File Manipulation with Ansible

1 hour
  • 5 Learning Objectives

About this Hands-on Lab

A common theme in everyday systems administration is the need to work with system files. It follows that any good configuration management or automation engine must be able to do the same. This exercise challenges students to use Ansible to execute varying tasks on remote systems involving file manipulation.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Become ‘ansible’ user and then download http://software.xyzcorp.com/enigma.tgz to `/tmp` on each host in qa-servers and verify the sha256 checksum via http://software.xyzcorp.com/enigma-checksum.txt.

Note: This URL only works correctly when accessed on the lab servers. The dmain name DNS entry is overridden in /etc/hosts on each lab server. If you attempt to access it from another system, you will reach a parked domain.

On EACH of the hosts in ‘qa-servers’ inventory, become the ‘ansible’ user:

sudo su - ansible

As the ‘ansible’ user (above), run the following commands on each host in the ‘qa-servers’:

  • CHECKSUM=$(curl http://software.xyzcorp.com/enigma-checksum.txt | cut -f1 -d' ')
  • ansible qa-servers -m get_url -a "url=http://software.xyzcorp.com/enigma.tgz dest=/tmp/enigma.tgz checksum=sha256:$CHECKSUM"
Extract `/tmp/enigma.tgz` to `/opt/` on all hosts in qa-servers.

Run ansible qa-servers -b -m unarchive -a "src=/tmp/enigma.tgz dest=/opt/ remote_src=yes"

Update the line of text “DEPLOY_CODE” in `/opt/enigma/details.txt` to the “CODE_RED” on each server in qa-servers.

Run ansible qa-servers -b -m lineinfile -a "regexp=DEPLOY_CODE line=CODE_RED path=/opt/enigma/details.txt"

Set the group ownership of the directory `/opt/enigma/secret/` and each file contained within the directory so that the group owner is `protected` for each host in qa-servers.

Run ansible qa-servers -b -m file -a "recurse=yes state=directory path=/opt/enigma/secret group=protected"

Delete the file `/opt/enigma/tmp/deployment-passwords.txt` from all servers.

Run ansible all -b -m file -a "state=absent path=/opt/enigma/tmp/deployment-passwords.txt"

Additional Resources

The development team has released the latest build of the enigma software. You have been approached to install the latest version on the QA systems. The development team has provided a task list of how to install the build. Rather than run through the steps on all the servers in your environment, you can use Ansible to run each task on all the servers at one time!

The Ansible control node has been configured for you and each QA server has already been configured for use with Ansible. The default inventory has been configured to include a qa-servers host group which includes the host that requires the new software. Execute the task list provided below using the appropriate Ansible ad-hoc commands.

SPECIAL NOTE: Although you will initially log in as the 'cloud_user', please 'sudo su -' to the 'ansible' user in order to complete the solution. All the SSH keys have been created and exchanged among the hosts in order to allow the tasks to be run appropriately.

Note: This URL only works correctly when accessed on the lab servers. The dmain name DNS entry is overridden in /etc/hosts on each lab server. If you attempt to access it from another system, you will reach a parked domain.

Installation task list:

  • Download http://software.xyzcorp.com/enigma.tgz to /tmp on each host in qa-servers and verify the sha256 checksum via http://software.xyzcorp.com/enigma-checksum.txt. (Note: There is a bug in ansible get_url that currently only allows using the literal checksum value instead of a file location for the checksum argument! Thus, you must copy the checksum value from the provided checksum file and then paste that value into the ansible command rather than simply providing the checksum file URL in the command.)
  • Extract /tmp/enigma.tgz to /opt/ on all hosts in qa-servers.
  • Update the line of text "DEPLOY_CODE" in /opt/enigma/details.txt to the "CODE_RED" on each server in qa-servers.
  • Set the group ownership of the directory /opt/enigma/secret/ and each file contained within the directory so that the group owner is protected for each host in qa-servers.
  • Delete the file /opt/enigma/tmp/deployment-passwords.txt from all servers.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Get Started
Who’s going to be learning?

How many seats do you need?

  • $499 USD per seat per year
  • Billed Annually
  • Renews in 12 months

Ready to accelerate learning?

For over 25 licenses, a member of our sales team will walk you through a custom tailored solution for your business.


$2,495.00

Checkout
Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!