EX294 Red Hat Certified Engineer RHCE – Ansible Plays and Playbooks, Conditional Execution Part 4
10. Task Defining List Variable in File to Contain User Details as List Items
Hello, welcome to this lecture. In this lecture we will create two YAML files. One file containing user details as per information specified. First three columns in this table in the form of list variable and other file containing password information in the form of key value peers as per fourth column in this table here is task description. Create a YML file with name user details dot YML to contain below information. Define list variable with name users to define list of dictionary items under this we know how we can do this. Each list item defines username department and age of user as per below table. Also, create one more YML file password YML to store password information about users as key value pairs. Here on this slide we have contents of these two files.
We need to create file with name user details YML three dashes on the top indicating start of YAML document. Here we need to create list variable with name users as per task requirements. Then under this variable we’ll define three list items 114 each user lisa, Bob and Lara. Each list item is further dictionary containing all the information about the user as specified in the table we saw earlier here. First item is for liza username is Lisa, department is software developer a is 32. The second item is for Bob. Username is bob. Department is testing a’s 38. This third item is for user laura username lara department is HR AZ is 28. Then three doors indicating end of YAML document. Then we need to create one more file with name password dot YML. Again three dashes on the top. Then here we need to specify password info as key value pair lisa underscore password. This is key colon space lisa underscore pass. This is value.
This is a password to be assigned to the user. We’ll use this info in the next task to create multiple users. Then same for bob underscore password. This is key, this is password value. Same for Lara. Then three doors indicating end of YAML document. Now let’s move to the ensable control node and create these two files. Now we are on ensable control node and I’m logged in as ansible user on this path, we need to create file with name user details YML. Then we need to define list variable with name users. Here we need to define details of three users as per table we saw earlier. Username lisa department software developer 32. The next list item is about bob username bob department testing is 38. Next list item is for Laura username lara department HR age 28. This is all we need to do. We just need to make sure we did note misspelled something here.
Otherwise we’ll have issues later on. Everything seems okay. I will save and quit. Now we need to create one more file with name password YML. We know what we need to do here. Lisa underscore password. This is key value is Lisa underscore pass pope underscore password value is pope underscore pass laura underscore password value is laura underscore pass again, we need to make sure that we did not make any spell mistake here. Everything seems okay. I will save and quit. This is all we needed to do for this task. In next task, we’ll learn how we can create multiple users using these two files.
11. Task Creating Users using loop and Conditional Playbook execution
Hello, welcome to this lecture. In this lecture, we will learn how we can create multiple users using variable files containing users information. Here is task description create a playbook create underscore users YML with below conditions. Create a user on web server nodes when user department is software developer and assign supplementary group testing to the user. Create user own prode nodes when users department is testing and assign supplementary group networks to user create user owner manage nodes when users department is HR set password for different users as defined in password dot YML file and password must be encrypted. So we need to use Ginger to filter to encrypt password. Here we have playbook contents. We’ll set target as all managed nodes by using hosts set to all. Then we need to set become to true for pervillage escalation because we need to create users. I will set gather underscore facts to false. Because we don’t need to use ansible facts variable for this playbook. Then here this is important. We must use VARs underscore files directive to list the files we need to use during this task. So here I will provide files as list items.
Then we have tasks section. Here we’ll define our task. First task is creating user on web servers nodes. We know we need to use user module. We’ll set name directive to this expression. We know item is lookup variable and username is key for the username as mentioned or as defined in user details dot YML file we need to use this Ginger to expression here. Then we need to set password. Now we know we need to create user on web service node when users department is software developer. We know Lisa belongs to this department. So here we must use Lisa underscore password key or variable to access or use password value from this file. Then we’ll pass this information to Ginger to filter password underscore harsh to encrypt the password. Then we’ll use group to assign group testing to this user. Hello, here I would like to correct myself.
To assign supplementary groups, we must use groups directive. Note group directive group directive is used to assign primary group. Here I used group by mistake. I’m adding this here just to make sure you will not make same mistake. So here we have when condition when item doe department is software developer. We must enclose this in single quotation marks. We cannot use double quotation marks here. Because we will need to use double quotation marks to enclose both these statements. Here we need to provide one more statement using logical and inventory underscore hostname in groups web servers. So based on this condition, user will be created on web service node when users department is software developer. Here, this is important. Don’t forget this. This is easy to forget. I’m telling you from my experience, we need to use loop to provide list of items using this Ginger to expression. We know this expression will evaluate to list of items which are defined in this file. And contain user details. During first iteration, first item in this file will be checked. We know first item is for user Lisa and item tour department will be software developer.
And this condition will pass. So this expression will be replaced with Lisa and user Lisa will be created on web servers node. Then during second iteration it will check second item which is for bob where department is testing. So this condition will fail. So user will not be created. Same for user Laura whose department is HR. Then here we have second task. Creating user own prode nodes. So here everything is same. But we know we need to create user on prode nodes when users department is testing. And we know bob belongs to testing department. So here we must use bob underscore password key to provide password or to assign password to this user.
Also to assign supplementary groups networks will use group directive. Here we have when condition defining create user when users department is testing and hostname is in proud group. We know there are two hosts in proud group. Again, don’t forget this. The next task creating user on all managed nodes. When users department is HR. We know lara belongs to HR department. So we must use lara underscore password variable or key to access password for user laura from this file rest everything is same. Here we need to set one condition to item dot department is equal to HR. Here we need only one condition. Again we must use loop so that it will iterate through all the list items defined by users variable. Now let’s move to the ensable control node. And start doing this task. Now we are on ansible control node. And I am logged in as ansible user.
Here on this path we’ll create our playbook with name create underscore users YML. We’ll set hosts to all to set target. As all managed nodes become must be set to true. I will set gather facts to false. Because we don’t need to gather facts for this task. Here important is you must use VARs underscore files directive to specify files containing information to be used in this task. User details password YML then under tasks section will define our task. First task is to create user on web servers nodes. Here I will provide description. Creating user on web server nodes. We know we need to use user module. We’ll set name to this expression. Then password. We know we need to create user on web service node. When users department is software developer which is liza’s department. So here we must use password for lisa key four which is lisa underscore password.
Or I will say we must use lisa underscore password variable. We’ll pass this to ginger to filter password underscore hash. And here we need to specify algorithm. We’ll use sha five and two. Then here we’ll use group directive to assign supplementary group testing to the user. Now we need to specify when condition which is important. When item door department we need to use double equal to sign here. And we’ll set this to software developer. Also we need to use one more condition inventory underscore hostname and groups web servers. We must enclose these two conditions which are combined with logical and inside double quotation marks. So this is important here. So in this case you cannot use double quotation marks here. Now here we must use loop keyword to specify list of items this low field iterate through. Now here we’ll define our second task. Here I will provide description. Creating user on probe nodes when users department is testing.
And we need to assign supplementary group networks to the user. We’ll use user module and here we’ll set name directive to this expression. Now we know bob belongs to testing department. So we must use bob underscore password key here or variable here. And we’ll pass this value to Ginger to filter password hash to encrypt password here we need to use group and we need to assign group networks. Again we need to specify when condition when item door department is equal to testing and inventory underscore hostname and groups prod we must enclose these two conditions and double quotation marks. This is all we need to do for second task. But this is important, don’t forget this. Now we need to define our third task. To create user on all remote nodes when user department is HR I will provide description here. Creating user on all managed nodes we need to use user module. Again we’ll use same expression using lookup variable and the key together. Now we know Lara belongs to HR department. So here we must use Laura underscore password.
Then we need to pass this value or variable to Ginger to filter to encrypt password. We are doing same thing again and again. Then here we’ll use when condition when item door department is equal to HR. So here we need to use only one condition. Then in the last don’t forget to specify lobe. And we need to set this to users variable containing list of items. This is all we need to do for this task. Now before we save and quit, I will just go over the contents of this playbook just to make sure we did not miss anything. You might have noticed we forgot to enclose testing inside single quotation marks. So this is mandatory, otherwise it will fail. Now everything seems okay. Now I will save and quit. Now we need to perform syntax check all scenes. Okay, now we’ll execute this playbook. So here we can see task. Creating user on web server nodes user Lisa has been created on web server nodes based on condition when department is software developer rest all nodes are skipped. Creating user on probe nodes based on condition when department is testing.
So it has been created on nodes m host one and two rest nodes are skipped. Last task creating user on all manage nodes. So here user Laura has been created on all managed nodes based on condition when department is HR. So everything seems okay. Now I will use ansible ad hoc command to display file past WD which is present under etc directory. We can display this file as regular user. Here we can see for m host three we have user lisa and Lara. User Lara is created on all nodes. User lisa is created on this node based on condition. Same for Mhost four. For Mhost one we have user bo and Lara. We know why. Same should be in case of Mhost two. So everything seems OK.
12. Task: Creating Volume Group using Conditional Playbook execution
Hello, welcome to this lecture. In this lecture we will create one logical partition. Then using that logical partition we will create volume group. Here is task description create a playbook WeGroup dot YML to create volume group. Create logical partition of size one gigabytes on all web servers nodes and of size 600 MAB on prode one node. So keep in mind here we are using prode one group which contains only one host m host one create volume group with name VGROUP using this partition. So here this is important. Before starting this task, we must install package LVM two on all managed nodes. This package is missing because we installed nodes with minimum install option.
This should not be the case on the exam, but in our case we must install this package. Otherwise task for creating volume group will fail. Here we have contents of our playbook we will be using for this task. So here we’ll set target as web servers and prode one group where we need to perform some action become must be set to true. We know why gather underscore facts must be set to true because in first task we’ll gather or register information about Desk. We’ll use this info in the following tasks we already did this, I did not need to explain this again. Then in the task section having already said this, first task is to register info about disk. We’ll store this info in this variable st underscore info. The second task creating logical partition we know we need to use parted module device which is our Desk SGA partition number. In our case this is six.
We know we have already five partitions created on whole manage nodes. You must enclose this in double quotation marks otherwise you will see some warning. Part underscore type must be set to logical because we are going to create logical partition now here important is we need to set part underscore start and part underscore end directives to tell and symbol or parted where to start and where to end. Or I will say to define size of logical partition we know we have already five partitions, so we are fifth partition ends. We can check with this expression, or we can refer with this expression. We know how to form this expression. So I will note, explain this again plus one to leave some space between the end of last partition and start of next partition we are going to create. Here important is you must specify units inside double quotation marks then part underscore end I’m adding 1024 MAB here because we need to create partition of size one gigabytes which is equal to 1024 MAB. Again, this is important here because we are going to use this partition for volume group we must set the flag LVM on this partition using flags directive then mentioning LVM in the scale brackets state must be set to present because we need to create this partition.
Then here we have when condition because we need to execute this task on web servers nodes when inventory underscore hostname and groups web servers then here we have third task creating logical partition same description again, we need to use Parted module and everything is same only size here is different. We need to create partition of size 600 MAB restoll is same. Then in last we have condition when inventory underscore hostname and groups prod one we need to create this partition only on the hosts. In the prod one group we know there is only one host am host one then last task creating volume group to create volume group for this, we’ll use LVG module logical volume group.
We’ll check ansible documentation before starting this task for this module VG to specify volume group name as per task requirement we must use WeGroup PVs to specify physical volumes will specify our device which will be created due to these two tasks. So here we don’t need to specify any condition. Because this partition will be created on both web service node and prod one nodes which are target and we need to create volume group on all of them. This is all about description of task. Now let’s move to the ansible control node and start doing this task. Now we are on ansible control node and I’m logged in as ansible user. Before we proceed further, I would like to tell you I already installed LVM two package and all the dependencies on all managed nodes offline.
You should do the same action before starting this task here on this path we’ll create our playbook with name VGROUP YML we need to set targets as web servers and promote one. We can specify multiple targets using coma as well or you can specify them as list items as we did earlier become must be set to true. I will set gather facts to true then here in the tasks section will define our task first task is to read information about disk here I will provide description reading information about disk we know we need to use Parted module. We already checked documentation of this module. Here we will use device which is SDA. In our case forward slash tab SDA unit we want to deal with maybe bytes state by default is Info. We need to use register keyword we’ll save this info in this variable SDA underscore Info here we’ll start defining our second task. I will provide description here creating logical partition again, we know we need to use Parted module device of a device which is SDA.
The number partition number in our case is six party logical flags. We need to set flags as LVM because we are going to use this partition to create volume group then part start we need to tell Parted starting location of this partition. We know how we can do that sat underscore info under this partitions we have already five partitions. So last partition will be four because list item count always start with zero do tend to find last used sector by this partition plus we’ll add one we know why we need to do this. Here I will specify units part underscore and now I will copy and paste this here we need to make change I will specify 1025 to create logical partition of size 100:24 MAB which is equal to 1GB state must be present. Here. I will specify when condition, when inventory underscore hostname, in groups, web servers. Now, next we need to create partition of size 600 megabytes. One prode, one node. Again, I will provide description here.
Creating logical partition. We need to use partnered module device SGA partition number six, enclosed in double quotation marks, part type logical flex LVM part underscore Start. I will paste and I will modify this. We don’t need to modify this. Then part underscore end I will paste. And here we need to mention 60 one to create partition of size 600 megabytes. Here we’ll specify when condition when inventory hostname or inventory underscore hostname. So sometimes I say inventory hostname. This is inventory underscore hostname in groups prode One the last task to create volume group here I will provide description creating volume robe but before starting this task we’ll just walk through ancient documentation for LVG module I will save this and quit.
For now we’ll come back to this. So here we have description about LVG. This module creates, removes resizes volume growth. So here we’ll discuss important directives. PE size, the size of physical extend. So default is four. Even if we don’t specify this by default, four will be taken. PVs list of Coma separated devices to use as physical devices in this volume group.
In our case, we have sta six partition which will be created then state by default this is present so we can omit this directive. Or you can also mention state to present so this is mandatory. VG to specify volume group name in our case we need to use volume group name as wakegroup this is all so here we have some examples we’ll quit I will clear the screen again we’ll open this file. Now we know what we need to do LVG is the module we need to use here. VG to specify volume group v group PVs will use Stsx partition which will be created after these tasks will be executed. This is all then three dots indicating end of YAML document. Now before we save and quit, we’ll just walk through contents of this playbook just to make sure we did not miss anything. We did not make any mistake.
We did not miss any commas. Everything seems okay. Here, state is set to present, so here you must set state to present because by default state is info. You might have noticed we forget to set state here. So this is very important for this because default value of state is info. So this task will fail if we miss this. So I always prefer to specify all the directives even if they are not required due to their default behavior. This is just to make sure we are not missing anything.
Also, I would like to mention here PE size. We know by default this is four and we must enclose this in double quotation marks. If you will not use this, you will get warning about this. I will save and quit. Now we need to perform syntax check. Everything seems okay. Now we’ll execute this playbook. Gathering Facts task is in progress. Facts have been gathered. Reading info has been done. Creating logical partition. It has been created on two nodes belonging to web servers.
Nodes creating logical Partition logical partition has been created on prod one node which is mhostone creating volume group. Same has been created null verify using ansible ad hoc command ansible web servers comma prod one. We know we need to use command module which is default. First, I will list all the Bloke devices to make sure partition number six was created. It was but just to check the size. So here we can see 1GB and here 600 MAB one prode one node. Again here 1GB. Everything is okay. Now I will execute VGS to display volume group, we need to use Become. So here we have volume group with name VGROUP of size around one gigabytes one m host three and four and of size around 600 mabhost one. This was objective of this task. This is all about this task. In next lecture we’ll learn how to create logical.
Interesting posts
The Growing Demand for IT Certifications in the Fintech Industry
The fintech industry is experiencing an unprecedented boom, driven by the relentless pace of technological innovation and the increasing integration of financial services with digital platforms. As the lines between finance and technology blur, the need for highly skilled professionals who can navigate both worlds is greater than ever. One of the most effective ways… Read More »
CompTIA Security+ vs. CEH: Entry-Level Cybersecurity Certifications Compared
In today’s digital world, cybersecurity is no longer just a technical concern; it’s a critical business priority. With cyber threats evolving rapidly, organizations of all sizes are seeking skilled professionals to protect their digital assets. For those looking to break into the cybersecurity field, earning a certification is a great way to validate your skills… Read More »
The Evolving Role of ITIL: What’s New in ITIL 4 Managing Professional Transition Exam?
If you’ve been in the IT service management (ITSM) world for a while, you’ve probably heard of ITIL – the framework that’s been guiding IT professionals in delivering high-quality services for decades. The Information Technology Infrastructure Library (ITIL) has evolved significantly over the years, and its latest iteration, ITIL 4, marks a substantial shift in… Read More »
SASE and Zero Trust: How New Security Architectures are Shaping Cisco’s CyberOps Certification
As cybersecurity threats become increasingly sophisticated and pervasive, traditional security models are proving inadequate for today’s complex digital environments. To address these challenges, modern security frameworks such as SASE (Secure Access Service Edge) and Zero Trust are revolutionizing how organizations protect their networks and data. Recognizing the shift towards these advanced security architectures, Cisco has… Read More »
CompTIA’s CASP+ (CAS-004) Gets Tougher: What’s New in Advanced Security Practitioner Certification?
The cybersecurity landscape is constantly evolving, and with it, the certifications that validate the expertise of security professionals must adapt to address new challenges and technologies. CompTIA’s CASP+ (CompTIA Advanced Security Practitioner) certification has long been a hallmark of advanced knowledge in cybersecurity, distinguishing those who are capable of designing, implementing, and managing enterprise-level security… Read More »
Azure DevOps Engineer Expert Certification: What’s Changed in the New AZ-400 Exam Blueprint?
The cloud landscape is evolving at a breakneck pace, and with it, the certifications that validate an IT professional’s skills. One such certification is the Microsoft Certified: DevOps Engineer Expert, which is validated through the AZ-400 exam. This exam has undergone significant changes to reflect the latest trends, tools, and methodologies in the DevOps world.… Read More »