OPS635 Lab 2 : System Configuration Management using Ansible
In an enterprise environment, the existence of different hardware and operating systems running on production servers is very common. You may find the same software running on different OSes and even different hardware platforms. To manage the software configuration on different platforms by using a script, your script would have to be aware of and account for their differences. Your scripts would need to be written in way that they know how to query the operating environment and execute the appropriate installation and configuration actions based on the operating environment it is running on.
There are commercial and open source configuration management systems which aware of and know how to handle such difference in operating platforms. Ansible is a CMS (Content Management System) that we are going to study for this lab. In this lab, we will start by trying to convert the script that you have written for configuring Nagios on CentOS 7 to an Ansible playbook, test it on your testing environment and then deploy it to a new VM.
Investigation 1: Installing Ansible on Your Host Machine
- Clone three new VMs from your blank template VM and assign them unused static IPs.
- Add your new VMs to your host DNS as: ansible1, ansible2, ansible3
- Install the Ansible package on ansible1.
- Create an SSH key-pair for the root user on ansible1 and install its public key to your other two VMs' root accounts. Ensure that you can use it to SSH to root on your VMs without entering a password.
- Modify the inventory file on your host to include the fully qualified domain names of ansible2 and ansible3.
- Use the setup module to verify that your ansible1 can run plays on your VMs.
Investigation 2: Creating an Ansible Playbook
Create an Ansible playbook that will:
- Run on both ansible2 and ansible3.
- Install, enable, and start apache.
- Insert a persistent firewall exception for port 80.
- Replace the landing webpage on each VM with your own modified version of index.html.
- Each task should be idempotent: That is, the results on the VMs are the same no matter how many times you run your playbook.
- (ie. Running your playbook 3 times shouldn't create 3 firewall exceptions on port 80)
Investigation 3: Applying a Playbook
- Use the ansible-playbook command to execute your play on both VMs in the same play. If anything goes wrong, fix it and re-run the play. Continue doing so until the play runs successfully.
Demonstrate your Ansible playbook working in class, then upload it to Blackboard.