Create an empty encrypted file called myvault.yml in /home/sandy/ansible and set the password to
notsafepw. Rekey the password to iwejfj2221.
ansible-vault create myvault.yml
Create new password: notsafepw Confirm password: notsafepw ansible-vault rekey myvault.yml
Current password: notsafepw New password: iwejfj2221 Confirm password: iwejfj2221
Create a playbook called issue.yml in /home/sandy/ansible which changes the file /etc/issue on all
managed nodes: If host is a member of (lev then write "Development" If host is a member of test
then write "Test" If host is a member of prod then write "Production"
Create a playbook called regulartasks.yml which has the system that append the date to
/root/datefile every day at noon. Name is job 'datejob'
Create a playbook called timesvnc.yml in /home/sandy/ansible using rhel system role timesync. Set
the time to use currently configured nip with the server 0.uk.
. Enable burst. Do this on
Create a playbook called webdev.yml in 'home/sandy/ansible. The playbook will create a directory
Avcbdev on dev host. The permission of the directory are 2755 and owner is webdev. Create a
symbolic link from /Webdev to /var/www/html/webdev. Serve a file from Avebdev7index.html
which displays the text "Development" Curl
In /home/sandy/ansible/ create a playbook called logvol.yml. In the play create a logical volume
called Iv0 and make it of size 1500MiB on volume group vgO If there is not enough space in the
volume group print a message "Not enough space for logical volume" and then make a 800MiB Iv0
instead. If the volume group still doesn't exist, create a message "Volume group doesn't exist" Create
an xfs filesystem on all Iv0 logical volumes. Don't mount the logical volume.
Create a jinja template in /home/sandy/ansible/ and name it hosts.j2. Edit this file so it looks like the
one below. The order of the nodes doesn't matter. Then create a playbook in /home/sandy/ansible
called hosts.yml and install the template on dev node at /root/myhosts
Create a file called specs.empty in home/bob/ansible on the local machine as follows:
Create the playbook /home/bob/ansible/specs.yml which copies specs.empty to all remote nodes'
path /root/specs.txt. Using the specs.yml playbook then edit specs.txt on the remote machines to
reflect the appropriate ansible facts.
Create the users in the file usersjist.yml file provided. Do this in a playbook called users.yml located
at /home/sandy/ansible. The passwords for these users should be set using the lock.yml file from
TASK7. When running the playbook, the lock.yml file should be unlocked with secret.txt file from
All users with the job of 'developer' should be created on the dev hosts, add them to the group
devops, their password should be set using the pw_dev variable. Likewise create users with the job
of 'manager' on the proxy host and add the users to the group 'managers', their password should be
set using the pw_mgr variable.
ansible-playbook users.yml vault-password-file=secret.txt
Create an ansible vault password file called lock.yml with the password reallysafepw in the
/home/sandy/ansible directory. In the lock.yml file define two variables. One is pw_dev and the
password is 'dev' and the other is pw_mgr and the password is 'mgr' Create a regular file called
secret.txt which contains the password for lock.yml.
ansible-vault create lock.yml
New Vault Password: reallysafepw
Create a file called requirements.yml in /home/sandy/ansible/roles a file called role.yml in
/home/sandy/ansible/. The haproxy-role should be used on the proxy host. And when you curl
it should display "Welcome to
" and when you curl
again "Welcome to
" The php-role should be used on the prod host.
Check the proxy host by curl
Create a file called requirements.yml in /home/sandy/ansible/roles to install two roles. The source
for the first role is geerlingguy.haproxy and geerlingguy.php. Name the first haproxy-role and the
second php-role. The roles should be installed in /home/sandy/ansible/roles.
Run the requirements file from the roles directory:
ansible-galaxy install -r requirements.yml -p /home/sandy/ansible/roles
Create a role called sample-apache in /home/sandy/ansible/roles that enables and starts httpd,
enables and starts the firewall and allows the webserver service. Create a template called
index.html.j2 which creates and serves a message from /var/www/html/index.html Whenever the
content of the file changes, restart the webserver service.
Welcome to [FQDN] on [IP]
Replace the FQDN with the fully qualified domain name and IP with the ip address of the node using
ansible facts. Lastly, create a playbook in /home/sandy/ansible/ called apache.yml and use the role
to serve the index file on webserver hosts.
Create a file called packages.yml in /home/sandy/ansible to install some packages for the following
hosts. On dev, prod and webservers install packages httpd, mod_ssl, and mariadb. On dev only install
the development tools package. Also, on dev host update all the packages to the latest.
** NOTE 1 a more acceptable answer is likely 'present' since it's not asking to install the latest
** NOTE 2 need to update the development node
- name: update all packages on development node
Create a file called adhoc.sh in /home/sandy/ansible which will use adhoc commands to set up a
new repository. The name of the repo will be 'EPEL' the description 'RHEL8' the baseurl is
there is no gpgcheck, but
you should enable the repo.
* You should be able to use an bash script using adhoc commands to enable repos. Depending on
your lab setup, you may need to make this repo "state=absent" after you pass this task.
chmod 0777 adhoc.sh
ansible all -m yum_repository -a 'name=EPEL description=RHEL8