Red hat RHCE exam afternoon - RHCE (RH294)

RH294 mission overview

• The examination time is 4 hours, 6 virtual machines and 15 questions
• The problems originally done through scripts or clusters now need to be implemented by playbook
• There are about 6 virtual servers in the exam, all of which have made mutual secret free
• The problem is done in the ansible control node workstation, but it needs to be verified by other virtual servers
• During the examination, you need to start all 6 virtual servers in the examination environment, and click the button on the left of the physical machine interface to start
• During the exam, all Ansible playbook s are placed in the ordinary user directory and executed by ordinary users

1. Note: during the exam, please put the playbook in the designated user's home directory and log in with the designated user to do the questions!
2. Note: the scoring method of the test is to remotely execute the playbook or script under the specified directory through ordinary users. If you use root to do the test, you will get zero if you don't have permission

12. Use playbook to generate the specified hardware information report of all inventory hosts

• Create a playbook named / home / student / adaptive / hwreport.yml,
• It will generate an output file / root/hwreport.txt with the following information on all managed nodes:

Task requirements

• Output file / root/hwreport.txt

1. hostname: inventoryhostname
2. mem: memory_in_MB
3. bios: BIOS_version
4. vda: disk_vda_size
5. vdb: disk_vdb_size

• Each line in the output file contains a key=value pair.
• playbook should be from http://content.example.com/fifiles/hwreport.empty Download the file and save it as / root/hwreport.txt
• Modify / root/hwreport.txt with the correct values
• If the hardware item does not exist, the relevant value should be set to NONE

be careful:

Prepare a job

• You don't need to do it during the exam
• ##We don't have this hwreport.empty file. We can define one ourselves

hostname: inventoryhostname 
mem: memory_in_MB
biso: BIOS_version 
asize: disk_vda_size 
bsize: disk_vdb_size

• You can also create it through playbook as an exercise

vim hwreport_empty.yml
---
- name: Create empty file  
   hosts: dev  
       tasks:          
           - name: Create file            
              copy:                    
                  content: "hostname: inventoryhostname\nmem: memory_in_MB\nbiso: BIOS_version\nasize: disk_vda_size\nbsize: disk_vdb_size\n"
                  dest: /webdev/hwreport.empty
                  setype: httpd_sys_content_t

• It is required to download the template file to each host, and the values in the content of the template should display different related contents in each host

Complete step

• Try to download it when you take the exam
  wget http://content.example.com/fifiles/hwreport.empty
• Write playbook

1. Use get first_ Download the URL module
2. Then use the replace module to replace the contents of the downloaded file
   Note: use ansible servera - M debug - a 'MSG = "{hostvars}}"' to display the host inventoryhostname information and find the corresponding variable name
   Note: use ansible servera - M setup > setup. Info "to display host hardware information and find the corresponding variable name
   Note: judging by the if condition, is is a test keyword, which is equivalent to judging whether it exists. defined is the test symbol in ansible

[student@workstation ansible]$ vim hwreport.yml
---
- name: Get hwreport info 
  hosts: all
  tasks:
    - name: Create report file 
      get_url:
        url: http://content.example.com/files/hwreport.empty 
        dest: /root/hwreport.txt
    - name: Get inventory_hostname 
      replace:
        path: /root/hwreport.txt 
        regexp: 'inventoryhostname'
        replace: '{{ inventory_hostname }}'
    - name: Get memory total size 
      replace:
        path: /root/hwreport.txt 
        regexp: 'memory_in_MB'
        replace: "{{ ansible_memtotal_mb | string}}" ## The memory size is a numeric value, which is replaced with a string for output
    - name: Get bios version 
      replace:
        path: /root/hwreport.txt 
        regexp: 'BIOS_version'
        replace: "{{ ansible_bios_version }}"
    - name: Get disk vda size 
      replace:
        path: /root/hwreport.txt 
        regexp: 'disk_vda_size'
        replace: "{{ ansible_devices.vda.size if ansible_devices.vda is defined else 'NONE' }}" ## Conditional judgment on the existence of variables
    - name: Get disk vdb size 
      replace:
      path: /root/hwreport.txt 
      regexp: 'disk_vdb_size'
      replace: "{{ ansible_devices.vdb.size if ansible_devices.vdb is defined else 'NONE' }}"
[student@workstation ansible]$ ansible-playbook hwreport.yml

• verification
  for i in server{a..d} bastion;do ssh@$i "cat /root/hwreport.txt";done
  ansible all -m shell -a "cat /root/hwreport.txt"

• If you have time, log in one by one to test it

#verification
[root@bastion ~]# cat /root/hwreport.txt
hostname: bastion
mem: 821
bios: 1.11.1-4.module+el8.1.0+4066+0f1aadab 
vda: 10.00 GB
vdb: NONE 

[root@serverb ~]# cat hwreport.txt 
hostname: serverb
mem: 821
bios: 1.11.1-4.module+el8.1.0+4066+0f1aadab 
vda: 10.00 GB
vdb: 5.00 GB

Knowledge points of investigation

ansible get_url module

• Function: used to download files from http, https or ftp to the managed machine node

url: Of downloaded files URL,support HTTP，HTTPS or FTP agreement
dest: Download to the target path (absolute path). If the target is a directory, use the name of the file on the server. If the target has a name, use the name set by the target
owner: Specify owner
group: Specify membership group
mode: Specify permissions
force: If yes，dest Not a directory. The file will be downloaded each time. If the content changes, the file will be replaced. If not, the file will be downloaded only when the target does not exist
checksum: Calculate the summary of the target file after downloading to ensure its integrity
##Example: checksum="sha256:D98291AC[...]B6DC7B97",
checksum="sha256:http://example.com/path/sha256sum.txt"
url_username: be used for HTTP User name for basic authentication. This parameter may not be used for sites that allow blank passwords`url_password'
url_password: be used for HTTP Password for basic authentication. If not specified`url_username'Parameter, it is not used`url_password'parameter
validate_certs: If“ no"，SSL The certificate will not be verified. Applies to self signed certificates used on private websites
timeout: URL Requested timeout,In seconds

ansible replace module

• This module is a bit similar to the sed command. It is mainly based on regular matching and replacement, and can flexibly modify the contents of the file

• path: Required parameter, specify the file to modify, 2.3 Before version, this parameter is called dest,destfile,name；Now these three names are path Alias for parameter
• regexp: You must specify a regular expression, which can be python regular
• replace: Content after replacement, replace regexp The string to which the parameter matches,
• owner: The user name of the result file or directory, equivalent to chown Command modification
• group: The group name of the result file or directory, equivalent to chown Command modification
• mode: Permissions of the result file or directory, and chmod Inconsistent with the command, replace Modular mode Parameter needs to add leading zeros to ansible of YAML The parser knows it's octal; 1.8 After version, it can be set to symbol mode( u+rwx or u=rw)，2.6 Version can be a special string( preserve)，When set to'preserve'When, the file will be given the same permissions as the source file.
• others: Can specify file All parameters of the module
• encoding: Character encoding for reading and writing files
• before: If specified, replace only/Delete the content before this match, and after Parameter combination
• after: If specified, replace only/Delete the content after this match, and before Parameter combination
• attributes: Special properties of the result file or directory, equivalent to chattr，Default use=Operator to specify an attribute of a file or directory
• backup: Create a backup file containing timestamp information before modifying the source file

Ansible Setup module

• Function: the setup module collects the system information of the host. These facts information can be used directly in the form of variables

ansible all -m setup > setup.info
ansible all -m setup -a "filter=ansible_nodename"
ansible all -m setup -a "filter=ansible_hostname"
ansible all -m setup -a "filter=ansible_domain"
ansible all -m setup -a "filter=ansible_memtotal_mb"
ansible all -m setup -a "filter=ansible_memory_mb"
ansible all -m setup -a "filter=ansible_memfree_mb"
ansible all -m setup -a "filter=ansible_os_family"
ansible all -m setup -a "filter=ansible_distribution_major_version"
ansible all -m setup -a "filter=ansible_distribution_version"
ansible all -m setup -a "filter=ansible_processor_vcpus"
ansible all -m setup -a "filter=ansible_all_ipv4_addresses"
ansible all -m setup -a "filter=ansible_architecture"
ansible all -m setup -a "filter=ansible_uptime_seconds"
ansible all -m setup -a "filter=ansible_processor*"
ansible all -m setup -a 'filter=ansible_env'

Ansible variable reference

• Ansible uses "{{var}}" to refer to variables. If a value starts with "{", YAML will consider it a dictionary, so we must refer to it like this
  foo: "{{ variable }}"