EX294 Practice Exam Questions and Answers

Create the users in the file usersjist.yml file provided. Do this in a playbook called users.yml located at /home/sandy/ansible. The passwords for these users should be set using the lock.yml file from TASK7. When running the playbook, the lock.yml file should be unlocked with secret.txt file from TASK 7.

All users with the job of 'developer' should be created on the dev hosts, add them to the group devops, their password should be set using the pw_dev variable. Likewise create users with the job of 'manager' on the proxy host and add the users to the group 'managers', their password should be set using the pw_mgr variable.

Create a file in /home/sandy/ansible/ called report.yml. Using this playbook, get a file called report.txt (make it look exactly as below). Copy this file over to all remote hosts at /root/report.txt. Then edit the lines in the file to provide the real information of the hosts. If a disk does not exist then write NON

E.  

Create a playbook called packages.yml that:

----------------------------------------------

--> Installs the php and mariadb packages on hosts in the dev, test, and prod host

groups.

--> Installs the Development Tools package group on hosts in the dev host group.

--> Updates all packages to the latest version on hosts in the dev host group.

Create a role called sample-apache in /home/sandy/ansible/roles that enables and starts httpd, enables and starts the firewall and allows the webserver service. Create a template called index.html.j2 which creates and serves a message from /var/www/html/index.html Whenever the content of the file changes, restart the webserver service.

Welcome to [FQDN] on [IP]

Replace the FQDN with the fully qualified domain name and IP with the ip address of the node using ansible facts. Lastly, create a playbook in /home/sandy/ansible/ called apache.yml and use the role to serve the index file on webserver hosts.

Create a playbook called issue.yml in /home/sandy/ansible which changes the file /etc/issue on all managed nodes: If host is a member of (lev then write "Development" If host is a member of test then write "Test" If host is a member of prod then write "Production"

Install the RHEL system roles package and create a playbook called timesync.yml that:

--> Runs over all managed hosts.

--> Uses the timesync role.

--> Configures the role to use the time server 192.168.10.254 ( Hear in redhat lab

use "classroom.example.com" )

--> Configures the role to set the iburst parameter as enabled.

Modify file content.

------------------------

Create a playbook called /home/admin/ansible/modify.yml as follows:

* The playbook runs on all inventory hosts

* The playbook replaces the contents of /etc/issue with a single line of text as

follows:

--> On hosts in the dev host group, the line reads: “Development”

--> On hosts in the test host group, the line reads: “Test”

--> On hosts in the prod host group, the line reads: “Production”

Create an Ansible vault to store user passwords as follows:

* The name of the vault is valut.yml

* The vault contains two variables as follows:

- dev_pass with value wakennym

- mgr_pass with value rocky

* The password to encrypt and decrypt the vault is atenorth

* The password is stored in the file /home/admin/ansible/password.txt

Create a playbook called web.yml as follows:

* The playbook runs on managed nodes in the "dev" host group

* Create the directory /webdev with the following requirements:

--> membership in the apache group

--> regular permissions: owner=r+w+execute, group=r+w+execute, other=r+execute

s.p=set group-id

* Symbolically link /var/www/html/webdev to /webdev

* Create the file /webdev/index.html with a single line of text that reads:

“Development”

--> it should be available on http://servera.lab.example.com/webdev/index.html

Install and configure ansible

User sandy has been created on your control node with the appropriate permissions already, do not change or modify ssh keys. Install the necessary packages to run ansible on the control node. Configure ansible.cfg to be in folder /home/sandy/ansible/ansible.cfg and configure to access remote machines via the sandy user. All roles should be in the path /home/sandy/ansible/roles. The inventory path should be in /home/sandy/ansible/invenlory.

You will have access to 5 nodes.

node1.example.com

node2.example.com

node3.example.com

node4.example.com

node5.example.com

Configure these nodes to be in an inventory file where node I is a member of group dev. nodc2 is a member of group test, node3 is a member of group proxy, nodc4 and node 5 are members of group prod. Also, prod is a member of group webservers.