Vous êtes ici : Formations en Ligne Gratuites » Catalogue » workbooks » Debian » Debian 6, 7 et 8 » LDF300 - Debian Linux - System Administrator » LCF800 - Présentation de la Formation » LCF805 - Validation de la Formation

Ceci est une ancienne révision du document !

Table des matières

Version - 2020.01

Dernière mise-à-jour : 2020/04/13 12:57

DOF506 - Ansible par la Pratique

Arrêter les Machines Virtuelles non Indisponsables

Formations en FFP

Utilisez l'interface graphique de VirtualBox et arrêtez les machines virtuelles Ansible et Windows10.

Restaurez ensuite les machines virtuelles Ansible et Windows10 vers leurs états d'origine en revenant à snapshot1.

Formations en FAD

Utilisez les commandes suivantes pour arrêter les machines virtuelles les machines virtuelles Ansible et Windows10 : 

trainee@ansible:~$ exit
déconnexion
Connection to localhost closed.
desktop@server16:~$ VBoxManage controlvm Ansible poweroff
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%
desktop@server16:~$ VBoxManage controlvm Windows10 poweroff
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%

Restaurez l'état d'origine des machines virtuelles : 

desktop@server16:~$ VBoxManage snapshot Ansible restorecurrent
Restoring snapshot 'snapshot1' (bf8d10aa-a81c-4d5e-b91e-f853062fa328)
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%
desktop@server16:~$ VBoxManage snapshot Windows10 restorecurrent
Restoring snapshot 'snapshot1' (242b74ad-bf5b-4a1b-ae74-6b7e14ff131d)
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%

LAB #17 - Automatiser avec Ansible

Lancez la machine virtuelle CentOS_7.

Si vous êtes en FAD, utilisez la commande suivante : 

desktop@server16:~$ VBoxManage startvm CentOS_7 --type headless
Waiting for VM "CentOS_7" to power on...
VM "CentOS_7" has been successfully started.

Connectez-vous à la VM en ssh en utilisant localhost:3022 avec le compte trainee et le mot de passe trainee. Vous n'avez PAS besoin de mettre la machine dans le NatNetwork. La carte réseau doit être en Nat dans la configuration de VirtualBox.

Il vous est demandé d'automatiser avec Ansible :

  • l'installation du serveur vsftpd,
  • la mise à jour éventuelle de firewalld,
  • la création d'une règle dans firewalld pour le trafic vers le serveur vsfptd,
  • la création sécurisée de deux comptes ftp :
    • user : mike
      • mot de passe : toto
    • user : bob
      • mot de passe : tata

Installez donc Ansible à partir des dépôts : 

[trainee@centos7 ~]$ su -
Mot de passe : fenestros
Dernière connexion : jeudi 5 septembre 2019 à 18:28:51 CEST sur pts/0

[root@centos7 ~]# yum install ansible

Vérifiez ensuite la présence des exécutables : 

[root@centos7 ~]# which ansible
/bin/ansible
[root@centos7 ~]# which ansible-playbook
/bin/ansible-playbook

Afin de vous aider, on vous fournit deux fichiers : 

[root@centos7 ~]# cat vsftpd.yml
---
- name: ftp server install
  hosts: localhost
  gather_facts: no
  become: yes
  vars_files:
    - users.yml
  tasks:
    - name: latest vsftpd version
      yum:
        name: vsftpd
        state: latest
    - name: latest firewalld version
        name: firewalld
        state: latest
    - name: vsftpd
      service:
        name vsftpd
        enabled: true
        state: started
    - name: firewalld
      service:
        name: firewalld
        enabled: true
        state: started
    - name: firewalld allows ftp
      firewalld:
        permanent: yes
        immediate: yes
        state: enabled
    - name: Create_FTP_users
      user:
        password: "{{ item.password | password_hash(sha512) }}"
        with_items: "{{ ftp_users }}"
[root@centos7 ~]# ansible-vault view secrets.yml
Vault password: fenestros
ftp_users:
 - { username: mike, password: toto }
 - { username: bob, password: tata }

Lors de l'exécution de la commande ansible-playback, vous obtenez le résultat suivant : 

[root@centos7 ~]# ansible-playbook vsftpd.yml
 [WARNING]: Could not match supplied host pattern, ignoring: all

 [WARNING]: provided hosts list is empty, only localhost is available

ERROR! Syntax Error while loading YAML.


The error appears to have been in '/root/vsftpd.yml': line 14, column 13, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

    - name: latest firewalld version
        name: firewalld
        ^ here

exception type: <class 'yaml.scanner.ScannerError'>
exception: mapping values are not allowed in this context
 in "<unicode string>", line 14, column 13

A vous de jouer !

<ifauth @admin>

Erreur #1

Editez le fichier vsftpd.yml : 

[root@centos7 ~]# vi vsftpd.yml
[root@centos7 ~]# cat vsftpd.yml
---
- name: ftp server install
  hosts: localhost
  gather_facts: no
  become: yes
  vars_files:
    - users.yml
  tasks:
    - name: latest vsftpd version
      yum:
        name: vsftpd
        state: latest
    - name: latest firewalld version
      yum:   <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<Ajouter yum:
        name: firewalld
        state: latest
    - name: vsftpd
      service:
        name vsftpd
        enabled: true
        state: started
    - name: firewalld
      service:
        name: firewalld
        enabled: true
        state: started
    - name: firewalld allows ftp
      firewalld:
        permanent: yes
        immediate: yes
        state: enabled
    - name: Create_FTP_users
      user:
        password: "{{ item.password | password_hash(sha512) }}"
        with_items: "{{ ftp_users }}"

Relancez la commande ansible-playbook : 

[root@centos7 ~]# ansible-playbook vsftpd.yml
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'
ERROR! Syntax Error while loading YAML.
  mapping values are not allowed in this context

The error appears to be in '/root/vsftpd.yml': line 20, column 16, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

        name vsftpd
        enabled: true
               ^ here

Erreur #2

Editez le fichier vsftpd.yml : 

[root@centos7 ~]# vi vsftpd.yml
[root@centos7 ~]# cat vsftpd.yml
---
- name: ftp server install
  hosts: localhost
  gather_facts: no
  become: yes
  vars_files:
    - users.yml
  tasks:
    - name: latest vsftpd version
      yum:
        name: vsftpd
        state: latest
    - name: latest firewalld version
      yum:   <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<Ajouter yum:
        name: firewalld
        state: latest
    - name: vsftpd
      service:
        name: vsftpd <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<Ajouter le caractère : après name
        enabled: true
        state: started
    - name: firewalld
      service:
        name: firewalld
        enabled: true
        state: started
    - name: firewalld allows ftp
      firewalld:
        permanent: yes
        immediate: yes
        state: enabled
    - name: Create_FTP_users
      user:
        password: "{{ item.password | password_hash(sha512) }}"
        with_items: "{{ ftp_users }}"

Relancez la commande ansible-playbook : 

[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'
ERROR! vars file users.yml was not found
Could not find file on the Ansible Controller.
If you are using a module and expect the file to exist on the remote, see the remote_src option

Erreur #3

Créez le fichier users.yml : 

[root@centos7 ~]# vi users.yml
[root@centos7 ~]# cat users.yml 
ftp_users:
 - { username: mike, password: toto }
 - { username: bob, password: tata }

Relancez la commande ansible-playbook : 

[root@centos7 ~]# mv user.yml users.yml 
[root@centos7 ~]# ansible-playbook vsftpd.yml
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'

PLAY [ftp server install] ***********************************************************************************************************************************************

TASK [latest vsftpd version] ********************************************************************************************************************************************
changed: [localhost]

TASK [latest firewalld version] *****************************************************************************************************************************************
changed: [localhost]

TASK [vsftpd] ***********************************************************************************************************************************************************
changed: [localhost]

TASK [firewalld] ********************************************************************************************************************************************************
ok: [localhost]

TASK [firewalld allows ftp] *********************************************************************************************************************************************
ok: [localhost]

TASK [Create_FTP_users] *************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'sha512' is undefined\n\nThe error appears to be in '/root/vsftpd.yml': line 32, column 7, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n        state: enabled\n    - name: Create_FTP_users\n      ^ here\n"}

PLAY RECAP **************************************************************************************************************************************************************
localhost                  : ok=5    changed=3    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0

Erreurs 4, 5 et 6

[root@centos7 ~]# vi vsftpd.yml
[root@centos7 ~]# cat vsftpd.yml
---
- name: ftp server install
  hosts: localhost
  gather_facts: no
  become: yes
  vars_files:
    - users.yml
  tasks:
    - name: latest vsftpd version
      yum:
        name: vsftpd
        state: latest
    - name: latest firewalld version
      yum:   <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<Ajouter yum:
        name: firewalld
        state: latest
    - name: vsftpd
      service:
        name: vsftpd <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<Ajouter le caractère : après name
        enabled: true
        state: started
    - name: firewalld
      service:
        name: firewalld
        enabled: true
        state: started
    - name: firewalld allows ftp
      firewalld:
        permanent: yes
        immediate: yes
        state: enabled
    - name: Create_FTP_users
      user:
        name: "{{ item.username }}"  <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<Ajouter la ligne name:
        password: "{{ item.password | password_hash('sha512') }}" <<<<<<<<<<<<Entourer sha512 avec des caractères '
      with_items: "{{ ftp_users }}" <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<Aligner with_items: avec user:

Relancez la commande ansible-playbook : 

[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'
ERROR! vars file users.yml was not found
Could not find file on the Ansible Controller.
If you are using a module and expect the file to exist on the remote, see the remote_src option

Relancez la commande ansible-playbook : 

[root@centos7 ~]# ansible-playbook vsftpd.yml
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'

PLAY [ftp server install] ***********************************************************************************************************************************************

TASK [latest vsftpd version] ********************************************************************************************************************************************
ok: [localhost]

TASK [latest firewalld version] *****************************************************************************************************************************************
ok: [localhost]

TASK [vsftpd] ***********************************************************************************************************************************************************
ok: [localhost]

TASK [firewalld] ********************************************************************************************************************************************************
ok: [localhost]

TASK [firewalld allows ftp] *********************************************************************************************************************************************
ok: [localhost]

TASK [Create_FTP_users] *************************************************************************************************************************************************
changed: [localhost] => (item={u'username': u'mike', u'password': u'toto'})
changed: [localhost] => (item={u'username': u'bob', u'password': u'tata'})

PLAY RECAP **************************************************************************************************************************************************************
localhost                  : ok=6    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Arrêter la Machine Virtuelle

Formations en FFP

Utilisez l'interface graphique de VirtualBox et arrêtez la machine virtuelle CentOS_7.

Restaurez ensuite la machine virtuelle CentOS_7 vers son état d'origine en revenant à snapshot1.

Formations en FAD

Utilisez les commandes suivantes pour arrêter la machine virtuelle CentOS_7 : 

desktop@server16:~$ VBoxManage controlvm CentOS_7 poweroff
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%

Restaurez l'état d'origine la machine virtuelle CentOS_7 : 

desktop@server16:~$ VBoxManage snapshot CentOS_7 restorecurrent
Restoring snapshot 'snapshot1' (584b899e-3089-4c1e-82da-3e221a68de9e)
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%

</ifauth>

<html>

Copyright © 2020 Hugh NORRIS

</html>

Piste : LDF100 - Présentation de Linux LDF100 - Debian Linux - User LDF400 - Présentation de la Formation LCF801 - Installation d'Ansible LCF803 - Rôles, Gabarits, Variables et Facts DOF404 - Hiera et Modules LCF805 - Validation de la Formation

Menu