- Slides
-
Labs
- 1.0 - Setting up Ansible
- 2.0 - Documentation
- 3.0 - Setup and AdHoc Commands
- 4.0 - Ansible Playbooks - Basics
- 4.1 - Ansible Playbooks - Variables and Loops
- 4.2 - Ansible Playbooks - Templates
- 4.3 - Ansible Playbooks - Output
- 5.0 - Ansible Roles - Basics
- 5.1 - Ansible Roles - Handlers and Blocks
- 6.0 - Managing Secrets with Ansible Vault
- 7.0 - Ansible Galaxy and more
- About
- Setup
7.0 - Ansible Galaxy and more
In this lab we are going to use roles from galaxy and from other sources.
Task 1
- Search the ansible-galaxy for a nginx role
- Install such a nginx role using
ansible-galaxy - Create a tar.gz file
nginx.tar.gzwith the content of the role using an Ansible ad hoc command
Task 2
- Remove the nginx role using
ansible-galaxy - Create a file
requirements.ymlin the folder/home/ansible/techlab/roles/. The file should contain the information to install the role packed innginx.tar.gzasmynginx - Install the role by using an appropriate
ansible-galaxycommand and therequirements.ymlfile. - Remove the role
mynginxusingansible-galaxy - Remove the file
nginx.tar.gzandroles/requirements.ymlby using an ad hoc command for each
Task 3 (CentOS/RHEL only)
- Search your yum-repository for packages containing the string
roles - Install the package providing Ansible roles for system mangement
- See what files where installed with this package
Task 4 (CentOS/RHEL only)
- Search the installed files for an example to use the
rhel-system-roles.selinuxrole - use the example to create a playbook
selinux.ymlto set selinux mode to disabled on all servers - run the playbook
You have to have a reasonable fresh version of ansible in order to get this working. On older systems you could get an errormessage containing strings like template error while templating string: no test named 'version'.
Solutions
$ ansible-galaxy search nginx
$ ansible-galaxy install geerlingguy.nginx
$ ansible controller -m archive -a "path=/home/ansible/techlab/roles/geerlingguy.nginx dest=/home/ansible/techlab/nginx.tar.gz format=bz2"
$ ansible-galaxy remove geerlingguy.nginx
$ cat roles/requirements.yml
---
- src: nginx.tar.gz
name: mynginx
You can also install roles from url’s and other archive-formats. Have a look at the documentation Ansible Docs - Installing Roles.
Note as well, that the order of the roles to be installed in the requirements.yml file could matter.
$ ansible-galaxy install -r roles/requirements.yml
---
- src: nginx.tar.gz
name: mynginx
$ ansible-galaxy remove mynginx
$ ansible localhost -m file -a "dest=/home/ansible/techlab/nginx.tar.gz state=absent"
$ ansible localhost -m file -a "dest=/home/ansible/techlab/roles/requirements.yml state=absent"
$ yum search roles
$ yum install rhel-system-roles
$ repoquery -l rhel-system-roles #<-- repoquery is provided by the package `yum-utils`
$ repoquery -l rhel-system-roles | grep -i exa | grep selinux
$ cp /usr/share/doc/rhel-system-roles-1.0/selinux/example-selinux-playbook.yml selinux.yml
[ansible@control0 techlab]$ cat selinux.yml
---
- hosts: all
become: true
vars:
selinux_policy: targeted
#selinux_state: enforcing
selinux_state: disabled
selinux_booleans:
#<-- more stuff here
$ ansible-playbook selinux.yml