• We'll be working through 3 primary tasks. Each task is meant to get you working with the following
• Ansible Inventories
• Ad-Hoc commands
• Writing a simple playbooks to deliver a wordpress server ( excluding database work as we're short on time )
• Taking that simple playbook and creating roles from those
• Deliver config files that were dynamically generated by system variables

• Internet Access
• Ansible
  • www.ansible.com
• Git client
  • .... well.... you know.... it's around.
• A CentOS / Red Hat 7 VM ( you can use Ubuntu but will need to massage yum to apt and possibly a few other module uses )
  • Possbibly the fastest way to would using Vagrant

    • libvirt

      vagrant init centos/7; vagrant up --provider libvirt

    • virtualbox

      vagrant init centos/7; vagrant up --provider virtualbox

    • vmware_workstation

      vagrant init centos/7; vagrant up --provider vmware_workstation

    • vmware_fusion

      vagrant init centos/7; vagrant up --provider vmware_fusion

All tasks have answers provided in this Git repo under different branches.

1. Create an inventory file and list your VM.

• In my example I have node1.example.com
• I also use the additional variables defined
  • IP Address as I don't have DNS operational
  • User name in case I use a different username from my laptop
  • SSH Port is also defined as the standard SSH port for this host

2. Place the VM in an inventory group named lamp
3. Add attributes about this VM, these will be used because we don't have DNS and you may not be using your local account
4. Using this inventory file test some ad-hoc commands

• Test communications with an Ansible module called ping on all VMs

ansible -i inventory -m ping all

• Check memory on "all" VMs with an ad-hoc command; these use the -a

ansible -i inventory -a "free -m" all

• Check memory for just the lamp servers

ansible -i inventory -a "free -m" lamp

• View the VM Specific information using the Ansible module and only gather this from the lamp group

ansible -i inventory -m setup all 

4. Review that lovely info you just got and dream about what fun you can have with it

• Ansible Ad-Hoc Intro
• Ansible Running Ad Hoc Commands

git checkout task1

1. Create a playbook that will install the required software packages for our LAMP stack

• epel-release
• firewalld
• httpd
• mod_ssl
• mariadb-server
• wordpress

2. To install wordpress you will need to ensure that epel-release is installed first.
3. Start the services and ensure they sustain a reboot
4. Configure Firewalld
5. Wordpress installs to /usr/local/wordpress so you'll need to create a symbolic link to /var/www/html/wordpress
6. Database – Skip it for now; our goal is deploy a solid stack Using the following link as a reference, you could create the wordpress database; I would skip this at this time and perform this manually. This is purely based on time -

Take small steps through this. Take your time and use the links below to accomplish this task. First use the yum module and get the packages installed. Then move onto the service module to enable and start them. You can run this playbook over and over again on your VM. Since the packages are already installed after step 1 the playbook will simply skip that step going forward.

• Ansible Yum Module
• Ansible Service Module
• Ansible FirewallD Module
• Ansible File Module
• Ansible MysqlD Module

git checkout task2

1. Delete one of the packages or disable a service on reboot and run your playbook again. See how it was repaired?
2. Run your playbook through ansible-lint to see what you could improve. Me? I always have trailing whitespace.

1. Break the tasks into roles

• security
• apache
• mariadb

2. These to start will be very sparse but our primary objective here is

• start using all those facts we got from -m setup in our files
• start using variables
• start using dependencies

3. Build out the roles directory structure using the best practices guides

 mkdir roles
cd roles
for i in security apache mariadb wordpress; do
   ansible-galaxy init ${i}
   done

4. Start with the Apache role and transfer your tasks from the previous steps to here

    roles/                     # < -- parent directory for roles
    apache/                   #       this hierarchy represents a "role" for apache
      tasks/                  #
            main.yml          #  <-- Where our tasks will live
      handlers/               #
              main.yml        #  <-- When we use notify for restarts it
                              #      calls from here
      templates/              #  
            wordpress.conf.j2 #  <--- Our wordpress.conf that will use facts
      files/                  #
            httpd.conf        #  <-- Copy our default httpd.conf
      vars/                   #
          main.yml            #  <-- ServerAlias variable defined here
      meta/                   #
          main.yml            #  <-- define mariadb as a role dependency here
   

• You can use the example_* files. These are files that work on the end system. From there back your way into the facts.
• templates /
  • Change the example_wordpress.conf file as follows
    • VirtualHost 192.168.86.246:80 should fill with your systems IP address
    • ServerName, ErrorLog and CustomLog should fill with your servers name
    • ServerAlias should fill from the var MyServerAlias you'll define a bit later
• files /
  • deploy the httpd.conf file, ensuring it's permissions when delivered
• handlers /
  • Create a handler for the httpd service so when these changes are made we restart the service
• vars /
  • define the MyServerAlias variable as www.example.com to be populated in the wordpress.conf
• meta /
  • define mariadb as a role dependency but leave it commented out so you can test without that role

5. Build out the mariadb role

    roles/                     # < -- parent directory for roles
    mariadb/                  # this hierarchy represents a "role" for apache
      tasks/                  #
            main.yml          #  <-- Where our tasks will live
      handlers/               #
              main.yml        #  <-- When we use notify for restarts it calls from here
      templates/              #  
            my.cnf.j2         #  <--- an easy mysql config that uses a
                              #       variable from default for port
      defaults                #
          main.yml            #  <-- Define the mariadb port here
      meta/                   #
          main.yml            #  <-- define mariadb as a role dependency here
   

• You can use the example_* files as needed.
• templates /
  • Change the my.cnf.j2 to use MyDefaultMariaDBPort for it's port
• handlers /
  • Define a mariadb service restart here to be used after the my.cnf is deployed
• defaults /
  • set the MyDefaultMariaDBPort variable here
• tasks /
  • Install mariadb-server and deliver the my.cnf file; finally restart mariadb

• Ansible Template Files
• Ansible Handlers
• Ansible Notifications

git checkout task3