diff --git a/README.md b/README.md index b1e385f..a444d12 100644 --- a/README.md +++ b/README.md @@ -45,7 +45,9 @@ Red Hat Certified Specialist in Ansible Automation (EX407) Preparation Course - [Working with Ansible Roles Lecture](#working-with-ansible-roles-lecture) - [Demo: Creating and Applying a Role in Ansible](#demo-creating-and-applying-a-role-in-ansible) - [Applying In-Line Roles and Role Dependencies](#applying-in-line-roles-and-role-dependencies) - + - [LAB: Working with Ansible Roles](#lab-working-with-ansible-roles) + + ## Understanding Core Components of Ansible ### Understanding Core Components of Ansible Part 1 This series of lessons lays the foundation for the remainder of the course content. Through a combination of lecture and command line demonstration, Students will gain a broad overview of Ansible. This particular lesson, focuses on Ansible inventories. @@ -1460,4 +1462,36 @@ ok: [innaghiyev2c.mylabserver.com] => (item=php-mysql) PLAY RECAP ************************************************************************************************************************ innaghiyev2c.mylabserver.com : ok=5 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 -``` \ No newline at end of file +``` + + +### LAB: Working with Ansible Roles +#### Additional Information and Resources +You have just started a new job as the operations lead at a small company. There is currently no formal server baseline, and it makes for a mixed configuration environment that is consuming more support and maintenance than it should. You have decided to create a baseline process using Ansible by creating a baseline role. You have noted the following commonalities that should be included in the baseline role: +- Set **/etc/motd** based on a template. +- Install the latest Nagios client. +- Add the Nagios server to **/etc/hosts**. +- Create a **noc** user. +- Import the **noc** user's public key (copy authorized keys to **/home/noc/.ssh/authorized_keys**). + +The role should be called *"baseline"* and should reside in **/etc/ansible/roles** on the **ansible control** node. + +You will test your role on some newly requested webservers. A playbook called **web.yml** has been provided for you and deploys httpd to all servers in the web group (defined in your default inventory). You will need to edit the playbook to deploy the **baseline** role to the servers in the **web** group as well. + +You will find the **motd** template, Nagios server IP information, the **noc** user's public key, and the **web.yml** playbook in **/home/ansible/resources** on the **ansible control** node. + +Summary tasks list: +- Create the necessary directories and files for the **baseline** role. +- Configure the role to deploy the **/etc/motd** template. +- Configure the role to install the latest Nagios client. +- Configure the role to add an entry to **/etc/hosts** for the Nagios server. +- Configure the role to create the **noc** user and deploy the provided public key for the **noc** user on target systems (copy **authorized_keys** to **/home/noc/.ssh authorized_keys** with the **owner** and **group owner** set as **noc** and the mode as **0600**). +- Edit **web.yml** to deploy the **baseline** role in addition to what it already does. +- Verify that your role works by deploying **web.yml** with Ansible. + +Important notes: +- For your convenience, Ansible is already installed on the control node. +- The user **ansible** is on all servers with the appropriate shared keys for access to necessary servers from the control node. +- The **ansible** user has sudo access with no password. It uses the same password as **cloud_user**. +- All the necessary Ansible inventories have been created for you. +