clase 09/02/23

T3/classroom/ansible.cfg

@@ -0,0 +1,9 @@
+[defaults]
+inventory = systems
+remote_user = devops
+[privilege_escalation]
+become = true
+become_method = sudo
+become_user = root
+become_ask_pass = false
+ 

T3/classroom/systems

@@ -0,0 +1,7 @@
+[produccion]
+servera.lab.example.com
+serverd.lab.example.com
+[desarrollo]
+serverb.lab.example.com
+[sistemas]
+serverc.lab.example.com

T5/classroom/Ej3/ansible.cfg

@@ -0,0 +1,9 @@
+[defaults]
+inventory = systems
+remote_user = devops
+[privilege_escalation]
+become = true
+become_method = sudo
+become_user = root
+become_ask_pass = false
+ 

T5/classroom/Ej3/systems

@@ -0,0 +1,7 @@
+[produccion]
+servera.lab.example.com
+serverd.lab.example.com
+[desarrollo]
+serverb.lab.example.com
+[sistemas]
+serverc.lab.example.com

T5/guided/projects-file/ansible.cfg

@@ -0,0 +1,9 @@
+[defaults]
+inventory=inventory
+remote_user=devops
+
+[privilege_escalation]
+become=True
+become_method=sudo
+beome_user=root
+become_ask_pass=False

T5/guided/projects-file/inventory

@@ -0,0 +1 @@
+servera.lab.example.com

T5/guided/projects-file/playbook.yml

@@ -0,0 +1,24 @@
+- name: configure webserver
+  hosts: servera.lab.example.com
+  tasks:
+    - name: include environment tasks
+      include_tasks: tasks/environment.yml
+      vars:
+        package: httpd
+        service: httpd
+    - name: include firewall tasks
+      include_tasks: tasks/firewall.yml
+      vars:
+        firewall_pkg: firewalld
+        firewall_svc: firewalld
+        rule:
+          - http
+          - https
+    - name: include placeholder tasks
+      include_tasks: tasks/placeholder.yml
+      vars:
+        file: /var/www/html/index.html
+- name: test play file and set the variable
+  import_playbook: plays/test.yml
+  vars:
+    url: 'http://servera.lab.example.com'

T5/guided/projects-file/plays/test.yml

@@ -0,0 +1,9 @@
+---
+- name: Test web service
+  hosts: localhost
+  become: no
+  tasks:
+    - name: connect to internet web server
+      uri:
+        url: "{{ url }}"
+        status_code: 200

T5/guided/projects-file/tasks/environment.yml

@@ -0,0 +1,10 @@
+---
+  - name: Install the {{ package }} package
+    yum:
+      name: "{{ package }}"
+      state: latest
+  - name: Start the {{ service }} service
+    service:
+      name: "{{ service }}"
+      enabled: true
+      state: started

T5/guided/projects-file/tasks/firewall.yml

@@ -0,0 +1,19 @@
+---
+  - name: Install the firewall
+    yum:
+      name: "{{ firewall_pkg }}"
+      state: latest
+
+  - name: Start the firewall
+    service:
+      state: started
+      name: "{{ firewall_svc }}"
+      enabled: true
+
+  - name: Open the port for {{ rule }}
+    firewalld:
+      service: "{{ item }}"
+      immediate: true
+      permanent: true
+      state: enabled
+    loop: "{{ rule }}"

T5/guided/projects-file/tasks/placeholder.yml

@@ -0,0 +1,5 @@
+---
+  - name: Create placeholder file
+    copy:
+      content: "{{ ansible_facts['fqdn'] }} has been customized using Ansible.\n"
+      dest: "{{ file }}"

T5/guided/projects-host/ansible.cfg

@@ -0,0 +1 @@
+[defaults]

T5/guided/projects-host/inventory1

@@ -0,0 +1,63 @@
+srv1.example.com
+srv2.example.com
+s1.lab.example.com
+s2.lab.example.com
+
+[web]
+jupiter.lab.example.com
+saturn.example.com
+
+[db]
+db1.example.com
+db2.example.com
+db3.example.com
+
+[lb]
+lb1.lab.example.com
+lb2.lab.example.com
+
+[boston]
+db1.example.com
+jupiter.lab.example.com
+lb2.lab.example.com
+
+[london]
+db2.example.com
+db3.example.com
+file1.lab.example.com
+lb1.lab.example.com
+
+[dev]
+web1.lab.example.com
+db3.example.com
+
+[stage]
+file2.example.com
+db2.example.com
+
+[prod]
+lb2.lab.example.com
+db1.example.com
+jupiter.lab.example.com
+
+[function:children]
+web
+db
+lb
+city
+
+[city:children]
+boston
+london
+environments
+
+[environments:children]
+dev
+stage
+prod
+new
+
+[new]
+172.25.252.23
+172.25.252.44
+172.25.252.32

T5/guided/projects-host/inventory2

@@ -0,0 +1,17 @@
+workstation.lab.example.com
+
+[london]
+servera.lab.example.com
+
+[berlin]
+serverb.lab.example.com
+
+[tokyo]
+serverc.lab.example.com
+
+[atlanta]
+serverd.lab.example.com
+
+[europe:children]
+london
+berlin

T5/guided/projects-host/playbook.yml

@@ -0,0 +1,7 @@
+---
+- name: Resolve host patterns
+  hosts:
+  tasks:
+    - name: Display managed host name
+      debug:
+        msg: "{{inventory_hostname}}"

T5/guided/projects-review/ansible.cfg

@@ -0,0 +1,9 @@
+[defaults]
+inventory=inventory
+remote_user=devops
+
+[privilege_escalation]
+become=True
+become_method=sudo
+beome_user=root
+become_ask_pass=False

T5/guided/projects-review/files/tune.conf

@@ -0,0 +1,8 @@
+KeepAlive Off
+
+<IfModule prefork.c>
+     MaxSpareServers     6 
+     ServerLimit         24
+     MaxRequestWorkers   24 
+     MaxRequestsPerChild 3000
+</IfModule>

T5/guided/projects-review/inventory

@@ -0,0 +1,4 @@
+servera.lab.example.com
+serverb.lab.example.com
+serverc.lab.example.com
+serverd.lab.example.com

T5/guided/projects-review/playbook.yml

@@ -0,0 +1,17 @@
+---
+- name: Install and configure web service
+  hosts:
+    - 'server?.lab.example.com'
+
+  tasks:
+    - name: import program tasks
+      import_tasks: tasks/web_tasks.yml
+    - name: import firewall tasks
+      import_tasks: tasks/firewall_tasks.yml
+#    - name: import looped tasks
+#      import_tasks: tasks/web_and_firewall.ymk
+  handlers:
+    - name: restart httpd
+      service:
+        name: httpd
+        state: restarted

T5/guided/projects-review/tasks/firewall_tasks.yml

@@ -0,0 +1,11 @@
+- name: Install and enable httpd
+  import_tasks: install_and_enable.yml
+  vars:
+    package: firewalld
+    service: firewalld
+- name: Open the port for http
+  firewalld:
+    service: http
+    immediate: true
+    permanent: true
+    state: enabled

T5/guided/projects-review/tasks/install_and_enable.yml

@@ -0,0 +1,11 @@
+- name: Install package
+  yum:
+    name: "{{ package }}"
+    state: latest
+
+- name: Enable and start httpd
+  service:
+    name: "{{ service }}"
+    enabled: true
+    state: started
+

T5/guided/projects-review/tasks/install_and_enable_loop.yml

@@ -0,0 +1,13 @@
+- name: Install package
+  yum:
+    name: "{{ item.package }}"
+    state: latest
+  loop: "{{ program }}"
+
+- name: Enable and start httpd
+  service:
+    name: "{{ item.service }}"
+    enabled: true
+    state: started
+  loop: "{{ program }}"
+

T5/guided/projects-review/tasks/web_and_firewall.yml

@@ -0,0 +1,26 @@
+- name: Install and enable httpd 
+  import_tasks: install_and_enable_loop.yml 
+  vars: 
+    program:
+      - package: httpd 
+        service: httpd 
+      - package: firewalld
+        service: firewalld
+
+- name: Tuning configuration installed 
+  copy: 
+    src: files/tune.conf 
+    dest: /etc/httpd/conf.d/tune.conf 
+    owner: root 
+    group: root 
+    mode: 0644 
+  notify: 
+    - restart httpd 
+
+- name: Open the port for http
+  firewalld:
+    service: http
+    immediate: true
+    permanent: true
+    state: enabled
+

T5/guided/projects-review/tasks/web_tasks.yml

@@ -0,0 +1,15 @@
+- name: Install and enable httpd
+  import_tasks: install_and_enable.yml
+  vars:
+    package: httpd
+    service: httpd
+
+- name: Tuning configuration installed
+  copy:
+    src: files/tune.conf
+    dest: /etc/httpd/conf.d/tune.conf
+    owner: root
+    group: root
+    mode: 0644
+  notify:
+    - restart httpd