odu les - name: i ns t al l a pac k age

y um:
f or Syst em
name: pac k age_name
Adm in ist r at ion Task s s t at e: l at es t
Section 8
- name: I ns t al l a l i s t of pac k ages
Sof t w ar e Packages
Software Pack agesand
an d y um:
Reposit or ies
Repositories name:
Services - pac k age_name
- pac k age_name
Firewall Rules s t at e: l at es t
Storage Devices
- name: I ns t al l r pm f r om a r emot e r epo
File Content y um:
name: ht t p: / / webs i t e. c om/ pat h/ t o/ r pm
File System s s t at e: pr es ent

Archiving - name: I ns t al l r pm f r om a l oc al f i l e
Scheduled Tasks y um:
name: / pat h/ t o/ f i l e. r pm
Security s t at e: pr es ent

Users and Groups - name: Remov e a pac k age

y um:
Cr eat e an d Use name: pac k age_name
Tem plat es t o Cr eat e s t at e: abs ent
Cu st om ized
Con f igu r at ion Files
Section 9

Back Next

Back t o M ain
 Script Adm inistration Tasks
Course Navigation Sof t w ar e Pack ages an d Reposit or ies
Scr ipt Adm in ist r at ion
Task s Th e yu m _r eposit or y m odu le - Add or rem ove a yum
Section 6
repository.

Cr eat e An sible Plays

an d Playbook s
Section 7 Exam ples of the yum _repository m odule:

Use An sible M odu les - name: Add a r epos i t or y

y um_r epos i t or y :
f or Syst em
name: r epo_name
Adm in ist r at ion Task s des c r i pt i on: Des c r i pt i on of r epo
Section 8 bas eur l :
ht t ps : / / webs i t e. c om/ f ul l / pat h/ of / bas e/ ur l
Sof t w ar e Packages
Software Pack agesand
an d gpgc hec k : no
Reposit or ies
Repositories
Services - name: Remov e a r epos i t or y f r om a r epo f i l e
y um_r epos i t or y :
Firewall Rules name: r epo_name
f i l e: r epo_f i l e_name ( wi t hout t he
Storage Devices
?. r epo? ex t ens i on)
File Content s t at e: abs ent

File System s

Archiving

Scheduled Tasks

Security

Users and Groups

Cr eat e an d Use
Tem plat es t o Cr eat e
Cu st om ized
Con f igu r at ion Files
Section 9

Back Next

Back t o M ain
 Script Adm inistration Tasks
Course Navigation Ser vices
Scr ipt Adm in ist r at ion
Task s Th e ser vice m odu le - This controls services on a rem ote
Section 6
host. The supported init system s are BSD init, OpenRC,
SysV, Solaris SMF, system d, and upstart.
Cr eat e An sible Plays
an d Playbook s
Section 7 Exam ple of the ser vi ce m odule:

Use An sible M odu les - name: Show opt i ons f or s er v i c e modul e

s er v i c e:
f or Syst em
name: s er v i c e_name
Adm in ist r at ion Task s s t at e:
Section 8 s t ar t ed| s t opped| r es t ar t ed| r el oaded
enabl ed: y es | no
Sof t w ar e Packages
Software Pack agesand
an d ar gs : addi t i onal ar gument s pr ov i ded on
Reposit or ies
Repositories t he c ommand l i ne
Ser vices
Services

Firewall Rules
Th e syst emd m odu le - This controls syst emd services
Storage Devices
on a rem ote host.
File Content

File System s Exam ple of the syst emd m odule:

Archiving
- name: Show opt i ons f or s y s t emd modul e
Scheduled Tasks s er v i c e:
name: s er v i c e_name
Security
s t at e:
Users and Groups s t ar t ed| s t opped| r es t ar t ed| r el oaded
enabl ed: y es | no
daemon_r el oad: y es | no
Cr eat e an d Use
f or c e: y es | no
Tem plat es t o Cr eat e
Cu st om ized
Con f igu r at ion Files
Section 9

Back Next

Back t o M ain
 Script Adm inistration Tasks
Course Navigation Fir ew all Ru les
Scr ipt Adm in ist r at ion
Task s Th e f i r ewal l d m odu le - Allows for the addition or
Section 6
deletion of running or perm anent firewall rules by
services or ports (TCP or UDP)
Cr eat e An sible Plays
an d Playbook s
Section 7
Exam ple of the f i r ewal l d m odule:

Use An sible M odu les - name: add f i r ewal l r ul es by s er v i c e

f or Syst em f i r ewal l d:
Adm in ist r at ion Task s z one: publ i c | dmz | i nt er nal | ex t er nal | t r us t ed| et c .
Section 8 s er v i c e: s er v i c e_name
per manent : y es | no
Sof t w ar e Packages
Software Pack agesand
an d i mmedi at e: y es | no
Reposit or ies
Repositories s t at e: enabl ed| di s abl ed| pr es ent | abs ent
Ser vices
Services - name: add f i r ewal l r ul es by por t ( s )
Fir ew all Rules
Firewall Ru les f i r ewal l d:
z one: publ i c | dmz | i nt er nal | ex t er nal | t r us t ed| et c .
Storage Devices por t : 8080/ t c p| 170- 179/ udp
per manent : y es | no
File Content
i mmedi at e: y es | no
File System s s t at e: enabl ed| di s abl ed| pr es ent | abs ent

Archiving - name: add f i r ewal l r ul es us i ng a Ri c h Rul e

f i r ewal l d:
Scheduled Tasks z one: publ i c | dmz | i nt er nal | ex t er nal | t r us t ed| et c .
r i c h_r ul e: r ul e f ami l y =i pv 4 f or war d- por t
Security
por t =443 pr ot oc ol =t c p t o- por t =8443
Users and Groups per manent : y es | no
i mmedi at e: y es | no
s t at e: enabl ed| di s abl ed| pr es ent | abs ent
Cr eat e an d Use
Tem plat es t o Cr eat e
Cu st om ized
Con f igu r at ion Files
Section 9

Back Next

Back t o M ain
 Script Adm inistration Tasks
Course Navigation St or age Devices
Scr ipt Adm in ist r at ion
Task s Cr eat e Par t it ion s
Section 6

Th e par t ed m odu le - Uses the parted com m and line

Cr eat e An sible Plays
an d Playbook s tool in order to configure block device partitions.
Section 7

Exam ple of the par t ed m odule:

Use An sible M odu les
f or Syst em
Adm in ist r at ion Task s - name: Show opt i ons f or par t ed modul e
Section 8 par t ed:
dev i c e: / dev / s dc | / dev / nv me1n1
Sof t w ar e Packages
Pack agesand
an d number : 1
Software
Reposit or ies
Repositories s t at e: pr es ent | abs ent | i nf o
par t _end: 1Gi B| 100%
Ser vices
Services l abel : ms dos | gpt
Fir ew all Rules
Ru les f l ags : [ l v m ]
Firewall
Storage
St Devices
or age Devices

File Content

File System s

Archiving

Scheduled Tasks

Security

Users and Groups

Cr eat e an d Use
Tem plat es t o Cr eat e
Cu st om ized
Con f igu r at ion Files
Section 9

Back Next

Back t o M ain
 Script Adm inistration Tasks
Course Navigation St or age Devices
Scr ipt Adm in ist r at ion
Task s Cr eat e Logical Volu m es
Section 6
Th e l vg m odu le - Create, rem ove, and resize volum e
groups
Cr eat e An sible Plays
an d Playbook s
Section 7 Exam ple of the lvg m odule:

Use An sible M odu les - name: s how opt i ons f or l v g modul e

l v g:
f or Syst em
f or c e: no| y es
Adm in ist r at ion Task s pes i z e: 8
Section 8 pv s : / dev / nv me1n1p1, / dev / nv me2n1p1
v g: v g_name
Sof t w ar e Packages
Software Pack agesand
an d s t at e: pr es ent | abs ent
Reposit or ies
Repositories
Ser vices
Services
Fir ew all Rules
Firewall Ru les Th e l vol m odu le - Create, rem ove, and resize logical
Storage
St Devices
or age Devices volum es
File Content Exam ple of the lvol m odule:
File System s

Archiving - name: s how opt i ons f or l v ol modul e

l v ol :
Scheduled Tasks v g: v g_name
l v : l v _name
Security
s i z e: 512m| 1g| 100%FREE
Users and Groups s t at e: pr es ent | abs ent
s hr i nk : y es | no
r es i z ef s : no| y es
Cr eat e an d Use f or c e: no| y es
Tem plat es t o Cr eat e opt s : f r ee f or m opt i ons pas s ed t o t he
Cu st om ized l v c r eat e c ommand
Con f igu r at ion Files
Section 9

Back Next

Back t o M ain
 Script Adm inistration Tasks
Course Navigation File Con t en t
Scr ipt Adm in ist r at ion
Task s M an age File Con t en t
Section 6
Th e f i l e m odu le - Manage files and file properties.

Cr eat e An sible Plays Exam ple of the f i l e m odule:

an d Playbook s
Section 7
- name: c r eat e a f i l e
f i l e:
Use An sible M odu les pat h: / pat h/ t o/ f i l e
f or Syst em s t at e: t ouc h
Adm in ist r at ion Task s
Section 8
Th e copy m odu le - Copy files to rem ote locations.
Sof t w ar e Packages
Software Pack agesand
an d
Reposit or ies
Repositories
Exam ple of the copy m odule:
Ser vices
Services
Fir ew all Rules
Firewall Ru les
- name: add c ont ent t o s pec i f i c f i l e
Storage
St Devices
or age Devices c opy :
c ont ent : f i l e_c ont ent
File Con
File Content
t en t des t : / pat h/ t o/ f i l e

File System s

Archiving
Th e l i nei nf i l e m odu le - Manage lines in text files.
Scheduled Tasks
Exam ple of the l i nei nf i l e m odule:
Security

Users and Groups - name: r epl ac e a l i ne

l i nei nf i l e:
Cr eat e an d Use pat h: / pat h/ t o/ f i l e
Tem plat es t o Cr eat e r egex p: ?r egul ar _ex pr es s i on?
Cu st om ized l i ne: l i ne t o i ns er t / r epl ac e i n t he f i l e
Con f igu r at ion Files
Section 9

Back Next

Back t o M ain
 Script Adm inistration Tasks
Course Navigation File Con t en t
Scr ipt Adm in ist r at ion
Task s Cr eat e Files an d an d Replace St r in gs (con t .)
Section 6
Th e r epl ace m odu le - Replace all in st an ces of a
par t icu lar st r in g w it h in a f ile.
Cr eat e An sible Plays
an d Playbook s
Section 7 Exam ple of the r epl ace m odule:

- name: r epl ac e s t r i ngs wi t hi n a f i l e

Use An sible M odu les r epl ac e:
f or Syst em pat h: / pat h/ t o/ f i l e
Adm in ist r at ion Task s r egex p: r egul ar _ex pr es s i on
Section 8 r epl ac e: ?s t r i ng t hat r epl ac es r egex p
mat c hes ?
Sof t w ar e Packages
Software Pack agesand
an d
Reposit or ies
Repositories
Ser vices
Services Th e t empl at e m odu le - Tem plate a file out to a rem ote
Fir ew all Rules
Firewall Ru les server.
Storage
St Devices
or age Devices
Exam ple of the t empl at e m odule:
File Con
File Content
t en t

File System s - name: s how t empl at e opt i ons

t empl at e:
Archiving s r c : / pat h/ t o/ t empl at e. j 2
Scheduled Tasks des t : / pat h/ t o/ des t
owner : owner _name
Security gr oup: gr oup_name
mode: f i l e_per mi s s i ons
Users and Groups

Cr eat e an d Use
Tem plat es t o Cr eat e
Cu st om ized
Con f igu r at ion Files
Section 9

Back Next

Back t o M ain
 Script Adm inistration Tasks
Course Navigation File Con t en t
Scr ipt Adm in ist r at ion
Task s Cr eat e Files an d an d Replace St r in gs (con t .)
Section 6
Exam ple of a tem plate file:
Cr eat e An sible Plays
an d Playbook s Hos t name = { { ans i bl e_hos t name } }
Section 7 Oper at i ng Sy s t em = { { ans i bl e_di s t r i but i on } } { {
ans i bl e_di s t r i but i on_v er s i on } }
I PV4 Addr es s = { { ans i bl e_def aul t _i pv 4. addr es s } }
Use An sible M odu les I PV6 Addr es s = { { ans i bl e_def aul t _i pv 6. addr es s } }
f or Syst em I nt er f ac es = { { ans i bl e_i nt er f ac es | j oi n( ' , ' ) } }
Adm in ist r at ion Task s Bl oc k Dev i c es = { { ans i bl e_dev i c es | j oi n( ' , ' ) } }
Section 8

Sof t w ar e Packages
Software Pack agesand
an d
Reposit or ies
Repositories
Ser vices
Services
Fir ew all Rules
Firewall Ru les

Storage
St Devices
or age Devices

File Con
File Content
t en t

File System s

Archiving

Scheduled Tasks

Security

Users and Groups

Cr eat e an d Use
Tem plat es t o Cr eat e
Cu st om ized
Con f igu r at ion Files
Section 9

Back Next

Back t o M ain
 Script Adm inistration Tasks
Course Navigation File Syst em s
Scr ipt Adm in ist r at ion
Task s Cr eat e a Filesyst em
Section 6
Th e f i l esyst emm odu le - Create a filesystem .

Cr eat e An sible Plays Exam ple of the f i l esyst em m odule:

an d Playbook s
Section 7
- name: opt i ons f or f i l es y s t em modul e
f i l es y s t em:
Use An sible M odu les f s t y pe: f s _t y pe
f or Syst em dev : / pat h/ t o/ dev i c e
Adm in ist r at ion Task s f or c e: no| y es
Section 8 r es i z ef s : no| y es
opt s : opt i ons t o pas s t o t he mk f s c ommand
Sof t w ar e Packages
Software Pack agesand
an d
Reposit or ies
Repositories
Ser vices
Services M ou n t a Filesyst em
Fir ew all Rules
Firewall Ru les Th e mount m odu le - Control and configure m ount
Storage
St Devices
or age Devices points.
File Con
File Content
t en t
Exam ple of the mount m odule:
File Syst
File System
emss

Archiving - name: opt i on f or t he mount modul e

Scheduled Tasks mount :
pat h: / pat h/ t o/ mount / poi nt
Security s r c : / pat h/ t o/ dev i c e
f s t y pe: f s _t y pe
Users and Groups s t at e: mount ed| abs ent | pr es ent | unmount ed
opt s : mount opt i ons
Cr eat e an d Use bac k up: no| y es
Tem plat es t o Cr eat e
Cu st om ized
Con f igu r at ion Files
Section 9

Back Next

Back t o M ain
 Script Adm inistration Tasks
Course Navigation Ar ch ivin g
Scr ipt Adm in ist r at ion
Task s Cr eat e an Ar ch ive
Section 6

Cr eat e An sible Plays Th e ar chi ve m odu le - Creates a com pressed archive

an d Playbook s on one or m ore files or directories.
Section 7

Use An sible M odu les Exam ple of the ar chi ve m odule:

f or Syst em
Adm in ist r at ion Task s
Section 8 - name: s how opt i ons f or ar c hi v e modul e
ar c hi v e:
Sof t w ar e Packages
Software Pack agesand
an d pat h:
Reposit or ies
Repositories - / pat h/ t o/ f i l e
- / pat h/ t o/ f i l e
Ser vices
Services - / pat h/ t o/ di r
Fir ew all Rules
Ru les - / gl obbed/ pat h/ us i ng/ *
Firewall
ex c l ude_pat h:
Storage
St Devices
or age Devices - / f i l e/ t o/ ex c l ude
- / di r / t o/ ex c l ude
File Con
File Content
t en t - / gl ob/ t o/ ex c l ude/ ex *
f or mat : gz | bz 2| t ar | x z | z i p
File Syst
File System
emss
des t : / name/ of / ar c hi v e. t gz
Archiving
Ar ch ivin g

Scheduled Tasks

Security

Users and Groups

Cr eat e an d Use
Tem plat es t o Cr eat e
Cu st om ized
Con f igu r at ion Files
Section 9

Back Next

Back t o M ain
 Script Adm inistration Tasks
Course Navigation Ar ch ivin g
Scr ipt Adm in ist r at ion
Task s Un pack an Ar ch ive
Section 6

Cr eat e An sible Plays Th e unar chi ve m odu le - Copy (optional) and unpack an
an d Playbook s archive.
Section 7

Use An sible M odu les Exam ple of the unar chi ve m odule:
f or Syst em
Adm in ist r at ion Task s
Section 8 - name: s how opt i ons f or unar c hi v e modul e
unar c hi v e:
Sof t w ar e Packages
Software Pack agesand
an d sr c:
Reposit or ies
Repositories / pat h/ t o/ f i l e. z i p| www. webs i t e. c om/ pat h/ t o/ f i l e. z i p
des t : / pat h/ t o/ unpac k / i n
Ser vices
Services r emot e_s r c : no| y es
Fir ew all Rules
Firewall Ru les

Storage
St Devices
or age Devices

File Con
File Content
t en t

File Syst
File System
emss

Archiving
Ar ch ivin g

Scheduled Tasks

Security

Users and Groups

Cr eat e an d Use
Tem plat es t o Cr eat e
Cu st om ized
Con f igu r at ion Files
Section 9

Back Next

Back t o M ain
 Script Adm inistration Tasks
Course Navigation Sch edu led Task s
Scr ipt Adm in ist r at ion
Task s Sch edu le Task s u sin g c r on an d at
Section 6

Th e cr on m odu le - Manage cr on. d and cr ont ab

Cr eat e An sible Plays
entries.
an d Playbook s
Section 7

Exam ple of the cr on m odule:

Use An sible M odu les
f or Syst em - name: s how opt i ons f or t he c r on modul e
Adm in ist r at ion Task s c r on:
Section 8 name: ?j ob_name?
s pec i al _t i me: r eboot | dai l y | week l y | et c .
Sof t w ar e Packages
Software Pack agesand
an d mi nut e: 0- 59| * | * / 2
Reposit or ies
Repositories hour : 0- 23| * | * / 2
day : 1- 31| * | * / 2
Ser vices
Services
mont h: 1- 12| * | * / 2
Fir ew all Rules
Firewall Ru les week day : 0- 6 f or Sunday t o Sat ur day | *
us er : us er _name
Storage
St Devices
or age Devices c r on_f i l e: f i l e_name
s t at e: pr es ent | abs ent
File Con
File Content
t en t
j ob: c ommand
File Syst
File System
emss

Archiving
Ar ch ivin g

Scheduled
Sch edu led Tasks
Task s

Security

Users and Groups

Cr eat e an d Use
Tem plat es t o Cr eat e
Cu st om ized
Con f igu r at ion Files
Section 9

Back Next

Back t o M ain
 Script Adm inistration Tasks
Course Navigation Sch edu led Task s
Scr ipt Adm in ist r at ion
Task s Sch edu le Task s u sin g c r on an d at (con t .)
Section 6

Th e at m odu le - Schedule the execution of a com m and

Cr eat e An sible Plays
or script with the at com m and.
an d Playbook s
Section 7

Exam ple of the at m odule:

Use An sible M odu les
f or Syst em
Adm in ist r at ion Task s - name: s how opt i ons f or t he at modul e
Section 8 at :
c ommand: c ommand_t o_r un
Sof t w ar e Packages
Software Pack agesand
an d s c r i pt _f i l e: / pat h/ t o/ s c r i pt . s h
Reposit or ies
Repositories c ount : c ount of uni t s i n t he f ut ur e t o
ex ec ut e t he c ommand or s c r i pt
Ser vices
Services uni t : mi nut es | hour s | day s | week s
Fir ew all Rules
Firewall Ru les s t at e: pr es ent | abs ent

Storage
St Devices
or age Devices

File Con
File Content
t en t

File Syst
File System
emss

Archiving
Ar ch ivin g

Scheduled
Sch edu led Tasks
Task s

Security

Users and Groups

Cr eat e an d Use
Tem plat es t o Cr eat e
Cu st om ized
Con f igu r at ion Files
Section 9

Back Next

Back t o M ain
 Script Adm inistration Tasks
Course Navigation Secu r it y
Scr ipt Adm in ist r at ion
Task s Th e sel i nux m odu le - Change the policy and state of
Section 6
SELinux.

Cr eat e An sible Plays

an d Playbook s Exam ple of the sel i nux m odule:
Section 7

- name: s how opt i ons f or s el i nux modul e

s el i nux :
Use An sible M odu les
c onf i gf i l e: / pat h/ t o/ c onf i g
f or Syst em
pol i c y : t ar get ed
Adm in ist r at ion Task s s t at e: enf or c i ng| per mi s s i v e| di s abl ed
Section 8

Sof t w ar e Packages
Software Pack agesand
an d
Reposit or ies
Repositories
Ser vices
Services Th e sebool ean m odu le - Toggle SELinux booleans.
Fir ew all Rules
Firewall Ru les

Storage
St Devices
or age Devices Exam ple of the sebool ean m odule:
File Con
File Content
t en t
- name: s how opt i ons f or s ebool ean modul e
File Syst
File System
emss s ebool ean:
name: bool ean_name
Archiving
Ar ch ivin g s t at e: no| y es
Scheduled per s i s t ent : no| y es
Sch edu led Tasks
Task s

Security
Secu r it y
Users and Groups

Cr eat e an d Use
Tem plat es t o Cr eat e
Cu st om ized
Con f igu r at ion Files
Section 9

Back Next

Back t o M ain
 Script Adm inistration Tasks
Course Navigation Secu r it y
Scr ipt Adm in ist r at ion
Task s Th e sef cont ext m odu le - Manage SELinux file context
Section 6
m appings definitions.

Cr eat e An sible Plays

an d Playbook s Exam ple of the sef cont ext m odule:
Section 7

- name: s how opt i ons f or s ef c ont ex t modul e

s ef c ont ex t :
Use An sible M odu les
f t y pe: a| d| et c .
f or Syst em
r el oad: y es | no
Adm in ist r at ion Task s t ar get : ?/ pat h/ t o/ di r ( / . * ) ??
Section 8 s et y pe: s el i nux _t y pe
s t at e: pr es ent | abs ent
Sof t w ar e Packages
Software Pack agesand
an d - name: appl y new SELi nux c ont ex t t o t he f i l es y s t em
Reposit or ies
Repositories c ommand: r es t or ec on - i r v / pat h/ t o/ di r
Ser vices
Services
Fir ew all Rules
Firewall Ru les

Storage
St Devices
or age Devices

File Con
File Content
t en t

File Syst
File System
emss

Archiving
Ar ch ivin g

Scheduled
Sch edu led Tasks
Task s

Security
Secu r it y
Users and Groups

Cr eat e an d Use
Tem plat es t o Cr eat e
Cu st om ized
Con f igu r at ion Files
Section 9

Back Next

Back t o M ain
 Script Adm inistration Tasks
Course Navigation User s an d Gr ou ps
Scr ipt Adm in ist r at ion
Task s M an age User s
Section 6
Th e user m odu le - Manage user accounts and user
attributes.
Cr eat e An sible Plays
an d Playbook s
Section 7
Exam ple of the user m odule:

- name: s how opt i ons f or us er modul e

Use An sible M odu les us er :
f or Syst em name: us er _name
s hel l : / bi n/ bas h| / bi n/ z s h| et c .
Adm in ist r at ion Task s
home: / pat h/ t o/ home/ di r
Section 8
c omment : us er _des c r i pt i on
ui d: s et t he ui d of t he us er
Sof t w ar e Packages
Software Pack agesand
an d
gr oup: s et t he us er ?s pr i mar y gr oup
Reposit or ies
Repositories
gr oups : l i s t of gr oups t o add t he us er t o
Ser vices
Services append: no| y es
s t at e: pr es ent | abs ent
Fir ew all Rules
Firewall Ru les

Storage
St Devices
or age Devices
M an age Gr ou ps
File Con
File Content
t en t
Th e gr oup m odu le - Add or rem ove groups.
File Syst
File System
emss

Archiving
Ar ch ivin g
Exam ple of the gr oup m odule:
Scheduled
Sch edu led Tasks
Task s

Security
Secu r it y - name: s how opt i ons f or t he gr oup modul e
gr oup:
Users
User and
s an Groups
d Gr ou ps name: gr oup_name
gi d: s et t he gi d f or t he gr oup
Cr eat e an d Use s y s t em: no| y es
Tem plat es t o Cr eat e s t at e: pr es ent | abs ent
Cu st om ized
Con f igu r at ion Files
Section 9

Back Next

Back t o M ain
 Create and Use Tem plates to Create Custom ized
Configuration Files
Course Navigation An sible Var iables

Con f igu r e An sible

M an aged Nodes Un der st an din g Var iables
Section 5
- Can contain letters num bers and underscores
Scr ipt Adm in ist r at ion - Must begin with a letter
Task s - Can be stored as dictionaries, which m ap keys to
Section 6
values
- Dictionary variables can be referenced using
Cr eat e An sible Plays
an d Playbook s bracket notation or dot notation:
Section 7 - Exam ple: di c t i onar y_name[ ' f i el d1' ] or
di c t i onar y . f i el d1
Use An sible M odu les - Variables stored as a list (array) m ay be accessed
f or Syst em by putting the elem ent num ber in brackets:
Adm in ist r at ion Task s
Section 8 - Exam ple (first elem ent of an array):
{{ array_nam e[0] }}

Cr eat e an d Use
- Variables m ay be defined or set in the following
Tem plat es t o Cr eat e locations:
Cu st om ized - Inventories (also in hos t _var s and
Con f igu r at ion Files
Section 9 gr oup_var s directories)
- Playbooks (i.e., v ar s , var s_f i l es , and
An sible Var
Ansible iables
Variables
v ar s _pr ompt )
Ansible Tem plates
- Roles (i.e., set in
Cr eat e an d Wor k r ol es / r ol e_name/ v ar s/ mai n. y ml )
w it h Roles - The com m and line (i.e., - e or - - ex t r a- v ar s )
Section 10

M an agin g Par allelism

Section 11
Back Next

Back t o M ain
 Create and Use Tem plates to Create Custom ized
Configuration Files
Course Navigation An sible Var iables

Con f igu r e An sible

M an aged Nodes Un der st an din g Var iables (con t .)
Section 5
- Referenced defined variables using the Jinja2
Scr ipt Adm in ist r at ion tem plating system .
Task s - exam ple: This is m y { { var i abl e } }
Section 6
- Note: YAML requires values starting with a
variable to be quoted.
Cr eat e An sible Plays
an d Playbook s - Transform variable values using Jinja2 filters (i.e.
Section 7 join, capitalize, etc.)
- Ansible stores inform ation about rem ote hosts in
Use An sible M odu les variables known as Ansible facts.
f or Syst em
Adm in ist r at ion Task s
- Ansible provides special, reserved variables
Section 8 known as m agic variables.
- Exam ples: hos t v ar s , gr oups , gr oup_names ,
Cr eat e an d Use and i nv ent or y _hos t name
Tem plat es t o Cr eat e - Custom facts (AKA local facts) can be added to the
Cu st om ized
Con f igu r at ion Files rem ote system by the user:
Section 9 - Defined in files that end with . f act
An sible Var iables - Local fact files are stored in
Ansible Variables
/ et c / ans i bl e/ f ac t s. d
Ansible Tem plates
- Fact file directory can be changed using the
Cr eat e an d Wor k f ac t _pat h keyword
w it h Roles
Section 10
- Local facts can be viewed by running the
following: ans i bl e <host name> - m s et up - a
" f i l t er =ans i bl e_l oc al "
M an agin g Par allelism
Section 11
Back Next

Back t o M ain
 Create and Use Tem plates to Create Custom ized
Configuration Files
Course Navigation An sible Tem plat es

Con f igu r e An sible

M an aged Nodes Un der st an din g Tem plat es
Section 5
- Tem plates are files that contain both static values
Scr ipt Adm in ist r at ion and dynam ic values, through the use of variables.
Task s - Ansible processes tem plates using jinja2.
Section 6
- Tem plates are designated with the .j2 extension.
- Tem plates are often used for configuration file
Cr eat e An sible Plays
an d Playbook s m anagem ent.
Section 7 - Tem plates have access to the sam e variables as
the plays that call them .
Use An sible M odu les
f or Syst em Th e t empl at e m odu le - Process a tem plate and push it
Adm in ist r at ion Task s
Section 8 out to a rem ote server.

Exam ple of the t empl at e m odule:

Cr eat e an d Use
Tem plat es t o Cr eat e - name: s how t empl at e opt i ons
Cu st om ized t empl at e:
Con f igu r at ion Files s r c : / pat h/ t o/ t empl at e. j 2
Section 9 des t : / pat h/ t o/ des t
owner : owner _name
An sible Var
Ansible iables
Variables gr oup: gr oup_name
mode: f i l e_per mi s s i ons
Ansible
An sible Tem plates
plat es v al i dat e: v al i dat i on_c ommand %s
bac k up: no| y es
Cr eat e an d Wor k
w it h Roles
Section 10

M an agin g Par allelism

Section 11
Back Next

Back t o M ain
 Create and Use Tem plates to Create Custom ized
Configuration Files
Course Navigation An sible Tem plat es

Con f igu r e An sible

M an aged Nodes ht t pd. conf Tem plat e
Section 5

# Thi s i s t he mai n Apac he HTTP s er v er c onf i gur at i on

Scr ipt Adm in ist r at ion f i l e.
Task s #
Section 6 # { { ans i bl e_managed } }

Ser v er Root " / et c / ht t pd"

Cr eat e An sible Plays
an d Playbook s Li s t en { { ht t p_por t } }
Section 7
I nc l ude c onf . modul es . d/ * . c onf

Use An sible M odu les Us er apac he

f or Syst em Gr oup apac he
Adm in ist r at ion Task s
Ser v er Admi n { { admi n } } @{ { ans i bl e_hos t name } }
Section 8
<Di r ec t or y / >
Al l owOv er r i de none
Cr eat e an d Use Requi r e al l deni ed
Tem plat es t o Cr eat e </ Di r ec t or y >
Cu st om ized
Con f igu r at ion Files Doc ument Root " { { c ont ent _di r } } "
Section 9 ...

An sible Var
Ansible iables
Variables

Ansible
An sible Tem plates
plat es

Cr eat e an d Wor k
w it h Roles
Section 10

M an agin g Par allelism

Section 11
Back Next

Back t o M ain
 Create and Use Tem plates to Create Custom ized
Configuration Files
Course Navigation An sible Tem plat es

Con f igu r e An sible

M an aged Nodes i ndex. ht ml Tem plat e
Section 5

Wel c ome t o { { ans i bl e_hos t name } } !

Scr ipt Adm in ist r at ion
Task s - The i pv 4 addr es s i s { { ans i bl e_def aul t _i pv 4[ ' addr es s ' ] } }
Section 6
- The c ur r ent memor y us age i s {{
ans i bl e_memor y _mb[ ' r eal ' ] [ ' us ed' ] } } mb out of { {
Cr eat e An sible Plays ans i bl e_memor y _mb[ ' r eal ' ] [ ' t ot al ' ] } } mb
an d Playbook s
Section 7 - The { { ans i bl e_dev i c es | f i r s t } } bl oc k dev i c e has t he
f ol l owi ng par t i t i ons :
- { { ans i bl e_dev i c es [ ' nv me0n1' ] [ ' par t i t i ons ' ] | j oi n( ' \ n - ' ) } }
Use An sible M odu les
f or Syst em
Adm in ist r at ion Task s
Section 8

Cr eat e an d Use
Tem plat es t o Cr eat e
Cu st om ized
Con f igu r at ion Files
Section 9

An sible Var
Ansible iables
Variables

Ansible
An sible Tem plates
plat es

Cr eat e an d Wor k
w it h Roles
Section 10

M an agin g Par allelism

Section 11
Back Next

Back t o M ain
 Create and Use Tem plates to Create Custom ized
Configuration Files
Course Navigation An sible Tem plat es

Con f igu r e An sible

M an aged Nodes Playbook Exam ple
Section 5

W
- el
- - c ome t o { { ans i bl e_hos t name } } !
Scr ipt Adm in ist r at ion - hos t s : webs er v er s
Task s - The
bec iompve:4 addr
y es es s i s { { ans i bl e_def aul t _i pv 4[ ' addr es s ' ] } }
Section 6 v ar s :
- The c cont
ur rent
ent_dimem r : or/ ywebcus ageont enti s {{
ans i blht e_m emort y: _m
t p_por b[ ' r eal ' ] [ ' us ed' ] } } mb out of { {
8080
Cr eat e An sible Plays ans i bladme_m
i n:emorc l youd_us
_mb[ ' rereal ' ] [ ' t ot al ' ] } } mb
an d Playbook s t as k s :
Section 7 - The - { {nam ans
e: i bl
pus e_dev
h c onf i c es i g| t fem
i rpls tat }e} bl oc k dev i c e has t he
f ol l owit ng
emplpar at te:i t i ons :
- { { ans is blr c e_dev
: / hom i ce/esc [l 'oud_us
nv me0n1' er / ]ans
[ ' par
i bl te/i t iem
ons
pl 'at] |es
j oi
/ htn(t 'pd.
\ n c -onf
' ) . }j }2
Use An sible M odu les des t : / et c / ht t pd/ c onf / ht t pd. c onf
bac k up: y es
f or Syst em
not i f y : " r es t ar t apac he"
Adm in ist r at ion Task s - name: pus h i ndex . ht ml t empl at e
Section 8
t empl at e:
s r c : / home/ c l oud_us er / ans i bl e/ t empl at es / i ndex . ht ml . j 2
des t : / webc ont ent / i ndex . ht ml
Cr eat e an d Use handl er s :
Tem plat es t o Cr eat e - name: r es t ar t web s er v er s
Cu st om ized s er v i c e:
Con f igu r at ion Files name: ht t pd
Section 9 s t at e: r es t ar t ed
l i s t en: " r es t ar t apac he"
An sible Var
Ansible iables
Variables

Ansible
An sible Tem plates
plat es

Cr eat e an d Wor k
w it h Roles
Section 10

M an agin g Par allelism

Section 11
Back Next

Back t o M ain
 Create and Work with Roles
Course Navigation Un der st an din g Roles

Con f igu r e An sible

M an aged Nodes Roles Over view
Section 5
- The default location for roles is / et c/ ansi bl e/ r ol es.
Scr ipt Adm in ist r at ion
- Roles provide a way to autom atically load certain
Task s vars_files, tasks, and handlers based on a known file
Section 6 structure.
- Roles expect a particular directory structure.
Cr eat e An sible Plays - Directories not being used m ay be excluded.
an d Playbook s - Each directory in use m ost contain a mai n. yml with
Section 7
relevant content.

Use An sible M odu les

f or Syst em [ cl oud_user @mspear son1c r ol es] $ t r ee - A common/
Adm in ist r at ion Task s common/
Section 8 ??? def aul t s
? ??? mai n. yml
??? f i l es
Cr eat e an d Use ??? handl er s
Tem plat es t o Cr eat e ? ??? mai n. yml
Cu st om ized ??? met a
Con f igu r at ion Files ? ??? mai n. yml
Section 9 ??? README. md
??? t asks
? ??? mai n. yml
Cr eat e an d Wor k
??? t empl at es
w it h Roles
Section 10 ??? t est s
? ??? i nvent or y
Un der st an din g Roles
Understanding Roles ? ??? t est . yml
??? var s
Creating and Using Roles ??? mai n. yml
Ansible Galaxy

M an agin g Par allelism Back Next

Section 11

Back t o M ain
 Create and Work with Roles
Course Navigation Un der st an din g Roles

Con f igu r e An sible

M an aged Nodes Roles Dir ect or ies
Section 5
- tasks - This directory contains the m ain list of
Scr ipt Adm in ist r at ion tasks to be executed by this role.
Task s - handl er s - This directory contains handlers,
Section 6
which m ay be used by this role or even anywhere
outside this role.
Cr eat e An sible Plays
an d Playbook s - def aul t s - This directory contains default
Section 7 variables for the role and is m eant to provide a
value to a variable if no other value is given. (low
Use An sible M odu les precedence)
f or Syst em
Adm in ist r at ion Task s
- var s - This directory contains variables used
Section 8 within the role. (high precedence)
- f i l es - This directory contains files which can be
Cr eat e an d Use deployed via this role.
Tem plat es t o Cr eat e - t empl at es - This directory contains tem plates
Cu st om ized
Con f igu r at ion Files which can be deployed via this role.
Section 9 - met a - This directory defines som e of the m eta
data for this role.
Cr eat e an d Wor k
w it h Roles
Section 10

Un der st an din g Roles

Understanding Roles

Creating and Using Roles

Ansible Galaxy

M an agin g Par allelism Back Next

Section 11

Back t o M ain
 Create and Work with Roles
Course Navigation Un der st an din g Roles

Con f igu r e An sible

M an aged Nodes Red Hat En t er pr ise Lin u x (RHEL) Syst em Roles
Section 5
- Provided by the RHEL Extras repository.
Scr ipt Adm in ist r at ion - Requires the r h el-syst em -r oles package to be
Task s installed.
Section 6
- Can be used by Ansible Engine and Ansible Tower
to m anage RHEL system s.
Cr eat e An sible Plays
an d Playbook s - Needs to be installed on the Ansible control
Section 7 node(s) which can then be used to m anage and
configure the client nodes.
Use An sible M odu les - Supported system roles include: kdump, net wor k,
f or Syst em
Adm in ist r at ion Task s
sel i nux , t i mesync , and post f i x (tech preview)
Section 8 - The docum entation can be found in the following
location:
Cr eat e an d Use / usr / shar e/ doc/ r hel - syst em- r ol es- <ver si on>/ SUBSYSTEM/
Tem plat es t o Cr eat e - The Ansible roles m ay be found in the following
Cu st om ized location:
Con f igu r at ion Files / usr / shar e/ ansi bl e/ r ol es/ r hel - syst em- r ol es. SUBSYSTEM/
Section 9

Cr eat e an d Wor k
w it h Roles
Section 10

Un der st an din g Roles

Understanding Roles

Creating and Using Roles

Ansible Galaxy

M an agin g Par allelism Back Next

Section 11

Back t o M ain
 Create and Work with Roles
Course Navigation Un der st an din g Roles

Con f igu r e An sible

M an aged Nodes Role Var iables (t i mesync r ole):
Section 5

Scr ipt Adm in ist r at ion

Task s
Section 6

Cr eat e An sible Plays

an d Playbook s
Section 7

Use An sible M odu les

f or Syst em
Adm in ist r at ion Task s
Section 8

Cr eat e an d Use
Tem plat es t o Cr eat e
Cu st om ized
Con f igu r at ion Files
Section 9

Cr eat e an d Wor k
w it h Roles
Section 10

Un der st an din g Roles

Understanding Roles

Creating and Using Roles

Ansible Galaxy

M an agin g Par allelism Back Next

Section 11

Back t o M ain
 Create and Work with Roles
Course Navigation Un der st an din g Roles

Con f igu r e An sible

M an aged Nodes Exam ple Playbook (t i mesync r ole):
Section 5

- host s: t ar get s
Scr ipt Adm in ist r at ion var s:
Task s t i mesync_nt p_ser ver s:
Section 6 - host name: f oo. exampl e. com
i bur st : yes
- host name: bar . exampl e. com
Cr eat e An sible Plays i bur st : yes
an d Playbook s - host name: baz. exampl e. com
Section 7
i bur st : yes
r ol es:
Use An sible M odu les - r hel - syst em- r ol es. t i mesync
f or Syst em
Adm in ist r at ion Task s
Section 8

Cr eat e an d Use
Tem plat es t o Cr eat e
Cu st om ized
Con f igu r at ion Files
Section 9

Cr eat e an d Wor k
w it h Roles
Section 10

Un der st an din g Roles

Understanding Roles

Creating and Using Roles

Ansible Galaxy

M an agin g Par allelism Back Next

Section 11

Back t o M ain
 Create and Work with Roles
Course Navigation Cr eat in g an d Usin g Roles

Con f igu r e An sible

M an aged Nodes Cr eat e t h e Dir ect or y St r u ct u r e f or Roles:
Section 5 ansi bl e- gal axy i ni t r ol e_name

Scr ipt Adm in ist r at ion Create tasks:

Task s
Section 6 ---
# t as k s f i l e f or apac he
- name: c r eat e webc ont ent di r ec t or y
Cr eat e An sible Plays f i l e:
pat h: " { { apac he_c ont ent _di r } } "
an d Playbook s s t at e: di r ec t or y
Section 7 mode: ' 0755'
- name: s et s ec ont ex t on webc ont ent di r ec t or y
s ef c ont ex t :
t ar get : ' { { apac he_c ont ent _di r } } ( / . * ) ?'
Use An sible M odu les s et y pe: ht t pd_s y s _c ont ent _t
f or Syst em s t at e: pr es ent
Adm in ist r at ion Task s - name: r un r es t or ec on on webc ont ent
Section 8 c ommand: r es t or ec on - i r v { { apac he_c ont ent _di r } }
- name: i ns t al l apac he
y um:
name: ht t pd
Cr eat e an d Use s t at e: l at es t
Tem plat es t o Cr eat e - name: depl oy ht t pd. c onf t empl at e
t empl at e:
Cu st om ized s r c : ht t pd. c onf . j 2
Con f igu r at ion Files des t : / et c / ht t pd/ c onf / ht t pd. c onf
Section 9 bac k up: y es
not i f y : " r es t ar t apac he"
- name: depl oy i ndex . ht ml t empl at e
t empl at e:
Cr eat e an d Wor k s r c : i ndex . ht ml . j 2
w it h Roles des t : " { { apac he_c ont ent _di r } } / i ndex . ht ml "
Section 10 bac k up: y es
- name: s t ar t and enabl e ht t pd s er v i c e
s er v i c e:
Un der st an din g Roles
Understanding Roles
name: ht t pd
enabl ed: y es
Creating
Cr eat in g and
an d Using
Usin g Roles
Roles s t at e: s t ar t ed
Ansible Galaxy

M an agin g Par allelism Back Next

Section 11

Back t o M ain
 Create and Work with Roles
Course Navigation Cr eat in g an d Usin g Roles

Con f igu r e An sible

M an aged Nodes
Create variables:
Section 5

---
Scr ipt Adm in ist r at ion # def aul t s f i l e f or apac he
Task s apac he_c ont ent _di r : / webc ont ent
Section 6 apac he_ht t p_por t : 8080
apac he_admi n: c l oud_us er

Cr eat e An sible Plays

an d Playbook s
Section 7

Create tem plates (index.htm l.j2):

Use An sible M odu les
f or Syst em Wel c ome t o { { ans i bl e_hos t name } } !
Adm in ist r at ion Task s
Section 8 - The i pv 4 addr es s i s { {
ans i bl e_def aul t _i pv 4[ ' addr es s ' ] } }
- The c ur r ent memor y us age i s { {
ans i bl e_memor y _mb[ ' r eal ' ] [ ' us ed' ] } } mb out of { {
Cr eat e an d Use
ans i bl e_memor y _mb[ ' r eal ' ] [ ' t ot al ' ] } } mb
Tem plat es t o Cr eat e
- The { { ans i bl e_dev i c es | f i r s t } } bl oc k dev i c e has
Cu st om ized t he f ol l owi ng par t i t i ons :
Con f igu r at ion Files -{{
Section 9 ans i bl e_dev i c es [ ' nv me0n1' ] [ ' par t i t i ons ' ] | j oi n( ' \ n
-' ) }}

Cr eat e an d Wor k
w it h Roles
Section 10

Un der st an din g Roles

Understanding Roles

Creating
Cr eat in g and
an d Using
Usin g Roles
Roles
Ansible Galaxy

M an agin g Par allelism Back Next

Section 11

Back t o M ain
 Create and Work with Roles
Course Navigation Cr eat in g an d Usin g Roles

Con f igu r e An sible

M an aged Nodes
Create tem plates (httpd.conf.j2):
Section 5

# Thi s i s t he mai n Apac he HTTP s er v er

Scr ipt Adm in ist r at ion c onf i gur at i on f i l e.
Task s #
Section 6 # { { ans i bl e_managed } }

Ser v er Root " / et c / ht t pd"

Cr eat e An sible Plays
an d Playbook s Li s t en { { apac he_ht t p_por t } }
Section 7
I nc l ude c onf . modul es . d/ * . c onf

Us er apac he
Use An sible M odu les
Gr oup apac he
f or Syst em
Adm in ist r at ion Task s Ser v er Admi n { { apac he_admi n } } @{ { ans i bl e_hos t name
Section 8 }}

<Di r ec t or y / >
Cr eat e an d Use Al l owOv er r i de none
Tem plat es t o Cr eat e Requi r e al l deni ed
Cu st om ized </ Di r ec t or y >
Con f igu r at ion Files
Section 9 Doc ument Root " { { apac he_c ont ent _di r } } "
?

Cr eat e an d Wor k
w it h Roles
Section 10

Un der st an din g Roles

Understanding Roles

Creating
Cr eat in g and
an d Using
Usin g Roles
Roles
Ansible Galaxy

M an agin g Par allelism Back Next

Section 11

Back t o M ain
 Create and Work with Roles
Course Navigation Cr eat in g an d Usin g Roles

Con f igu r e An sible

M an aged Nodes
Create handlers:
Section 5

---
Scr ipt Adm in ist r at ion # handl er s f i l e f or apac he
Task s - name: r es t ar t web s er v er s
Section 6 s er v i c e:
name: ht t pd
s t at e: r es t ar t ed
Cr eat e An sible Plays l i s t en: " r es t ar t apac he"
an d Playbook s
Section 7

Create playbook (exam ples):

Use An sible M odu les
f or Syst em
Adm in ist r at ion Task s ---
Section 8 - hos t s : webs er v er s
bec ome: y es
r ol es :
- r ol e_name
Cr eat e an d Use - r ol e: r ol e_name
Tem plat es t o Cr eat e v ar s :
Cu st om ized v ar _name: v al ue
Con f igu r at ion Files
Section 9 ---
- hos t s : webs er v er s
bec ome: y es
Cr eat e an d Wor k t as k s :
w it h Roles - i nc l ude_r ol e:
Section 10 name: r ol e_name
v ar s :
Un der st an din g Roles
Understanding Roles v ar _name: v al ue

Creating
Cr eat in g and
an d Using
Usin g Roles
Roles
Ansible Galaxy

M an agin g Par allelism Back Next

Section 11

Back t o M ain
 Create and Work with Roles
Course Navigation An sible Galaxy

Con f igu r e An sible

M an aged Nodes Un der st an din g An sible Galaxy
Section 5
Ansible Galaxy - A large public repository for
Scr ipt Adm in ist r at ion downloading and sharing com m unity developed
Task s roles.
Section 6

The ansi bl e- gal axy utility - Create and rem ove

Cr eat e An sible Plays
an d Playbook s roles or install roles from Ansible Galaxy or a
Section 7 Git-based SCM (software configuration m anagem ent).

Use An sible M odu les Syntax: ansi bl e- gal axy

f or Syst em
[ del et e| i mpor t | i nf o| i ni t | i nst al l |
Adm in ist r at ion Task s
Section 8 l i st | l ogi n| r emove| sear ch| set up] [ - - hel p]
[ opt i ons] . . .
Cr eat e an d Use
Tem plat es t o Cr eat e
Cu st om ized
Con f igu r at ion Files
Section 9

Cr eat e an d Wor k
w it h Roles
Section 10

Un der st an din g Roles

Understanding Roles

Creating
Cr eat in g and
an d Using
Usin g Roles
Roles
Ansible
An Galaxy
sible Galaxy

M an agin g Par allelism Back Next

Section 11

Back t o M ain
 Create and Work with Roles
Course Navigation An sible Galaxy

Con f igu r e An sible

M an aged Nodes An sible Galaxy Com m an ds
Section 5
Create roles directory structure:
Scr ipt Adm in ist r at ion ansi bl e- gal axy i ni t r ol e_name
Task s
Section 6
Search Galaxy for roles:
ansi bl e- gal axy sear ch keywor d - - aut hor
Cr eat e An sible Plays
aut hor name
an d Playbook s
Section 7
Install a role:
Use An sible M odu les ( f r om gal axy) ansi bl e- gal axy i nst al l
f or Syst em r ol e_name
Adm in ist r at ion Task s ( f r om a f i l e) ansi bl e- gal axy i nst al l - r
Section 8
f i l e. yml

Cr eat e an d Use
Tem plat es t o Cr eat e
List installed roles:
Cu st om ized ansi bl e- gal axy l i st
Con f igu r at ion Files
Section 9
Print inform ation about installed roles:
ansi bl e- gal axy i nf o r ol e_name
Cr eat e an d Wor k
w it h Roles
Section 10 Rem ove a role:
Un der st an din g Roles
Roles
ansi bl e- gal axy r emove r ol e_name
Understanding

Creating
Cr eat in g and
an d Using
Usin g Roles
Roles
Ansible
An Galaxy
sible Galaxy

M an agin g Par allelism Back Next

Section 11

Back t o M ain
 Managing Parallelism
Course Navigation Par allelism w it h An sible

Scr ipt Adm in ist r at ion

Task s Un der st an din g Par allelism
Section 6
- Parallelism is the word used for Ansible?s default
Cr eat e An sible Plays ability to interact with m ultiple hosts at the sam e
an d Playbook s tim e.
Section 7
- The parallel processes spawned by Ansible are
known as forks.
Use An sible M odu les
f or Syst em - The default num ber of forks in Ansible is 5.
Adm in ist r at ion Task s - The default num ber of forks can be changed by
Section 8
editing the forks param eter in ansi bl e. cf g.
- The num ber of forks can be changed on a per
Cr eat e an d Use com m and basis by using the - f flag.
Tem plat es t o Cr eat e
Cu st om ized - Ansible allows for rolling updates using the serial
Con f igu r at ion Files keyword.
Section 9

Change default forks value in ansi bl e. cf g:

Cr eat e an d Wor k f or k s = des i r ed_number
w it h Roles
Section 10
Change forks value in the com m and line:
ans i bl e hos t - f des i r ed_number - m modul e - a
M an agin g Par allelism
?ar gument s ?
Section 11
ans i bl e- pl aybook - f des i r ed_number
pl ay book . y ml
Par allelism with
Parallelism w it hAnsible
An sible

Pr ot ect Sen sit ive Dat a

in Playbook s w it h
An sible Vau lt
Section 12
Back Next

Back t o M ain
 Managing Parallelism
Course Navigation Par allelism w it h An sible

Scr ipt Adm in ist r at ion

Task s
Section 6
Use the ser i al keyword to perform rolling update:

---
Cr eat e An sible Plays - host s: l abser ver s
an d Playbook s ser i al :
Section 7
- 1
- 2
Use An sible M odu les - 50%
f or Syst em t asks:
Adm in ist r at ion Task s - name: cr eat e new f i l e
Section 8 f i l e:
pat h: / t mp/ ser i al Fi l e
st at e: t ouch
Cr eat e an d Use
Tem plat es t o Cr eat e
Cu st om ized
Con f igu r at ion Files
Section 9

Cr eat e an d Wor k
w it h Roles
Section 10

M an agin g Par allelism

Section 11

Par allelism with

Parallelism w it hAnsible
An sible

Pr ot ect Sen sit ive Dat a

in Playbook s w it h
An sible Vau lt
Section 12
Back Next

Back t o M ain
 Archiving
Course Navigation An sible Vau lt

Use An sible M odu les

f or Syst em Un der st an din g An sible Vau lt
Adm in ist r at ion Task s
Section 8 - Can be used to encrypt any structured data file
used by Ansible:
Cr eat e an d Use - Variable files in gr oup_var s and host _var s
Tem plat es t o Cr eat e directories
Cu st om ized
Con f igu r at ion Files - Variable files loaded by i ncl ude_var s and
Section 9 vars_files in playbooks
- Variable files passed on the com m and line
Cr eat e an d Wor k using - e @v ar _f i l e. yml
w it h Roles
Section 10
- Passwords on an encrypted file can be updated
using the ansi bl e- vaul t r ekey com m and.
- Can be used to encrypt individual variables inside
M an agin g Par allelism
Section 11 a YAML file using the ! vaul t tag
- Uses vault IDs to support m ultiple vault
passwords (labels are used to distinguish
Pr ot ect Sen sit ive Dat a
between the individual passwords):
in Playbook s w it h
An sible Vau lt - exam ple: - - v aul t - i d l abel @s our ce
Section 12

An sible Vau
Ansible Vaultlt

Using Ansible Vault in a

Playbook

An sible
Docu m en t at ion
Section 13

Back Next

Back t o M ain
 Archiving
Course Navigation An sible Vau lt

Use An sible M odu les

f or Syst em Th e An sible Vau lt Com m an d
Adm in ist r at ion Task s
Section 8 - Create an encrypted file: ans i bl e- v aul t c r eat e f i l e. y ml
- Create an encrypted file with a vault ID:
ans i bl e- v aul t c r eat e - - v aul t - i d l abel @s our c e f i l e. y ml
Cr eat e an d Use - Edit an encrypted file: ansi bl e- vaul t edi t f i l e. yml
Tem plat es t o Cr eat e - Edit an encrypted file with a vault ID:
Cu st om ized ans i bl e- v aul t edi t - - v aul t - i d l abel @s our c e f i l e. y ml
Con f igu r at ion Files - Rekey encrypted files: ans i bl e- v aul t r ek ey f i l e1. y ml
Section 9 f i l e2. y ml
- Rekey encrypted files a vault ID:
ans i bl e- v aul t r ek ey - - v aul t - i d l abel @s our c e f i l e1. y ml
Cr eat e an d Wor k
f i l e2. y ml
w it h Roles
Section 10
- Encrypt an existing file: ans i bl e- v aul t enc r y pt f i l e. y ml
- Encrypt an existing file with a vault ID:
ans i bl e- v aul t enc r y pt - - v aul t - i d l abel @s our c e f i l e. y ml
- Decrypt a file: ans i bl e- v aul t dec r y pt f i l e. y ml
M an agin g Par allelism
Section 11 - View an encrypted file: ansible-vault view file.ym l
- Encrypt a string to be used as a variable in a YAML file:
ans i bl e- v aul t enc r y pt _s t r i ng - - as k - v aul t - pas s
' s t r i ng_v al ue' - - name ' s ec r et _v ar '
Pr ot ect Sen sit ive Dat a - Output of encrypted variable:
in Playbook s w it h
An sible Vau lt
Section 12

An sible Vau
Ansible Vaultlt

Using Ansible Vault in a

Playbook

An sible
Docu m en t at ion
Section 13

Back Next

Back t o M ain
 Archiving
Course Navigation An sible Vau lt

Use An sible M odu les

f or Syst em Pr ovidin g Vau lt Passw or ds
Adm in ist r at ion Task s
Section 8 - Use password stored in a text file: ansi bl e- pl aybook
- - vaul t - passwor d- f i l e / pat h/ t o/ passwor d/ f i l e
pl aybook. yml
Cr eat e an d Use
Tem plat es t o Cr eat e - Use password stored in a text file with a vault ID:
Cu st om ized ansi bl e- pl aybook - - vaul t - i d l abel @passwor d_f i l e
Con f igu r at ion Files pl aybook. yml
Section 9

- Prom pt for a password:

Cr eat e an d Wor k ansi bl e- pl aybook - - ask- vaul t - pass pl aybook. yml
w it h Roles
Section 10 - Prom pt for a password with a vault ID: ansi bl e- pl aybook
- - vaul t - i d l abel @pr ompt pl aybook. yml

M an agin g Par allelism - Use m ultiple passwords with vault ID: ansi bl e- pl aybook
Section 11 - - vaul t - i d l abel 1@passwor d_f i l e - - vaul t - i d
l abel 2@pr ompt pl aybook. yml

Pr ot ect Sen sit ive Dat a

in Playbook s w it h
An sible Vau lt
Section 12

An sible Vau
Ansible Vaultlt

Using Ansible Vault in a

Playbook

An sible
Docu m en t at ion
Section 13

Back Next

Back t o M ain
 Archiving
Course Navigation Usin g An sible Vau lt in a Playbook

Use An sible M odu les

f or Syst em Usin g An sible Vau lt in a Playbook
Adm in ist r at ion Task s
Section 8 Create an encrypted file:
ans i bl e- v aul t cr eat e f i l e. y ml
Cr eat e an d Use
Tem plat es t o Cr eat e Encrypt an already existing file:
Cu st om ized ans i bl e- v aul t enc r y pt f i l e. yml
Con f igu r at ion Files
Section 9
Edit an encrypted file:
ans i bl e- v aul t edi t f i l e. y ml
Cr eat e an d Wor k
w it h Roles
Section 10 Run playbook with encrypted variables file:
- Using password prom pt:
- ans i bl e- pl ay book - - as k- vaul t - pass
M an agin g Par allelism
Section 11
pl ay book . y ml
- Using password file:
- ans i bl e- pl ay boook - - v aul t - passwor d- f i l e
Pr ot ect Sen sit ive Dat a / pat h/ t o/ pas s wor d/ f i l e pl ay book. yml
in Playbook s w it h
An sible Vau lt
Section 12
Rekey an encrypted file:
ans i bl e- v aul t r ek ey f i l e. yml
An sible Vau
Ansible Vaultlt

Usin
Usingg An sible Vault
Ansible Vau ltininaa Decrypt an encrypted file:
Playbook
Playbook
ans i bl e- v aul t dec r y pt f i l e. yml
An sible
Docu m en t at ion
Section 13

Back Next

Back t o M ain
 Ansible Docum entation
Course Navigation Local Docu m en t at ion

Cr eat e an d Use
Tem plat es t o Cr eat e Th e ans i bl e- doc Com m an d - Docu m en t at ion Tool
Cu st om ized f or Plu gin s an d M odu les
Con f igu r at ion Files
Section 9
Com m and syntax:
ansi bl e- doc [ - l | - F| - s] [ opt i ons] [ - t
Cr eat e an d Wor k
w it h Roles <pl ugi n t ype> ] [ pl ugi n]
Section 10

List m odules:
M an agin g Par allelism ansi bl e- doc - l
Section 11

Show docum entation for a m odule:

ansi bl e- doc modul e_name
Pr ot ect Sen sit ive Dat a
in Playbook s w it h
An sible Vau lt Show docum entation snippet of a m odule:
Section 12
ansi bl e- doc - s modul e_name

An sible
Docu m en t at ion
Section 13

Local
Local Docu
Documm entation
en t at ion

Docum entation on the

Web

Con clu sion

Section 14

Back Next

Back t o M ain
 Ansible Docum entation
Course Navigation Local Docu m en t at ion

Cr eat e an d Use
Tem plat es t o Cr eat e Exam ple ansi bl e- doc Com m an d Ou t pu t :
Cu st om ized
Con f igu r at ion Files
# ans i bl e- doc s er v i c e
Section 9
...
Cont r ol s s er v i c es on r emot e hos t s . Suppor t ed
i ni t s y s t ems i nc l ude BSD i ni t , OpenRC, Sy s V, Sol ar i s
Cr eat e an d Wor k
SMF, s y s t emd, ups t ar t . For Wi ndows t ar get s , us e t he
w it h Roles [ wi n_s er v i c e] modul e i ns t ead.
Section 10
* Thi s modul e i s mai nt ai ned by The Ans i bl e Cor e Team
* not e: Thi s modul e has a c or r es pondi ng ac t i on
M an agin g Par allelism pl ugi n.
Section 11
OPTI ONS ( = i s mandat or y ) :
- ar gument s
Addi t i onal ar gument s pr ov i ded on t he c ommand
Pr ot ect Sen sit ive Dat a l i ne.
in Playbook s w it h ( Al i as es : ar gs ) [ Def aul t : ( nul l ) ]
An sible Vau lt t y pe: s t r
Section 12 - enabl ed
Whet her t he s er v i c e s houl d s t ar t on boot .
* At l eas t one of s t at e and enabl ed ar e
An sible r equi r ed. *
[ Def aul t : ( nul l ) ]
Docu m en t at ion
t y pe: bool
Section 13
= name
Local Name of t he s er v i c e.
Local Docu
Documm entation
en t at ion
t y pe: s t r
Docum entation on the
Web EXAMPLES:
- name: St ar t s er v i c e ht t pd, i f not s t ar t ed
s er v i c e:
Con clu sion name: ht t pd
Section 14 s t at e: s t ar t ed
...

Back Next

Back t o M ain
 Ansible Docum entation
Course Navigation Docu m en t at ion on t h e Web

Cr eat e an d Use
Tem plat es t o Cr eat e An sible Docu m en at ion :
Cu st om ized h t t ps:/ / docs.an sible.com /
Con f igu r at ion Files
Section 9
An sible Galaxy Docu m en t at ion :
Cr eat e an d Wor k
h t t ps:/ / galaxy.an sible.com / docs/
w it h Roles
Section 10
Points of interest:
- Ansible Docum entation
M an agin g Par allelism
Section 11 - Installation| Installation Guide
- User Guide
- Playbooks| Working With Playbooks
Pr ot ect Sen sit ive Dat a
in Playbook s w it h
- Module Index
An sible Vau lt - Ansible Galaxy| Galaxy Docum entation
Section 12

An sible
Docu m en t at ion
Section 13

Local
Local Docu
Documm entation
en t at ion

Docu
Documm en t at ion on
entation on the
t he
Web
Web

Con clu sion

Section 14

Back Next

Back t o M ain
 Conclusion
Course Navigation Con clu sion

Cr eat e an d Use
Tem plat es t o Cr eat e Recom m en dat ion s f or You r Next Cou r se
Cu st om ized
Con f igu r at ion Files - Red Hat Certified Architect
Section 9 - Red Hat Certified Specialist in Virtualization (ex318)
- Red Hat Certified Specialist in Ansible Autom ation
Cr eat e an d Wor k (ex407)
w it h Roles - Red Hat Certified Specialist in OpenShift
Section 10
Adm inistration (ex280)
- Red Hat Certified Specialist in Server Hardening
M an agin g Par allelism (ex413)
Section 11 - Red Hat Certified Specialist in Security (ex415)
- Red Hat Certified Specialist in Linux Diagnostics
and Troubleshooting (ex342)
Pr ot ect Sen sit ive Dat a
- Cloud platform s
in Playbook s w it h
An sible Vau lt - AWS
Section 12 - Azure
- Google Cloud
An sible - DevOps
Docu m en t at ion - Chef
Section 13
- Puppet
- Saltstack
Con clu sion - Kubernetes
Section 14 - Big Data
- Elastic
Con clu sion
Conclusion - Splunk
- Hadoop

Back Next

Back t o M ain
 Exam Preparation
Course Navigation

I n t r odu ct ion Pr epar in g f or t h e Exam

Section 1

- Make sure you have com pleted all the lessons and
Basic Red Hat Cer t if ied hands-on labs.
Adm in ist r at or Sk ills - Make use of the instructor-provided flash cards and
Section 2 create your own.
- Use the interactive diagram as a study guide reference.
Un der st an d Cor e - Go back over any topic m ultiple tim es to help with
Com pon en t s of An sible retention (labs and lessons).
Section 3
- Reach out to the Linux Academ y com m unity for any
additional questions.
I n st all an d Con f igu r e - Join a study group.
an An sible Con t r ol
- Be sure to get som e good sleep the night before the
Node
Section 4 exam .
- Eat a m odest m eal before taking the exam and be sure
Con f igu r e An sible
that you are reasonably hydrated.
M an aged Nodes - Arrive at the testing center with plenty of tim e before
Section 5 the exam starts.

Sign in g u p f or t h e Exam
Scr ipt Adm in ist r at ion
Task s
Section 6 - Visit the website for the exam :
https://www.redhat.com /en/services/training/ex294-red-hat-
certified-engineer- rhce-exam -red-hat-enterprise-linux-8
Cr eat e An sible Plays - Register for your desired form at: classroom or
an d Playbook s
individual.
Section 7
- Follow the em ail instructions from Red Hat to schedule
the location and tim e of your exam (for individuals).
Use An sible M odu les
f or Syst em
Adm in ist r at ion Task s
Section 8

Back t o M ain