Skip to main content

Ansible Commonly Used Modules

Hands-On Lab

 

Photo of Rob Marti

Rob Marti

Linux Training Architect I in Content

Length

00:45:00

Difficulty

Intermediate

Ansible has many built in modules, but some are used a lot more than others. In this lab we're going to reinforce the usage of some of the more common ones, so that they're easier for you to remember when the time comes.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Ansible Commonly Used Modules

Introduction

Ansible has many built in modules, but some are used a lot more than others. In this lab we're going to reinforce the usage of some of the more common ones, so that they're easier for you to remember when the time comes.

Instructions

Our Ansible environment is set up, so let's take it for a real spin and show our co-workers this proof of concept is worth the time it took to build.

After you verify connectivity in your environment, write three playbooks: one for webservers, one for dbservers, and one for adminservers. Rather than calling for server names individually, use the group names associated with them in /etc/ansible/hosts. Make sure that between all three playbooks, the following gets done:

  1. Install httpd on any clients in the webserver group.
  2. Start the httpd service on those same clients.
  3. Create a dba account and add it to any dbserver group clients.
  4. Copy /root/DBAstuff.txt to the new user's home directory. Make sure that user account (and group with the same name) owns the file, and set permissions to 0600.
  5. Create index.html in /var/www/html on webserver group clients.
  6. Use the git module to check out https://github.com/ansible/ansible.git on adminserver members, and put it in the /opt directory.

Logging In

Use the credentials provided on the hands-on lab page to get into Server1 to begin with. Since we need root privileges, let's just run sudo -i right off and become root.

Verify Connectivity in the Environment

On the command line run ansible -m ping all to see what servers are out there listening. We should see three groups, each with one server in it.

Install httpd

We've got to create a playbook that installs httpd on webserver hosts (vim webservers.yml is one way to do it). When it's finished, the playbook should look something like this:

---
# Common Modules Playbook
#

- name: Common Modules Playbook
  become: yes
  hosts: webservers

  tasks:
   - name: Install httpd on webservers
     yum:
      name: httpd
      state: present

Run the playbook, if you want:

ansible-playbook webservers.yml

It's also fine to leave running it until the end. A playbook run only makes changes if something is not in the desired stated. So, if httpd is not installed, this last run would have done it. If it was already installed, nothing would have happened at all.

Start and Enable the httpd Service

On the same hosts that we want httpd installed, we want it started up too. In this task all we have to do is add the following to the playbook:

   - name: Start the httpd service
     service:
      name: httpd
      state: started
      enabled: yes

Run the playbook:

ansible-playbook webservers.yml

Add a dba User Account to dbservers

Now we've got to make a second playbook, the one that will add a dba account to clients in the dbserver group. Create it (with something like vim dbserver.yml) and it should look similar to this when we're done:

---

- name: DB server playbook
  become: yes
  hosts: dbservers

  tasks:
   - name: Add the 'dba' user to the dbservers
      user:
       name: dba

Run the playbook, if you like:

ansible-playbook dbserver.yml

Copy the Required File to Clients in dbservers

We have to get /root/DBAstuff.txt to this new user's home directory. If we add something like this to our dbserver playbook, we should be good to go:

   - name: Copy required DBA files
     copy:
      src: /root/DBAstuff.txt
      dest: /home/dba/
      owner: dba
      group: dba
      mode: 0600

Run the playbook:

ansible-playbook dbserver.yml

Create /var/www/html/index.html

We need to have an index.html created on any Ansible client in the the webserver group. This means we've got to tack a bit onto the end of our webserver playbook. That extra piece should look like this:

   - name: Create index.html
     file:
      path: /var/www/html/index.html
      state: touch

Run the playbook again:

ansible-playbook webservers.yml

Clone the Ansible Git Repository into /opt for adminservers Members

We want to clone the Ansigle Git repo into the /opt directory on any Ansible client that's a member of the adminserver group. To do that, we're going to create another playbook (using vim admins.yml as an example) and make it look like this:

---

- name: Use git to clone the Ansible repo
  hosts: admins
  become: yes

  tasks:
   - name: Use the git module
     git:
      repo: https://github.com/ansible/ansible.git
      dest: /opt

If we try running this one, using ansible-playbook admins.yml, the run will fail. We don't have git installed. So let's go back and fix that in the playbook. We'll put a little "Install git" task before the "Use the git module" task. It should look like this:

---

- name: Use git to clone the Ansible repo
  hosts: admins
  become: yes

  tasks:
   - name: Install git
     yum:
      name: git
      state: present

   - name: Use the git module
     git:
      repo: https://github.com/ansible/ansible.git
      dest: /opt

Now try running it again, and it should work.

Conclusion

And that actually marks the end of this hands-on lab. We installed httpd and got it started on any clients in the webserver group, then added a user account to any hosts in the dbserver group and made sure there was a text file that got copied to that user's home directory. After that we created a default file that httpd on those webserver group members will serve out. And finally, on any clients in the adminserver group, we checked out Ansible from a Git repository and stuck in in /opt. That's a fair bit of heavy lifting that Ansible is doing for us now. Congratulations!