Lab 8 - Solution¶
Mandatory¶
Replace copy with template¶
- Change your
ntprole - Create the
templatesdirectory in your ntp role/home/ansible/training/roles/ntp/templates - Create the template file
templates/ntp.conf.j2(copy the ntp.conf file fromfiles/ntp.conf) - In your tasks file, replace the
copymodule with thetemplatemodule - Add a new task to start and enable the ntp service (see Service Module)
- Run the playbook
- Verify the configuration file
- If everything works, delete the file
files/ntp.conf
Hint
Don’t forget the .j2 file extension.
mkdir /home/ansible/training/roles/ntp/templates
cp roles/ntp/files/ntp.conf roles/ntp/templates/ntp.conf.j2
# file: roles/ntp/tasks/main.yml
- name: configure ntp
template:
src: ntp.conf.j2
dest: /etc/ntp.conf
owner: root
group: root
mode: 0644
tags:
- configuration
- name: start and enable ntp
service:
name: ntp
state: started
enabled: yes
tags:
- service
# run the playbook
ansible-playbook ntp-role.yml
# remove the old ntp.conf
rm roles/ntp/files/ntp.conf
Use facts and ansible_header¶
- Add a comment in the
ntp.conf.j2file with the factansible_os_family - Add a
ansible_managedheader in thentp.conf.j2file - Run the playbook and verify the configuration file on the managed host
# file: roles/ntp/templates/ntp.conf.j2
# {{ ansible_managed }}
# {{ ansible_os_family }}
...
# on the control node
ansible-playbook ntp-role.yml
# verify the configuration on the managed host
ssh web1.<firstname>.lab "head /etc/ntp.conf"
# Ansible managed
# Debian
Loop¶
- Replace the
pool serverentries in your template filentp.conf.j2 - Loop over your
ntp_serverslist in the templatentp.conf.j2 - Run the playbook with diff, to see the changes
- Verify the configuration file
# file: roles/ntp/templates/ntp.conf.j2
{% for srv in ntp_servers %}
pool {{ srv }} iburst
{% endfor %}
# on the control node
ansible-playbook ntp-role.yml --diff
# on the remote host
ssh web1.<firstname>.lab "cat /etc/ntp.conf"
When Conditionals¶
- Make sure the
ntprole works onDebianandRedHat - Create the variable file
vars/RedHat.ymland add the variablentp_servicewith the valuentpd - Create a new task to include the variable file
RedHat.yml(see Include_Vars Module) -> Put this task in first place, to ensure it run before all other tasks - Ensure, the
include_varstask is running only on theansible_os_familyRedHat (see Chapter Variables)
# file: roles/ntp/vars/RedHat.yml
---
ntp_service: 'ntpd'
# file: roles/ntp/tasks/main.yml
---
- name: include redhat variables
include_vars: RedHat.yml
when: ansible_os_family == "RedHat"
- Define a role default in
defaults/main.ymlfor the variablentp_servicewith the valuentp - Use the new variable
ntp_servicein yourhandlers/main.ymlandtasks/main.yml
# file: roles/ntp/defaults/main.yml
...
ntp_service: 'ntp'
# file: roles/ntp/tasks/main.yml
- name: start and enable ntp
service:
name: '{{ ntp_service }}'
state: started
enabled: yes
tags:
- service
# file: roles/ntp/handlers/main.yml
- name: restart ntp
service:
name: '{{ ntp_service }}'
state: restarted
- Edit your installation task and use the
packagemodule instead of theaptmodule - Edit your playbook to run the ntp role on the
webhostgroup - Run the playbook
# file: roles/ntp/tasks/main.yml
- name: install ntp packages
package:
name: '{{ item }}'
state: latest
with_items:
- '{{ ntp_packages }}'
tags:
- installation
# file: ntp-role.yml
---
- hosts: web
roles:
- ntp
# run the playbook
ansible-playbook ntp-role.yml
Overwrite role default with group_vars¶
- Create a group_vars file for your
dbhostgroup - Add the list variable
ntp_serverswith the itemsntp1.lab,ntp2.labandntp3.lab - Edit your playbook to run the ntp role
allhosts - Run the playbook
- Verify your
dbhost has other ntp servers
# file: group_vars/db.yml
---
ntp_servers:
- ntp1.lab
- ntp2.lab
- ntp3.lab
# file: ntp-role.yml
---
- hosts: all
roles:
- ntp
# run the playbook
ansible-playbook ntp-role.yml
# on the remote host
ssh db.<firstname>.lab "cat /etc/ntp.conf"
Commit your changes¶
- add all files to your git repo and commit it
git status
git add roles/*
git commit -m 'lab 8'