EX294 Red Hat Certified Engineer RHCE – Exploring Core Components of Ansible Part 3

  • By
  • January 19, 2023
0 Comment

7. Organising host_vars and group_vars

In this lecture we learn how we can organize host and group VARs or variables. In previous lecture, we understood how we can specify host and group VARs in inventory file. Here we learn how we can organize host and group variables by putting them in separate files for specific host and group when we have many hosts and many host groups and we need to define many variables. In that case, organizing variables in different files is a cleaner approach rather than putting all the variables in inventory file itself. Now how we can organize different variables? To organize them, we must create directories with name host underscore wars and group underscore wars for host variables and group variables respectively at the same path where inventory file is present.

This is default path where ansible will look for these directories. Please note that your inventory file can be present at different locations depending upon your configurations, so create these directories accordingly. Now here we have one example to understand how we can define host variables. To define host variables, we must create file with same name as that of host under host underscore VAS directory. In the previous lecture, we defined host variables for Mhost one. Here I’m taking same example, we need to create file with name m host one under this directory.

So this is complete path for this file in case our inventory file is present on this standard path. But this can be different in your case. Here important thing you must keep in mind you must define variables in YAML syntax. We cannot use same syntax as we used in inventory file which is defined in any format. And we defined multiple host variables on the same line as that of host separated by spaces. But here we must define different variables in separate lines in YAML syntax. Here I defined these variables as key value pair don’t use equal to sign in this file because this is not part of Yama syntax. Also, you can create this file with dot YML extension, dot YML extension dot JSON extension, or without an extension. In our case, I did not use an extension. So this example is only for one host. But you can create multiple files under this directory to define host VARs for many or multiple hosts.

Next, to define group wars, we need to create file with same name as that of group name under group underscore VARs directories and specify group variables in this file using same YAML syntax. In last, I specified important points you must keep in mind as note you must create directories with standard names, host underscore wars and group underscore wars to specify host and group variables respectively. Don’t use any other name. Also, you must create these directories at the path where inventory file is present. Now I will leave it to you to define host and group variables using this approach and verify results.

To have more information on this topic, we can check documentation here on this page under title Working with Inventory, you will find everything related to inventory. How to define hosts and host groups in inventory in any format as well as in YAML format. But most used format is any format. We discussed only any format. For more information, you can check YAML format here. For example, this is inventory file in YAML format. Here one more important thing you can specify host without any group. For example, this host here does not have any specific group. Such host belongs to ungrouped group as well as all. All group contains all the hosts defined in inventory file.

You can just go through this. So here we have default default groups. Having already said, there are two default groups all and Ungrouped. All contains every host. Ungroup contains all hosts that don’t have another group. Aside from all, every host is part of all group. So any host which is only part of all group is also part of ungrouped group. Now here you will find information on how to organize host and group variables. In the end you will find list of host variables. For example, ansible underscore connection, ansible underscore host, ansible underscore port which we already used. Ansible underscore user. We already used this. Just go through the list of all host variables here. This is all about this lecture.

8. Ansible Modules

In this lecture we’ll learn about ansible modules having already said ansible modules are discrete units of code that can be used from the command line or in a playbook task. Or I would say ansible modules are small programs which are designed to perform specific tasks. Ancible executes each module on the remote system and collects return values. Here is list of commonly used modules or I would say list of modules we must know for RSE exam. For example Ping module is used to check the connectivity setup module is used to gather facts about remote systems. Yam module is used for the package management. Yum underscore repository module is used to configure repositories service module is used for the service management to start, stope and enable services. Package module is used to install uninstall packages or I can say to manage packages systemd module is used for service management. This has similar actions like that of service module.

Chrome module is used for scheduling tasks on remote systems LVG module is used for logical volume group management tasks elbow module is used to manage logical volumes parted module is used to manage partitions fetch module is used to fetch information from the remote systems. We’ll discuss about template module later on. So similarly we have many more modules. For example, user module is used for the user management. Group module is used for the group management authorized underscore key module to copy public key to the remote systems or to delete public key from the remote systems linein file module is used to add lines in the configuration files on the remote files. For example, Firewall D module is used to manage firewall nmcli module is used to manage networks AC Linux module to enable disable AC Linux then file module to perform file related operations like creating a file, creating a directory setting mode.

Setting user setting group owner et cetera file system module to create file systems. Mount module to mount file system debug module to print messages during playbook execution or using ad hoc commands. Similarly we have many more modules. So during this course we will be using all these modules, then we have more information about them. So here I would say many of the modules have simple name, for example file module for file operations, mount module for mounting file system module related to file systems some modules have names similar to command for example SCF, context, nmcli and Partnered. So while we’ll move along the course and we’ll be using them and at the end of the course you will remember all of them.

Now we’ll move to the system and I will explain how we can display all the modules available and how we can display information about specific module. Now we are on the NCAA test CVM and here I will tell you how we can display all the available modules and how we can check information about specific module. I will introduce new command line. Here ansible dock, I will display the help. I will be using l option here list available plugins or I would say Modules and CBD talk l. This will list all the modules available. So there are many. I will quit. I will grab or filter the output to display modules specific to Windows. Just to show you, this also includes Windows modules. So these modules are applicable to Windows systems, we don’t need to know about them. So here I will use V option for inward search to exclude all Windows module. Here is list of all the modules except Windows Modules. I will pipe the output further and here I will filter for Ping. We already used ping module. So here is ping module. Ping module is used try to connect to host and return ping on success. We already seen this. Similarly, if you want to display information about any other module, here we have many modules containing file as pattern. So we can do one thing, we can use carrot symbol to list our modules starting with file. So now we have only two file module to manage files and file properties. File system makes a file system. So in this way you can check description about different modules.

I will clear the screen and here, in case you already know the name of module, then you can simply filter this list by using carrot symbol along with module name. So it will display only the modules starting with file. So we have only two, we already discussed about them. For example, for copy module, we have only one copy file to remote locations LVO configure LVM logical volumes. So in case you don’t know which module to use for a specific task, you can use hidden trial method. For example, you want to do something related to Yum, you can just filter on um. So here we have two modules. One Yum to manage packages and one yum underscore repository to add and remove yum repository. This is very important because we are going to use both of them.

But this is used to configure repositories. So in case on the exam you don’t know which module to use, you can use hidden trial method to search modules in this way. However, you should know all the modules you need to use on the exam. But I’m telling this just for rare case. Now I will tell you how we can display information about specific module. We’ll again use ancillary dash token and we’ll type name of module here for example ping. Here you will find all the information about this module. So this is test module always returns pong on successful contact. So here is more information about this module. Similarly, I will display information about user module which is used for user management. So here is description manage user accounts and user attributes.

So here are different options, or I would say variables. Variables with equals to sign they are mandatory. With dessign they are optional. To create a user, we can use create underscore home option if we need to create home directory which is by default. Yes generate underscore SSH underscore key we can use this in case you need to create SSH key for the user while creating user group to set primary group for the user groups to assign supplementary groups to the user and so on. We’ll go through this later on while doing tasks. So ideas? You can check information about different modules using ansible dash dog so this is your good friend on the exam in case you forget something this is all about this lecture. In next lecture we’ll learn about ansible ad hoc commands.

9. Ansible Ad-Hoc Commands-Part1

In this lecture we will learn about ansible ad hoc commands. Having already said an ad hoc command is nothing but command, we type on terminal to do some action quickly and usually once we don’t want to save this for later. For example to shut down or restart remote host what to quickly verify some configuration or remote host. Here is syntax of ansible ad hoc command ansible pattern. Here we need to provide target in the form of pattern. We can provide singlehost host group or IP address. We can use pattern to supply or to provide target. Using dashm, we can specify module we want to use. Using dash e option, we’ll supply module arguments. For example, for copy module, we can provide source and destination using a options which are needed for copy operation.

Here are some examples of ad hoc commands. In first example, I took Mhost one as target. And here we are using command module using dashi option, I am providing here command to be executed on remote node. So in this case, host file on m host one will be displayed. A result will be sent back to ansible control node. In this way, by using command module, we can execute commands on the remote nodes.

In next example, I’m using m host two as target, and here I’m using copy module using a here, arguments are listed. For copy operation, we need source and dust. So in this case, this source file will be copied to this destination file under temp directory omhost two. So in case this file does not exist, same will be created automatically. But this directory must exist also. Here one thing you must keep in mind. This source file is present on ansible control node, no tone m host two. So it means host file from ensible control node will be copied to this destination. Later on, we’ll discuss how we can do copy operation when both source and destination are on the remote node. In third example, I’m using m host three as target.

And here I’m using file module to create zero length file. Using the ashe option, path directory is set to create test file under temp directory, state is set to touch to create zero length file. In next example, I’m using m host four as target. And here we are using user module. Using the Azure option, we are providing username using name directive which is set to ansible. So in this case, user with username ansible will be created. Here, state is set to present to create user. If you’ll set state to absent, user will be deleted if user is already present on remote node which in our case is am host for as per this example here, we must keep in mind addo command would be successfully executed if user we are using has permissions to perform that action on remote node. For example, in case we need to create user on remote node, we must use root per villages. So in case user does not have root per villages so it would fail here. I will give one example.

In case remote underscore user directive is set to some normal user in ancient config file and also privilege escalation is disabled in ancient config file. In that case, we must use become flag to execute command or remote host with pseudo. Provided remote host must be configured to allow per village escalation. So it means remote host Sudo’s files must be configured to allow privileged escalation for that specific user. It will be more clear when we’ll do the tasks related to privilege escalation. Now let’s move to the ansible control node and execute these ansible ad hoc commands to see the results.

Comments
* The most recent comment are at the top

Interesting posts

The Growing Demand for IT Certifications in the Fintech Industry

The fintech industry is experiencing an unprecedented boom, driven by the relentless pace of technological innovation and the increasing integration of financial services with digital platforms. As the lines between finance and technology blur, the need for highly skilled professionals who can navigate both worlds is greater than ever. One of the most effective ways… Read More »

CompTIA Security+ vs. CEH: Entry-Level Cybersecurity Certifications Compared

In today’s digital world, cybersecurity is no longer just a technical concern; it’s a critical business priority. With cyber threats evolving rapidly, organizations of all sizes are seeking skilled professionals to protect their digital assets. For those looking to break into the cybersecurity field, earning a certification is a great way to validate your skills… Read More »

The Evolving Role of ITIL: What’s New in ITIL 4 Managing Professional Transition Exam?

If you’ve been in the IT service management (ITSM) world for a while, you’ve probably heard of ITIL – the framework that’s been guiding IT professionals in delivering high-quality services for decades. The Information Technology Infrastructure Library (ITIL) has evolved significantly over the years, and its latest iteration, ITIL 4, marks a substantial shift in… Read More »

SASE and Zero Trust: How New Security Architectures are Shaping Cisco’s CyberOps Certification

As cybersecurity threats become increasingly sophisticated and pervasive, traditional security models are proving inadequate for today’s complex digital environments. To address these challenges, modern security frameworks such as SASE (Secure Access Service Edge) and Zero Trust are revolutionizing how organizations protect their networks and data. Recognizing the shift towards these advanced security architectures, Cisco has… Read More »

CompTIA’s CASP+ (CAS-004) Gets Tougher: What’s New in Advanced Security Practitioner Certification?

The cybersecurity landscape is constantly evolving, and with it, the certifications that validate the expertise of security professionals must adapt to address new challenges and technologies. CompTIA’s CASP+ (CompTIA Advanced Security Practitioner) certification has long been a hallmark of advanced knowledge in cybersecurity, distinguishing those who are capable of designing, implementing, and managing enterprise-level security… Read More »

Azure DevOps Engineer Expert Certification: What’s Changed in the New AZ-400 Exam Blueprint?

The cloud landscape is evolving at a breakneck pace, and with it, the certifications that validate an IT professional’s skills. One such certification is the Microsoft Certified: DevOps Engineer Expert, which is validated through the AZ-400 exam. This exam has undergone significant changes to reflect the latest trends, tools, and methodologies in the DevOps world.… Read More »

img