7. Ansible Galaxy and more

In this lab we are going to use roles from galaxy and from other sources.

Task 1

  • Search the Ansible Galaxy for a nginx role.
  • Install such a nginx role using ansible-galaxy.
  • Create a tar.gz file nginx.tar.gz with the content of the role using an Ansible ad hoc command.
Solution Task 1
1
2
3
ansible-galaxy search nginx
ansible-galaxy install nginxinc.nginx
ansible controller -m archive -a "path=/home/ansible/techlab/roles/nginxinc.nginx dest=/home/ansible/techlab/nginx.tar.gz"

Task 2

  • Remove the nginx role using ansible-galaxy.
  • Create a file requirements.yml in the folder /home/ansible/techlab/roles/. The file should contain the information to install the role packed in nginx.tar.gz as mynginx.
  • Install the role by using an appropriate ansible-galaxy command and the requirements.yml file.
  • Remove the role mynginx using ansible-galaxy.
  • Remove the file nginx.tar.gz and roles/requirements.yml by using an ad hoc command for each.
Solution Task 2
1
2
3
4
5
6
ansible-galaxy remove nginxinc.nginx

cat roles/requirements.yml
---
- src: nginx.tar.gz
  name: mynginx
1
2
3
4
5
6
7
8
$ ansible-galaxy install -r roles/requirements.yml
---
- src: nginx.tar.gz
  name: mynginx

$ ansible-galaxy remove mynginx
$ ansible localhost -m file -a "dest=/home/ansible/techlab/nginx.tar.gz state=absent"
$ ansible localhost -m file -a "dest=/home/ansible/techlab/roles/requirements.yml state=absent"

Task 3 (CentOS/RHEL only)

  • Search your Dnf repositories for packages containing the string roles.
  • Install the package providing Ansible roles for system management.
  • See what files where installed with this package.
Solution Task 3
1
2
3
dnf search roles
sudo dnf install rhel-system-roles
repoquery -l rhel-system-roles #<-- repoquery is provided by the package `yum-utils`

Task 4 (CentOS/RHEL only)

  • Search the installed files for an example to use the rhel-system-roles.selinux role.
  • Use the example to create a playbook selinux.yml to set selinux mode to disabled on all servers.
  • Run the playbook.
Solution Task 4
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
$ repoquery -l rhel-system-roles | grep -i exa | grep selinux
$ cp /usr/share/doc/rhel-system-roles/selinux/example-selinux-playbook.yml  selinux.yml
$ cat selinux.yml
---
- hosts: all
  become: true
  vars:
    selinux_policy: targeted
    #selinux_state: enforcing
    selinux_state: disabled
    selinux_booleans:
    #<-- more stuff here

$ ansible-playbook selinux.yml

Before you can use rhel-system-roles you need to add them to the roles_path variable in your ansible.cfg:

1
roles_path    = /home/ansible/techlab/roles:/usr/share/ansible/roles

Check that the path /usr/share/ansible/roles is part of your ROLES_PATH:

1
2
3
$ ansible-config dump | grep -i roles_path
DEFAULT_ROLES_PATH(/home/ansible/techlab/ansible.cfg) = ['/home/ansible/techlab/roles', '/usr/share/ansible/roles']
$

All done?

Last modified November 14, 2022: add http headers (7f665a8)