diff --git a/README.md b/README.md index f73e9d4..042b81e 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ Red Hat Certified Specialist in Ansible Automation (EX407) Preparation Course - [Understanding Core Components of Ansible Part 1](#understanding-core-components-of-ansible-part-1) - [Understanding Core Components of Ansible Part 2](#understanding-core-components-of-ansible-part-2) - [A Brief Tour of the Ansible Configuration File](#a-brief-tour-of-the-ansible-configuration-file) - + - [LAB Getting Started with Ansible](#lab-getting-started-with-ansible) ## Understanding Core Components of Ansible ### Understanding Core Components of Ansible Part 1 @@ -143,3 +143,50 @@ The Ansible master configuration file is reviewed on a live system in this demon #become_ask_pass=False ``` +### LAB Getting Started with Ansible +##### Install Ansible on the control node. +- To install Ansible on the control node, run ansible. +``` +yum install ansible +``` + +- If package not found run +``` +yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm +``` + +##### Configure the `ansible` user on the control node for ssh shared key access to managed nodes. Do not use a passphrase for the key pair. +- To create a keypair for the ansible user on the control host, run the following: + - `sudo su - ansible` + - `ssh-keygen` (accept all defaults: press enter for each prompt) + +- Copy the `public key` to both `node1` and `node2`. + +- As the ansible user on the control host: + - `ssh-copy-id node1` (accept the host key if prompted, authenticate as ansible user) + - `ssh-copy-id node2` (accept the host key if prompted, authenticate as ansible user) + +##### Create a simple Ansible inventory on the control node in `/home/ansible/inventory` containing `node1` and `node2`. +- On the control host: + - `sudo su - ansible` (if not already ansible user) + - `touch /home/ansible/inventory` + - `echo "node1" >> /home/ansible/inventory` + - `echo "node2" >> /home/ansible/inventory` + +##### Configure sudo access for Ansible on `node1` and `node2` such that Ansible may use sudo for any command with no password prompt. +- Log in to node1 as cloud_user and edit the sudoers file to contain appropriate access for the ansible user: + - `ssh cloud_user@node1` + - `sudo visudo` + - Add the following line to the file and save: +``` +ansible ALL=(ALL) NOPASSWD: ALL +``` + +- Repeate these steps for `node2`. + +##### Verify each managed node is able to be accessed by Ansible from the control node using the `ping` module. Redirect the output of a successful command to `/home/ansible/output`. +- To verify each node, run the following as the `ansible` user from the control host: + - `ansible -i /home/ansible/inventory node1 -m ping` + - `ansible -i /home/ansible/inventory node2 -m ping` +- To redirect output of a successful command to `/home/ansible/output`: + - `ansible -i /home/ansible/inventory node1 -m ping > /home/ansible/output` \ No newline at end of file