EX294 Red Hat Certified Engineer RHCE – Configuring Ansible Managed Node Part 3

  • By
  • January 19, 2023
0 Comment

5. Task: Configuring MOTD on Managed Nodes Using Ansible Ad-Hoc Command Line

Hello, welcome to this lecture. In this lecture we will learn how we can configure message of the day on the remote nodes using ansible ad hoc command. Here is task description. Use ensible ad hoc command to configure ammo TD on all the managed nodes as welcome to ensible managed host. Execute this command as ansible user. Now we know we can execute all the commands or the playbook as ansible user. And we can use Become with ansible ado command four per village escalation if needed. And in case of playbooks, we can use Become set to true.

This is simple task. And here we’ll execute this command to configure message of the day. We’ll use copy module for this task. Ansible old m copy A to provide arguments. Here we are using content directive. We’ll set this directive or variable to this string. Welcome to ansible managed host dashtage etc MOTD we must use Become because we are going to make changes in this file which is possible only with root permissions. Now let’s move to the system and start doing this task.

Now we are on ansible control node and I am logged in as ansible user. We are already in tasks directory. Always keep in mind we need to execute all the commands and playbooks from this path only. Now for this task we’ll use copy module. So we are not checking the documentation. Again, unsafe old m copy a to provide arguments. Here we know we can use content or SRC to specify source file using content variable or directive, we can directly specify string to be copied. In our case, string is welcome to ansible manage host. Enclose the string in single quotation marks. Then we need to specify dashed which is forward slash etc MOTD Become. So this is all we need to do. It’s taking some time. We have done. We have yellow output, no errors.

Now we will verify by connecting to m host one. So we have message here. Welcome to Ms evil manage host. I will also try to connect M host four. We have same message. So this was objective of this task.

6. Task: Configuring Managed Hosts to use YUM Repos using Ansible Ad-Hoc Commands

Hello, welcome to this lecture. In this lecture we’ll learn how we can configure manage node to use base OS and app stream repositories which have been already created on all the managed nodes. Here is task description. Use ansible ad hoc commands to configure all managed nodes to use base west and aftimrappos with the following information. For base west repository we have to use name as base west description DNS base west rapper base URL which is very important because our repository is present on the local system. We’ll use file colon three times forward slash. We know two forward slash come from syntax itself, one from path. So this is a path where base west repository is created GPG check which is GNU Privacy Guard Check which is enabled. So we need to provide GPG key. So here is path for this key on the exam they will provide you all these details if you will find or if you will encounter such tasks on the exam. Enabled must be one to enable the repository. Similarly, we have info about app stream repository.

We’ll use name as app stream and description. We’ll put DNS app stream repo base URL. So here directory is app stream under root. Again we’ll enable GPG check and also we need to provide GPG key. I assume you know the purpose of GPG Check. GNU Privacy Guard Check. This is enabled to check authenticity of the packages to be installed. We know every package is signed with some private key. So by using this key we verify authenticity of package. Again enabled is one to enable the repository. Here is OneNote app stream and base west repositories are already created at path forward slash, root forward slash, app stream and forward slash root baseways respectively on all managed nodes. So here is list of commands we need to execute for this task.

We’ll execute commands as ansible user and we’ll use become for per village escalation. Because this task can be done with root permissions. And here by using first ad hoc command, we are configuring all the managed nodes to use base west repository. We need to use yum underscore repository module for this task. Ansible all m then module name with dasha will provide required arguments. Name of the repository which is base OS description here we need to provide description DNF base osrapo enclose this inside single quotation marks base URL which is very important. File colon three times then root forward slash base west on the exam they should provide you some path repository might be located on some web server. So in that case you will be using http colon double slash. Then we have GPG check. We are setting this to one to enable this check.

Then we need to provide GPG key. So here is the path where our key is present. Enabled is equal to one to enable this repository. So here I’m using one additional directive, or I will say variable file is equal to base OS so it means file with name base OS dot rapper extension will be dot rapper will be created with all these configurations we need become because we need to use root permissions to execute this task. In similar way we have one more command for app stream repository. Nothing different, only we need to provide corresponding data for app stream. Here again I have one note move all the files already present on this path where we are going to create our rapper files. So when we install Linux, you always have some files on this path to use online repository. Because here we are configuring local repository. So move all the files from this path to temp directory in case you need them to use online repos. Otherwise you can delete them.

So I will just save them under temp directory for reference. I have done this already offline. Now let’s move to the ansible control node and start doing this task. Before we move to ansible control node and start with our task I would like to show you how I created local rappers. I am on Mhstone we’ll use find to locate send to us image file I will use wildcard here. So here is our file. First of all we need to mount this file with loop option to access contents of this file otherwise you cannot read image file. For this I will use mount o with loop option and here we need to provide path where file is present which is forward slash dev disk. I will provide complete path. And here mount point directory I will use forward slash MNT so this will be mounted read only.

This is enough for us. Now I will move to forward slash mntdirectory. So here we have all the contents of this file. We know what we need to do. I will move to app stream directory and here we have two folders one containing packages with packages name one is Rapidity data required for repository. So what we need to do we need to copy everything from this directory to path forward slash root app stream this directory I have already created on this host. We’ll simply use CP with irv I four interactive r four recursive v four verbose. Then we need to copy everything and enter. I already did this, so I will not do it again. In similar way you need to do it for base west and finally you will have local rappers created under root directory. In similar way you need to do this on all the managed nodes. Now let’s move to the ansible control node and start doing this task. Now we are on ansible control node and I am logged in as ansible user.

We are already in tasks directory wherever ansible config file is present. So I will start executing first command but before that I will display info four yum underscore repository module by using ansible dog then module name. So here we have information add or remove hum repositories in RP based Linux distribution. So here we will not need all the directives. We’ll discuss the important directives. We need to know base URL. We already know about this path where our repository is present or located. It can be path on local system. Path pointing to some web server or FTP server. You just need to make sure. In case this is on local system, you need to use three times forward flash.

By default this is null. Then we need description to provide humor, readable string describing the repository. In our case we are using DNF basewest rapo for basewest repository and DNF app stream repo for app stream repository enabled should be one or yes which is by default even if we skip this. So by default repository will be enabled. So this is boolean type variable. You can set it to zero to disable repository. Then we have file file name without dot repo. For example, in our case we used base west in case of base west repository. So it means file with name base west with extension dot rapport will be created on path forward slash etcd. Then we have GPG check. So this tells Yum to perform a GPG signature check on packages. In case this is enabled. Again this is boolean type variable can be set to zero or one. By default this is not used, but we are enabling this. Then GPG key a URL pointing to GPG key. So here we are providing the path where our key is present. So by default this is not used. This is all we need for this task. Name which is mandatory.

We must need to provide some name for basewares. We are using basewas and for app stream we are using app stream repository name is enclosed in the scale brackets. We know this from Rscsa exam. This is all we need for this task. So in the end you can find some examples. For example this one. So name of repositories peel here is description. Then file with name external underscore rappers dot repo will be created. So this is Base URL. In this case this is web link. So it means repository is located on some web server. But in our case we are using repository created own local system. Now I will quit and we’ll start doing this task. We know what we need to do. 3

Unsiebell all dash m yum underscore repository. This is Module. Name a. To provide arguments, we’ll start with name base OS for base west rappel then description. We need to provide DNF basewise rapple enclose this inside single quotation marks. Then base URL which in our case is file colon three times forward slash root base west then GPG check. We need to enable this GPG key. Here we need to provide path for GPG which is etc. PKI rpm GPG forward slash rpm GPG key sent to us official the next enabled is equal to one. But we can skip this by default. Enabled is equal to yes. Then finally I’m using file to give name to the file. So in this case file with name base west rapper will be created. With all these configurations, this is all we need to do. I will enclose list of arguments inside double quotation marks. Here we need to use Become because we need root per villages. To execute this task, I will press Enter.

It can take some time, a few seconds. This is done. So now we have base west repository created on all the managed nodes. I will clear the screen. Again we need to execute same command, but for app stream. We know what we need to do. Name will be app stream. In the description we’ll write DNS app stream repo base URL. Here we need to change directory rest. Everything will be same, only we need to change the file name. This is all we need to do. Don’t forget to use Become flag in case you need root permissions. So we have done. I will clear the screen. Now by using command module. I will verify if repositories are working fine and siebel all A.

And here I will provide command to execute DNF rapper list. It can take some time. So here we have some warning. Consider using DNF module. But anyway we have the output. So we have repositories created. These are rapport names. This is all about this task. In this section we learned how to create user on the remote nodes and how to set up SSH keys for the user. Also we learned how to configure privilege escalation for the user on the managed nodes. And finally we learned how to configure managed nodes to use DNF or young repositories. Now we have lab setup completely ready. In next section we’ll perform tasks.

7. Important Information : Disable GPG Key Check

Hello everyone. In last lecture, we configured remote nodes to use repository and we enabled GPG key check. This might cause issue due to invalid public key. So to avoid any issues while installing packages, I would suggest to disable this key to practice all the tasks own the exam. If you will encounter such task, they will provide you all valid details. So idea was to explain you how we can use GPG key check and how we can specify GPG key while configuring systems to use repository.

Comments
* The most recent comment are at the top

Interesting posts

The Growing Demand for IT Certifications in the Fintech Industry

The fintech industry is experiencing an unprecedented boom, driven by the relentless pace of technological innovation and the increasing integration of financial services with digital platforms. As the lines between finance and technology blur, the need for highly skilled professionals who can navigate both worlds is greater than ever. One of the most effective ways… Read More »

CompTIA Security+ vs. CEH: Entry-Level Cybersecurity Certifications Compared

In today’s digital world, cybersecurity is no longer just a technical concern; it’s a critical business priority. With cyber threats evolving rapidly, organizations of all sizes are seeking skilled professionals to protect their digital assets. For those looking to break into the cybersecurity field, earning a certification is a great way to validate your skills… Read More »

The Evolving Role of ITIL: What’s New in ITIL 4 Managing Professional Transition Exam?

If you’ve been in the IT service management (ITSM) world for a while, you’ve probably heard of ITIL – the framework that’s been guiding IT professionals in delivering high-quality services for decades. The Information Technology Infrastructure Library (ITIL) has evolved significantly over the years, and its latest iteration, ITIL 4, marks a substantial shift in… Read More »

SASE and Zero Trust: How New Security Architectures are Shaping Cisco’s CyberOps Certification

As cybersecurity threats become increasingly sophisticated and pervasive, traditional security models are proving inadequate for today’s complex digital environments. To address these challenges, modern security frameworks such as SASE (Secure Access Service Edge) and Zero Trust are revolutionizing how organizations protect their networks and data. Recognizing the shift towards these advanced security architectures, Cisco has… Read More »

CompTIA’s CASP+ (CAS-004) Gets Tougher: What’s New in Advanced Security Practitioner Certification?

The cybersecurity landscape is constantly evolving, and with it, the certifications that validate the expertise of security professionals must adapt to address new challenges and technologies. CompTIA’s CASP+ (CompTIA Advanced Security Practitioner) certification has long been a hallmark of advanced knowledge in cybersecurity, distinguishing those who are capable of designing, implementing, and managing enterprise-level security… Read More »

Azure DevOps Engineer Expert Certification: What’s Changed in the New AZ-400 Exam Blueprint?

The cloud landscape is evolving at a breakneck pace, and with it, the certifications that validate an IT professional’s skills. One such certification is the Microsoft Certified: DevOps Engineer Expert, which is validated through the AZ-400 exam. This exam has undergone significant changes to reflect the latest trends, tools, and methodologies in the DevOps world.… Read More »

img