From CDOT Wiki
Revision as of 12:48, 31 May 2019 by Chris.johnson (talk | contribs) (Investigation 2: Creating an Ansible Playbook)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

OPS635 Lab 2 : System Configuration Management using Ansible


In an enterprise environment, the existence of different hardware and operating systems running on production servers is very common. You may find the same software running on different OSes and even different hardware platforms. To manage the software configuration on different platforms by using a script, your script would have to be aware of and account for their differences. Your scripts would need to be written in way that they know how to query the operating environment and execute the appropriate installation and configuration actions based on the operating environment it is running on.

There are commercial and open source configuration management systems which aware of and know how to handle such difference in operating platforms. Ansible is a CMS (Content Management System) that we are going to study for this lab. In this lab, we will start by trying to convert the script that you have written for configuring Nagios on CentOS 7 to an Ansible playbook, test it on your testing environment and then deploy it to a new VM.

Investigation 1: Installing Ansible on Your Host Machine

  • Clone three new VMs from your blank template VM and assign them unused static IPs.
  • Add your new VMs to your host DNS as: ansible1, ansible2, ansible3
  • Install the Ansible package on ansible1.
  • Create an SSH key-pair for the root user on ansible1 and install its public key to your other two VMs' root accounts. Ensure that you can use it to SSH to root on your VMs without entering a password.
  • Modify the inventory file on your host to include the fully qualified domain names of ansible2 and ansible3.
  • Use the setup module to verify that your ansible1 can run plays on your VMs.

Investigation 2: Creating an Ansible Playbook

Create an Ansible playbook (named lab2.yaml) that will:

  • Run on both ansible2 and ansible3.
  • Create user <senecaid> with a password, and add it to new group lab2. If your VM already has that account, that's fine, but the play should still run and try to add it.
  • Install, enable, and start apache.
  • Insert a persistent firewall exception for port 80.
  • Replace /var/www/html/index.html on each VM with your own modified version. (Similar to what you did in the Docker lab.)
  • Each task should be idempotent: That is, the results on the VMs are the same no matter how many times you run your playbook.
    • (ie. Running your playbook 3 times shouldn't create 3 firewall exceptions on port 80)

Investigation 3: Applying a Playbook

  • Use the ansible-playbook command on ansible1 to execute your play on both VMs in the same play. If anything goes wrong, fix it and re-run the play. Continue doing so until the play runs successfully.


  • Demonstrate your Ansible playbook working in class.
  • Demonstrate the modified webpage on ansible2 and ansible3 on your host.
  • Upload your playbook it to Blackboard.