Create the users in the fileusersjist.ymlfile provided. Do this in a playbook called users.yml located at/home/sandy/ansible.The passwords for these users should be set using thelock.ymlfile from TASK7. When running the playbook, the lock.yml file should be unlocked withsecret.txtfile from TASK 7.
All users with the job of 'developer' should be created on thedevhosts, add them to the group devops, their password should be set using thepw_devvariable. Likewise create users with the job of 'manager' on theproxyhost and add the users to the group 'managers', their password should be set using thepw_mgrvariable.
Create a playbook calledwebdev.ymlin'home/sandy/ansible. The playbook will create a directory Avcbdev on dev host. The permission of the directory are 2755 and owner is webdev. Create a symbolic link from/Webdevto /var/www/html/webdev. Serve a file from Avebdev7index.html which displays the text "Development" Curlhttp://nod e1.example.com/webdev/index.htmlto test
Create an empty encrypted file calledmyvault.yml in /home/sandy/ansibleand set the passwordtonotsafepw. Rekey the passwordtoiwejfj2221.
Create an ansible vault password file calledlock.ymlwith the passwordreallysafepwin the/home/sandy/ansibledirectory. In the lock.yml file define two variables. One ispw_devand the password is 'dev' and the other ispw_mgrand the password is 'mgr' Create a regular file calledsecret.txtwhich contains the password for lock.yml.
Create a file calledpackages.yml in/home/sandy/ansibleto install some packages for the following hosts. On dev, prod and webservers install packages httpd, mod_ssl, and mariadb. On dev only install the development tools package. Also, on dev host update all the packages tothe latest.
Create a role called sample-apache and store it in /home/bob/ansible/roles. The role should
satisfy the following requirements:
*In the role, install and enable httpd. Also enable the firewall to allow http. Also run the template
*index.html.j2 and make sure this runs Create a template index.html.j2that displays "Welcome to the server HOSTNAME"
In a play called apache.yml in /home/bob/ansible/ run the sample-apache role.
Install and configure ansible
Userbobhas been created on your control node. Give him the appropriate permissions on the control node.Install the necessary packages to run ansible on the control node.
Create a configuration file /home/bob/ansible/ansible.cfg to meet the following requirements:
• The roles path should include /home/bob/ansible/roles, as well as any other path that maybe required for the course of the sample exam.
• The inventory file path is /home/bob/ansible/inventory.
• Ansible should be able to manage 10 hosts at a single time.
• Ansible should connect to all managed nodes using the bob user.
Create an inventory file for the following five nodes:
nodel.example.com
node2.example.com
node3.example.com
node4.example.com
node5.example.com
Configure these nodes to be in an inventory file where node1 is a member of groupdev.nodc2 is a member of group test, nodc3 is a member of groupproxy,nodc4 and node 5 are members of groupprod.Also,prodis a member of group webservers.
TESTED 22 Feb 2025
