├── .gitignore ├── README.md ├── app ├── A.playbook_optimization │ ├── Ansible Performance Tuning (for Fun and Profit).url │ ├── Ansible Vault — Ansible Documentation.url │ ├── [Ansible] 볼트(Vault)를 어떻게 하면 잘 쓸수 있을까- - YouTube.url │ └── [심화] 앤서블(Ansible)을 깊이 있게 활용하기 - Udemy.url ├── B.CMDB │ ├── Installation - Ansible-CMDB.url │ ├── fboender-ansible-cmdb- Generate host overview from ansible fact gathering output.url │ └── overview.html └── C.plabybook_options │ ├── Playbook Keywords — Ansible Documentation.url │ ├── block │ └── Blocks — Ansible Documentation.url │ ├── debugger │ ├── Playbook Debugger — Ansible Documentation.url │ ├── debugger.output │ └── env_w_debugger.yml │ ├── diff │ └── diff directive does not behave the same as '--diff' on the command line · Issue #31129 · ansible-ansible.url │ ├── environment │ ├── env.output │ └── env.yml │ ├── fact_path │ ├── ansible_tmp │ │ ├── (OR) date_and_time.fact │ │ └── date_and_time.fact │ └── custom_fact.yml │ ├── force_handlers │ ├── force_handlers.output │ └── force_handlers.yml │ └── module_defaults │ ├── default.output │ └── default.yml ├── ch2 ├── Ansible_module_list-Aug2018 ├── Download CentOS.url ├── Downloads – Oracle VM VirtualBox.url ├── File Permission 0644 for Mac Linux and Unix - File Permissions.url ├── ansible 2.4.2.0_w_cfg_n_hosts │ ├── ansible.cfg │ └── hosts └── nginx_install.yml ├── ch3 ├── 3.1.1 │ └── Download - Vagrant by HashiCorp.url ├── 3.1.3 │ ├── Available Vagrant Plugins · hashicorp-vagrant Wiki.url │ ├── Discover Vagrant Boxes - Vagrant Cloud.url │ └── Vagrantfile ├── 3.2.1 │ ├── SMB - Synced Folders - Vagrant by HashiCorp.url │ ├── Vagrantfile │ └── vagrant_up.output ├── 3.2.2 │ ├── Vagrantfile │ └── vagrant_provision.output ├── 3.2.3 │ ├── Vagrantfile │ ├── ansible_env_ready.yml │ ├── ansible_local │ │ ├── Vagrantfile │ │ ├── ansible_env_ready.yml │ │ └── vagrant_up.output │ ├── tpope-vim-pathogen- pathogen.vim- manage your runtimepath.url │ └── vagrant_provision.output ├── 3.3.1 │ ├── Vagrantfile │ ├── ansible_env_ready.yml │ └── vagrant_up.output ├── 3.3.2 │ ├── Vagrantfile │ ├── ansible_env_ready.yml │ └── vagrant_provision.output ├── 3.3.3 │ ├── Vagrantfile │ ├── ansible_env_ready.yml │ ├── ansible_ssh_conf_4_CentOS.yml │ ├── bash_ssh_conf_4_CentOS.sh │ └── vagrant_provision.output └── 3.3.4 │ ├── Vagrantfile │ ├── add_ssh_auth.sh │ ├── ansible_env_ready.yml │ ├── bash_ssh_conf_4_CentOS.sh │ ├── vag_reconf.bat │ └── vagrant_provision.output ├── ch4 ├── 4.1.1 │ ├── nginx_install.yml │ └── nginx_remove.yml ├── 4.1.2 │ └── timezone.yml ├── 4.1.3 │ └── nfs.yml ├── 4.2.1 │ ├── Vagrantfile │ ├── add_ssh_auth.sh │ ├── ansible_env_ready.yml │ ├── bash_ssh_conf_4_CentOS.sh │ ├── vag_reconf.bat │ └── vagrant_up.output ├── 4.2.2 │ ├── nginx_install.yml │ └── nginx_remove.yml ├── 4.2.3 │ └── timezone.yml ├── 4.2.4 │ └── nfs.yml ├── 4.3.1 │ ├── Vagrantfile │ ├── add_ssh_auth.sh │ ├── ansible_env_ready.yml │ ├── bash_ssh_conf_4_CentOS.sh │ ├── vag_reconf.bat │ └── vagrant_up.output ├── 4.3.2 │ ├── No WinRM config on the Client Nodes │ │ └── windows_env_ready.ps1 │ ├── Vagrantfile │ ├── add_ssh_auth.sh │ ├── ansible_env_ready.yml │ ├── bash_ssh_conf_4_CentOS.sh │ ├── vag_reconf.bat │ └── vagrant_provision_ansible-server.output ├── 4.3.3 │ ├── install_chocolatey │ │ └── install_chocolatey.ps1 │ └── nginx_install.yml ├── 4.3.4 │ └── timezone.yml └── 4.3.5 │ └── nfs.yml ├── ch5 ├── 5.1.1 │ ├── Vagrantfile │ ├── ansible_env_ready.yml │ ├── vag_reconf.bat │ └── vagrant_up.output ├── 5.1.2 │ ├── nxos_ntp module │ │ └── nxos_ntp.yml │ └── nxos_timezone.yml ├── 5.1.3 │ └── nxos_vlan_n_bck.yml ├── 5.1.4 │ └── nxos_tftp_backup.yml ├── 5.2.1 │ ├── Vagrantfile │ ├── VyOS docs │ │ ├── User Guide - VyOS Wiki.url │ │ └── User documentation - VyOS Wiki.url │ ├── ansible_env_ready.yml │ ├── vag_reconf.bat │ ├── vagrant_up.output │ ├── vagrant_up_w_auto_config.output │ └── vagrant_up_w_vbguest.output ├── 5.2.2 │ ├── Download PuTTY- latest release (0.70).url │ ├── Google Code Archive - Long-term storage for Google Code Project Hosting-.url │ └── vyos_lldp.yml ├── 5.2.3 │ └── vyos_hostname.yml ├── 5.2.4 │ └── vyos_bond.yml ├── 5.3.1 │ ├── Vagrantfile │ ├── ansible_env_ready.yml │ ├── cumulus's config │ │ ├── Configuring FRRouting - Cumulus Linux 3.4.3 - Cumulus Networks.url │ │ └── Create a Two-Leaf, Two-Spine Topology - Cumulus VX - Cumulus Networks.url │ ├── vag_reconf.bat │ ├── vagrant_up.output │ └── virtual_box's config │ │ ├── Chapter 8. VBoxManage.url │ │ └── Chapter 9. Advanced topics.url ├── 5.3.2 │ └── cl_hostname.yml ├── 5.3.3 │ └── cl_peerlink.yml └── 5.3.4 │ ├── cl_int.yml │ ├── cl_ospf.yml │ └── vtysh │ └── cl_frr.yml ├── ch6 ├── 6.1.1 │ ├── Vagrantfile │ ├── ansible_env_ready.yml │ ├── bash_ssh_conf_4_CentOS.sh │ ├── vag_reconf.bat │ └── vagrant_up.output ├── 6.1.2 │ ├── Vagrantfile │ ├── ansible_env_ready.yml │ ├── auto_pass.yml │ ├── bash_ssh_conf_4_CentOS.sh │ ├── vag_reconf.bat │ └── vagrant_up.output ├── 6.1.3 │ ├── Avoid_FAILED_err_during_authpass │ │ ├── auto_pass_2tasks.output │ │ └── auto_pass_2tasks.yml │ ├── Vagrantfile │ ├── ansible_env_ready.yml │ ├── auto_pass.yml │ ├── bash_ssh_conf_4_CentOS.sh │ ├── vag_reconf.bat │ └── vagrant_provision.output ├── 6.2.1 │ ├── facts.yml │ ├── facts_collector.yml │ └── facts_output │ │ ├── facts.txt │ │ ├── facts_by_collector │ │ ├── ansible-node101_facts_by_collector.txt │ │ ├── ansible-node102_facts_by_collector.txt │ │ ├── ansible-node103_facts_by_collector.txt │ │ ├── ansible-node104_facts_by_collector.txt │ │ ├── ansible-node105_facts_by_collector.txt │ │ ├── ansible-node201_facts_by_collector.txt │ │ ├── ansible-node202_facts_by_collector.txt │ │ ├── ansible-node203_facts_by_collector.txt │ │ ├── ansible-node204_facts_by_collector.txt │ │ └── ansible-node205_facts_by_collector.txt │ │ └── facts_by_tree │ │ ├── 192.168.1.101 │ │ ├── 192.168.1.102 │ │ ├── 192.168.1.103 │ │ ├── 192.168.1.104 │ │ ├── 192.168.1.105 │ │ ├── 192.168.1.201 │ │ ├── 192.168.1.202 │ │ ├── 192.168.1.203 │ │ ├── 192.168.1.204 │ │ └── 192.168.1.205 ├── 6.2.2 │ ├── nginx_install_w_when.yml │ └── nginx_remove_w_when.yml ├── 6.2.3 │ ├── install │ │ ├── CentOS.yml │ │ ├── Ubuntu.yml │ │ └── nginx_install_w_include_tasks.yml │ └── remove │ │ ├── CentOS_remo.yml │ │ ├── Ubuntu_remo.yml │ │ └── nginx_remove_w_include_tasks.yml ├── 6.2.4 │ ├── install │ │ ├── CentOS.yml │ │ ├── Ubuntu.yml │ │ └── nginx_install_w_if.yml │ └── remove │ │ ├── CentOS_remo.yml │ │ ├── Ubuntu_remo.yml │ │ └── nginx_remove_w_if.yml ├── 6.3.1 │ ├── nfs_adv.yml │ ├── nfs_clients.yml │ └── nfs_server.yml ├── 6.3.2 │ ├── [WARNING] │ │ └── nxos_tftp_backup_adv.yml │ ├── facts │ │ ├── nxos_facts │ │ ├── nxos_facts_chk.yml │ │ ├── nxos_facts_collector.yml │ │ └── nxos_facts_show.yml │ ├── nxos_env_ready.yml │ ├── nxos_itasks │ │ ├── nxos_backup_adv.yml │ │ ├── selinux_enforcing.yml │ │ ├── selinux_permissive.yml │ │ ├── tftp_server_config.yml │ │ └── xinetd_service_restart.yml │ └── nxos_tftp_backup_adv.yml ├── 6.3.3 │ ├── Old_known+auth.zip │ ├── Vagrantfile │ ├── ansible_env_ready.yml │ ├── cl_auto_pass.yml │ └── vagrant_up.output └── 6.3.4 │ ├── cl_conf_ospf.yml │ ├── cl_lldp.yml │ ├── cl_ospf_adv.yml │ └── cl_peerlink.yml └── ch7 ├── 7.1.1 ├── install │ ├── CentOS.yml │ ├── Ubuntu.yml │ └── nginx_install_w_handlers.yml └── remove_from_6.2.4 │ ├── CentOS_remo.yml │ ├── Ubuntu_remo.yml │ └── nginx_remove_w_if.yml ├── 7.1.2 ├── install │ ├── CentOS.yml │ ├── Ubuntu.yml │ ├── group_vars │ │ └── GroupName │ ├── host_vars │ │ └── 192.168.1.NodeIP │ └── nginx_install_wo_vars.yml └── remove_from_6.2.4 │ ├── CentOS_remo.yml │ ├── Ubuntu_remo.yml │ └── nginx_remove_w_if.yml ├── 7.1.3 ├── install │ ├── CentOS.yml │ ├── Ubuntu.yml │ ├── index.j2 │ └── nginx_install_w_template.yml └── remove_from_6.2.4 │ ├── CentOS_remo.yml │ ├── Ubuntu_remo.yml │ └── nginx_remove_w_if.yml ├── 7.1.4 ├── Jinja live parser.url ├── hosts │ ├── hosts.j2 │ └── hosts_template.yml └── nginx │ ├── install │ ├── CentOS.yml │ ├── Ubuntu.yml │ ├── index.j2 │ ├── ins_chk.j2 │ └── nginx_install_w_template_n_chk.yml │ └── remove_from_6.2.4 │ ├── CentOS_remo.yml │ ├── Ubuntu_remo.yml │ └── nginx_remove_w_if.yml ├── 7.2.1 ├── install │ ├── nginx_install_w_roles.yml │ └── roles │ │ └── nginx │ │ ├── files │ │ └── nginx.conf │ │ ├── handlers │ │ └── main.yml │ │ ├── tasks │ │ ├── CentOS.yml │ │ ├── Ubuntu.yml │ │ ├── config.yml │ │ └── main.yml │ │ ├── templates │ │ └── index.j2 │ │ └── vars │ │ └── main.yml └── remove_from_6.2.4 │ ├── CentOS_remo.yml │ ├── Ubuntu_remo.yml │ └── nginx_remove_w_if.yml └── 7.2.2 ├── install ├── Ansible Galaxy - Find, reuse, and share the best Ansible content.url ├── jdauphant.nginx.output └── jdauphant.nginx.yml └── remove_from_6.2.4 ├── CentOS_remo.yml ├── Ubuntu_remo.yml └── nginx_remove_w_if.yml /.gitignore: -------------------------------------------------------------------------------- 1 | .vagrant/ 2 | .DS_Store 3 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # 우아하게 앤서블 2 | 3 | 4 | 5 | 6 | 이 저장소는 [우아하게 앤서블](http://www.yes24.com/Product/Goods/65306887) 책에 실습을 위한 코드를 제공합니다. 7 | -------------------------------------------------------------------------------- /app/A.playbook_optimization/Ansible Performance Tuning (for Fun and Profit).url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://www.ansible.com/blog/ansible-performance-tuning 3 | -------------------------------------------------------------------------------- /app/A.playbook_optimization/Ansible Vault — Ansible Documentation.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://docs.ansible.com/ansible/2.6/user_guide/vault.html 3 | -------------------------------------------------------------------------------- /app/A.playbook_optimization/[Ansible] 볼트(Vault)를 어떻게 하면 잘 쓸수 있을까- - YouTube.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://www.youtube.com/watch?v=MPqoStNpirw&t=1s 3 | -------------------------------------------------------------------------------- /app/A.playbook_optimization/[심화] 앤서블(Ansible)을 깊이 있게 활용하기 - Udemy.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://www.udemy.com/ansible_expert/?couponCode=LEARNANSIBLE101 3 | IDList= 4 | HotKey=0 5 | [{000214A0-0000-0000-C000-000000000046}] 6 | Prop3=19,11 7 | -------------------------------------------------------------------------------- /app/B.CMDB/Installation - Ansible-CMDB.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=http://ansible-cmdb.readthedocs.io/en/latest/installation/ 3 | -------------------------------------------------------------------------------- /app/B.CMDB/fboender-ansible-cmdb- Generate host overview from ansible fact gathering output.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://github.com/fboender/ansible-cmdb 3 | -------------------------------------------------------------------------------- /app/C.plabybook_options/Playbook Keywords — Ansible Documentation.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://docs.ansible.com/ansible/2.6/reference_appendices/playbooks_keywords.html 3 | -------------------------------------------------------------------------------- /app/C.plabybook_options/block/Blocks — Ansible Documentation.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://docs.ansible.com/ansible/2.6/user_guide/playbooks_blocks.html 3 | -------------------------------------------------------------------------------- /app/C.plabybook_options/debugger/Playbook Debugger — Ansible Documentation.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://docs.ansible.com/ansible/2.4/playbooks_debugger.html 3 | -------------------------------------------------------------------------------- /app/C.plabybook_options/debugger/debugger.output: -------------------------------------------------------------------------------- 1 | [vagrant@ansible-server ~]$ anp env_w_debugger.yml 2 | 3 | PLAY [Environment] ******************************************************************************************************************************* 4 | 5 | TASK [Gathering Facts] *************************************************************************************************************************** 6 | ok: [localhost] 7 | 8 | TASK [echo $PATH] ******************************************************************************************************************************** 9 | fatal: [localhost]: FAILED! => {"changed": true, "cmd": "wrong $PATH", "delta": "0:00:00.004752", "end": "2018-07-31 04:57:36.429562", "msg": "non-zero return code", "rc": 127, "start": "2018-07-31 04:57:36.424810", "stderr": "/bin/sh: wrong: command not found", "stderr_lines": ["/bin/sh: wrong: command not found"], "stdout": "", "stdout_lines": []} 10 | [localhost] TASK: echo $PATH (debug)> p task 11 | TASK: echo $PATH 12 | [localhost] TASK: echo $PATH (debug)> p task.args 13 | {'_ansible_check_mode': False, 14 | '_ansible_debug': False, 15 | '_ansible_diff': False, 16 | '_ansible_keep_remote_files': False, 17 | '_ansible_module_name': 'command', 18 | '_ansible_no_log': False, 19 | '_ansible_remote_tmp': u'~/.ansible/tmp', 20 | '_ansible_selinux_special_fs': ['fuse', 'nfs', 'vboxsf', 'ramfs', '9p'], 21 | '_ansible_shell_executable': u'/bin/sh', 22 | '_ansible_socket': None, 23 | '_ansible_syslog_facility': u'LOG_USER', 24 | '_ansible_tmpdir': u'/home/vagrant/.ansible/tmp/ansible-tmp-1533013056.16-69484181229449/', 25 | '_ansible_verbosity': 0, 26 | '_ansible_version': '2.6.1', 27 | u'_raw_params': u'wrong $PATH', 28 | '_uses_shell': True, 29 | 'warn': True} 30 | [localhost] TASK: echo $PATH (debug)> -------------------------------------------------------------------------------- /app/C.plabybook_options/debugger/env_w_debugger.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Environment 3 | hosts: localhost 4 | debugger: on_failed 5 | 6 | environment: 7 | PATH: "{{ ansible_env.PATH }}:Custome(ex: JAVA)/PATH/Location" 8 | http_proxy: http://proxy.example.com:8080 9 | 10 | tasks: 11 | - name: echo $PATH 12 | shell: wrong $PATH 13 | register: PATH 14 | 15 | - name: show $PATH 16 | debug: 17 | msg: "{{ PATH.stdout }}" 18 | 19 | - name: show env_all_n_proxy 20 | debug: 21 | msg: "{{ ansible_env }}" -------------------------------------------------------------------------------- /app/C.plabybook_options/diff/diff directive does not behave the same as '--diff' on the command line · Issue #31129 · ansible-ansible.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://github.com/ansible/ansible/issues/31129 3 | -------------------------------------------------------------------------------- /app/C.plabybook_options/environment/env.output: -------------------------------------------------------------------------------- 1 | [vagrant@ansible-server ~]$ anp env.yml 2 | 3 | PLAY [Environment] ******************************************************************************************************************************* 4 | 5 | TASK [Gathering Facts] *************************************************************************************************************************** 6 | ok: [localhost] 7 | 8 | TASK [echo $PATH] ******************************************************************************************************************************** 9 | changed: [localhost] 10 | 11 | TASK [show $PATH] ******************************************************************************************************************************** 12 | ok: [localhost] => { 13 | "msg": "/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/vagrant/.local/bin:/home/vagrant/bin:Custome(ex: JAVA)/PATH/Location" 14 | } 15 | 16 | TASK [show env_all_n_proxy] ********************************************************************************************************************** 17 | ok: [localhost] => { 18 | "msg": { 19 | "HISTCONTROL": "ignoredups", 20 | "HISTSIZE": "1000", 21 | "HOME": "/home/vagrant", 22 | "HOSTNAME": "ansible-server", 23 | "LANG": "en_US.UTF-8", 24 | "LESSOPEN": "||/usr/bin/lesspipe.sh %s", 25 | "LOGNAME": "vagrant", 26 | "LS_COLORS": "rs=0:di=38;5;27:ln=38;5;51:mh=44;38;5;15:pi=40;38;5;11:so=38;5;13:do=38;5;5:bd=48;5;232;38;5;11:cd=48;5;232;38;5;3:or=48;5;232;38;5;9:mi=05;48;5;232;38;5;15:su=48;5;196;38;5;15:sg=48;5;11;38;5;16:ca=48;5;196;38;5;226:tw=48;5;10;38;5;16:ow=48;5;10;38;5;21:st=48;5;21;38;5;15:ex=38;5;34:*.tar=38;5;9:*.tgz=38;5;9:*.arc=38;5;9:*.arj=38;5;9:*.taz=38;5;9:*.lha=38;5;9:*.lz4=38;5;9:*.lzh=38;5;9:*.lzma=38;5;9:*.tlz=38;5;9:*.txz=38;5;9:*.tzo=38;5;9:*.t7z=38;5;9:*.zip=38;5;9:*.z=38;5;9:*.Z=38;5;9:*.dz=38;5;9:*.gz=38;5;9:*.lrz=38;5;9:*.lz=38;5;9:*.lzo=38;5;9:*.xz=38;5;9:*.bz2=38;5;9:*.bz=38;5;9:*.tbz=38;5;9:*.tbz2=38;5;9:*.tz=38;5;9:*.deb=38;5;9:*.rpm=38;5;9:*.jar=38;5;9:*.war=38;5;9:*.ear=38;5;9:*.sar=38;5;9:*.rar=38;5;9:*.alz=38;5;9:*.ace=38;5;9:*.zoo=38;5;9:*.cpio=38;5;9:*.7z=38;5;9:*.rz=38;5;9:*.cab=38;5;9:*.jpg=38;5;13:*.jpeg=38;5;13:*.gif=38;5;13:*.bmp=38;5;13:*.pbm=38;5;13:*.pgm=38;5;13:*.ppm=38;5;13:*.tga=38;5;13:*.xbm=38;5;13:*.xpm=38;5;13:*.tif=38;5;13:*.tiff=38;5;13:*.png=38;5;13:*.svg=38;5;13:*.svgz=38;5;13:*.mng=38;5;13:*.pcx=38;5;13:*.mov=38;5;13:*.mpg=38;5;13:*.mpeg=38;5;13:*.m2v=38;5;13:*.mkv=38;5;13:*.webm=38;5;13:*.ogm=38;5;13:*.mp4=38;5;13:*.m4v=38;5;13:*.mp4v=38;5;13:*.vob=38;5;13:*.qt=38;5;13:*.nuv=38;5;13:*.wmv=38;5;13:*.asf=38;5;13:*.rm=38;5;13:*.rmvb=38;5;13:*.flc=38;5;13:*.avi=38;5;13:*.fli=38;5;13:*.flv=38;5;13:*.gl=38;5;13:*.dl=38;5;13:*.xcf=38;5;13:*.xwd=38;5;13:*.yuv=38;5;13:*.cgm=38;5;13:*.emf=38;5;13:*.axv=38;5;13:*.anx=38;5;13:*.ogv=38;5;13:*.ogx=38;5;13:*.aac=38;5;45:*.au=38;5;45:*.flac=38;5;45:*.mid=38;5;45:*.midi=38;5;45:*.mka=38;5;45:*.mp3=38;5;45:*.mpc=38;5;45:*.ogg=38;5;45:*.ra=38;5;45:*.wav=38;5;45:*.axa=38;5;45:*.oga=38;5;45:*.spx=38;5;45:*.xspf=38;5;45:", 27 | "MAIL": "/var/spool/mail/vagrant", 28 | "PATH": "/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/vagrant/.local/bin:/home/vagrant/bin", 29 | "PWD": "/home/vagrant", 30 | "SELINUX_LEVEL_REQUESTED": "", 31 | "SELINUX_ROLE_REQUESTED": "", 32 | "SELINUX_USE_CURRENT_RANGE": "", 33 | "SHELL": "/bin/bash", 34 | "SHLVL": "3", 35 | "SSH_CLIENT": "10.0.2.2 9138 22", 36 | "SSH_CONNECTION": "10.0.2.2 9138 10.0.2.15 22", 37 | "SSH_TTY": "/dev/pts/0", 38 | "TERM": "xterm-256color", 39 | "USER": "vagrant", 40 | "XDG_RUNTIME_DIR": "/run/user/1000", 41 | "XDG_SESSION_ID": "29", 42 | "_": "/usr/bin/python2", 43 | "http_proxy": "http://proxy.example.com:8080" 44 | } 45 | } 46 | 47 | PLAY RECAP *************************************************************************************************************************************** 48 | localhost : ok=4 changed=1 unreachable=0 failed=0 -------------------------------------------------------------------------------- /app/C.plabybook_options/environment/env.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Environment 3 | hosts: localhost 4 | 5 | environment: 6 | PATH: "{{ ansible_env.PATH }}:Custome(ex: JAVA)/PATH/Location" 7 | http_proxy: http://proxy.example.com:8080 8 | 9 | tasks: 10 | - name: echo $PATH 11 | shell: echo $PATH 12 | register: PATH 13 | 14 | - name: show $PATH 15 | debug: 16 | msg: "{{ PATH.stdout }}" 17 | 18 | - name: show env_all_n_proxy 19 | debug: 20 | msg: "{{ ansible_env }}" -------------------------------------------------------------------------------- /app/C.plabybook_options/fact_path/ansible_tmp/(OR) date_and_time.fact: -------------------------------------------------------------------------------- 1 | {"date" : "Mon Jul 30 22:42:28 UTC 2018"} -------------------------------------------------------------------------------- /app/C.plabybook_options/fact_path/ansible_tmp/date_and_time.fact: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | DATE=`date` 3 | echo "{\"date\" : \"${DATE}\"}" -------------------------------------------------------------------------------- /app/C.plabybook_options/fact_path/custom_fact.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: custom facts 3 | hosts: localhost 4 | fact_path: ./ansible_tmp/ 5 | 6 | tasks: 7 | - name: show 8 | debug: 9 | var: ansible_local.date_and_time -------------------------------------------------------------------------------- /app/C.plabybook_options/force_handlers/force_handlers.output: -------------------------------------------------------------------------------- 1 | [vagrant@ansible-server ~]$ anp force_handlers.yml 2 | 3 | PLAY [localhost] *************************************************************** 4 | 5 | TASK [Gathering Facts] ********************************************************* 6 | ok: [localhost] 7 | 8 | TASK [install tree] ************************************************************ 9 | changed: [localhost] 10 | 11 | TASK [install unknown package] ************************************************* 12 | fatal: [localhost]: FAILED! => {"changed": false, "msg": "No package matching 'treeppp' found available, installed or updated", "rc": 126, "results": ["No package matching 'treeppp' found available, installed or updated"]} 13 | 14 | RUNNING HANDLER [handler_status] *********************************************** 15 | to retry, use: --limit @/home/vagrant/force_handlers.retry 16 | 17 | PLAY RECAP ********************************************************************* 18 | localhost : ok=2 changed=1 unreachable=0 failed=1 19 | 20 | [vagrant@ansible-server ~]$ 21 | [vagrant@ansible-server ~]$ 22 | [vagrant@ansible-server ~]$ sudo yum remove tree -y 23 | Loaded plugins: fastestmirror 24 | Resolving Dependencies 25 | --> Running transaction check 26 | ---> Package tree.x86_64 0:1.6.0-10.el7 will be erased 27 | --> Finished Dependency Resolution 28 | 29 | Dependencies Resolved 30 | 31 | ================================================================================ 32 | Package Arch Version Repository Size 33 | ================================================================================ 34 | Removing: 35 | tree x86_64 1.6.0-10.el7 @base 87 k 36 | 37 | Transaction Summary 38 | ================================================================================ 39 | Remove 1 Package 40 | 41 | Installed size: 87 k 42 | Downloading packages: 43 | Running transaction check 44 | Running transaction test 45 | Transaction test succeeded 46 | Running transaction 47 | Erasing : tree-1.6.0-10.el7.x86_64 1/1 48 | Verifying : tree-1.6.0-10.el7.x86_64 1/1 49 | 50 | Removed: 51 | tree.x86_64 0:1.6.0-10.el7 52 | 53 | Complete! 54 | [vagrant@ansible-server ~]$ 55 | [vagrant@ansible-server ~]$ 56 | [vagrant@ansible-server ~]$ 57 | [vagrant@ansible-server ~]$ #change hanlder option 58 | [vagrant@ansible-server ~]$ 59 | [vagrant@ansible-server ~]$ vi force_handlers.yml 60 | [vagrant@ansible-server ~]$ 61 | [vagrant@ansible-server ~]$ 62 | [vagrant@ansible-server ~]$ anp force_handlers.yml 63 | 64 | PLAY [localhost] *************************************************************** 65 | 66 | TASK [Gathering Facts] ********************************************************* 67 | ok: [localhost] 68 | 69 | TASK [install tree] ************************************************************ 70 | changed: [localhost] 71 | 72 | TASK [install unknown package] ************************************************* 73 | fatal: [localhost]: FAILED! => {"changed": false, "msg": "No package matching 'treeppp' found available, installed or updated", "rc": 126, "results": ["No package matching 'treeppp' found available, installed or updated"]} 74 | 75 | RUNNING HANDLER [handler_status] *********************************************** 76 | ok: [localhost] => { 77 | "msg": "handler on" 78 | } 79 | to retry, use: --limit @/home/vagrant/force_handlers.retry 80 | 81 | PLAY RECAP ********************************************************************* 82 | localhost : ok=3 changed=1 unreachable=0 failed=1 83 | 84 | [vagrant@ansible-server ~]$ -------------------------------------------------------------------------------- /app/C.plabybook_options/force_handlers/force_handlers.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | # force_handlers: yes 4 | become: true 5 | 6 | tasks: 7 | - name: install tree 8 | yum: name=tree state=present 9 | notify: handler_status 10 | 11 | - name: install unknown package 12 | yum: name=treeppp state=present 13 | 14 | handlers: 15 | - name: handler_status 16 | debug: 17 | msg: "handler on" -------------------------------------------------------------------------------- /app/C.plabybook_options/module_defaults/default.output: -------------------------------------------------------------------------------- 1 | [vagrant@ansible-server ~]$ anp default.yml 2 | 3 | PLAY [localhost] *************************************************************** 4 | 5 | TASK [Gathering Facts] ********************************************************* 6 | ok: [localhost] 7 | 8 | TASK [file] ******************************************************************** 9 | changed: [localhost] 10 | 11 | TASK [file] ******************************************************************** 12 | changed: [localhost] 13 | 14 | TASK [file] ******************************************************************** 15 | changed: [localhost] 16 | 17 | PLAY RECAP ********************************************************************* 18 | localhost : ok=4 changed=3 unreachable=0 failed=0 19 | 20 | [vagrant@ansible-server ~]$ ls -rlt /tmp 21 | total 0 22 | drwx------. 3 root root 17 Jul 26 05:57 systemd-private-863c6615b822417188d786cab167ef9f-chronyd.service-CLOkQs 23 | drwx------. 3 root root 17 Jul 27 00:36 systemd-private-813f0647d2f84d4db8f5737333f32f20-chronyd.service-uqhLow 24 | -rwxr-xr-x. 1 vagrant vagrant 0 Aug 1 07:30 file1 25 | -rwxr-xr-x. 1 vagrant vagrant 0 Aug 1 07:30 file2 26 | -rwxr-xr-x. 1 vagrant vagrant 0 Aug 1 07:30 file3 -------------------------------------------------------------------------------- /app/C.plabybook_options/module_defaults/default.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | become: yes 4 | module_defaults: 5 | file: 6 | owner: vagrant 7 | group: vagrant 8 | mode: 0755 9 | tasks: 10 | - file: 11 | state: touch 12 | path: /tmp/file1 13 | - file: 14 | state: touch 15 | path: /tmp/file2 16 | - file: 17 | state: touch 18 | path: /tmp/file3 -------------------------------------------------------------------------------- /ch2/Download CentOS.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://www.centos.org/download/ 3 | -------------------------------------------------------------------------------- /ch2/Downloads – Oracle VM VirtualBox.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://www.virtualbox.org/wiki/Downloads 3 | -------------------------------------------------------------------------------- /ch2/File Permission 0644 for Mac Linux and Unix - File Permissions.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=http://www.filepermissions.com/file-permission/0644 3 | -------------------------------------------------------------------------------- /ch2/ansible 2.4.2.0_w_cfg_n_hosts/hosts: -------------------------------------------------------------------------------- 1 | # This is the default ansible 'hosts' file. 2 | # 3 | # It should live in /etc/ansible/hosts 4 | # 5 | # - Comments begin with the '#' character 6 | # - Blank lines are ignored 7 | # - Groups of hosts are delimited by [header] elements 8 | # - You can enter hostnames or ip addresses 9 | # - A hostname/ip can be a member of multiple groups 10 | 11 | # Ex 1: Ungrouped hosts, specify before any group headers. 12 | 13 | ## green.example.com 14 | ## blue.example.com 15 | ## 192.168.100.1 16 | ## 192.168.100.10 17 | 18 | # Ex 2: A collection of hosts belonging to the 'webservers' group 19 | 20 | ## [webservers] 21 | ## alpha.example.org 22 | ## beta.example.org 23 | ## 192.168.1.100 24 | ## 192.168.1.110 25 | 26 | # If you have multiple hosts following a pattern you can specify 27 | # them like this: 28 | 29 | ## www[001:006].example.com 30 | 31 | # Ex 3: A collection of database servers in the 'dbservers' group 32 | 33 | ## [dbservers] 34 | ## 35 | ## db01.intranet.mydomain.net 36 | ## db02.intranet.mydomain.net 37 | ## 10.25.1.56 38 | ## 10.25.1.57 39 | 40 | # Here's another example of host ranges, this time there are no 41 | # leading 0s: 42 | 43 | ## db-[99:101]-node.example.com 44 | 45 | [nginx] 46 | 192.168.1.11 47 | 192.168.1.12 48 | 192.168.1.13 49 | -------------------------------------------------------------------------------- /ch2/nginx_install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install nginx on linux 3 | hosts: nginx 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: install epel-release 8 | yum: name=epel-release state=latest 9 | - name: install nginx web server 10 | yum: name=nginx state=present 11 | - name: upload default index.html for web server 12 | get_url: url=https://www.nginx.com dest=/usr/share/nginx/html/ mode=0644 13 | - name: start nginx web server 14 | service: name=nginx state=started 15 | -------------------------------------------------------------------------------- /ch3/3.1.1/Download - Vagrant by HashiCorp.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://www.vagrantup.com/downloads.html 3 | -------------------------------------------------------------------------------- /ch3/3.1.3/Available Vagrant Plugins · hashicorp-vagrant Wiki.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://github.com/hashicorp/vagrant/wiki/Available-Vagrant-Plugins 3 | -------------------------------------------------------------------------------- /ch3/3.1.3/Discover Vagrant Boxes - Vagrant Cloud.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://app.vagrantup.com/boxes/search 3 | -------------------------------------------------------------------------------- /ch3/3.1.3/Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | # All Vagrant configuration is done below. The "2" in Vagrant.configure 5 | # configures the configuration version (we support older styles for 6 | # backwards compatibility). Please don't change it unless you know what 7 | # you're doing. 8 | Vagrant.configure("2") do |config| 9 | # The most common configuration options are documented and commented below. 10 | # For a complete reference, please see the online documentation at 11 | # https://docs.vagrantup.com. 12 | 13 | # Every Vagrant development environment requires a box. You can search for 14 | # boxes at https://vagrantcloud.com/search. 15 | config.vm.box = "centos/7" 16 | 17 | # Disable automatic box update checking. If you disable this, then 18 | # boxes will only be checked for updates when the user runs 19 | # `vagrant box outdated`. This is not recommended. 20 | # config.vm.box_check_update = false 21 | 22 | # Create a forwarded port mapping which allows access to a specific port 23 | # within the machine from a port on the host machine. In the example below, 24 | # accessing "localhost:8080" will access port 80 on the guest machine. 25 | # NOTE: This will enable public access to the opened port 26 | # config.vm.network "forwarded_port", guest: 80, host: 8080 27 | 28 | # Create a forwarded port mapping which allows access to a specific port 29 | # within the machine from a port on the host machine and only allow access 30 | # via 127.0.0.1 to disable public access 31 | # config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1" 32 | 33 | # Create a private network, which allows host-only access to the machine 34 | # using a specific IP. 35 | # config.vm.network "private_network", ip: "192.168.33.10" 36 | 37 | # Create a public network, which generally matched to bridged network. 38 | # Bridged networks make the machine appear as another physical device on 39 | # your network. 40 | # config.vm.network "public_network" 41 | 42 | # Share an additional folder to the guest VM. The first argument is 43 | # the path on the host to the actual folder. The second argument is 44 | # the path on the guest to mount the folder. And the optional third 45 | # argument is a set of non-required options. 46 | # config.vm.synced_folder "../data", "/vagrant_data" 47 | 48 | # Provider-specific configuration so you can fine-tune various 49 | # backing providers for Vagrant. These expose provider-specific options. 50 | # Example for VirtualBox: 51 | # 52 | # config.vm.provider "virtualbox" do |vb| 53 | # # Display the VirtualBox GUI when booting the machine 54 | # vb.gui = true 55 | # 56 | # # Customize the amount of memory on the VM: 57 | # vb.memory = "1024" 58 | # end 59 | # 60 | # View the documentation for the provider you are using for more 61 | # information on available options. 62 | 63 | # Enable provisioning with a shell script. Additional provisioners such as 64 | # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the 65 | # documentation for more information about their specific syntax and use. 66 | # config.vm.provision "shell", inline: <<-SHELL 67 | # apt-get update 68 | # apt-get install -y apache2 69 | # SHELL 70 | end 71 | -------------------------------------------------------------------------------- /ch3/3.2.1/SMB - Synced Folders - Vagrant by HashiCorp.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://www.vagrantup.com/docs/synced-folders/smb.html 3 | -------------------------------------------------------------------------------- /ch3/3.2.1/Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | #================# 5 | # Ansible Server # 6 | #================# 7 | 8 | Vagrant.configure("2") do |config| 9 | config.vm.define "ansible-server" do |cfg| 10 | cfg.vm.box = "centos/7" # '='가 필수적으로 필요 11 | cfg.vm.provider "virtualbox" do |vb| 12 | vb.name = "Ansible-Server(github_SysNet4Admin)" # '='가 필수적으로 필요 13 | end 14 | cfg.vm.host_name = "ansible-server" # '='가 필수적으로 필요 15 | cfg.vm.network "public_network", ip: "192.168.1.10" 16 | cfg.vm.network "forwarded_port", guest: 22, host: 60010, auto_correct: true, id: "ssh" 17 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 18 | end 19 | end -------------------------------------------------------------------------------- /ch3/3.2.2/Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | #================# 5 | # Ansible Server # 6 | #================# 7 | 8 | Vagrant.configure("2") do |config| 9 | config.vm.define "ansible-server" do |cfg| 10 | cfg.vm.box = "centos/7" 11 | cfg.vm.provider "virtualbox" do |vb| 12 | vb.name = "Ansible-Server(github_SysNet4Admin)" 13 | end 14 | cfg.vm.host_name = "ansible-server" 15 | cfg.vm.network "public_network", ip: "192.168.1.10" 16 | cfg.vm.network "forwarded_port", guest: 22, host: 60010, auto_correct: true, id: "ssh" 17 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 18 | cfg.vm.provision "shell", inline: "yum install epel-release -y" 19 | cfg.vm.provision "shell", inline: "yum install ansible -y" 20 | end 21 | end 22 | -------------------------------------------------------------------------------- /ch3/3.2.3/Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | #================# 5 | # Ansible Server # 6 | #================# 7 | 8 | Vagrant.configure("2") do |config| 9 | config.vm.define "ansible-server" do |cfg| 10 | cfg.vm.box = "centos/7" 11 | cfg.vm.provider "virtualbox" do |vb| 12 | vb.name = "Ansible-Server(github_SysNet4Admin)" 13 | end 14 | cfg.vm.host_name = "ansible-server" 15 | cfg.vm.network "public_network", ip: "192.168.1.10" 16 | cfg.vm.network "forwarded_port", guest: 22, host: 60010, auto_correct: true, id: "ssh" 17 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 18 | cfg.vm.provision "shell", inline: "yum install epel-release -y" 19 | cfg.vm.provision "shell", inline: "yum install ansible -y" 20 | cfg.vm.provision "file", source: "ansible_env_ready.yml", 21 | destination: "ansible_env_ready.yml" 22 | cfg.vm.provision "shell", inline: "ansible-playbook ansible_env_ready.yml" 23 | end 24 | end 25 | -------------------------------------------------------------------------------- /ch3/3.2.3/ansible_env_ready.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for the Ansible's Environment 3 | hosts: localhost 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: Create vim env's directories & files 8 | shell: "{{ item }}" 9 | with_items: 10 | - "mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle" 11 | - "touch /home/vagrant/.vimrc" 12 | - "touch /home/vagrant/.bashrc" 13 | 14 | - name: Install vim-enhanced 15 | yum: 16 | name: vim-enhanced 17 | state: present 18 | 19 | - name: Install git 20 | yum: 21 | name: git 22 | state: present 23 | 24 | - name: Download pathogen.vim 25 | shell: "curl -fLo /home/vagrant/.vim/autoload/pathogen.vim 26 | https://tpo.pe/pathogen.vim" 27 | 28 | - name: Git clone vim-ansible-yaml 29 | git: 30 | repo: https://github.com/chase/vim-ansible-yaml.git 31 | dest: /home/vagrant/.vim/bundle/vim-ansible-yaml 32 | 33 | - name: Configure vimrc 34 | lineinfile: 35 | path: /home/vagrant/.vimrc 36 | line: "{{ item }}" 37 | with_items: 38 | - "set number" 39 | - "execute pathogen#infect()" 40 | - "syntax on" 41 | 42 | - name: Configure Bashrc 43 | lineinfile: 44 | path: /home/vagrant/.bashrc 45 | line: "{{ item }}" 46 | with_items: 47 | - "alias ans='ansible'" 48 | - "alias anp='ansible-playbook'" 49 | -------------------------------------------------------------------------------- /ch3/3.2.3/ansible_local/Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | #================# 5 | # Ansible Server # 6 | #================# 7 | 8 | Vagrant.configure("2") do |config| 9 | config.vm.define "ansible-server" do |cfg| 10 | cfg.vm.box = "centos/7" 11 | cfg.vm.provider "virtualbox" do |vb| 12 | vb.name = "Ansible-Server(github_SysNet4Admin)" 13 | end 14 | cfg.vm.host_name = "ansible-server" 15 | cfg.vm.network "public_network", ip: "192.168.1.10" 16 | cfg.vm.network "forwarded_port", guest: 22, host: 60010, auto_correct: true, id: "ssh" 17 | cfg.vm.synced_folder ".", "/vagrant" 18 | cfg.vm.provision "shell", inline: "yum install ansible -y" 19 | cfg.vm.provision "ansible_local" do |ansible| 20 | ansible.playbook = "ansible_env_ready.yml" 21 | ansible.become = true 22 | #ansible.inventory_path = "/vagrant/inventory" 23 | #ansible.limit = "ansible-server" 24 | end 25 | end 26 | end -------------------------------------------------------------------------------- /ch3/3.2.3/ansible_local/ansible_env_ready.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for the Ansible's Environment 3 | hosts: ansible-server 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: Create vim env's directories & files 8 | shell: "{{ item }}" 9 | with_items: 10 | - "mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle" 11 | - "touch /home/vagrant/.vimrc" 12 | - "touch /home/vagrant/.bashrc" 13 | 14 | - name: Install vim-enhanced 15 | yum: 16 | name: vim-enhanced 17 | state: present 18 | 19 | - name: Install git 20 | yum: 21 | name: git 22 | state: present 23 | 24 | - name: Download pathogen.vim 25 | shell: "curl -fLo /home/vagrant/.vim/autoload/pathogen.vim 26 | https://tpo.pe/pathogen.vim" 27 | 28 | - name: Git clone vim-ansible-yaml 29 | git: 30 | repo: https://github.com/chase/vim-ansible-yaml.git 31 | dest: /home/vagrant/.vim/bundle/vim-ansible-yaml 32 | 33 | - name: Configure vimrc 34 | lineinfile: 35 | path: /home/vagrant/.vimrc 36 | line: "{{ item }}" 37 | with_items: 38 | - "set number" 39 | - "execute pathogen#infect()" 40 | - "syntax on" 41 | 42 | - name: Configure Bashrc 43 | lineinfile: 44 | path: /home/vagrant/.bashrc 45 | line: "{{ item }}" 46 | with_items: 47 | - "alias ans='ansible'" 48 | - "alias anp='ansible-playbook'" 49 | -------------------------------------------------------------------------------- /ch3/3.2.3/tpope-vim-pathogen- pathogen.vim- manage your runtimepath.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://github.com/tpope/vim-pathogen 3 | -------------------------------------------------------------------------------- /ch3/3.2.3/vagrant_provision.output: -------------------------------------------------------------------------------- 1 | c:\HashiCorp>vagrant provision 2 | ==> ansible-server: Running provisioner: shell... 3 | ansible-server: Running: inline script 4 | ansible-server: Loaded plugins: fastestmirror 5 | ansible-server: Loading mirror speeds from cached hostfile 6 | ansible-server: * base: mirror.navercorp.com 7 | ansible-server: * extras: mirror.navercorp.com 8 | ansible-server: * updates: mirror.navercorp.com 9 | ansible-server: Package ansible-2.4.2.0-2.el7.noarch already installed and latest version 10 | ansible-server: Nothing to do 11 | ==> ansible-server: Running provisioner: file... 12 | ==> ansible-server: Running provisioner: shell... 13 | ansible-server: Running: inline script 14 | ansible-server: [WARNING]: Could not match supplied host pattern, ignoring: all 15 | ansible-server: [WARNING]: provided hosts list is empty, only localhost is available 16 | ansible-server: 17 | ansible-server: PLAY [Setup for the Ansible's Environment] ************************************** 18 | ansible-server: 19 | ansible-server: TASK [Create vim env's directories & files] ************************************ 20 | ansible-server: changed: [localhost] => (item=mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle) 21 | ansible-server: changed: [localhost] => (item=touch /home/vagrant/.vimrc) 22 | ansible-server: changed: [localhost] => (item=touch /home/vagrant/.bashrc) 23 | ansible-server: 24 | ansible-server: TASK [Install vim-enhanced] **************************************************** 25 | ansible-server: [WARNING]: Consider using file module with state=directory rather than running 26 | ansible-server: mkdir 27 | ansible-server: [WARNING]: Consider using file module with state=touch rather than running 28 | ansible-server: touch 29 | ansible-server: changed: [localhost] 30 | ansible-server: 31 | ansible-server: TASK [Install git] ************************************************************* 32 | ansible-server: changed: [localhost] 33 | ansible-server: 34 | ansible-server: TASK [Download pathogen.vim] *************************************************** 35 | ansible-server: changed: [localhost] 36 | ansible-server: 37 | ansible-server: TASK [Git clone vim-ansible-yaml] ********************************************** 38 | ansible-server: [WARNING]: Consider using get_url or uri module rather than running curl 39 | ansible-server: changed: [localhost] 40 | ansible-server: 41 | ansible-server: TASK [Configure vimrc] ********************************************************* 42 | ansible-server: changed: [localhost] => (item=set number) 43 | ansible-server: changed: [localhost] => (item=execute pathogen#infect()) 44 | ansible-server: changed: [localhost] => (item=syntax on) 45 | ansible-server: 46 | ansible-server: TASK [Configure Bashrc] ******************************************************** 47 | ansible-server: changed: [localhost] => (item=alias ans='ansible') 48 | ansible-server: changed: [localhost] => (item=alias anp='ansible-playbook') 49 | ansible-server: 50 | ansible-server: PLAY RECAP ********************************************************************* 51 | ansible-server: localhost : ok=7 changed=7 unreachable=0 failed=0 52 | 53 | c:\HashiCorp> -------------------------------------------------------------------------------- /ch3/3.3.1/Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | Vagrant.configure("2") do |config| 5 | 6 | #==============# 7 | # CentOS nodes # 8 | #==============# 9 | 10 | #Ansible-Node01 11 | config.vm.define "ansible-node01" do |cfg| 12 | cfg.vm.box = "centos/7" 13 | cfg.vm.provider "virtualbox" do |vb| 14 | vb.name = "Ansible-Node01(github_SysNet4Admin)" 15 | end 16 | cfg.vm.host_name = "ansible-node01" 17 | cfg.vm.network "public_network", ip: "192.168.1.11" 18 | cfg.vm.network "forwarded_port", guest: 22, host: 60011, auto_correct: true, id: "ssh" 19 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 20 | end 21 | 22 | #Ansible-Node02 23 | config.vm.define "ansible-node02" do |cfg| 24 | cfg.vm.box = "centos/7" 25 | cfg.vm.provider "virtualbox" do |vb| 26 | vb.name = "Ansible-Node02(github_SysNet4Admin)" 27 | end 28 | cfg.vm.host_name = "ansible-node02" 29 | cfg.vm.network "public_network", ip: "192.168.1.12" 30 | cfg.vm.network "forwarded_port", guest: 22, host: 60012, auto_correct: true, id: "ssh" 31 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 32 | end 33 | 34 | #Ansible-Node03 35 | config.vm.define "ansible-node03" do |cfg| 36 | cfg.vm.box = "centos/7" 37 | cfg.vm.provider "virtualbox" do |vb| 38 | vb.name = "Ansible-Node03(github_SysNet4Admin)" 39 | end 40 | cfg.vm.host_name = "ansible-node03" 41 | cfg.vm.network "public_network", ip: "192.168.1.13" 42 | cfg.vm.network "forwarded_port", guest: 22, host: 60013, auto_correct: true, id: "ssh" 43 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 44 | end 45 | 46 | #================# 47 | # Ansible Server # 48 | #================# 49 | 50 | config.vm.define "ansible-server" do |cfg| 51 | cfg.vm.box = "centos/7" 52 | cfg.vm.provider "virtualbox" do |vb| 53 | vb.name = "Ansible-Server(github_SysNet4Admin)" 54 | end 55 | cfg.vm.host_name = "ansible-server" 56 | cfg.vm.network "public_network", ip: "192.168.1.10" 57 | cfg.vm.network "forwarded_port", guest: 22, host: 60010, auto_correct: true, id: "ssh" 58 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 59 | cfg.vm.provision "shell", inline: "yum install epel-release -y" 60 | cfg.vm.provision "shell", inline: "yum install ansible -y" 61 | cfg.vm.provision "file", source: "ansible_env_ready.yml", 62 | destination: "ansible_env_ready.yml" 63 | cfg.vm.provision "shell", inline: "ansible-playbook ansible_env_ready.yml" 64 | end 65 | end 66 | -------------------------------------------------------------------------------- /ch3/3.3.1/ansible_env_ready.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for the Ansible's Environment 3 | hosts: localhost 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: Create vim env's directories & files 8 | shell: "{{ item }}" 9 | with_items: 10 | - "mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle" 11 | - "touch /home/vagrant/.vimrc" 12 | - "touch /home/vagrant/.bashrc" 13 | 14 | - name: Install vim-enhanced 15 | yum: 16 | name: vim-enhanced 17 | state: present 18 | 19 | - name: Install git 20 | yum: 21 | name: git 22 | state: present 23 | 24 | - name: Download pathogen.vim 25 | shell: "curl -fLo /home/vagrant/.vim/autoload/pathogen.vim 26 | https://tpo.pe/pathogen.vim" 27 | 28 | - name: Git clone vim-ansible-yaml 29 | git: 30 | repo: https://github.com/chase/vim-ansible-yaml.git 31 | dest: /home/vagrant/.vim/bundle/vim-ansible-yaml 32 | 33 | - name: Configure vimrc 34 | lineinfile: 35 | path: /home/vagrant/.vimrc 36 | line: "{{ item }}" 37 | with_items: 38 | - "set number" 39 | - "execute pathogen#infect()" 40 | - "syntax on" 41 | 42 | - name: Configure Bashrc 43 | lineinfile: 44 | path: /home/vagrant/.bashrc 45 | line: "{{ item }}" 46 | with_items: 47 | - "alias ans='ansible'" 48 | - "alias anp='ansible-playbook'" 49 | -------------------------------------------------------------------------------- /ch3/3.3.2/Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | Vagrant.configure("2") do |config| 5 | 6 | #==============# 7 | # CentOS nodes # 8 | #==============# 9 | 10 | #Ansible-Node01 11 | config.vm.define "ansible-node01" do |cfg| 12 | cfg.vm.box = "centos/7" 13 | cfg.vm.provider "virtualbox" do |vb| 14 | vb.name = "Ansible-Node01(github_SysNet4Admin)" 15 | end 16 | cfg.vm.host_name = "ansible-node01" 17 | cfg.vm.network "public_network", ip: "192.168.1.11" 18 | cfg.vm.network "forwarded_port", guest: 22, host: 60011, auto_correct: true, id: "ssh" 19 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 20 | end 21 | 22 | #Ansible-Node02 23 | config.vm.define "ansible-node02" do |cfg| 24 | cfg.vm.box = "centos/7" 25 | cfg.vm.provider "virtualbox" do |vb| 26 | vb.name = "Ansible-Node02(github_SysNet4Admin)" 27 | end 28 | cfg.vm.host_name = "ansible-node02" 29 | cfg.vm.network "public_network", ip: "192.168.1.12" 30 | cfg.vm.network "forwarded_port", guest: 22, host: 60012, auto_correct: true, id: "ssh" 31 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 32 | end 33 | 34 | #Ansible-Node03 35 | config.vm.define "ansible-node03" do |cfg| 36 | cfg.vm.box = "centos/7" 37 | cfg.vm.provider "virtualbox" do |vb| 38 | vb.name = "Ansible-Node03(github_SysNet4Admin)" 39 | end 40 | cfg.vm.host_name = "ansible-node03" 41 | cfg.vm.network "public_network", ip: "192.168.1.13" 42 | cfg.vm.network "forwarded_port", guest: 22, host: 60013, auto_correct: true, id: "ssh" 43 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 44 | end 45 | 46 | #================# 47 | # Ansible Server # 48 | #================# 49 | 50 | config.vm.define "ansible-server" do |cfg| 51 | cfg.vm.box = "centos/7" 52 | cfg.vm.provider "virtualbox" do |vb| 53 | vb.name = "Ansible-Server(github_SysNet4Admin)" 54 | end 55 | cfg.vm.host_name = "ansible-server" 56 | cfg.vm.network "public_network", ip: "192.168.1.10" 57 | cfg.vm.network "forwarded_port", guest: 22, host: 60010, auto_correct: true, id: "ssh" 58 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 59 | cfg.vm.provision "shell", inline: "yum install epel-release -y" 60 | cfg.vm.provision "shell", inline: "yum install ansible -y" 61 | cfg.vm.provision "file", source: "ansible_env_ready.yml", 62 | destination: "ansible_env_ready.yml" 63 | cfg.vm.provision "shell", inline: "ansible-playbook ansible_env_ready.yml" 64 | end 65 | end 66 | -------------------------------------------------------------------------------- /ch3/3.3.2/ansible_env_ready.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for the Ansible's Environment 3 | hosts: localhost 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: Add "/etc/ansible/hosts" 8 | blockinfile: 9 | path: /etc/ansible/hosts 10 | block: | 11 | [CentOS] 12 | 192.168.1.11 13 | 192.168.1.12 14 | 192.168.1.13 15 | 16 | - name: Create vim env's directories & files 17 | shell: "{{ item }}" 18 | with_items: 19 | - "mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle" 20 | - "touch /home/vagrant/.vimrc" 21 | - "touch /home/vagrant/.bashrc" 22 | 23 | - name: Install vim-enhanced 24 | yum: 25 | name: vim-enhanced 26 | state: present 27 | 28 | - name: Install git 29 | yum: 30 | name: git 31 | state: present 32 | 33 | - name: Download pathogen.vim 34 | shell: "curl -fLo /home/vagrant/.vim/autoload/pathogen.vim 35 | https://tpo.pe/pathogen.vim" 36 | 37 | - name: Git clone vim-ansible-yaml 38 | git: 39 | repo: https://github.com/chase/vim-ansible-yaml.git 40 | dest: /home/vagrant/.vim/bundle/vim-ansible-yaml 41 | 42 | - name: Configure vimrc 43 | lineinfile: 44 | path: /home/vagrant/.vimrc 45 | line: "{{ item }}" 46 | with_items: 47 | - "set number" 48 | - "execute pathogen#infect()" 49 | - "syntax on" 50 | 51 | - name: Configure Bashrc 52 | lineinfile: 53 | path: /home/vagrant/.bashrc 54 | line: "{{ item }}" 55 | with_items: 56 | - "alias ans='ansible'" 57 | - "alias anp='ansible-playbook'" 58 | -------------------------------------------------------------------------------- /ch3/3.3.2/vagrant_provision.output: -------------------------------------------------------------------------------- 1 | c:\HashiCorp>vagrant provision 2 | ==> ansible-server: Running provisioner: shell... 3 | ansible-server: Running: inline script 4 | ansible-server: Loaded plugins: fastestmirror 5 | ansible-server: Loading mirror speeds from cached hostfile 6 | ansible-server: * base: mirror.kakao.com 7 | ansible-server: * extras: mirror.kakao.com 8 | ansible-server: * updates: mirror.kakao.com 9 | ansible-server: Package ansible-2.4.2.0-2.el7.noarch already installed and latest version 10 | ansible-server: Nothing to do 11 | ==> ansible-server: Running provisioner: file... 12 | ==> ansible-server: Running provisioner: shell... 13 | ansible-server: Running: inline script 14 | ansible-server: [WARNING]: Could not match supplied host pattern, ignoring: all 15 | ansible-server: [WARNING]: provided hosts list is empty, only localhost is available 16 | ansible-server: 17 | ansible-server: PLAY [Setup for the Ansible's Environment] ************************************** 18 | ansible-server: 19 | ansible-server: TASK [Add "/etc/ansible/hosts"] ************************************************ 20 | ansible-server: changed: [localhost] 21 | ansible-server: 22 | ansible-server: TASK [Create vim env's directories & files] ************************************ 23 | ansible-server: changed: [localhost] => (item=mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle) 24 | ansible-server: changed: [localhost] => (item=touch /home/vagrant/.vimrc) 25 | ansible-server: changed: [localhost] => (item=touch /home/vagrant/.bashrc) 26 | ansible-server: [WARNING]: Consider using file module with state=directory rather than running 27 | ansible-server: mkdir 28 | ansible-server: [WARNING]: Consider using file module with state=touch rather than running 29 | ansible-server: touch 30 | ansible-server: 31 | ansible-server: TASK [Install vim-enhanced] **************************************************** 32 | ansible-server: ok: [localhost] 33 | ansible-server: 34 | ansible-server: TASK [Install git] ************************************************************* 35 | ansible-server: ok: [localhost] 36 | ansible-server: 37 | ansible-server: TASK [Download pathogen.vim] *************************************************** 38 | ansible-server: changed: [localhost] 39 | ansible-server: [WARNING]: Consider using get_url or uri module rather than running curl 40 | ansible-server: 41 | ansible-server: TASK [Git clone vim-ansible-yaml] ********************************************** 42 | ansible-server: ok: [localhost] 43 | ansible-server: 44 | ansible-server: TASK [Configure vimrc] ********************************************************* 45 | ansible-server: ok: [localhost] => (item=set number) 46 | ansible-server: ok: [localhost] => (item=execute pathogen#infect()) 47 | ansible-server: ok: [localhost] => (item=syntax on) 48 | ansible-server: 49 | ansible-server: TASK [Configure Bashrc] ******************************************************** 50 | ansible-server: ok: [localhost] => (item=alias ans='ansible') 51 | ansible-server: ok: [localhost] => (item=alias anp='ansible-playbook') 52 | ansible-server: 53 | ansible-server: PLAY RECAP ********************************************************************* 54 | ansible-server: localhost : ok=8 changed=3 unreachable=0 failed=0 55 | 56 | c:\HashiCorp> -------------------------------------------------------------------------------- /ch3/3.3.3/Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | Vagrant.configure("2") do |config| 5 | 6 | #==============# 7 | # CentOS nodes # 8 | #==============# 9 | 10 | #Ansible-Node01 11 | config.vm.define "ansible-node01" do |cfg| 12 | cfg.vm.box = "centos/7" 13 | cfg.vm.provider "virtualbox" do |vb| 14 | vb.name = "Ansible-Node01(github_SysNet4Admin)" 15 | end 16 | cfg.vm.host_name = "ansible-node01" 17 | cfg.vm.network "public_network", ip: "192.168.1.11" 18 | cfg.vm.network "forwarded_port", guest: 22, host: 60011, auto_correct: true, id: "ssh" 19 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 20 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 21 | end 22 | 23 | #Ansible-Node02 24 | config.vm.define "ansible-node02" do |cfg| 25 | cfg.vm.box = "centos/7" 26 | cfg.vm.provider "virtualbox" do |vb| 27 | vb.name = "Ansible-Node02(github_SysNet4Admin)" 28 | end 29 | cfg.vm.host_name = "ansible-node02" 30 | cfg.vm.network "public_network", ip: "192.168.1.12" 31 | cfg.vm.network "forwarded_port", guest: 22, host: 60012, auto_correct: true, id: "ssh" 32 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 33 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 34 | end 35 | 36 | #Ansible-Node03 37 | config.vm.define "ansible-node03" do |cfg| 38 | cfg.vm.box = "centos/7" 39 | cfg.vm.provider "virtualbox" do |vb| 40 | vb.name = "Ansible-Node03(github_SysNet4Admin)" 41 | end 42 | cfg.vm.host_name = "ansible-node03" 43 | cfg.vm.network "public_network", ip: "192.168.1.13" 44 | cfg.vm.network "forwarded_port", guest: 22, host: 60013, auto_correct: true, id: "ssh" 45 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 46 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 47 | end 48 | 49 | #================# 50 | # Ansible Server # 51 | #================# 52 | 53 | config.vm.define "ansible-server" do |cfg| 54 | cfg.vm.box = "centos/7" 55 | cfg.vm.provider "virtualbox" do |vb| 56 | vb.name = "Ansible-Server(github_SysNet4Admin)" 57 | end 58 | cfg.vm.host_name = "ansible-server" 59 | cfg.vm.network "public_network", ip: "192.168.1.10" 60 | cfg.vm.network "forwarded_port", guest: 22, host: 60010, auto_correct: true, id: "ssh" 61 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 62 | cfg.vm.provision "shell", inline: "yum install epel-release -y" 63 | cfg.vm.provision "shell", inline: "yum install ansible -y" 64 | cfg.vm.provision "file", source: "ansible_env_ready.yml", 65 | destination: "ansible_env_ready.yml" 66 | cfg.vm.provision "shell", inline: "ansible-playbook ansible_env_ready.yml" 67 | end 68 | end 69 | -------------------------------------------------------------------------------- /ch3/3.3.3/ansible_env_ready.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for the Ansible's Environment 3 | hosts: localhost 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: Add "/etc/ansible/hosts" 8 | blockinfile: 9 | path: /etc/ansible/hosts 10 | block: | 11 | [CentOS] 12 | 192.168.1.11 13 | 192.168.1.12 14 | 192.168.1.13 15 | 16 | - name: Create vim env's directories & files 17 | shell: "{{ item }}" 18 | with_items: 19 | - "mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle" 20 | - "touch /home/vagrant/.vimrc" 21 | - "touch /home/vagrant/.bashrc" 22 | 23 | - name: Install vim-enhanced 24 | yum: 25 | name: vim-enhanced 26 | state: present 27 | 28 | - name: Install git 29 | yum: 30 | name: git 31 | state: present 32 | 33 | - name: Download pathogen.vim 34 | shell: "curl -fLo /home/vagrant/.vim/autoload/pathogen.vim 35 | https://tpo.pe/pathogen.vim" 36 | 37 | - name: Git clone vim-ansible-yaml 38 | git: 39 | repo: https://github.com/chase/vim-ansible-yaml.git 40 | dest: /home/vagrant/.vim/bundle/vim-ansible-yaml 41 | 42 | - name: Configure vimrc 43 | lineinfile: 44 | path: /home/vagrant/.vimrc 45 | line: "{{ item }}" 46 | with_items: 47 | - "set number" 48 | - "execute pathogen#infect()" 49 | - "syntax on" 50 | 51 | - name: Configure Bashrc 52 | lineinfile: 53 | path: /home/vagrant/.bashrc 54 | line: "{{ item }}" 55 | with_items: 56 | - "alias ans='ansible'" 57 | - "alias anp='ansible-playbook'" 58 | -------------------------------------------------------------------------------- /ch3/3.3.3/ansible_ssh_conf_4_CentOS.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Ansible_ssh_conf_4_CentOS 3 | hosts: localhost 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: PasswordAuthentication change from no to yes 8 | replace: 9 | path: /etc/ssh/sshd_config 10 | regexp: 'PasswordAuthentication no' 11 | replace: 'PasswordAuthentication yes' 12 | backup: yes 13 | - name: sshd restart to apply "PasswordAuthentication" 14 | service: 15 | name: sshd 16 | state: restarted -------------------------------------------------------------------------------- /ch3/3.3.3/bash_ssh_conf_4_CentOS.sh: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env bash 2 | 3 | now=$(date +"%m_%d_%Y") 4 | cp /etc/ssh/sshd_config /etc/ssh/sshd_config_$now.backup 5 | sed -i -e 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config 6 | systemctl restart sshd 7 | -------------------------------------------------------------------------------- /ch3/3.3.3/vagrant_provision.output: -------------------------------------------------------------------------------- 1 | c:\HashiCorp>vagrant provision 2 | ==> ansible-node01: Running provisioner: shell... 3 | ansible-node01: Running: C:/Users/HOONJO~1/AppData/Local/Temp/vagrant-shell20180407-21868-p66jr2.sh 4 | ==> ansible-node02: Running provisioner: shell... 5 | ansible-node02: Running: C:/Users/HOONJO~1/AppData/Local/Temp/vagrant-shell20180407-21868-1u9adey.sh 6 | ==> ansible-node03: Running provisioner: shell... 7 | ansible-node03: Running: C:/Users/HOONJO~1/AppData/Local/Temp/vagrant-shell20180407-21868-1qdh7uw.sh 8 | ==> ansible-server: Running provisioner: shell... 9 | ansible-server: Running: inline script 10 | ansible-server: Loaded plugins: fastestmirror 11 | ansible-server: Loading mirror speeds from cached hostfile 12 | ansible-server: * base: mirror.kakao.com 13 | ansible-server: * extras: mirror.kakao.com 14 | ansible-server: * updates: mirror.kakao.com 15 | ansible-server: Package ansible-2.4.2.0-2.el7.noarch already installed and latest version 16 | ansible-server: Nothing to do 17 | ==> ansible-server: Running provisioner: file... 18 | ==> ansible-server: Running provisioner: shell... 19 | ansible-server: Running: inline script 20 | ansible-server: 21 | ansible-server: PLAY [Setup for the Ansible's Environment] ************************************** 22 | ansible-server: 23 | ansible-server: TASK [Add "/etc/ansible/hosts"] ************************************************ 24 | ansible-server: ok: [localhost] 25 | ansible-server: 26 | ansible-server: TASK [Create vim env's directories & files] ************************************ 27 | ansible-server: changed: [localhost] => (item=mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle) 28 | ansible-server: changed: [localhost] => (item=touch /home/vagrant/.vimrc) 29 | ansible-server: changed: [localhost] => (item=touch /home/vagrant/.bashrc) 30 | ansible-server: [WARNING]: Consider using file module with state=directory rather than running 31 | ansible-server: mkdir 32 | ansible-server: [WARNING]: Consider using file module with state=touch rather than running 33 | ansible-server: touch 34 | ansible-server: 35 | ansible-server: TASK [Install vim-enhanced] **************************************************** 36 | ansible-server: ok: [localhost] 37 | ansible-server: 38 | ansible-server: TASK [Install git] ************************************************************* 39 | ansible-server: ok: [localhost] 40 | ansible-server: 41 | ansible-server: TASK [Download pathogen.vim] *************************************************** 42 | ansible-server: changed: [localhost] 43 | ansible-server: [WARNING]: Consider using get_url or uri module rather than running curl 44 | ansible-server: 45 | ansible-server: TASK [Git clone vim-ansible-yaml] ********************************************** 46 | ansible-server: ok: [localhost] 47 | ansible-server: 48 | ansible-server: TASK [Configure vimrc] ********************************************************* 49 | ansible-server: ok: [localhost] => (item=set number) 50 | ansible-server: ok: [localhost] => (item=execute pathogen#infect()) 51 | ansible-server: ok: [localhost] => (item=syntax on) 52 | ansible-server: 53 | ansible-server: TASK [Configure Bashrc] ******************************************************** 54 | ansible-server: ok: [localhost] => (item=alias ans='ansible') 55 | ansible-server: ok: [localhost] => (item=alias anp='ansible-playbook') 56 | ansible-server: 57 | ansible-server: PLAY RECAP ********************************************************************* 58 | ansible-server: localhost : ok=8 changed=2 unreachable=0 failed=0 59 | 60 | c:\HashiCorp> -------------------------------------------------------------------------------- /ch3/3.3.4/Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | Vagrant.configure("2") do |config| 5 | 6 | #==============# 7 | # CentOS nodes # 8 | #==============# 9 | 10 | #Ansible-Node01 11 | config.vm.define "ansible-node01" do |cfg| 12 | cfg.vm.box = "centos/7" 13 | cfg.vm.provider "virtualbox" do |vb| 14 | vb.name = "Ansible-Node01(github_SysNet4Admin)" 15 | end 16 | cfg.vm.host_name = "ansible-node01" 17 | cfg.vm.network "public_network", ip: "192.168.1.11" 18 | cfg.vm.network "forwarded_port", guest: 22, host: 60011, auto_correct: true, id: "ssh" 19 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 20 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 21 | end 22 | 23 | #Ansible-Node02 24 | config.vm.define "ansible-node02" do |cfg| 25 | cfg.vm.box = "centos/7" 26 | cfg.vm.provider "virtualbox" do |vb| 27 | vb.name = "Ansible-Node02(github_SysNet4Admin)" 28 | end 29 | cfg.vm.host_name = "ansible-node02" 30 | cfg.vm.network "public_network", ip: "192.168.1.12" 31 | cfg.vm.network "forwarded_port", guest: 22, host: 60012, auto_correct: true, id: "ssh" 32 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 33 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 34 | end 35 | 36 | #Ansible-Node03 37 | config.vm.define "ansible-node03" do |cfg| 38 | cfg.vm.box = "centos/7" 39 | cfg.vm.provider "virtualbox" do |vb| 40 | vb.name = "Ansible-Node03(github_SysNet4Admin)" 41 | end 42 | cfg.vm.host_name = "ansible-node03" 43 | cfg.vm.network "public_network", ip: "192.168.1.13" 44 | cfg.vm.network "forwarded_port", guest: 22, host: 60013, auto_correct: true, id: "ssh" 45 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 46 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 47 | end 48 | 49 | #================# 50 | # Ansible Server # 51 | #================# 52 | 53 | config.vm.define "ansible-server" do |cfg| 54 | cfg.vm.box = "centos/7" 55 | cfg.vm.provider "virtualbox" do |vb| 56 | vb.name = "Ansible-Server(github_SysNet4Admin)" 57 | end 58 | cfg.vm.host_name = "ansible-server" 59 | cfg.vm.network "public_network", ip: "192.168.1.10" 60 | cfg.vm.network "forwarded_port", guest: 22, host: 60010, auto_correct: true, id: "ssh" 61 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 62 | cfg.vm.provision "shell", inline: "yum install epel-release -y" 63 | cfg.vm.provision "shell", inline: "yum install ansible -y" 64 | cfg.vm.provision "file", source: "ansible_env_ready.yml", 65 | destination: "ansible_env_ready.yml" 66 | cfg.vm.provision "shell", inline: "ansible-playbook ansible_env_ready.yml" 67 | cfg.vm.provision "shell", path: "add_ssh_auth.sh", privileged: false 68 | end 69 | end 70 | -------------------------------------------------------------------------------- /ch3/3.3.4/add_ssh_auth.sh: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env bash 2 | 3 | #ssh key 생성 4 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.11 5 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.12 6 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.13 -------------------------------------------------------------------------------- /ch3/3.3.4/ansible_env_ready.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for the Ansible's Environment 3 | hosts: localhost 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: Add "/etc/ansible/hosts" 8 | blockinfile: 9 | path: /etc/ansible/hosts 10 | block: | 11 | [CentOS] 12 | 192.168.1.11 13 | 192.168.1.12 14 | 192.168.1.13 15 | 16 | - name: Install sshpass for Authentication 17 | yum: 18 | name: sshpass 19 | state: present 20 | 21 | - name: Create vim env's directories & files 22 | shell: "{{ item }}" 23 | with_items: 24 | - "mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle" 25 | - "touch /home/vagrant/.vimrc" 26 | - "touch /home/vagrant/.bashrc" 27 | 28 | - name: Install vim-enhanced 29 | yum: 30 | name: vim-enhanced 31 | state: present 32 | 33 | - name: Install git 34 | yum: 35 | name: git 36 | state: present 37 | 38 | - name: Download pathogen.vim 39 | shell: "curl -fLo /home/vagrant/.vim/autoload/pathogen.vim 40 | https://tpo.pe/pathogen.vim" 41 | 42 | - name: Git clone vim-ansible-yaml 43 | git: 44 | repo: https://github.com/chase/vim-ansible-yaml.git 45 | dest: /home/vagrant/.vim/bundle/vim-ansible-yaml 46 | 47 | - name: Configure vimrc 48 | lineinfile: 49 | path: /home/vagrant/.vimrc 50 | line: "{{ item }}" 51 | with_items: 52 | - "set number" 53 | - "execute pathogen#infect()" 54 | - "syntax on" 55 | 56 | - name: Configure Bashrc 57 | lineinfile: 58 | path: /home/vagrant/.bashrc 59 | line: "{{ item }}" 60 | with_items: 61 | - "alias ans='ansible'" 62 | - "alias anp='ansible-playbook'" 63 | -------------------------------------------------------------------------------- /ch3/3.3.4/bash_ssh_conf_4_CentOS.sh: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env bash 2 | 3 | now=$(date +"%m_%d_%Y") 4 | cp /etc/ssh/sshd_config /etc/ssh/sshd_config_$now.backup 5 | sed -i -e 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config 6 | systemctl restart sshd 7 | -------------------------------------------------------------------------------- /ch3/3.3.4/vag_reconf.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sysnet4admin/_Book_Ansible/1498199c6c2c5a0f8ef46a5aae9a616b06d0a04f/ch3/3.3.4/vag_reconf.bat -------------------------------------------------------------------------------- /ch3/3.3.4/vagrant_provision.output: -------------------------------------------------------------------------------- 1 | c:\HashiCorp>vagrant provision 2 | ==> ansible-node01: Running provisioner: shell... 3 | ansible-node01: Running: C:/Users/HOONJO~1/AppData/Local/Temp/vagrant-shell20180407-5944-1o4ipeg.sh 4 | ==> ansible-node02: Running provisioner: shell... 5 | ansible-node02: Running: C:/Users/HOONJO~1/AppData/Local/Temp/vagrant-shell20180407-5944-uum4pw.sh 6 | ==> ansible-node03: Running provisioner: shell... 7 | ansible-node03: Running: C:/Users/HOONJO~1/AppData/Local/Temp/vagrant-shell20180407-5944-110b371.sh 8 | ==> ansible-server: Running provisioner: shell... 9 | ansible-server: Running: inline script 10 | ansible-server: Loaded plugins: fastestmirror 11 | ansible-server: Loading mirror speeds from cached hostfile 12 | ansible-server: * base: mirror.kakao.com 13 | ansible-server: * extras: mirror.kakao.com 14 | ansible-server: * updates: mirror.kakao.com 15 | ansible-server: Package ansible-2.4.2.0-2.el7.noarch already installed and latest version 16 | ansible-server: Nothing to do 17 | ==> ansible-server: Running provisioner: file... 18 | ==> ansible-server: Running provisioner: shell... 19 | ansible-server: Running: inline script 20 | ansible-server: 21 | ansible-server: PLAY [Setup for the Ansible's Environment] ************************************** 22 | ansible-server: 23 | ansible-server: TASK [Add "/etc/ansible/hosts"] ************************************************ 24 | ansible-server: ok: [localhost] 25 | ansible-server: 26 | ansible-server: TASK [Install sshpass for Authentication] ************************************** 27 | ansible-server: ok: [localhost] 28 | ansible-server: 29 | ansible-server: TASK [Create vim env's directories & files] ************************************ 30 | ansible-server: changed: [localhost] => (item=mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle) 31 | ansible-server: changed: [localhost] => (item=touch /home/vagrant/.vimrc) 32 | ansible-server: changed: [localhost] => (item=touch /home/vagrant/.bashrc) 33 | ansible-server: [WARNING]: Consider using file module with state=directory rather than running 34 | ansible-server: mkdir 35 | ansible-server: [WARNING]: Consider using file module with state=touch rather than running 36 | ansible-server: touch 37 | ansible-server: 38 | ansible-server: TASK [Install vim-enhanced] **************************************************** 39 | ansible-server: ok: [localhost] 40 | ansible-server: 41 | ansible-server: TASK [Install git] ************************************************************* 42 | ansible-server: ok: [localhost] 43 | ansible-server: 44 | ansible-server: TASK [Download pathogen.vim] *************************************************** 45 | ansible-server: changed: [localhost] 46 | ansible-server: [WARNING]: Consider using get_url or uri module rather than running curl 47 | ansible-server: 48 | ansible-server: TASK [Git clone vim-ansible-yaml] ********************************************** 49 | ansible-server: ok: [localhost] 50 | ansible-server: 51 | ansible-server: TASK [Configure vimrc] ********************************************************* 52 | ansible-server: ok: [localhost] => (item=set number) 53 | ansible-server: ok: [localhost] => (item=execute pathogen#infect()) 54 | ansible-server: ok: [localhost] => (item=syntax on) 55 | ansible-server: 56 | ansible-server: TASK [Configure Bashrc] ******************************************************** 57 | ansible-server: ok: [localhost] => (item=alias ans='ansible') 58 | ansible-server: ok: [localhost] => (item=alias anp='ansible-playbook') 59 | ansible-server: 60 | ansible-server: PLAY RECAP ********************************************************************* 61 | ansible-server: localhost : ok=9 changed=2 unreachable=0 failed=0 62 | ==> ansible-server: Running provisioner: shell... 63 | ansible-server: Running: C:/Users/HOONJO~1/AppData/Local/Temp/vagrant-shell20180407-5944-1a3ssrj.sh 64 | ansible-server: Warning: Permanently added '192.168.1.11' (ECDSA) to the list of known hosts. 65 | ansible-server: Warning: Permanently added '192.168.1.12' (ECDSA) to the list of known hosts. 66 | ansible-server: Warning: Permanently added '192.168.1.13' (ECDSA) to the list of known hosts. 67 | 68 | c:\HashiCorp> -------------------------------------------------------------------------------- /ch4/4.1.1/nginx_install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install nginx on CentOS 3 | hosts: CentOS 4 | gather_facts: no 5 | become: yes 6 | 7 | tasks: 8 | - name: install epel-release 9 | yum: name=epel-release state=latest 10 | - name: install nginx web server 11 | yum: name=nginx state=present 12 | - name: upload default index.html for web server 13 | get_url: url=https://www.nginx.com dest=/usr/share/nginx/html/ mode=0644 14 | - name: start nginx web server 15 | service: name=nginx state=started -------------------------------------------------------------------------------- /ch4/4.1.1/nginx_remove.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Remove nginx on CentOS 3 | hosts: CentOS 4 | gather_facts: no 5 | become: yes 6 | 7 | tasks: 8 | - name: remove epel-release 9 | yum: name=epel-release state=absent 10 | - name: remove nginx web server 11 | yum: name=nginx state=absent -------------------------------------------------------------------------------- /ch4/4.1.2/timezone.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup CentOS timezone 3 | hosts: CentOS 4 | gather_facts: no 5 | become: yes 6 | 7 | tasks: 8 | - name: set timezone to Asia/Seoul 9 | timezone: name=Asia/Seoul 10 | 11 | -------------------------------------------------------------------------------- /ch4/4.1.3/nfs.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for nfs server 3 | hosts: localhost 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: make nfs_shared directory 8 | file: 9 | path: /home/vagrant/nfs_shared 10 | state: directory 11 | mode: 0777 12 | 13 | - name: configure /etc/exports 14 | become: yes 15 | lineinfile: 16 | path: /etc/exports 17 | line: /home/vagrant/nfs_shared 192.168.1.0/24(rw,sync) 18 | 19 | - name: nfs service restart 20 | become: yes 21 | service: 22 | name: nfs 23 | state: restarted 24 | 25 | - name: Setup for nfs clients 26 | hosts: CentOS 27 | gather_facts: no 28 | 29 | tasks: 30 | - name: make nfs_client directory 31 | file: 32 | path: /home/vagrant/nfs 33 | state: directory 34 | 35 | - name: mount point directory as client 36 | become: yes 37 | mount: 38 | path: /home/vagrant/nfs 39 | src: 192.168.1.10:/home/vagrant/nfs_shared 40 | fstype: nfs 41 | opts: nfsvers=3 42 | state: mounted 43 | -------------------------------------------------------------------------------- /ch4/4.2.1/Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | Vagrant.configure("2") do |config| 5 | 6 | #==============# 7 | # CentOS nodes # 8 | #==============# 9 | 10 | #Ansible-Node01 11 | config.vm.define "ansible-node01" do |cfg| 12 | cfg.vm.box = "centos/7" 13 | cfg.vm.provider "virtualbox" do |vb| 14 | vb.name = "Ansible-Node01(github_SysNet4Admin)" 15 | end 16 | cfg.vm.host_name = "ansible-node01" 17 | cfg.vm.network "public_network", ip: "192.168.1.11" 18 | cfg.vm.network "forwarded_port", guest: 22, host: 60011, auto_correct: true, id: "ssh" 19 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 20 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 21 | end 22 | 23 | #Ansible-Node02 24 | config.vm.define "ansible-node02" do |cfg| 25 | cfg.vm.box = "centos/7" 26 | cfg.vm.provider "virtualbox" do |vb| 27 | vb.name = "Ansible-Node02(github_SysNet4Admin)" 28 | end 29 | cfg.vm.host_name = "ansible-node02" 30 | cfg.vm.network "public_network", ip: "192.168.1.12" 31 | cfg.vm.network "forwarded_port", guest: 22, host: 60012, auto_correct: true, id: "ssh" 32 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 33 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 34 | end 35 | 36 | #Ansible-Node03 37 | config.vm.define "ansible-node03" do |cfg| 38 | cfg.vm.box = "centos/7" 39 | cfg.vm.provider "virtualbox" do |vb| 40 | vb.name = "Ansible-Node03(github_SysNet4Admin)" 41 | end 42 | cfg.vm.host_name = "ansible-node03" 43 | cfg.vm.network "public_network", ip: "192.168.1.13" 44 | cfg.vm.network "forwarded_port", guest: 22, host: 60013, auto_correct: true, id: "ssh" 45 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 46 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 47 | end 48 | 49 | #==============# 50 | # Ubuntu nodes # 51 | #==============# 52 | 53 | #Ansible-Node04 54 | config.vm.define "ansible-node04" do |cfg| 55 | cfg.vm.box = "ubuntu/trusty64" 56 | cfg.vm.provider "virtualbox" do |vb| 57 | vb.name = "Ansible-Node04(github_SysNet4Admin)" 58 | end 59 | cfg.vm.host_name = "ansible-node04" 60 | cfg.vm.network "public_network", ip: "192.168.1.14" 61 | cfg.vm.network "forwarded_port", guest: 22, host: 60014, auto_correct: true, id: "ssh" 62 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 63 | end 64 | 65 | #Ansible-Node05 66 | config.vm.define "ansible-node05" do |cfg| 67 | cfg.vm.box = "ubuntu/trusty64" 68 | cfg.vm.provider "virtualbox" do |vb| 69 | vb.name = "Ansible-Node05(github_SysNet4Admin)" 70 | end 71 | cfg.vm.host_name = "ansible-node05" 72 | cfg.vm.network "public_network", ip: "192.168.1.15" 73 | cfg.vm.network "forwarded_port", guest: 22, host: 60015, auto_correct: true, id: "ssh" 74 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 75 | end 76 | 77 | #Ansible-Node06 78 | config.vm.define "ansible-node06" do |cfg| 79 | cfg.vm.box = "ubuntu/trusty64" 80 | cfg.vm.provider "virtualbox" do |vb| 81 | vb.name = "Ansible-Node06(github_SysNet4Admin)" 82 | end 83 | cfg.vm.host_name = "ansible-node06" 84 | cfg.vm.network "public_network", ip: "192.168.1.16" 85 | cfg.vm.network "forwarded_port", guest: 22, host: 60016, auto_correct: true, id: "ssh" 86 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 87 | end 88 | 89 | 90 | #================# 91 | # Ansible Server # 92 | #================# 93 | 94 | config.vm.define "ansible-server" do |cfg| 95 | cfg.vm.box = "centos/7" 96 | cfg.vm.provider "virtualbox" do |vb| 97 | vb.name = "Ansible-Server(github_SysNet4Admin)" 98 | end 99 | cfg.vm.host_name = "ansible-server" 100 | cfg.vm.network "public_network", ip: "192.168.1.10" 101 | cfg.vm.network "forwarded_port", guest: 22, host: 60010, auto_correct: true, id: "ssh" 102 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 103 | cfg.vm.provision "shell", inline: "yum install epel-release -y" 104 | cfg.vm.provision "shell", inline: "yum install ansible -y" 105 | cfg.vm.provision "file", source: "ansible_env_ready.yml", 106 | destination: "ansible_env_ready.yml" 107 | cfg.vm.provision "shell", inline: "ansible-playbook ansible_env_ready.yml" 108 | cfg.vm.provision "shell", path: "add_ssh_auth.sh", privileged: false 109 | end 110 | end 111 | -------------------------------------------------------------------------------- /ch4/4.2.1/add_ssh_auth.sh: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env bash 2 | 3 | #ssh key 생성 4 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.11 5 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.12 6 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.13 7 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.14 8 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.15 9 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.16 -------------------------------------------------------------------------------- /ch4/4.2.1/ansible_env_ready.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for the Ansible's Environment 3 | hosts: localhost 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: Add "/etc/ansible/hosts" 8 | blockinfile: 9 | path: /etc/ansible/hosts 10 | block: | 11 | [CentOS] 12 | 192.168.1.11 13 | 192.168.1.12 14 | 192.168.1.13 15 | [Ubuntu] 16 | 192.168.1.14 17 | 192.168.1.15 18 | 192.168.1.16 19 | 20 | - name: Install sshpass for Authentication 21 | yum: 22 | name: sshpass 23 | state: present 24 | 25 | - name: Create vim env's directories & files 26 | shell: "{{ item }}" 27 | with_items: 28 | - "mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle" 29 | - "touch /home/vagrant/.vimrc" 30 | - "touch /home/vagrant/.bashrc" 31 | 32 | - name: Install vim-enhanced 33 | yum: 34 | name: vim-enhanced 35 | state: present 36 | 37 | - name: Install git 38 | yum: 39 | name: git 40 | state: present 41 | 42 | - name: Download pathogen.vim 43 | shell: "curl -fLo /home/vagrant/.vim/autoload/pathogen.vim 44 | https://tpo.pe/pathogen.vim" 45 | 46 | - name: Git clone vim-ansible-yaml 47 | git: 48 | repo: https://github.com/chase/vim-ansible-yaml.git 49 | dest: /home/vagrant/.vim/bundle/vim-ansible-yaml 50 | 51 | - name: Configure vimrc 52 | lineinfile: 53 | path: /home/vagrant/.vimrc 54 | line: "{{ item }}" 55 | with_items: 56 | - "set number" 57 | - "execute pathogen#infect()" 58 | - "syntax on" 59 | 60 | - name: Configure Bashrc 61 | lineinfile: 62 | path: /home/vagrant/.bashrc 63 | line: "{{ item }}" 64 | with_items: 65 | - "alias ans='ansible'" 66 | - "alias anp='ansible-playbook'" 67 | -------------------------------------------------------------------------------- /ch4/4.2.1/bash_ssh_conf_4_CentOS.sh: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env bash 2 | 3 | now=$(date +"%m_%d_%Y") 4 | cp /etc/ssh/sshd_config /etc/ssh/sshd_config_$now.backup 5 | sed -i -e 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config 6 | systemctl restart sshd 7 | -------------------------------------------------------------------------------- /ch4/4.2.1/vag_reconf.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sysnet4admin/_Book_Ansible/1498199c6c2c5a0f8ef46a5aae9a616b06d0a04f/ch4/4.2.1/vag_reconf.bat -------------------------------------------------------------------------------- /ch4/4.2.2/nginx_install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install nginx on CentOS 3 | hosts: CentOS 4 | gather_facts: no 5 | become: yes 6 | 7 | tasks: 8 | - name: install epel-release 9 | yum: name=epel-release state=latest 10 | - name: install nginx web server 11 | yum: name=nginx state=present 12 | - name: Upload default index.html for web server 13 | get_url: url=https://www.nginx.com dest=/usr/share/nginx/html/ mode=0644 14 | - name: Start nginx web server 15 | service: name=nginx state=started 16 | 17 | - name: Install nginx on Ubuntu 18 | hosts: Ubuntu 19 | gather_facts: no 20 | become: yes 21 | 22 | tasks: 23 | - name: install nginx web server 24 | apt: pkg=nginx state=present update_cache=yes 25 | - name: Upload default index.html for web server 26 | get_url: url=https://www.nginx.com dest=/usr/share/nginx/html/ 27 | mode=0644 validate_certs=no -------------------------------------------------------------------------------- /ch4/4.2.2/nginx_remove.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Remove nginx on CentOS 3 | hosts: CentOS 4 | gather_facts: no 5 | become: yes 6 | 7 | tasks: 8 | - name: remove epel-release 9 | yum: name=epel-release state=absent 10 | - name: remove nginx web server 11 | yum: name=nginx state=absent 12 | 13 | - name: Remove nginx on Ubuntu 14 | hosts: Ubuntu 15 | gather_facts: no 16 | become: yes 17 | 18 | tasks: 19 | - name: remove nginx web server 20 | apt: pkg=nginx state=absent autoremove=yes -------------------------------------------------------------------------------- /ch4/4.2.3/timezone.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup linux timezone 3 | hosts: CentOS:Ubuntu 4 | gather_facts: no 5 | become: yes 6 | 7 | tasks: 8 | - name: set timezone to Asia/Seoul 9 | timezone: name=Asia/Seoul -------------------------------------------------------------------------------- /ch4/4.2.4/nfs.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for nfs server 3 | hosts: localhost 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: make nfs_shared directory 8 | file: 9 | path: /home/vagrant/nfs_shared 10 | state: directory 11 | mode: 0777 12 | 13 | - name: configure /etc/exports 14 | become: yes 15 | lineinfile: 16 | path: /etc/exports 17 | line: /home/vagrant/nfs_shared 192.168.1.0/24(rw,sync) 18 | 19 | - name : nfs service restart 20 | become: yes 21 | service : 22 | name : nfs 23 | state : restarted 24 | 25 | - name: Setup for nfs clients 26 | hosts: CentOS:Ubuntu 27 | gather_facts: no 28 | 29 | tasks: 30 | - name: make nfs_client directory 31 | file: 32 | path: /home/vagrant/nfs 33 | state: directory 34 | 35 | - name: mount point directory as client 36 | become: yes 37 | mount: 38 | path: /home/vagrant/nfs 39 | src: 192.168.1.10:/home/vagrant/nfs_shared 40 | fstype: nfs 41 | opts: nfsvers=3 42 | state: mounted -------------------------------------------------------------------------------- /ch4/4.3.1/Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | Vagrant.configure("2") do |config| 5 | 6 | #==============# 7 | # CentOS nodes # 8 | #==============# 9 | 10 | #Ansible-Node01 11 | config.vm.define "ansible-node01" do |cfg| 12 | cfg.vm.box = "centos/7" 13 | cfg.vm.provider "virtualbox" do |vb| 14 | vb.name = "Ansible-Node01(github_SysNet4Admin)" 15 | end 16 | cfg.vm.host_name = "ansible-node01" 17 | cfg.vm.network "public_network", ip: "192.168.1.11" 18 | cfg.vm.network "forwarded_port", guest: 22, host: 60011, auto_correct: true, id: "ssh" 19 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 20 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 21 | end 22 | 23 | #Ansible-Node02 24 | config.vm.define "ansible-node02" do |cfg| 25 | cfg.vm.box = "centos/7" 26 | cfg.vm.provider "virtualbox" do |vb| 27 | vb.name = "Ansible-Node02(github_SysNet4Admin)" 28 | end 29 | cfg.vm.host_name = "ansible-node02" 30 | cfg.vm.network "public_network", ip: "192.168.1.12" 31 | cfg.vm.network "forwarded_port", guest: 22, host: 60012, auto_correct: true, id: "ssh" 32 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 33 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 34 | end 35 | 36 | #Ansible-Node03 37 | config.vm.define "ansible-node03" do |cfg| 38 | cfg.vm.box = "centos/7" 39 | cfg.vm.provider "virtualbox" do |vb| 40 | vb.name = "Ansible-Node03(github_SysNet4Admin)" 41 | end 42 | cfg.vm.host_name = "ansible-node03" 43 | cfg.vm.network "public_network", ip: "192.168.1.13" 44 | cfg.vm.network "forwarded_port", guest: 22, host: 60013, auto_correct: true, id: "ssh" 45 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 46 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 47 | end 48 | 49 | #==============# 50 | # Ubuntu nodes # 51 | #==============# 52 | 53 | #Ansible-Node04 54 | config.vm.define "ansible-node04" do |cfg| 55 | cfg.vm.box = "ubuntu/trusty64" 56 | cfg.vm.provider "virtualbox" do |vb| 57 | vb.name = "Ansible-Node04(github_SysNet4Admin)" 58 | end 59 | cfg.vm.host_name = "ansible-node04" 60 | cfg.vm.network "public_network", ip: "192.168.1.14" 61 | cfg.vm.network "forwarded_port", guest: 22, host: 60014, auto_correct: true, id: "ssh" 62 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 63 | end 64 | 65 | #Ansible-Node05 66 | config.vm.define "ansible-node05" do |cfg| 67 | cfg.vm.box = "ubuntu/trusty64" 68 | cfg.vm.provider "virtualbox" do |vb| 69 | vb.name = "Ansible-Node05(github_SysNet4Admin)" 70 | end 71 | cfg.vm.host_name = "ansible-node05" 72 | cfg.vm.network "public_network", ip: "192.168.1.15" 73 | cfg.vm.network "forwarded_port", guest: 22, host: 60015, auto_correct: true, id: "ssh" 74 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 75 | end 76 | 77 | #Ansible-Node06 78 | config.vm.define "ansible-node06" do |cfg| 79 | cfg.vm.box = "ubuntu/trusty64" 80 | cfg.vm.provider "virtualbox" do |vb| 81 | vb.name = "Ansible-Node06(github_SysNet4Admin)" 82 | end 83 | cfg.vm.host_name = "ansible-node06" 84 | cfg.vm.network "public_network", ip: "192.168.1.16" 85 | cfg.vm.network "forwarded_port", guest: 22, host: 60016, auto_correct: true, id: "ssh" 86 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 87 | end 88 | 89 | #==============# 90 | # Windows node # 91 | #==============# 92 | 93 | #Ansible-Node07 94 | config.vm.define "ansible-node07" do |cfg| 95 | cfg.vm.box = "sysnet4admin/Windows2016" 96 | cfg.vm.provider "virtualbox" do |vb| 97 | vb.name = "Ansible-Node07(github_SysNet4Admin)" 98 | vb.customize ['modifyvm', :id, '--clipboard', 'bidirectional'] 99 | vb.gui = false 100 | end 101 | cfg.vm.host_name = "ansible-node07" 102 | cfg.vm.network "public_network", ip: "192.168.1.17" 103 | cfg.vm.network "forwarded_port", guest: 22, host: 60017, auto_correct: true, id: "ssh" 104 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 105 | cfg.vm.provision "shell", inline: "netsh advfirewall set allprofiles state off" 106 | end 107 | 108 | #================# 109 | # Ansible Server # 110 | #================# 111 | 112 | config.vm.define "ansible-server" do |cfg| 113 | cfg.vm.box = "centos/7" 114 | cfg.vm.provider "virtualbox" do |vb| 115 | vb.name = "Ansible-Server(github_SysNet4Admin)" 116 | end 117 | cfg.vm.host_name = "ansible-server" 118 | cfg.vm.network "public_network", ip: "192.168.1.10" 119 | cfg.vm.network "forwarded_port", guest: 22, host: 60010, auto_correct: true, id: "ssh" 120 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 121 | cfg.vm.provision "shell", inline: "yum install epel-release -y" 122 | cfg.vm.provision "shell", inline: "yum install ansible -y" 123 | cfg.vm.provision "file", source: "ansible_env_ready.yml", 124 | destination: "ansible_env_ready.yml" 125 | cfg.vm.provision "shell", inline: "ansible-playbook ansible_env_ready.yml" 126 | cfg.vm.provision "shell", path: "add_ssh_auth.sh", privileged: false 127 | end 128 | end 129 | -------------------------------------------------------------------------------- /ch4/4.3.1/add_ssh_auth.sh: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env bash 2 | 3 | #ssh key 생성 4 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.11 5 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.12 6 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.13 7 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.14 8 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.15 9 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.16 -------------------------------------------------------------------------------- /ch4/4.3.1/ansible_env_ready.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for the Ansible's Environment 3 | hosts: localhost 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: Add "/etc/ansible/hosts" 8 | blockinfile: 9 | path: /etc/ansible/hosts 10 | block: | 11 | [CentOS] 12 | 192.168.1.11 13 | 192.168.1.12 14 | 192.168.1.13 15 | [Ubuntu] 16 | 192.168.1.14 17 | 192.168.1.15 18 | 192.168.1.16 19 | [Windows] 20 | 192.168.1.17 21 | 22 | - name: Install sshpass for Authentication 23 | yum: 24 | name: sshpass 25 | state: present 26 | 27 | - name: Create vim env's directories & files 28 | shell: "{{ item }}" 29 | with_items: 30 | - "mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle" 31 | - "touch /home/vagrant/.vimrc" 32 | - "touch /home/vagrant/.bashrc" 33 | 34 | - name: Install vim-enhanced 35 | yum: 36 | name: vim-enhanced 37 | state: present 38 | 39 | - name: Install git 40 | yum: 41 | name: git 42 | state: present 43 | 44 | - name: Download pathogen.vim 45 | shell: "curl -fLo /home/vagrant/.vim/autoload/pathogen.vim 46 | https://tpo.pe/pathogen.vim" 47 | 48 | - name: Git clone vim-ansible-yaml 49 | git: 50 | repo: https://github.com/chase/vim-ansible-yaml.git 51 | dest: /home/vagrant/.vim/bundle/vim-ansible-yaml 52 | 53 | - name: Configure vimrc 54 | lineinfile: 55 | path: /home/vagrant/.vimrc 56 | line: "{{ item }}" 57 | with_items: 58 | - "set number" 59 | - "execute pathogen#infect()" 60 | - "syntax on" 61 | 62 | - name: Configure Bashrc 63 | lineinfile: 64 | path: /home/vagrant/.bashrc 65 | line: "{{ item }}" 66 | with_items: 67 | - "alias ans='ansible'" 68 | - "alias anp='ansible-playbook'" 69 | -------------------------------------------------------------------------------- /ch4/4.3.1/bash_ssh_conf_4_CentOS.sh: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env bash 2 | 3 | now=$(date +"%m_%d_%Y") 4 | cp /etc/ssh/sshd_config /etc/ssh/sshd_config_$now.backup 5 | sed -i -e 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config 6 | systemctl restart sshd 7 | -------------------------------------------------------------------------------- /ch4/4.3.1/vag_reconf.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sysnet4admin/_Book_Ansible/1498199c6c2c5a0f8ef46a5aae9a616b06d0a04f/ch4/4.3.1/vag_reconf.bat -------------------------------------------------------------------------------- /ch4/4.3.2/No WinRM config on the Client Nodes/windows_env_ready.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | .NOTES 3 | Version: 1.0 4 | Author: HoonJo 5 | Creation Date: 2018.05.05 6 | Purpose/Change: env_ready_4_windows 7 | #> 8 | 9 | # winrm communicate between ans-svr n ans-node(Windows) 10 | winrm set winrm/config/service/auth '@{Basic="true"}' 11 | winrm set winrm/config/service '@{AllowUnencrypted="true"}' -------------------------------------------------------------------------------- /ch4/4.3.2/Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | Vagrant.configure("2") do |config| 5 | 6 | #==============# 7 | # CentOS nodes # 8 | #==============# 9 | 10 | #Ansible-Node01 11 | config.vm.define "ansible-node01" do |cfg| 12 | cfg.vm.box = "centos/7" 13 | cfg.vm.provider "virtualbox" do |vb| 14 | vb.name = "Ansible-Node01(github_SysNet4Admin)" 15 | end 16 | cfg.vm.host_name = "ansible-node01" 17 | cfg.vm.network "public_network", ip: "192.168.1.11" 18 | cfg.vm.network "forwarded_port", guest: 22, host: 60011, auto_correct: true, id: "ssh" 19 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 20 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 21 | end 22 | 23 | #Ansible-Node02 24 | config.vm.define "ansible-node02" do |cfg| 25 | cfg.vm.box = "centos/7" 26 | cfg.vm.provider "virtualbox" do |vb| 27 | vb.name = "Ansible-Node02(github_SysNet4Admin)" 28 | end 29 | cfg.vm.host_name = "ansible-node02" 30 | cfg.vm.network "public_network", ip: "192.168.1.12" 31 | cfg.vm.network "forwarded_port", guest: 22, host: 60012, auto_correct: true, id: "ssh" 32 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 33 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 34 | end 35 | 36 | #Ansible-Node03 37 | config.vm.define "ansible-node03" do |cfg| 38 | cfg.vm.box = "centos/7" 39 | cfg.vm.provider "virtualbox" do |vb| 40 | vb.name = "Ansible-Node03(github_SysNet4Admin)" 41 | end 42 | cfg.vm.host_name = "ansible-node03" 43 | cfg.vm.network "public_network", ip: "192.168.1.13" 44 | cfg.vm.network "forwarded_port", guest: 22, host: 60013, auto_correct: true, id: "ssh" 45 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 46 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 47 | end 48 | 49 | #==============# 50 | # Ubuntu nodes # 51 | #==============# 52 | 53 | #Ansible-Node04 54 | config.vm.define "ansible-node04" do |cfg| 55 | cfg.vm.box = "ubuntu/trusty64" 56 | cfg.vm.provider "virtualbox" do |vb| 57 | vb.name = "Ansible-Node04(github_SysNet4Admin)" 58 | end 59 | cfg.vm.host_name = "ansible-node04" 60 | cfg.vm.network "public_network", ip: "192.168.1.14" 61 | cfg.vm.network "forwarded_port", guest: 22, host: 60014, auto_correct: true, id: "ssh" 62 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 63 | end 64 | 65 | #Ansible-Node05 66 | config.vm.define "ansible-node05" do |cfg| 67 | cfg.vm.box = "ubuntu/trusty64" 68 | cfg.vm.provider "virtualbox" do |vb| 69 | vb.name = "Ansible-Node05(github_SysNet4Admin)" 70 | end 71 | cfg.vm.host_name = "ansible-node05" 72 | cfg.vm.network "public_network", ip: "192.168.1.15" 73 | cfg.vm.network "forwarded_port", guest: 22, host: 60015, auto_correct: true, id: "ssh" 74 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 75 | end 76 | 77 | #Ansible-Node06 78 | config.vm.define "ansible-node06" do |cfg| 79 | cfg.vm.box = "ubuntu/trusty64" 80 | cfg.vm.provider "virtualbox" do |vb| 81 | vb.name = "Ansible-Node06(github_SysNet4Admin)" 82 | end 83 | cfg.vm.host_name = "ansible-node06" 84 | cfg.vm.network "public_network", ip: "192.168.1.16" 85 | cfg.vm.network "forwarded_port", guest: 22, host: 60016, auto_correct: true, id: "ssh" 86 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 87 | end 88 | 89 | #==============# 90 | # Windows node # 91 | #==============# 92 | 93 | #Ansible-Node07 94 | config.vm.define "ansible-node07" do |cfg| 95 | cfg.vm.box = "sysnet4admin/windows2016" 96 | cfg.vm.provider "virtualbox" do |vb| 97 | vb.name = "Ansible-Node07(github_SysNet4Admin)" 98 | vb.customize ['modifyvm', :id, '--clipboard', 'bidirectional'] 99 | vb.gui = false 100 | end 101 | cfg.vm.host_name = "ansible-node07" 102 | cfg.vm.network "public_network", ip: "192.168.1.17" 103 | cfg.vm.network "forwarded_port", guest: 22, host: 60017, auto_correct: true, id: "ssh" 104 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 105 | cfg.vm.provision "shell", inline: "netsh advfirewall set allprofiles state off" 106 | end 107 | 108 | #================# 109 | # Ansible Server # 110 | #================# 111 | 112 | config.vm.define "ansible-server" do |cfg| 113 | cfg.vm.box = "centos/7" 114 | cfg.vm.provider "virtualbox" do |vb| 115 | vb.name = "Ansible-Server(github_SysNet4Admin)" 116 | end 117 | cfg.vm.host_name = "ansible-server" 118 | cfg.vm.network "public_network", ip: "192.168.1.10" 119 | cfg.vm.network "forwarded_port", guest: 22, host: 60010, auto_correct: true, id: "ssh" 120 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 121 | cfg.vm.provision "shell", inline: "yum install epel-release -y" 122 | cfg.vm.provision "shell", inline: "yum install ansible -y" 123 | cfg.vm.provision "file", source: "ansible_env_ready.yml", 124 | destination: "ansible_env_ready.yml" 125 | cfg.vm.provision "shell", inline: "ansible-playbook ansible_env_ready.yml" 126 | cfg.vm.provision "shell", path: "add_ssh_auth.sh", privileged: false 127 | end 128 | end 129 | -------------------------------------------------------------------------------- /ch4/4.3.2/add_ssh_auth.sh: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env bash 2 | 3 | #ssh key 생성 4 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.11 5 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.12 6 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.13 7 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.14 8 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.15 9 | sshpass -p vagrant ssh -T -o StrictHostKeyChecking=no vagrant@192.168.1.16 -------------------------------------------------------------------------------- /ch4/4.3.2/ansible_env_ready.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for the Ansible's Environment 3 | hosts: localhost 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: Add "/etc/ansible/hosts" 8 | blockinfile: 9 | path: /etc/ansible/hosts 10 | block: | 11 | [CentOS] 12 | 192.168.1.11 13 | 192.168.1.12 14 | 192.168.1.13 15 | [Ubuntu] 16 | 192.168.1.14 17 | 192.168.1.15 18 | 192.168.1.16 19 | [Windows] 20 | 192.168.1.17 ansible_connection=winrm ansible_user=vagrant ansible_port=5985 21 | 22 | ###### Add for Windows node ###### 23 | - name: Install epel-release 24 | yum: 25 | name: epel-release 26 | state: present 27 | 28 | - name: Install pip 29 | yum: 30 | name: python-pip 31 | state: present 32 | 33 | - name: Install pywinrm 34 | pip: 35 | name: pywinrm 36 | state: present 37 | ################################### 38 | 39 | - name: Install sshpass for Authentication 40 | yum: 41 | name: sshpass 42 | state: present 43 | 44 | - name: Create vim env's directories & files 45 | shell: "{{ item }}" 46 | with_items: 47 | - "mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle" 48 | - "touch /home/vagrant/.vimrc" 49 | - "touch /home/vagrant/.bashrc" 50 | 51 | - name: Install vim-enhanced 52 | yum: 53 | name: vim-enhanced 54 | state: present 55 | 56 | - name: Install git 57 | yum: 58 | name: git 59 | state: present 60 | 61 | - name: Download pathogen.vim 62 | shell: "curl -fLo /home/vagrant/.vim/autoload/pathogen.vim 63 | https://tpo.pe/pathogen.vim" 64 | 65 | - name: Git clone vim-ansible-yaml 66 | git: 67 | repo: https://github.com/chase/vim-ansible-yaml.git 68 | dest: /home/vagrant/.vim/bundle/vim-ansible-yaml 69 | 70 | - name: Configure vimrc 71 | lineinfile: 72 | path: /home/vagrant/.vimrc 73 | line: "{{ item }}" 74 | with_items: 75 | - "set number" 76 | - "execute pathogen#infect()" 77 | - "syntax on" 78 | 79 | - name: Configure Bashrc 80 | lineinfile: 81 | path: /home/vagrant/.bashrc 82 | line: "{{ item }}" 83 | with_items: 84 | - "alias ans='ansible'" 85 | - "alias anp='ansible-playbook'" 86 | -------------------------------------------------------------------------------- /ch4/4.3.2/bash_ssh_conf_4_CentOS.sh: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env bash 2 | 3 | now=$(date +"%m_%d_%Y") 4 | cp /etc/ssh/sshd_config /etc/ssh/sshd_config_$now.backup 5 | sed -i -e 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config 6 | systemctl restart sshd 7 | -------------------------------------------------------------------------------- /ch4/4.3.2/vag_reconf.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sysnet4admin/_Book_Ansible/1498199c6c2c5a0f8ef46a5aae9a616b06d0a04f/ch4/4.3.2/vag_reconf.bat -------------------------------------------------------------------------------- /ch4/4.3.3/install_chocolatey/install_chocolatey.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | .NOTES 3 | Version: 1.0 4 | Author: HoonJo 5 | Creation Date: 2018.05.05 6 | Purpose/Change: install_chocolatey 7 | #> 8 | 9 | # install chocolatey 10 | Set-ExecutionPolicy Bypass -Scope Process -Force; ` 11 | iex ((New-Object System.Net.WebClient).` 12 | DownloadString('https://chocolatey.org/install.ps1')) -------------------------------------------------------------------------------- /ch4/4.3.3/nginx_install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install nginx on CentOS 3 | hosts: CentOS 4 | gather_facts: no 5 | become: yes 6 | 7 | tasks: 8 | - name: install epel-release 9 | yum: name=epel-release state=latest 10 | - name: install nginx web server 11 | yum: name=nginx state=present 12 | - name: upload default index.html for web server 13 | get_url: url=https://www.nginx.com dest=/usr/share/nginx/html/ mode=0644 14 | - name: start nginx web server 15 | service: name=nginx state=started 16 | 17 | - name: Install nginx on Ubuntu 18 | hosts: Ubuntu 19 | gather_facts: no 20 | become: yes 21 | 22 | tasks: 23 | - name: install nginx web server 24 | apt: pkg=nginx state=present update_cache=yes 25 | - name: upload default index.html for web server 26 | get_url: url=https://www.nginx.com dest=/usr/share/nginx/html/ 27 | mode=0644 validate_certs=no 28 | 29 | - name: Install nginx on Windows 30 | hosts: Windows 31 | gather_facts: no 32 | 33 | tasks: 34 | - name: create directory 35 | win_file: 36 | path: C:\nginx 37 | state: directory 38 | - name: download nginx 39 | win_get_url: 40 | url: http://nginx.org/download/nginx-1.14.0.zip 41 | dest: C:\nginx\nginx-1.40.0.zip 42 | - name: unzip nginx 43 | win_unzip: 44 | src: C:\nginx\nginx-1.40.0.zip 45 | dest: C:\nginx 46 | delete_archive: yes 47 | - name: install NSSM 48 | win_chocolatey: 49 | name: nssm 50 | - name: download new index.html 51 | win_get_url: 52 | url: https://www.nginx.com 53 | dest: C:\nginx\nginx-1.14.0\html\index.html 54 | - name: nginx service on by NSSM 55 | win_nssm: 56 | name: nginx 57 | application: C:\nginx\nginx-1.14.0\nginx.exe 58 | state: present 59 | - name: restart nginx service 60 | win_service: 61 | name: nginx 62 | state: restarted -------------------------------------------------------------------------------- /ch4/4.3.4/timezone.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup linux timezone 3 | hosts: CentOS:Ubuntu 4 | gather_facts: no 5 | become: yes 6 | 7 | tasks: 8 | - name: set timezone to Asia/Seoul 9 | timezone: name=Asia/Seoul 10 | 11 | - name: Setup windows timezone 12 | hosts: Windows 13 | gather_facts: no 14 | 15 | tasks: 16 | - name: set timezone to 'Korea Standard Time' 17 | win_timezone: timezone='Korea Standard Time' -------------------------------------------------------------------------------- /ch4/4.3.5/nfs.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for nfs server 3 | hosts: localhost 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: make nfs_shared directory 8 | file: 9 | path: /home/vagrant/nfs_shared 10 | state: directory 11 | mode: 0777 12 | 13 | - name: configure /etc/exports 14 | become: yes 15 | lineinfile: 16 | path: /etc/exports 17 | line: /home/vagrant/nfs_shared 192.168.1.0/24(rw,sync) 18 | 19 | - name : nfs service restart 20 | become: yes 21 | service : 22 | name : nfs 23 | state : restarted 24 | 25 | - name: Setup for nfs clients 26 | hosts: CentOS:Ubuntu 27 | gather_facts: no 28 | 29 | tasks: 30 | - name: make nfs_client directory 31 | file: 32 | path: /home/vagrant/nfs 33 | state: directory 34 | 35 | - name: mount point directory as client 36 | become: yes 37 | mount: 38 | name: /home/vagrant/nfs 39 | src: 192.168.1.10:/home/vagrant/nfs_shared 40 | fstype: nfs 41 | opts: nfsvers=3 42 | state: mounted 43 | 44 | - name: Setup for nfs windows clients 45 | hosts: Windows 46 | gather_facts: no 47 | 48 | tasks: 49 | - name: mount feature on 50 | win_feature: 51 | name: NFS-Client 52 | state: present 53 | 54 | - name: mount nfs_shared 55 | win_command: net use "z:" "\\192.168.1.10/home/vagrant/nfs_shared" 56 | 57 | - name: windows reboot 58 | win_reboot: -------------------------------------------------------------------------------- /ch5/5.1.1/Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | Vagrant.configure("2") do |config| 5 | 6 | #================# 7 | # Ansible Server # 8 | #================# 9 | 10 | config.vm.define "ansible-server" do |cfg| 11 | cfg.vm.box = "centos/7" 12 | cfg.vm.provider "virtualbox" do |vb| 13 | vb.name = "Ansible-Server(github_SysNet4Admin)" 14 | end 15 | cfg.vm.host_name = "ansible-server" 16 | cfg.vm.network "public_network", ip: "192.168.1.10" 17 | cfg.vm.network "forwarded_port", guest: 22, host: 60010, auto_correct: true, id: "ssh" 18 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 19 | cfg.vm.provision "shell", inline: "yum install epel-release -y" 20 | cfg.vm.provision "shell", inline: "yum install ansible -y" 21 | cfg.vm.provision "file", source: "ansible_env_ready.yml", 22 | destination: "ansible_env_ready.yml" 23 | cfg.vm.provision "shell", inline: "ansible-playbook ansible_env_ready.yml" 24 | end 25 | end -------------------------------------------------------------------------------- /ch5/5.1.1/ansible_env_ready.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for the Ansible's Environment 3 | hosts: localhost 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: Add "/etc/ansible/hosts" 8 | blockinfile: 9 | path: /etc/ansible/hosts 10 | block: | 11 | [NXOS] 12 | 192.168.1.251 ansible_user=admin ansible_connection=network_cli ansible_network_os=nxos 13 | 192.168.1.252 ansible_user=admin ansible_connection=network_cli ansible_network_os=nxos 14 | 15 | - name: Generate sshkey 16 | become: yes 17 | become_user: vagrant 18 | shell: "{{ item }}" 19 | with_items: 20 | - "ssh-keyscan 192.168.1.251 >> ~/.ssh/known_hosts" 21 | - "ssh-keyscan 192.168.1.252 >> ~/.ssh/known_hosts" 22 | 23 | - name: Create vim env's directories & files 24 | shell: "{{ item }}" 25 | with_items: 26 | - "mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle" 27 | - "touch /home/vagrant/.vimrc" 28 | - "touch /home/vagrant/.bashrc" 29 | 30 | - name: Install vim-enhanced 31 | yum: 32 | name: vim-enhanced 33 | state: present 34 | 35 | - name: Install git 36 | yum: 37 | name: git 38 | state: present 39 | 40 | - name: Download pathogen.vim 41 | shell: "curl -fLo /home/vagrant/.vim/autoload/pathogen.vim 42 | https://tpo.pe/pathogen.vim" 43 | 44 | - name: Git clone vim-ansible-yaml 45 | git: 46 | repo: https://github.com/chase/vim-ansible-yaml.git 47 | dest: /home/vagrant/.vim/bundle/vim-ansible-yaml 48 | 49 | - name: Configure vimrc 50 | lineinfile: 51 | path: /home/vagrant/.vimrc 52 | line: "{{ item }}" 53 | with_items: 54 | - "set number" 55 | - "execute pathogen#infect()" 56 | - "syntax on" 57 | 58 | - name: Configure Bashrc 59 | lineinfile: 60 | path: /home/vagrant/.bashrc 61 | line: "{{ item }}" 62 | with_items: 63 | - "alias ans='ansible'" 64 | - "alias anp='ansible-playbook'" 65 | -------------------------------------------------------------------------------- /ch5/5.1.1/vag_reconf.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sysnet4admin/_Book_Ansible/1498199c6c2c5a0f8ef46a5aae9a616b06d0a04f/ch5/5.1.1/vag_reconf.bat -------------------------------------------------------------------------------- /ch5/5.1.2/nxos_ntp module/nxos_ntp.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup NXOS timezone with ntp configuration 3 | hosts: NXOS 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: ntp configuration 8 | nxos_ntp: 9 | server: 192.168.1.10 10 | vrf_name: management -------------------------------------------------------------------------------- /ch5/5.1.2/nxos_timezone.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup NXOS timezone with ntp configuration 3 | hosts: NXOS 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: ntp configuration 8 | nxos_config: 9 | lines: 'ntp server 192.168.1.10 use-vrf management' 10 | save_when: modified 11 | 12 | - name: timezone to UTC 9 0 13 | nxos_config: 14 | lines: 'clock timezone UTC 9 0' 15 | save_when: modified -------------------------------------------------------------------------------- /ch5/5.1.3/nxos_vlan_n_bck.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup NXOS Vlan per service 3 | hosts: NXOS 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: running-config backup before applying vlan 8 | nxos_rollback: 9 | checkpoint_file: before_vlan-config 10 | 11 | - name: apply vlan for web 12 | nxos_vlan: 13 | vlan_id: 80 14 | name: WEB 15 | 16 | - name: apply vlan for app 17 | nxos_vlan: 18 | vlan_id: 2033 19 | name: APP 20 | 21 | - name: apply vlan for DB 22 | nxos_vlan: 23 | vlan_id: 3306 24 | name: DB 25 | 26 | - name: running-config backup after applying vlan 27 | nxos_rollback: 28 | checkpoint_file: after_vlan-config -------------------------------------------------------------------------------- /ch5/5.1.4/nxos_tftp_backup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup tftp to backup NXOS's running-config 3 | hosts: localhost 4 | gather_facts: no 5 | become: yes 6 | 7 | tasks: 8 | - name: install xinetd & tftp-server 9 | yum: 10 | name: "{{ item }}" 11 | state: present 12 | with_items: 13 | - "xinetd" 14 | - "tftp-server" 15 | 16 | - name: make tftp_shared directory 17 | become: yes 18 | become_user: vagrant 19 | file: 20 | path: /home/vagrant/tftp_shared 21 | state: directory 22 | mode: 0777 23 | 24 | - name: replace tftp's config 25 | replace: 26 | path: "{{ item.path }}" 27 | regexp: "{{ item.regexp }}" 28 | replace: "{{ item.replace }}" 29 | with_items: 30 | - { path: "/etc/xinetd.d/tftp", regexp: "root", replace: "vagrant" } 31 | - { path: "/etc/xinetd.d/tftp", regexp: "-s /var/lib/tftpboot", 32 | replace: "-c -p -u vagrant -s /home/vagrant/tftp_shared" } 33 | 34 | - name: modify tftp's config 35 | lineinfile: 36 | path: /etc/xinetd.d/tftp 37 | regexp: 'disable' 38 | line: 'disable = disable' 39 | 40 | - name: modify tftp service's config 41 | replace: 42 | path: /usr/lib/systemd/system/tftp.service 43 | regexp: '-s /var/lib/tftpboot' 44 | replace: '-c -p -u vagrant -s /home/vagrant/tftp_shared' 45 | 46 | - name: selinux change to permissive on ansible-server 47 | selinux: policy=targeted state=permissive 48 | 49 | - name: service daemon restart 50 | systemd: 51 | state: restarted 52 | daemon_reload: yes 53 | name: tftp 54 | 55 | - name: xinetd service restart 56 | service: 57 | name: xinetd 58 | state: restarted 59 | 60 | 61 | - name: Request to backup NXOS's running-config 62 | hosts: NXOS 63 | gather_facts: no 64 | 65 | tasks: 66 | - name: running-config backup #1 67 | delegate_to: 192.168.1.251 68 | run_once: true 69 | nxos_command: 70 | commands: 'copy running-config tftp://192.168.1.10/n9k-running-confg#1 71 | vrf management' 72 | 73 | - name: running-config backup #2 74 | delegate_to: 192.168.1.252 75 | run_once: true 76 | nxos_command: 77 | commands: 'copy running-config tftp://192.168.1.10/n9k-running-confg#2 78 | vrf management' 79 | 80 | 81 | - name: Selinux restore on ansible-server 82 | hosts: localhost 83 | gather_facts: no 84 | become: yes 85 | tasks: 86 | - name: selinux change to enforcing 87 | selinux: policy=targeted state=enforcing -------------------------------------------------------------------------------- /ch5/5.2.1/Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | Vagrant.configure("2") do |config| 5 | 6 | #============# 7 | # VyOS Nodes # 8 | #============# 9 | 10 | #Ansible-VyOS01 11 | config.vm.define "ansible-vyos01" do |vy| 12 | vy.vm.box = "sysnet4admin/VyOS" 13 | vy.vm.provider "virtualbox" do |vb| 14 | vb.name = "Ansible-VyOS01(github_SysNet4Admin)" 15 | end 16 | vy.vm.host_name = "ansible-vyos01" 17 | vy.vm.network "public_network", ip: "192.168.1.51" 18 | vy.vm.network "forwarded_port", guest: 22, host: 60051, auto_correct: true, id: "ssh" 19 | vy.vm.network "private_network", virtualbox__intnet: "eth2", auto_config: false 20 | vy.vm.network "private_network", virtualbox__intnet: "eth3", auto_config: false 21 | vy.vm.synced_folder "../data", "/vagrant", disabled: true 22 | vy.vbguest.auto_update = false 23 | end 24 | 25 | #Ansible-VyOS02 26 | config.vm.define "ansible-vyos02" do |vy| 27 | vy.vm.box = "sysnet4admin/VyOS" 28 | vy.vm.provider "virtualbox" do |vb| 29 | vb.name = "Ansible-VyOS02(github_SysNet4Admin)" 30 | end 31 | vy.vm.host_name = "ansible-vyos02" 32 | vy.vm.network "public_network", ip: "192.168.1.52" 33 | vy.vm.network "forwarded_port", guest: 22, host: 60052, auto_correct: true, id: "ssh" 34 | vy.vm.network "private_network", virtualbox__intnet: "eth2", auto_config: false 35 | vy.vm.network "private_network", virtualbox__intnet: "eth3", auto_config: false 36 | vy.vm.synced_folder "../data", "/vagrant", disabled: true 37 | vy.vbguest.auto_update = false 38 | end 39 | 40 | #================# 41 | # Ansible Server # 42 | #================# 43 | 44 | config.vm.define "ansible-server" do |cfg| 45 | cfg.vm.box = "centos/7" 46 | cfg.vm.provider "virtualbox" do |vb| 47 | vb.name = "Ansible-Server(github_SysNet4Admin)" 48 | end 49 | cfg.vm.host_name = "ansible-server" 50 | cfg.vm.network "public_network", ip: "192.168.1.10" 51 | cfg.vm.network "forwarded_port", guest: 22, host: 60010, auto_correct: true, id: "ssh" 52 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 53 | cfg.vm.provision "shell", inline: "yum install epel-release -y" 54 | cfg.vm.provision "shell", inline: "yum install ansible -y" 55 | cfg.vm.provision "file", source: "ansible_env_ready.yml", 56 | destination: "ansible_env_ready.yml" 57 | cfg.vm.provision "shell", inline: "ansible-playbook ansible_env_ready.yml" 58 | end 59 | end 60 | -------------------------------------------------------------------------------- /ch5/5.2.1/VyOS docs/User Guide - VyOS Wiki.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://wiki.vyos.net/wiki/User_Guide 3 | -------------------------------------------------------------------------------- /ch5/5.2.1/VyOS docs/User documentation - VyOS Wiki.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://wiki.vyos.net/wiki/User_documentation 3 | -------------------------------------------------------------------------------- /ch5/5.2.1/ansible_env_ready.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for the Ansible's Environment 3 | hosts: localhost 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: Add "/etc/ansible/hosts" 8 | blockinfile: 9 | path: /etc/ansible/hosts 10 | block: | 11 | [vyos] 12 | 192.168.1.51 ansible_connection=network_cli ansible_network_os=vyos 13 | 192.168.1.52 ansible_connection=network_cli ansible_network_os=vyos 14 | 15 | - name: Generate sshkey 16 | become: yes 17 | become_user: vagrant 18 | shell: "{{ item }}" 19 | with_items: 20 | - "ssh-keyscan 192.168.1.51 >> ~/.ssh/known_hosts" 21 | - "ssh-keyscan 192.168.1.52 >> ~/.ssh/known_hosts" 22 | 23 | - name: Create vim env's directories & files 24 | shell: "{{ item }}" 25 | with_items: 26 | - "mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle" 27 | - "touch /home/vagrant/.vimrc" 28 | - "touch /home/vagrant/.bashrc" 29 | 30 | - name: Install vim-enhanced 31 | yum: 32 | name: vim-enhanced 33 | state: present 34 | 35 | - name: Install git 36 | yum: 37 | name: git 38 | state: present 39 | 40 | - name: Download pathogen.vim 41 | shell: "curl -fLo /home/vagrant/.vim/autoload/pathogen.vim 42 | https://tpo.pe/pathogen.vim" 43 | 44 | - name: Git clone vim-ansible-yaml 45 | git: 46 | repo: https://github.com/chase/vim-ansible-yaml.git 47 | dest: /home/vagrant/.vim/bundle/vim-ansible-yaml 48 | 49 | - name: Configure vimrc 50 | lineinfile: 51 | path: /home/vagrant/.vimrc 52 | line: "{{ item }}" 53 | with_items: 54 | - "set number" 55 | - "execute pathogen#infect()" 56 | - "syntax on" 57 | 58 | - name: Configure Bashrc 59 | lineinfile: 60 | path: /home/vagrant/.bashrc 61 | line: "{{ item }}" 62 | with_items: 63 | - "alias ans='ansible'" 64 | - "alias anp='ansible-playbook'" 65 | -------------------------------------------------------------------------------- /ch5/5.2.1/vag_reconf.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sysnet4admin/_Book_Ansible/1498199c6c2c5a0f8ef46a5aae9a616b06d0a04f/ch5/5.2.1/vag_reconf.bat -------------------------------------------------------------------------------- /ch5/5.2.1/vagrant_up_w_auto_config.output: -------------------------------------------------------------------------------- 1 | ansible-vyos01: This is not an error message; everything may continue to work properly, 2 | ansible-vyos01: in which case you may ignore this message. 3 | ==> ansible-vyos01: Setting hostname... 4 | ==> ansible-vyos01: Configuring and enabling network interfaces... 5 | The following SSH command responded with a non-zero exit status. 6 | Vagrant assumes that this means the command failed! 7 | 8 | /sbin/ifdown 'eth1' || true 9 | /sbin/ip addr flush dev 'eth1' 10 | /sbin/ifdown 'eth2' || true 11 | /sbin/ip addr flush dev 'eth2' 12 | /sbin/ifdown 'eth3' || true 13 | /sbin/ip addr flush dev 'eth3' 14 | # Remove any previous network modifications from the interfaces file 15 | sed -e '/^#VAGRANT-BEGIN/,$ d' /etc/network/interfaces > /tmp/vagrant-network-interfaces.pre 16 | sed -ne '/^#VAGRANT-END/,$ p' /etc/network/interfaces | tac | sed -e '/^#VAGRANT-END/,$ d' | tac > /tmp/vagrant-network-interfaces.post 17 | cat \ 18 | /tmp/vagrant-network-interfaces.pre \ 19 | /tmp/vagrant-network-entry \ 20 | /tmp/vagrant-network-interfaces.post \ 21 | > /etc/network/interfaces 22 | rm -f /tmp/vagrant-network-interfaces.pre 23 | rm -f /tmp/vagrant-network-entry 24 | rm -f /tmp/vagrant-network-interfaces.post 25 | 26 | /sbin/ifup 'eth1' 27 | /sbin/ifup 'eth2' 28 | /sbin/ifup 'eth3' 29 | 30 | Stdout from the command: 31 | 32 | 33 | 34 | Stderr from the command: 35 | 36 | /sbin/ifdown: interface eth1 not configured 37 | /sbin/ifdown: interface eth2 not configured 38 | /sbin/ifdown: interface eth3 not configured 39 | /etc/network/interfaces:20: option with empty value 40 | /sbin/ifup: couldn't read interfaces file "/etc/network/interfaces" 41 | /etc/network/interfaces:20: option with empty value 42 | /sbin/ifup: couldn't read interfaces file "/etc/network/interfaces" 43 | /etc/network/interfaces:20: option with empty value 44 | /sbin/ifup: couldn't read interfaces file "/etc/network/interfaces" -------------------------------------------------------------------------------- /ch5/5.2.1/vagrant_up_w_vbguest.output: -------------------------------------------------------------------------------- 1 | ansible-vyos01: Inserting generated public key within guest... 2 | ansible-vyos01: Removing insecure key from the guest if it's present... 3 | ansible-vyos01: Key inserted! Disconnecting and reconnecting using new SSH key... 4 | ==> ansible-vyos01: Machine booted and ready! 5 | [ansible-vyos01] No installation found. 6 | Reading package lists... 7 | Building dependency tree... 8 | Reading state information... 9 | E: Unable to locate package linux-headers-3.13.11-1-amd64-vyos 10 | E: Couldn't find any package by regex 'linux-headers-3.13.11-1-amd64-vyos' 11 | Ign http://packages.vyos.net helium Release.gpg 12 | Ign http://packages.vyos.net/vyos/ helium/main Translation-en 13 | Ign http://packages.vyos.net helium Release 14 | Err http://packages.vyos.net helium/main amd64 Packages 15 | 404 Not Found 16 | W: Failed to fetch http://packages.vyos.net/vyos/dists/helium/main/binary-amd64/Packages.gz 404 Not Found 17 | 18 | E: Some index files failed to download, they have been ignored, or old ones used instead. 19 | Reading package lists... 20 | Building dependency tree... 21 | Reading state information... 22 | E: Unable to locate package linux-headers-3.13.11-1-amd64-vyos 23 | E: Couldn't find any package by regex 'linux-headers-3.13.11-1-amd64-vyos' 24 | /etc/bash.bash_logout: line 1: /vyatta-monitor-cleanup: No such file or directory 25 | ==> ansible-vyos01: Checking for guest additions in VM... 26 | ansible-vyos01: No guest additions were detected on the base box for this VM! Guest 27 | ansible-vyos01: additions are required for forwarded ports, shared folders, host only 28 | ansible-vyos01: networking, and more. If SSH fails on this machine, please install 29 | ansible-vyos01: the guest additions and repackage the box to continue. 30 | ansible-vyos01: 31 | ansible-vyos01: This is not an error message; everything may continue to work properly, 32 | ansible-vyos01: in which case you may ignore this message. 33 | The following SSH command responded with a non-zero exit status. 34 | Vagrant assumes that this means the command failed! 35 | 36 | apt-get install -y linux-headers-`uname -r` 37 | 38 | Stdout from the command: 39 | 40 | Reading package lists... 41 | Building dependency tree... 42 | Reading state information... 43 | 44 | 45 | Stderr from the command: 46 | 47 | E: Unable to locate package linux-headers-3.13.11-1-amd64-vyos 48 | E: Couldn't find any package by regex 'linux-headers-3.13.11-1-amd64-vyos' -------------------------------------------------------------------------------- /ch5/5.2.2/Download PuTTY- latest release (0.70).url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html 3 | -------------------------------------------------------------------------------- /ch5/5.2.2/Google Code Archive - Long-term storage for Google Code Project Hosting-.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://code.google.com/archive/p/superputty/downloads 3 | -------------------------------------------------------------------------------- /ch5/5.2.2/vyos_lldp.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Config lldp service 3 | hosts: vyos 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: enable lldp service 8 | vyos_lldp: 9 | state: present 10 | 11 | - name: save running-config 12 | vyos_config: 13 | save: yes -------------------------------------------------------------------------------- /ch5/5.2.3/vyos_hostname.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Change&set the hostname 3 | hosts: vyos 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: hostname for ansible-vyos01 8 | delegate_to: 192.168.1.51 9 | run_once: true 10 | vyos_system: 11 | host_name: ansible-vyosA 12 | 13 | - name: hostname for ansible-vyos02 14 | delegate_to: 192.168.1.52 15 | run_once: true 16 | vyos_system: 17 | host_name: ansible-vyosB 18 | 19 | - name: save running-config 20 | vyos_config: 21 | save: yes -------------------------------------------------------------------------------- /ch5/5.2.4/vyos_bond.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Config link Aggregation 3 | hosts: vyos 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: make a bond interface 8 | vyos_linkagg: 9 | name: bond0 10 | members: 11 | - eth2 12 | - eth3 13 | mode: 802.3ad 14 | 15 | - name: save running-config 16 | vyos_config: 17 | save: yes -------------------------------------------------------------------------------- /ch5/5.3.1/Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | Vagrant.configure("2") do |config| 5 | 6 | #===============# 7 | # Cumulus nodes # 8 | #===============# 9 | 10 | #Ansible-Cumulus01 11 | config.vm.define "ansible-cl01" do |cl| 12 | cl.vm.box = "CumulusCommunity/cumulus-vx" 13 | cl.vm.box_version = "3.6.0" 14 | cl.vm.box_check_update = false 15 | cl.vm.provider "virtualbox" do |vb| 16 | vb.name = "Ansible-Cumulus01(github_SysNet4Admin)" 17 | vb.customize ['modifyvm', :id, '--macaddress1', '080027000061'] 18 | vb.customize ['modifyvm', :id, '--natnet1', '10.0.61.0/24'] 19 | end 20 | cl.vm.host_name = "ansible-cl01" 21 | cl.vm.network "public_network", ip: "192.168.1.61" 22 | cl.vm.network "private_network", virtualbox__intnet: "swp2", auto_config: false 23 | cl.vm.network "private_network", virtualbox__intnet: "swp3", auto_config: false 24 | cl.vm.network "private_network", virtualbox__intnet: "swp4", auto_config: false 25 | cl.vm.network "forwarded_port", guest: 22, host: 60061, auto_correct: true, id: "ssh" 26 | cl.vm.synced_folder "../data", "/vagrant", disabled: true 27 | end 28 | 29 | #Ansible-Cumulus02 30 | config.vm.define "ansible-cl02" do |cl| 31 | cl.vm.box = "CumulusCommunity/cumulus-vx" 32 | cl.vm.box_version = "3.6.0" 33 | cl.vm.box_check_update = false 34 | cl.vm.provider "virtualbox" do |vb| 35 | vb.name = "Ansible-Cumulus02(github_SysNet4Admin)" 36 | vb.customize ['modifyvm', :id, '--macaddress1', '080027000062'] 37 | vb.customize ['modifyvm', :id, '--natnet1', '10.0.62.0/24'] 38 | end 39 | cl.vm.host_name = "ansible-cl02" 40 | cl.vm.network "public_network", ip: "192.168.1.62" 41 | cl.vm.network "private_network", virtualbox__intnet: "swp2", auto_config: false 42 | cl.vm.network "private_network", virtualbox__intnet: "swp3", auto_config: false 43 | cl.vm.network "private_network", virtualbox__intnet: "swp4", auto_config: false 44 | cl.vm.network "forwarded_port", guest: 22, host: 60062, auto_correct: true, id: "ssh" 45 | cl.vm.synced_folder "../data", "/vagrant", disabled: true 46 | end 47 | 48 | #Ansible-Cumulus03 49 | config.vm.define "ansible-cl03" do |cl| 50 | cl.vm.box = "CumulusCommunity/cumulus-vx" 51 | cl.vm.box_version = "3.6.0" 52 | cl.vm.box_check_update = false 53 | cl.vm.provider "virtualbox" do |vb| 54 | vb.name = "Ansible-Cumulus03(github_SysNet4Admin)" 55 | vb.customize ['modifyvm', :id, '--macaddress1', '080027000063'] 56 | vb.customize ['modifyvm', :id, '--natnet1', '10.0.63.0/24'] 57 | end 58 | cl.vm.host_name = "ansible-cl03" 59 | cl.vm.network "public_network", ip: "192.168.1.63" 60 | cl.vm.network "private_network", virtualbox__intnet: "swp2", auto_config: false 61 | cl.vm.network "private_network", virtualbox__intnet: "swp3", auto_config: false 62 | cl.vm.network "private_network", virtualbox__intnet: "swp4", auto_config: false 63 | cl.vm.network "forwarded_port", guest: 22, host: 60063, auto_correct: true, id: "ssh" 64 | cl.vm.synced_folder "../data", "/vagrant", disabled: true 65 | end 66 | 67 | #Ansible-Cumulus04 68 | config.vm.define "ansible-cl04" do |cl| 69 | cl.vm.box = "CumulusCommunity/cumulus-vx" 70 | cl.vm.box_version = "3.6.0" 71 | cl.vm.box_check_update = false 72 | cl.vm.provider "virtualbox" do |vb| 73 | vb.name = "Ansible-Cumulus04(github_SysNet4Admin)" 74 | vb.customize ['modifyvm', :id, '--macaddress1', '080027000064'] 75 | vb.customize ['modifyvm', :id, '--natnet1', '10.0.64.0/24'] 76 | end 77 | cl.vm.host_name = "ansible-cl04" 78 | cl.vm.network "public_network", ip: "192.168.1.64" 79 | cl.vm.network "private_network", virtualbox__intnet: "swp2", auto_config: false 80 | cl.vm.network "private_network", virtualbox__intnet: "swp3", auto_config: false 81 | cl.vm.network "private_network", virtualbox__intnet: "swp4", auto_config: false 82 | cl.vm.network "forwarded_port", guest: 22, host: 60064, auto_correct: true, id: "ssh" 83 | cl.vm.synced_folder "../data", "/vagrant", disabled: true 84 | end 85 | 86 | #================# 87 | # Ansible Server # 88 | #================# 89 | 90 | config.vm.define "ansible-server" do |cfg| 91 | cfg.vm.box = "centos/7" 92 | cfg.vm.provider "virtualbox" do |vb| 93 | vb.name = "Ansible-Server(github_SysNet4Admin)" 94 | end 95 | cfg.vm.host_name = "ansible-server" 96 | cfg.vm.network "public_network", ip: "192.168.1.10" 97 | cfg.vm.network "forwarded_port", guest: 22, host: 60010, auto_correct: true, id: "ssh" 98 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 99 | cfg.vm.provision "shell", inline: "yum install epel-release -y" 100 | cfg.vm.provision "shell", inline: "yum install ansible -y" 101 | cfg.vm.provision "file", source: "ansible_env_ready.yml", 102 | destination: "ansible_env_ready.yml" 103 | cfg.vm.provision "shell", inline: "ansible-playbook ansible_env_ready.yml" 104 | end 105 | end 106 | -------------------------------------------------------------------------------- /ch5/5.3.1/ansible_env_ready.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for the Ansible's Environment 3 | hosts: localhost 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: Add "/etc/ansible/hosts" 8 | blockinfile: 9 | path: /etc/ansible/hosts 10 | block: | 11 | [spine] 12 | 192.168.1.61 13 | 192.168.1.62 14 | 15 | [leaf] 16 | 192.168.1.63 17 | 192.168.1.64 18 | 19 | [cl:children] 20 | spine 21 | leaf 22 | 23 | - name: Generate sshkey 24 | become: yes 25 | become_user: vagrant 26 | shell: "{{ item }}" 27 | with_items: 28 | - "ssh-keyscan 192.168.1.61 >> ~/.ssh/known_hosts" 29 | - "ssh-keyscan 192.168.1.62 >> ~/.ssh/known_hosts" 30 | - "ssh-keyscan 192.168.1.63 >> ~/.ssh/known_hosts" 31 | - "ssh-keyscan 192.168.1.64 >> ~/.ssh/known_hosts" 32 | 33 | - name: Create vim env's directories & files 34 | shell: "{{ item }}" 35 | with_items: 36 | - "mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle" 37 | - "touch /home/vagrant/.vimrc" 38 | - "touch /home/vagrant/.bashrc" 39 | 40 | - name: Install vim-enhanced 41 | yum: 42 | name: vim-enhanced 43 | state: present 44 | 45 | - name: Install git 46 | yum: 47 | name: git 48 | state: present 49 | 50 | - name: Download pathogen.vim 51 | shell: "curl -fLo /home/vagrant/.vim/autoload/pathogen.vim 52 | https://tpo.pe/pathogen.vim" 53 | 54 | - name: Git clone vim-ansible-yaml 55 | git: 56 | repo: https://github.com/chase/vim-ansible-yaml.git 57 | dest: /home/vagrant/.vim/bundle/vim-ansible-yaml 58 | 59 | - name: Configure vimrc 60 | lineinfile: 61 | path: /home/vagrant/.vimrc 62 | line: "{{ item }}" 63 | with_items: 64 | - "set number" 65 | - "execute pathogen#infect()" 66 | - "syntax on" 67 | 68 | - name: Configure Bashrc 69 | lineinfile: 70 | path: /home/vagrant/.bashrc 71 | line: "{{ item }}" 72 | with_items: 73 | - "alias ans='ansible'" 74 | - "alias anp='ansible-playbook'" 75 | -------------------------------------------------------------------------------- /ch5/5.3.1/cumulus's config/Configuring FRRouting - Cumulus Linux 3.4.3 - Cumulus Networks.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://docs.cumulusnetworks.com/display/CL34/Configuring+FRRouting 3 | -------------------------------------------------------------------------------- /ch5/5.3.1/cumulus's config/Create a Two-Leaf, Two-Spine Topology - Cumulus VX - Cumulus Networks.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://docs.cumulusnetworks.com/display/VX/Create+a+Two-Leaf%2C+Two-Spine+Topology 3 | -------------------------------------------------------------------------------- /ch5/5.3.1/vag_reconf.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sysnet4admin/_Book_Ansible/1498199c6c2c5a0f8ef46a5aae9a616b06d0a04f/ch5/5.3.1/vag_reconf.bat -------------------------------------------------------------------------------- /ch5/5.3.1/virtual_box's config/Chapter 8. VBoxManage.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://www.virtualbox.org/manual/ch08.html#vboxmanage-modifyvm 3 | -------------------------------------------------------------------------------- /ch5/5.3.1/virtual_box's config/Chapter 9. Advanced topics.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://www.virtualbox.org/manual/ch09.html#changenat 3 | -------------------------------------------------------------------------------- /ch5/5.3.2/cl_hostname.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Change the hostname 3 | hosts: cl 4 | gather_facts: no 5 | become: yes 6 | 7 | tasks: 8 | - name: hostname for ansible-cl01 9 | delegate_to: 192.168.1.61 10 | run_once: true 11 | nclu: 12 | commands: 13 | - add hostname ansible-spineA 14 | atomic: true 15 | 16 | - name: hostname for ansible-cl02 17 | delegate_to: 192.168.1.62 18 | run_once: true 19 | nclu: 20 | commands: 21 | - add hostname ansible-spineB 22 | atomic: true 23 | 24 | - name: hostname for ansible-cl03 25 | delegate_to: 192.168.1.63 26 | run_once: true 27 | nclu: 28 | commands: 29 | - add hostname ansible-leafA 30 | atomic: true 31 | 32 | - name: hostname for ansible-cl04 33 | delegate_to: 192.168.1.64 34 | run_once: true 35 | nclu: 36 | commands: 37 | - add hostname ansible-leafB 38 | atomic: true 39 | 40 | - name: lldp service restart 41 | service: 42 | name: lldpd 43 | state: restarted -------------------------------------------------------------------------------- /ch5/5.3.3/cl_peerlink.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Config switch virtual interface(SVI) with bonding 3 | hosts: spine 4 | gather_facts: no 5 | become: yes 6 | 7 | tasks: 8 | - name: put in config 9 | nclu: 10 | commands: 11 | - add bond bond0 bond slaves swp2,3 12 | - add bridge 13 | - add bridge bridge ports bond0 14 | - add bridge bridge vids 10 15 | - add bridge bridge pvid 1 16 | atomic: true 17 | 18 | - name: setup ip for spineA's SVI 19 | delegate_to: 192.168.1.61 20 | run_once: true 21 | nclu: 22 | commands: 23 | - add vlan 10 ip address 10.0.10.61/24 24 | atomic: true 25 | 26 | - name: setup ip for spineB's SVI 27 | delegate_to: 192.168.1.62 28 | run_once: true 29 | nclu: 30 | commands: 31 | - add vlan 10 ip address 10.0.10.62/24 32 | atomic: true 33 | -------------------------------------------------------------------------------- /ch5/5.3.4/cl_int.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Config interface for spineA 3 | hosts: 192.168.1.61 4 | gather_facts: no 5 | become: yes 6 | tasks: 7 | - name: put in config 8 | nclu: 9 | commands: 10 | - add interface swp4 ip address 10.0.101.61/24 11 | atomic: true 12 | 13 | - name: Config interface for spineB 14 | hosts: 192.168.1.62 15 | gather_facts: no 16 | become: yes 17 | tasks: 18 | - name: put in config 19 | nclu: 20 | commands: 21 | - add interface swp4 ip address 10.0.102.62/24 22 | atomic: true 23 | 24 | - name: Config interface for leafA 25 | hosts: 192.168.1.63 26 | gather_facts: no 27 | become: yes 28 | tasks: 29 | - name: put in config 30 | nclu: 31 | commands: 32 | - add interface swp4 ip address 10.0.101.63/24 33 | atomic: true 34 | 35 | - name: Config interface for leafB 36 | hosts: 192.168.1.64 37 | gather_facts: no 38 | become: yes 39 | tasks: 40 | - name: put in config 41 | nclu: 42 | commands: 43 | - add interface swp4 ip address 10.0.102.64/24 44 | atomic: true -------------------------------------------------------------------------------- /ch5/5.3.4/cl_ospf.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Config OSPF for spineA 3 | hosts: 192.168.1.61 4 | gather_facts: no 5 | become: yes 6 | tasks: 7 | - name: put in config 8 | nclu: 9 | commands: 10 | - add ospf router-id 0.0.0.61 11 | - add ospf network 10.0.0.0/16 area 0.0.0.0 12 | atomic: true 13 | 14 | - name: Config OSPF for spineB 15 | hosts: 192.168.1.62 16 | gather_facts: no 17 | become: yes 18 | tasks: 19 | - name: put in config 20 | nclu: 21 | commands: 22 | - add ospf router-id 0.0.0.62 23 | - add ospf network 10.0.0.0/16 area 0.0.0.0 24 | atomic: true 25 | 26 | - name: Config OSPF for leafA 27 | hosts: 192.168.1.63 28 | gather_facts: no 29 | become: yes 30 | tasks: 31 | - name: put in config 32 | nclu: 33 | commands: 34 | - add ospf router-id 0.0.0.63 35 | - add ospf network 10.0.0.0/16 area 0.0.0.0 36 | atomic: true 37 | 38 | - name: Config OSPF for leafB 39 | hosts: 192.168.1.64 40 | gather_facts: no 41 | become: yes 42 | tasks: 43 | - name: put in config 44 | nclu: 45 | commands: 46 | - add ospf router-id 0.0.0.64 47 | - add ospf network 10.0.0.0/16 area 0.0.0.0 48 | atomic: true -------------------------------------------------------------------------------- /ch5/5.3.4/vtysh/cl_frr.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for the frr's config 3 | hosts: cl 4 | gather_facts: no 5 | become: yes 6 | 7 | tasks: 8 | - name: modify /etc/frr/daemons 9 | replace: 10 | path: /etc/frr/daemons 11 | regexp: 'zebra=no' 12 | replace: 'zebra=yes' 13 | 14 | - name: frr service enable and restart 15 | service: 16 | name: frr 17 | enabled: yes 18 | state: restarted -------------------------------------------------------------------------------- /ch6/6.1.1/Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | Vagrant.configure("2") do |config| 5 | 6 | #==============# 7 | # CentOS nodes # 8 | #==============# 9 | 10 | #Ansible-Node101 11 | config.vm.define "ansible-node101" do |cfg| 12 | cfg.vm.box = "centos/7" 13 | cfg.vm.provider "virtualbox" do |vb| 14 | vb.name = "Ansible-Node101(github_SysNet4Admin)" 15 | end 16 | cfg.vm.host_name = "ansible-node101" 17 | cfg.vm.network "public_network", ip: "192.168.1.101" 18 | cfg.vm.network "forwarded_port", guest: 22, host: 60101, auto_correct: true, id: "ssh" 19 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 20 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 21 | end 22 | 23 | #Ansible-Node102 24 | config.vm.define "ansible-node102" do |cfg| 25 | cfg.vm.box = "centos/7" 26 | cfg.vm.provider "virtualbox" do |vb| 27 | vb.name = "Ansible-Node102(github_SysNet4Admin)" 28 | end 29 | cfg.vm.host_name = "ansible-node102" 30 | cfg.vm.network "public_network", ip: "192.168.1.102" 31 | cfg.vm.network "forwarded_port", guest: 22, host: 60102, auto_correct: true, id: "ssh" 32 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 33 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 34 | end 35 | 36 | #Ansible-Node103 37 | config.vm.define "ansible-node103" do |cfg| 38 | cfg.vm.box = "centos/7" 39 | cfg.vm.provider "virtualbox" do |vb| 40 | vb.name = "Ansible-Node103(github_SysNet4Admin)" 41 | end 42 | cfg.vm.host_name = "ansible-node103" 43 | cfg.vm.network "public_network", ip: "192.168.1.103" 44 | cfg.vm.network "forwarded_port", guest: 22, host: 60103, auto_correct: true, id: "ssh" 45 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 46 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 47 | end 48 | 49 | #Ansible-Node104 50 | config.vm.define "ansible-node104" do |cfg| 51 | cfg.vm.box = "centos/7" 52 | cfg.vm.provider "virtualbox" do |vb| 53 | vb.name = "Ansible-Node104(github_SysNet4Admin)" 54 | end 55 | cfg.vm.host_name = "ansible-node104" 56 | cfg.vm.network "public_network", ip: "192.168.1.104" 57 | cfg.vm.network "forwarded_port", guest: 22, host: 60104, auto_correct: true, id: "ssh" 58 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 59 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 60 | end 61 | 62 | #Ansible-Node105 63 | config.vm.define "ansible-node105" do |cfg| 64 | cfg.vm.box = "centos/7" 65 | cfg.vm.provider "virtualbox" do |vb| 66 | vb.name = "Ansible-Node105(github_SysNet4Admin)" 67 | end 68 | cfg.vm.host_name = "ansible-node105" 69 | cfg.vm.network "public_network", ip: "192.168.1.105" 70 | cfg.vm.network "forwarded_port", guest: 22, host: 60105, auto_correct: true, id: "ssh" 71 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 72 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 73 | end 74 | 75 | 76 | #==============# 77 | # Ubuntu nodes # 78 | #==============# 79 | 80 | #Ansible-Node201 81 | config.vm.define "ansible-node201" do |cfg| 82 | cfg.vm.box = "ubuntu/trusty64" 83 | cfg.vm.provider "virtualbox" do |vb| 84 | vb.name = "Ansible-Node201(github_SysNet4Admin)" 85 | end 86 | cfg.vm.host_name = "ansible-node201" 87 | cfg.vm.network "public_network", ip: "192.168.1.201" 88 | cfg.vm.network "forwarded_port", guest: 22, host: 60201, auto_correct: true, id: "ssh" 89 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 90 | end 91 | 92 | #Ansible-Node202 93 | config.vm.define "ansible-node202" do |cfg| 94 | cfg.vm.box = "ubuntu/trusty64" 95 | cfg.vm.provider "virtualbox" do |vb| 96 | vb.name = "Ansible-Node202(github_SysNet4Admin)" 97 | end 98 | cfg.vm.host_name = "ansible-node202" 99 | cfg.vm.network "public_network", ip: "192.168.1.202" 100 | cfg.vm.network "forwarded_port", guest: 22, host: 60202, auto_correct: true, id: "ssh" 101 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 102 | end 103 | 104 | #Ansible-Node203 105 | config.vm.define "ansible-node203" do |cfg| 106 | cfg.vm.box = "ubuntu/trusty64" 107 | cfg.vm.provider "virtualbox" do |vb| 108 | vb.name = "Ansible-Node203(github_SysNet4Admin)" 109 | end 110 | cfg.vm.host_name = "ansible-node203" 111 | cfg.vm.network "public_network", ip: "192.168.1.203" 112 | cfg.vm.network "forwarded_port", guest: 22, host: 60203, auto_correct: true, id: "ssh" 113 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 114 | end 115 | 116 | #Ansible-Node204 117 | config.vm.define "ansible-node204" do |cfg| 118 | cfg.vm.box = "ubuntu/trusty64" 119 | cfg.vm.provider "virtualbox" do |vb| 120 | vb.name = "Ansible-Node204(github_SysNet4Admin)" 121 | end 122 | cfg.vm.host_name = "ansible-node204" 123 | cfg.vm.network "public_network", ip: "192.168.1.204" 124 | cfg.vm.network "forwarded_port", guest: 22, host: 60204, auto_correct: true, id: "ssh" 125 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 126 | end 127 | 128 | #Ansible-Node205 129 | config.vm.define "ansible-node205" do |cfg| 130 | cfg.vm.box = "ubuntu/trusty64" 131 | cfg.vm.provider "virtualbox" do |vb| 132 | vb.name = "Ansible-Node205(github_SysNet4Admin)" 133 | end 134 | cfg.vm.host_name = "ansible-node205" 135 | cfg.vm.network "public_network", ip: "192.168.1.205" 136 | cfg.vm.network "forwarded_port", guest: 22, host: 60205, auto_correct: true, id: "ssh" 137 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 138 | end 139 | 140 | 141 | #================# 142 | # Ansible Server # 143 | #================# 144 | 145 | config.vm.define "ansible-server" do |cfg| 146 | cfg.vm.box = "centos/7" 147 | cfg.vm.provider "virtualbox" do |vb| 148 | vb.name = "Ansible-Server(github_SysNet4Admin)" 149 | end 150 | cfg.vm.host_name = "ansible-server" 151 | cfg.vm.network "public_network", ip: "192.168.1.10" 152 | cfg.vm.network "forwarded_port", guest: 22, host: 60010, auto_correct: true, id: "ssh" 153 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 154 | cfg.vm.provision "shell", inline: "yum install epel-release -y" 155 | cfg.vm.provision "shell", inline: "yum install ansible -y" 156 | cfg.vm.provision "file", source: "ansible_env_ready.yml", 157 | destination: "ansible_env_ready.yml" 158 | cfg.vm.provision "shell", inline: "ansible-playbook ansible_env_ready.yml" 159 | end 160 | end -------------------------------------------------------------------------------- /ch6/6.1.1/ansible_env_ready.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for the Ansible's Environment 3 | hosts: localhost 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: Add "/etc/ansible/hosts" 8 | blockinfile: 9 | path: /etc/ansible/hosts 10 | block: | 11 | [nodes] 12 | 192.168.1.[101:105] 13 | 192.168.1.[201:205] 14 | 15 | - name: Generate sshkey 16 | become: yes 17 | become_user: vagrant 18 | shell: "{{ item }}" 19 | with_items: 20 | - "ssh-keyscan 192.168.1.101 >> ~/.ssh/known_hosts" 21 | - "ssh-keyscan 192.168.1.102 >> ~/.ssh/known_hosts" 22 | - "ssh-keyscan 192.168.1.103 >> ~/.ssh/known_hosts" 23 | - "ssh-keyscan 192.168.1.104 >> ~/.ssh/known_hosts" 24 | - "ssh-keyscan 192.168.1.105 >> ~/.ssh/known_hosts" 25 | - "ssh-keyscan 192.168.1.201 >> ~/.ssh/known_hosts" 26 | - "ssh-keyscan 192.168.1.202 >> ~/.ssh/known_hosts" 27 | - "ssh-keyscan 192.168.1.203 >> ~/.ssh/known_hosts" 28 | - "ssh-keyscan 192.168.1.204 >> ~/.ssh/known_hosts" 29 | - "ssh-keyscan 192.168.1.205 >> ~/.ssh/known_hosts" 30 | 31 | - name: Create vim env's directories & files 32 | shell: "{{ item }}" 33 | with_items: 34 | - "mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle" 35 | - "touch /home/vagrant/.vimrc" 36 | - "touch /home/vagrant/.bashrc" 37 | 38 | - name: Install vim-enhanced 39 | yum: 40 | name: vim-enhanced 41 | state: present 42 | 43 | - name: Install git 44 | yum: 45 | name: git 46 | state: present 47 | 48 | - name: Download pathogen.vim 49 | shell: "curl -fLo /home/vagrant/.vim/autoload/pathogen.vim 50 | https://tpo.pe/pathogen.vim" 51 | 52 | - name: Git clone vim-ansible-yaml 53 | git: 54 | repo: https://github.com/chase/vim-ansible-yaml.git 55 | dest: /home/vagrant/.vim/bundle/vim-ansible-yaml 56 | 57 | - name: Configure vimrc 58 | lineinfile: 59 | path: /home/vagrant/.vimrc 60 | line: "{{ item }}" 61 | with_items: 62 | - "set number" 63 | - "execute pathogen#infect()" 64 | - "syntax on" 65 | 66 | - name: Configure Bashrc 67 | lineinfile: 68 | path: /home/vagrant/.bashrc 69 | line: "{{ item }}" 70 | with_items: 71 | - "alias ans='ansible'" 72 | - "alias anp='ansible-playbook'" 73 | -------------------------------------------------------------------------------- /ch6/6.1.1/bash_ssh_conf_4_CentOS.sh: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env bash 2 | 3 | now=$(date +"%m_%d_%Y") 4 | cp /etc/ssh/sshd_config /etc/ssh/sshd_config_$now.backup 5 | sed -i -e 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config 6 | systemctl restart sshd 7 | -------------------------------------------------------------------------------- /ch6/6.1.1/vag_reconf.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sysnet4admin/_Book_Ansible/1498199c6c2c5a0f8ef46a5aae9a616b06d0a04f/ch6/6.1.1/vag_reconf.bat -------------------------------------------------------------------------------- /ch6/6.1.2/Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | Vagrant.configure("2") do |config| 5 | 6 | #==============# 7 | # CentOS nodes # 8 | #==============# 9 | 10 | #Ansible-Node101 11 | config.vm.define "ansible-node101" do |cfg| 12 | cfg.vm.box = "centos/7" 13 | cfg.vm.provider "virtualbox" do |vb| 14 | vb.name = "Ansible-Node101(github_SysNet4Admin)" 15 | end 16 | cfg.vm.host_name = "ansible-node101" 17 | cfg.vm.network "public_network", ip: "192.168.1.101" 18 | cfg.vm.network "forwarded_port", guest: 22, host: 60101, auto_correct: true, id: "ssh" 19 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 20 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 21 | end 22 | 23 | #Ansible-Node102 24 | config.vm.define "ansible-node102" do |cfg| 25 | cfg.vm.box = "centos/7" 26 | cfg.vm.provider "virtualbox" do |vb| 27 | vb.name = "Ansible-Node102(github_SysNet4Admin)" 28 | end 29 | cfg.vm.host_name = "ansible-node102" 30 | cfg.vm.network "public_network", ip: "192.168.1.102" 31 | cfg.vm.network "forwarded_port", guest: 22, host: 60102, auto_correct: true, id: "ssh" 32 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 33 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 34 | end 35 | 36 | #Ansible-Node103 37 | config.vm.define "ansible-node103" do |cfg| 38 | cfg.vm.box = "centos/7" 39 | cfg.vm.provider "virtualbox" do |vb| 40 | vb.name = "Ansible-Node103(github_SysNet4Admin)" 41 | end 42 | cfg.vm.host_name = "ansible-node103" 43 | cfg.vm.network "public_network", ip: "192.168.1.103" 44 | cfg.vm.network "forwarded_port", guest: 22, host: 60103, auto_correct: true, id: "ssh" 45 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 46 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 47 | end 48 | 49 | #Ansible-Node104 50 | config.vm.define "ansible-node104" do |cfg| 51 | cfg.vm.box = "centos/7" 52 | cfg.vm.provider "virtualbox" do |vb| 53 | vb.name = "Ansible-Node104(github_SysNet4Admin)" 54 | end 55 | cfg.vm.host_name = "ansible-node104" 56 | cfg.vm.network "public_network", ip: "192.168.1.104" 57 | cfg.vm.network "forwarded_port", guest: 22, host: 60104, auto_correct: true, id: "ssh" 58 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 59 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 60 | end 61 | 62 | #Ansible-Node105 63 | config.vm.define "ansible-node105" do |cfg| 64 | cfg.vm.box = "centos/7" 65 | cfg.vm.provider "virtualbox" do |vb| 66 | vb.name = "Ansible-Node105(github_SysNet4Admin)" 67 | end 68 | cfg.vm.host_name = "ansible-node105" 69 | cfg.vm.network "public_network", ip: "192.168.1.105" 70 | cfg.vm.network "forwarded_port", guest: 22, host: 60105, auto_correct: true, id: "ssh" 71 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 72 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 73 | end 74 | 75 | 76 | #==============# 77 | # Ubuntu nodes # 78 | #==============# 79 | 80 | #Ansible-Node201 81 | config.vm.define "ansible-node201" do |cfg| 82 | cfg.vm.box = "ubuntu/trusty64" 83 | cfg.vm.provider "virtualbox" do |vb| 84 | vb.name = "Ansible-Node201(github_SysNet4Admin)" 85 | end 86 | cfg.vm.host_name = "ansible-node201" 87 | cfg.vm.network "public_network", ip: "192.168.1.201" 88 | cfg.vm.network "forwarded_port", guest: 22, host: 60201, auto_correct: true, id: "ssh" 89 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 90 | end 91 | 92 | #Ansible-Node202 93 | config.vm.define "ansible-node202" do |cfg| 94 | cfg.vm.box = "ubuntu/trusty64" 95 | cfg.vm.provider "virtualbox" do |vb| 96 | vb.name = "Ansible-Node202(github_SysNet4Admin)" 97 | end 98 | cfg.vm.host_name = "ansible-node202" 99 | cfg.vm.network "public_network", ip: "192.168.1.202" 100 | cfg.vm.network "forwarded_port", guest: 22, host: 60202, auto_correct: true, id: "ssh" 101 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 102 | end 103 | 104 | #Ansible-Node203 105 | config.vm.define "ansible-node203" do |cfg| 106 | cfg.vm.box = "ubuntu/trusty64" 107 | cfg.vm.provider "virtualbox" do |vb| 108 | vb.name = "Ansible-Node203(github_SysNet4Admin)" 109 | end 110 | cfg.vm.host_name = "ansible-node203" 111 | cfg.vm.network "public_network", ip: "192.168.1.203" 112 | cfg.vm.network "forwarded_port", guest: 22, host: 60203, auto_correct: true, id: "ssh" 113 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 114 | end 115 | 116 | #Ansible-Node204 117 | config.vm.define "ansible-node204" do |cfg| 118 | cfg.vm.box = "ubuntu/trusty64" 119 | cfg.vm.provider "virtualbox" do |vb| 120 | vb.name = "Ansible-Node204(github_SysNet4Admin)" 121 | end 122 | cfg.vm.host_name = "ansible-node204" 123 | cfg.vm.network "public_network", ip: "192.168.1.204" 124 | cfg.vm.network "forwarded_port", guest: 22, host: 60204, auto_correct: true, id: "ssh" 125 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 126 | end 127 | 128 | #Ansible-Node205 129 | config.vm.define "ansible-node205" do |cfg| 130 | cfg.vm.box = "ubuntu/trusty64" 131 | cfg.vm.provider "virtualbox" do |vb| 132 | vb.name = "Ansible-Node205(github_SysNet4Admin)" 133 | end 134 | cfg.vm.host_name = "ansible-node205" 135 | cfg.vm.network "public_network", ip: "192.168.1.205" 136 | cfg.vm.network "forwarded_port", guest: 22, host: 60205, auto_correct: true, id: "ssh" 137 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 138 | end 139 | 140 | 141 | #================# 142 | # Ansible Server # 143 | #================# 144 | 145 | config.vm.define "ansible-server" do |cfg| 146 | cfg.vm.box = "centos/7" 147 | cfg.vm.provider "virtualbox" do |vb| 148 | vb.name = "Ansible-Server(github_SysNet4Admin)" 149 | end 150 | cfg.vm.host_name = "ansible-server" 151 | cfg.vm.network "public_network", ip: "192.168.1.10" 152 | cfg.vm.network "forwarded_port", guest: 22, host: 60010, auto_correct: true, id: "ssh" 153 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 154 | cfg.vm.provision "shell", inline: "yum install epel-release -y" 155 | cfg.vm.provision "shell", inline: "yum install ansible -y" 156 | cfg.vm.provision "file", source: "ansible_env_ready.yml", 157 | destination: "ansible_env_ready.yml" 158 | cfg.vm.provision "shell", inline: "ansible-playbook ansible_env_ready.yml" 159 | cfg.vm.provision "file", source: "auto_pass.yml", destination: "auto_pass.yml" 160 | cfg.vm.provision "shell", inline: "ansible-playbook auto_pass.yml", privileged: false 161 | end 162 | end -------------------------------------------------------------------------------- /ch6/6.1.2/ansible_env_ready.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for the Ansible's Environment 3 | hosts: localhost 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: Add "/etc/ansible/hosts" 8 | blockinfile: 9 | path: /etc/ansible/hosts 10 | block: | 11 | [nodes] 12 | 192.168.1.[101:105] 13 | 192.168.1.[201:205] 14 | 15 | - name: Create vim env's directories & files 16 | shell: "{{ item }}" 17 | with_items: 18 | - "mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle" 19 | - "touch /home/vagrant/.vimrc" 20 | - "touch /home/vagrant/.bashrc" 21 | 22 | - name: Install vim-enhanced 23 | yum: 24 | name: vim-enhanced 25 | state: present 26 | 27 | - name: Install git 28 | yum: 29 | name: git 30 | state: present 31 | 32 | - name: Download pathogen.vim 33 | shell: "curl -fLo /home/vagrant/.vim/autoload/pathogen.vim 34 | https://tpo.pe/pathogen.vim" 35 | 36 | - name: Git clone vim-ansible-yaml 37 | git: 38 | repo: https://github.com/chase/vim-ansible-yaml.git 39 | dest: /home/vagrant/.vim/bundle/vim-ansible-yaml 40 | 41 | - name: Configure vimrc 42 | lineinfile: 43 | path: /home/vagrant/.vimrc 44 | line: "{{ item }}" 45 | with_items: 46 | - "set number" 47 | - "execute pathogen#infect()" 48 | - "syntax on" 49 | 50 | - name: Configure Bashrc 51 | lineinfile: 52 | path: /home/vagrant/.bashrc 53 | line: "{{ item }}" 54 | with_items: 55 | - "alias ans='ansible'" 56 | - "alias anp='ansible-playbook'" 57 | -------------------------------------------------------------------------------- /ch6/6.1.2/auto_pass.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create authority between server and nodes 3 | hosts: nodes 4 | connection: local 5 | serial: 1 6 | gather_facts: no 7 | 8 | tasks: 9 | - name: ssh-keyscan for known_hosts file 10 | command: /usr/bin/ssh-keyscan -t ecdsa {{ ansible_host }} 11 | register: keyscan 12 | 13 | - name: input key 14 | lineinfile: 15 | path: ~/.ssh/known_hosts 16 | line: "{{ item }}" 17 | create: yes 18 | with_items: 19 | - "{{ keyscan.stdout_lines }}" -------------------------------------------------------------------------------- /ch6/6.1.2/bash_ssh_conf_4_CentOS.sh: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env bash 2 | 3 | now=$(date +"%m_%d_%Y") 4 | cp /etc/ssh/sshd_config /etc/ssh/sshd_config_$now.backup 5 | sed -i -e 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config 6 | systemctl restart sshd 7 | -------------------------------------------------------------------------------- /ch6/6.1.2/vag_reconf.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sysnet4admin/_Book_Ansible/1498199c6c2c5a0f8ef46a5aae9a616b06d0a04f/ch6/6.1.2/vag_reconf.bat -------------------------------------------------------------------------------- /ch6/6.1.3/Avoid_FAILED_err_during_authpass/auto_pass_2tasks.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create known_hosts between server and nodes 3 | hosts: nodes 4 | connection: local 5 | serial: 1 6 | gather_facts: no 7 | 8 | tasks: 9 | - name: ssh-keyscan for known_hosts file 10 | command: /usr/bin/ssh-keyscan -t ecdsa {{ ansible_host }} 11 | register: keyscan 12 | 13 | - name: input key 14 | lineinfile: 15 | path: ~/.ssh/known_hosts 16 | line: "{{ item }}" 17 | create: yes 18 | with_items: 19 | - "{{ keyscan.stdout_lines }}" 20 | 21 | - name: Create authorized_keys between server and nodes 22 | hosts: nodes 23 | connection: local 24 | gather_facts: no 25 | vars: 26 | ansible_password: vagrant 27 | 28 | tasks: 29 | - name: ssh-keygen for authorized_keys file 30 | command: "ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N ''" 31 | ignore_errors: yes 32 | run_once: true 33 | 34 | - name: input key for each node 35 | connection: ssh 36 | authorized_key: 37 | user: vagrant 38 | state: present 39 | key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}" -------------------------------------------------------------------------------- /ch6/6.1.3/Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | Vagrant.configure("2") do |config| 5 | 6 | #==============# 7 | # CentOS nodes # 8 | #==============# 9 | 10 | #Ansible-Node101 11 | config.vm.define "ansible-node101" do |cfg| 12 | cfg.vm.box = "centos/7" 13 | cfg.vm.provider "virtualbox" do |vb| 14 | vb.name = "Ansible-Node101(github_SysNet4Admin)" 15 | end 16 | cfg.vm.host_name = "ansible-node101" 17 | cfg.vm.network "public_network", ip: "192.168.1.101" 18 | cfg.vm.network "forwarded_port", guest: 22, host: 60101, auto_correct: true, id: "ssh" 19 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 20 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 21 | end 22 | 23 | #Ansible-Node102 24 | config.vm.define "ansible-node102" do |cfg| 25 | cfg.vm.box = "centos/7" 26 | cfg.vm.provider "virtualbox" do |vb| 27 | vb.name = "Ansible-Node102(github_SysNet4Admin)" 28 | end 29 | cfg.vm.host_name = "ansible-node102" 30 | cfg.vm.network "public_network", ip: "192.168.1.102" 31 | cfg.vm.network "forwarded_port", guest: 22, host: 60102, auto_correct: true, id: "ssh" 32 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 33 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 34 | end 35 | 36 | #Ansible-Node103 37 | config.vm.define "ansible-node103" do |cfg| 38 | cfg.vm.box = "centos/7" 39 | cfg.vm.provider "virtualbox" do |vb| 40 | vb.name = "Ansible-Node103(github_SysNet4Admin)" 41 | end 42 | cfg.vm.host_name = "ansible-node103" 43 | cfg.vm.network "public_network", ip: "192.168.1.103" 44 | cfg.vm.network "forwarded_port", guest: 22, host: 60103, auto_correct: true, id: "ssh" 45 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 46 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 47 | end 48 | 49 | #Ansible-Node104 50 | config.vm.define "ansible-node104" do |cfg| 51 | cfg.vm.box = "centos/7" 52 | cfg.vm.provider "virtualbox" do |vb| 53 | vb.name = "Ansible-Node104(github_SysNet4Admin)" 54 | end 55 | cfg.vm.host_name = "ansible-node104" 56 | cfg.vm.network "public_network", ip: "192.168.1.104" 57 | cfg.vm.network "forwarded_port", guest: 22, host: 60104, auto_correct: true, id: "ssh" 58 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 59 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 60 | end 61 | 62 | #Ansible-Node105 63 | config.vm.define "ansible-node105" do |cfg| 64 | cfg.vm.box = "centos/7" 65 | cfg.vm.provider "virtualbox" do |vb| 66 | vb.name = "Ansible-Node105(github_SysNet4Admin)" 67 | end 68 | cfg.vm.host_name = "ansible-node105" 69 | cfg.vm.network "public_network", ip: "192.168.1.105" 70 | cfg.vm.network "forwarded_port", guest: 22, host: 60105, auto_correct: true, id: "ssh" 71 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 72 | cfg.vm.provision "shell", path: "bash_ssh_conf_4_CentOS.sh" 73 | end 74 | 75 | 76 | #==============# 77 | # Ubuntu nodes # 78 | #==============# 79 | 80 | #Ansible-Node201 81 | config.vm.define "ansible-node201" do |cfg| 82 | cfg.vm.box = "ubuntu/trusty64" 83 | cfg.vm.provider "virtualbox" do |vb| 84 | vb.name = "Ansible-Node201(github_SysNet4Admin)" 85 | end 86 | cfg.vm.host_name = "ansible-node201" 87 | cfg.vm.network "public_network", ip: "192.168.1.201" 88 | cfg.vm.network "forwarded_port", guest: 22, host: 60201, auto_correct: true, id: "ssh" 89 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 90 | end 91 | 92 | #Ansible-Node202 93 | config.vm.define "ansible-node202" do |cfg| 94 | cfg.vm.box = "ubuntu/trusty64" 95 | cfg.vm.provider "virtualbox" do |vb| 96 | vb.name = "Ansible-Node202(github_SysNet4Admin)" 97 | end 98 | cfg.vm.host_name = "ansible-node202" 99 | cfg.vm.network "public_network", ip: "192.168.1.202" 100 | cfg.vm.network "forwarded_port", guest: 22, host: 60202, auto_correct: true, id: "ssh" 101 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 102 | end 103 | 104 | #Ansible-Node203 105 | config.vm.define "ansible-node203" do |cfg| 106 | cfg.vm.box = "ubuntu/trusty64" 107 | cfg.vm.provider "virtualbox" do |vb| 108 | vb.name = "Ansible-Node203(github_SysNet4Admin)" 109 | end 110 | cfg.vm.host_name = "ansible-node203" 111 | cfg.vm.network "public_network", ip: "192.168.1.203" 112 | cfg.vm.network "forwarded_port", guest: 22, host: 60203, auto_correct: true, id: "ssh" 113 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 114 | end 115 | 116 | #Ansible-Node204 117 | config.vm.define "ansible-node204" do |cfg| 118 | cfg.vm.box = "ubuntu/trusty64" 119 | cfg.vm.provider "virtualbox" do |vb| 120 | vb.name = "Ansible-Node204(github_SysNet4Admin)" 121 | end 122 | cfg.vm.host_name = "ansible-node204" 123 | cfg.vm.network "public_network", ip: "192.168.1.204" 124 | cfg.vm.network "forwarded_port", guest: 22, host: 60204, auto_correct: true, id: "ssh" 125 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 126 | end 127 | 128 | #Ansible-Node205 129 | config.vm.define "ansible-node205" do |cfg| 130 | cfg.vm.box = "ubuntu/trusty64" 131 | cfg.vm.provider "virtualbox" do |vb| 132 | vb.name = "Ansible-Node205(github_SysNet4Admin)" 133 | end 134 | cfg.vm.host_name = "ansible-node205" 135 | cfg.vm.network "public_network", ip: "192.168.1.205" 136 | cfg.vm.network "forwarded_port", guest: 22, host: 60205, auto_correct: true, id: "ssh" 137 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 138 | end 139 | 140 | 141 | #================# 142 | # Ansible Server # 143 | #================# 144 | 145 | config.vm.define "ansible-server" do |cfg| 146 | cfg.vm.box = "centos/7" 147 | cfg.vm.provider "virtualbox" do |vb| 148 | vb.name = "Ansible-Server(github_SysNet4Admin)" 149 | end 150 | cfg.vm.host_name = "ansible-server" 151 | cfg.vm.network "public_network", ip: "192.168.1.10" 152 | cfg.vm.network "forwarded_port", guest: 22, host: 60010, auto_correct: true, id: "ssh" 153 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 154 | cfg.vm.provision "shell", inline: "yum install epel-release -y" 155 | cfg.vm.provision "shell", inline: "yum install ansible -y" 156 | cfg.vm.provision "file", source: "ansible_env_ready.yml", 157 | destination: "ansible_env_ready.yml" 158 | cfg.vm.provision "shell", inline: "ansible-playbook ansible_env_ready.yml" 159 | cfg.vm.provision "file", source: "auto_pass.yml", destination: "auto_pass.yml" 160 | cfg.vm.provision "shell", inline: "ansible-playbook auto_pass.yml", privileged: false 161 | end 162 | end -------------------------------------------------------------------------------- /ch6/6.1.3/ansible_env_ready.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for the Ansible's Environment 3 | hosts: localhost 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: Add "/etc/ansible/hosts" 8 | blockinfile: 9 | path: /etc/ansible/hosts 10 | block: | 11 | [nodes] 12 | 192.168.1.[101:105] 13 | 192.168.1.[201:205] 14 | 15 | - name: Create vim env's directories & files 16 | shell: "{{ item }}" 17 | with_items: 18 | - "mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle" 19 | - "touch /home/vagrant/.vimrc" 20 | - "touch /home/vagrant/.bashrc" 21 | 22 | - name: Install vim-enhanced 23 | yum: 24 | name: vim-enhanced 25 | state: present 26 | 27 | - name: Install git 28 | yum: 29 | name: git 30 | state: present 31 | 32 | - name: Download pathogen.vim 33 | shell: "curl -fLo /home/vagrant/.vim/autoload/pathogen.vim 34 | https://tpo.pe/pathogen.vim" 35 | 36 | - name: Git clone vim-ansible-yaml 37 | git: 38 | repo: https://github.com/chase/vim-ansible-yaml.git 39 | dest: /home/vagrant/.vim/bundle/vim-ansible-yaml 40 | 41 | - name: Configure vimrc 42 | lineinfile: 43 | path: /home/vagrant/.vimrc 44 | line: "{{ item }}" 45 | with_items: 46 | - "set number" 47 | - "execute pathogen#infect()" 48 | - "syntax on" 49 | 50 | - name: Configure Bashrc 51 | lineinfile: 52 | path: /home/vagrant/.bashrc 53 | line: "{{ item }}" 54 | with_items: 55 | - "alias ans='ansible'" 56 | - "alias anp='ansible-playbook'" 57 | -------------------------------------------------------------------------------- /ch6/6.1.3/auto_pass.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create authority between server and nodes 3 | hosts: nodes 4 | connection: local 5 | serial: 1 6 | gather_facts: no 7 | vars: 8 | ansible_password: vagrant 9 | 10 | tasks: 11 | - name: ssh-keyscan for known_hosts file 12 | command: /usr/bin/ssh-keyscan -t ecdsa {{ ansible_host }} 13 | register: keyscan 14 | 15 | - name: input key 16 | lineinfile: 17 | path: ~/.ssh/known_hosts 18 | line: "{{ item }}" 19 | create: yes 20 | with_items: 21 | - "{{ keyscan.stdout_lines }}" 22 | 23 | - name: ssh-keygen for authorized_keys file 24 | command: "ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N ''" 25 | ignore_errors: yes 26 | run_once: true 27 | 28 | - name: input key for each node 29 | connection: ssh 30 | authorized_key: 31 | user: vagrant 32 | state: present 33 | key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}" -------------------------------------------------------------------------------- /ch6/6.1.3/bash_ssh_conf_4_CentOS.sh: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env bash 2 | 3 | now=$(date +"%m_%d_%Y") 4 | cp /etc/ssh/sshd_config /etc/ssh/sshd_config_$now.backup 5 | sed -i -e 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config 6 | systemctl restart sshd 7 | -------------------------------------------------------------------------------- /ch6/6.1.3/vag_reconf.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sysnet4admin/_Book_Ansible/1498199c6c2c5a0f8ef46a5aae9a616b06d0a04f/ch6/6.1.3/vag_reconf.bat -------------------------------------------------------------------------------- /ch6/6.2.1/facts.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: print ipv4.address for nodes 3 | hosts: nodes 4 | #gather_facts: no 5 | 6 | tasks: 7 | - name: debug by msg 8 | debug: 9 | msg: 10 | - "eth0's ip {{ ansible_eth0.ipv4.address }}" 11 | - "eth1's ip {{ ansible_eth1.ipv4.address }}" 12 | 13 | - name: debug by var 14 | debug: 15 | var: "{{ item }}" 16 | with_items: 17 | - hostvars[inventory_hostname]['ansible_eth0']['ipv4']['address'] 18 | - hostvars[inventory_hostname]['ansible_eth1']['ipv4']['address'] -------------------------------------------------------------------------------- /ch6/6.2.1/facts_collector.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Collect facts for each node 3 | hosts: nodes 4 | 5 | tasks: 6 | - name: generate facts 7 | setup: 8 | register: facts 9 | 10 | - name: save facts 11 | local_action: 12 | module: copy 13 | content: "{{ facts | to_nice_json }}" 14 | dest: ./{{ ansible_hostname }}_facts_by_collector.txt -------------------------------------------------------------------------------- /ch6/6.2.2/nginx_install_w_when.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install nginx on the nodes 3 | hosts: nodes 4 | become: yes 5 | 6 | tasks: 7 | - name: install epel-release for CentOS 8 | action: "{{ ansible_pkg_mgr }} name=epel-release state=latest" 9 | when: ansible_distribution == 'CentOS' 10 | 11 | - name: install nginx web server for CentOS 12 | action: "{{ ansible_pkg_mgr }} name=nginx state=present" 13 | when: ansible_distribution == 'CentOS' 14 | 15 | - name: upload default index.html for web server 16 | get_url: url=https://www.nginx.com dest=/usr/share/nginx/html/ mode=0644 17 | when: ansible_distribution == 'CentOS' 18 | 19 | - name: start nginx web server 20 | service: name=nginx state=started 21 | when: ansible_distribution == 'CentOS' 22 | 23 | - name: install nginx web server for Ubuntu 24 | action: "{{ ansible_pkg_mgr }} name=nginx state=present update_cache=yes" 25 | when: ansible_distribution == 'Ubuntu' 26 | 27 | - name: upload default index.html for web server 28 | get_url: url=https://www.nginx.com dest=/usr/share/nginx/html/ 29 | mode=0644 validate_certs=no 30 | when: ansible_distribution == 'Ubuntu' -------------------------------------------------------------------------------- /ch6/6.2.2/nginx_remove_w_when.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Remove nginx on the nodes 3 | hosts: nodes 4 | become: yes 5 | 6 | tasks: 7 | - name: remove epel-release for CentOS 8 | action: "{{ ansible_pkg_mgr }} name=epel-release state=absent" 9 | when: ansible_distribution == 'CentOS' 10 | 11 | - name: remove nginx web server for CentOS 12 | action: "{{ ansible_pkg_mgr }} name=nginx state=absent" 13 | when: ansible_distribution == 'CentOS' 14 | 15 | - name: remove nginx web server 16 | action: "{{ ansible_pkg_mgr }} name=nginx state=absent autoremove=yes" 17 | when: ansible_distribution == 'Ubuntu' -------------------------------------------------------------------------------- /ch6/6.2.3/install/CentOS.yml: -------------------------------------------------------------------------------- 1 | - name: install epel-release 2 | action: "{{ ansible_pkg_mgr }} name=epel-release state=latest" 3 | - name: install nginx web server 4 | action: "{{ ansible_pkg_mgr }} name=nginx state=present" 5 | - name: upload default index.html for web server 6 | get_url: url=https://www.nginx.com dest=/usr/share/nginx/html/ mode=0644 7 | - name: start nginx web server 8 | service: name=nginx state=started -------------------------------------------------------------------------------- /ch6/6.2.3/install/Ubuntu.yml: -------------------------------------------------------------------------------- 1 | - name: install nginx web server 2 | action: "{{ ansible_pkg_mgr }} name=nginx state=present update_cache=yes" 3 | - name: upload default index.html for web server 4 | get_url: url=https://www.nginx.com dest=/usr/share/nginx/html/ 5 | mode=0644 validate_certs=no -------------------------------------------------------------------------------- /ch6/6.2.3/install/nginx_install_w_include_tasks.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install nginx on the nodes 3 | hosts: nodes 4 | become: yes 5 | 6 | tasks: 7 | - name: nginx for CentOS 8 | include_tasks: CentOS.yml 9 | when: ansible_distribution == 'CentOS' 10 | 11 | - name: nginx for Ubuntu 12 | include_tasks: Ubuntu.yml 13 | when: ansible_distribution == 'Ubuntu' 14 | 15 | -------------------------------------------------------------------------------- /ch6/6.2.3/remove/CentOS_remo.yml: -------------------------------------------------------------------------------- 1 | - name: remove epel-release 2 | action: "{{ ansible_pkg_mgr }} name=epel-release state=absent" 3 | - name: remove nginx web server 4 | action: "{{ ansible_pkg_mgr }} name=nginx state=absent" -------------------------------------------------------------------------------- /ch6/6.2.3/remove/Ubuntu_remo.yml: -------------------------------------------------------------------------------- 1 | - name: remove nginx web server 2 | action: "{{ ansible_pkg_mgr }} name=nginx state=absent autoremove=yes" -------------------------------------------------------------------------------- /ch6/6.2.3/remove/nginx_remove_w_include_tasks.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Remove nginx on the nodes 3 | hosts: nodes 4 | become: yes 5 | 6 | tasks: 7 | - name: nginx for CentOS 8 | include_tasks: CentOS_remo.yml 9 | when: ansible_distribution == 'CentOS' 10 | 11 | - name: nginx for Ubuntu 12 | include_tasks: Ubuntu_remo.yml 13 | when: ansible_distribution == 'Ubuntu' 14 | 15 | -------------------------------------------------------------------------------- /ch6/6.2.4/install/CentOS.yml: -------------------------------------------------------------------------------- 1 | - name: install epel-release 2 | action: "{{ ansible_pkg_mgr }} name=epel-release state=latest" 3 | - name: install nginx web server 4 | action: "{{ ansible_pkg_mgr }} name=nginx state=present" 5 | - name: upload default index.html for web server 6 | get_url: url=https://www.nginx.com dest=/usr/share/nginx/html/ mode=0644 7 | - name: start nginx web server 8 | service: name=nginx state=started -------------------------------------------------------------------------------- /ch6/6.2.4/install/Ubuntu.yml: -------------------------------------------------------------------------------- 1 | - name: install nginx web server 2 | action: "{{ ansible_pkg_mgr }} name=nginx state=present update_cache=yes" 3 | - name: upload default index.html for web server 4 | get_url: url=https://www.nginx.com dest=/usr/share/nginx/html/ 5 | mode=0644 validate_certs=no -------------------------------------------------------------------------------- /ch6/6.2.4/install/nginx_install_w_if.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install nginx on the nodes 3 | hosts: nodes 4 | become: yes 5 | vars: 6 | lnx_name: "{{ 'CentOS' if ansible_distribution == 'CentOS' 7 | else 'Ubuntu' if ansible_distribution == 'Ubuntu' 8 | else 'Just Linux' }}" 9 | 10 | tasks: 11 | - name: nginx for any linux 12 | include_tasks: "{{ lnx_name }}.yml" -------------------------------------------------------------------------------- /ch6/6.2.4/remove/CentOS_remo.yml: -------------------------------------------------------------------------------- 1 | - name: remove epel-release 2 | action: "{{ ansible_pkg_mgr }} name=epel-release state=absent" 3 | - name: remove nginx web server 4 | action: "{{ ansible_pkg_mgr }} name=nginx state=absent" -------------------------------------------------------------------------------- /ch6/6.2.4/remove/Ubuntu_remo.yml: -------------------------------------------------------------------------------- 1 | - name: remove nginx web server 2 | action: "{{ ansible_pkg_mgr }} name=nginx state=absent autoremove=yes" -------------------------------------------------------------------------------- /ch6/6.2.4/remove/nginx_remove_w_if.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Remove nginx on the nodes 3 | hosts: nodes 4 | become: yes 5 | vars: 6 | lnx_name: "{{ 'CentOS' if ansible_distribution == 'CentOS' 7 | else 'Ubuntu' if ansible_distribution == 'Ubuntu' 8 | else 'Just Linux' }}" 9 | 10 | tasks: 11 | - name: nginx for any linux 12 | include_tasks: "{{ lnx_name }}_remo.yml" -------------------------------------------------------------------------------- /ch6/6.3.1/nfs_adv.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for nfs server 3 | hosts: localhost 4 | tasks: 5 | - include_tasks: nfs_server.yml 6 | 7 | - name: Setup for nfs clients 8 | hosts: nodes 9 | tasks: 10 | - include_tasks: nfs_clients.yml -------------------------------------------------------------------------------- /ch6/6.3.1/nfs_clients.yml: -------------------------------------------------------------------------------- 1 | - name: make nfs_client directory 2 | file: 3 | path: "{{ ansible_user_dir }}/nfs" 4 | state: directory 5 | 6 | - name: mount point directory as client 7 | become: yes 8 | mount: 9 | name: "{{ ansible_user_dir }}/nfs" 10 | src: "{{ ansible_env.SSH_CLIENT.split()[0] }}:/home/vagrant/nfs_shared" 11 | fstype: nfs 12 | opts: nfsvers=3 13 | state: mounted 14 | 15 | 16 | -------------------------------------------------------------------------------- /ch6/6.3.1/nfs_server.yml: -------------------------------------------------------------------------------- 1 | - name: make nfs_shared directory 2 | file: 3 | path: "{{ ansible_user_dir }}/nfs_shared" 4 | state: directory 5 | mode: 0777 6 | 7 | - name: configure /etc/exports 8 | become: yes 9 | lineinfile: 10 | path: /etc/exports 11 | line: "{{ ansible_user_dir }}/nfs_shared 192.168.1.0/24(rw,sync)" 12 | 13 | - name: nfs service restart 14 | become: yes 15 | service: 16 | name: nfs 17 | state: restarted -------------------------------------------------------------------------------- /ch6/6.3.2/[WARNING]/nxos_tftp_backup_adv.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup tftp to backup NXOS's running-config 3 | hosts: localhost 4 | become: yes 5 | tasks: 6 | - include_tasks: "./nxos_itasks/{{ item }}.yml" 7 | with_items: 8 | - "tftp_server_config" 9 | - "selinux_permissive" 10 | - "xinetd_service_restart" 11 | 12 | - name: Request to backup NXOS's running-config 13 | hosts: nxos 14 | vars: 15 | ansible_user: admin 16 | ansible_password: vagrant 17 | tasks: 18 | - include_tasks: ./nxos_itasks/nxos_backup_adv.yml 19 | 20 | - name: selinux restore on ansible-server 21 | hosts: localhost 22 | gather_facts: no 23 | become: yes 24 | tasks: 25 | - include_tasks: ./nxos_itasks/selinux_enforcing.yml 26 | -------------------------------------------------------------------------------- /ch6/6.3.2/facts/nxos_facts_chk.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check NXOS's facts 3 | hosts: nxos 4 | gather_facts: no 5 | vars: 6 | ansible_user: admin 7 | ansible_password: vagrant 8 | 9 | tasks: 10 | - debug: 11 | msg: 12 | - "ansible_all_ipv4_addresses[0]: {{ ansible_all_ipv4_addresses[0] }}" 13 | - "ansible_all_ipv4_addresses[1]: {{ ansible_all_ipv4_addresses[1] }}" 14 | -------------------------------------------------------------------------------- /ch6/6.3.2/facts/nxos_facts_collector.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Collect nxos_facts for each device 3 | hosts: nxos 4 | gather_facts: no 5 | vars: 6 | ansible_user: admin 7 | ansible_password: vagrant 8 | 9 | tasks: 10 | - name: generate nxos_facts 11 | nxos_facts: 12 | register: facts 13 | 14 | - name: save nxos_facts 15 | local_action: 16 | module: copy 17 | content: "{{ facts | to_nice_json }}" 18 | dest: ./{{ ansible_net_hostname }}_facts_by_collector.txt -------------------------------------------------------------------------------- /ch6/6.3.2/facts/nxos_facts_show.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Show facts for NXOS devices 3 | hosts: nxos 4 | gather_facts: no 5 | vars: 6 | ansible_user: admin 7 | ansible_password: vagrant 8 | 9 | tasks: 10 | - nxos_facts: 11 | register: facts_date 12 | - debug: var=facts_data 13 | -------------------------------------------------------------------------------- /ch6/6.3.2/nxos_env_ready.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for the ansible's Environment 3 | hosts: localhost 4 | gather_facts: no 5 | become: yes 6 | 7 | tasks: 8 | - name: add "/etc/ansible/hosts" 9 | lineinfile: 10 | path: /etc/ansible/hosts 11 | line: "{{ item }}" 12 | with_items: 13 | - "[nxos]" 14 | - "192.168.1.251 ansible_connection=network_cli ansible_network_os=nxos" 15 | - "192.168.1.252 ansible_connection=network_cli ansible_network_os=nxos" 16 | 17 | - name: generate sshkey 18 | become: yes 19 | become_user: vagrant 20 | shell: "{{ item }}" 21 | with_items: 22 | - "ssh-keyscan 192.168.1.251 >> ~/.ssh/known_hosts" 23 | - "ssh-keyscan 192.168.1.252 >> ~/.ssh/known_hosts" -------------------------------------------------------------------------------- /ch6/6.3.2/nxos_itasks/nxos_backup_adv.yml: -------------------------------------------------------------------------------- 1 | - name: collect facts from nxos 2 | nxos_facts: 3 | - name: running-config backup 4 | nxos_command: 5 | commands: 6 | 'copy running-config 7 | tftp://{{ ansible_eth1.ipv4.address }}/{{ ansible_net_hostname }}-RC-{{ ansible_date_time.iso8601 }} 8 | vrf management' -------------------------------------------------------------------------------- /ch6/6.3.2/nxos_itasks/selinux_enforcing.yml: -------------------------------------------------------------------------------- 1 | - name: selinux change to enforcing 2 | selinux: policy=targeted state=enforcing 3 | -------------------------------------------------------------------------------- /ch6/6.3.2/nxos_itasks/selinux_permissive.yml: -------------------------------------------------------------------------------- 1 | - name: selinux change to permissive on ansible-server 2 | selinux: policy=targeted state=permissive 3 | -------------------------------------------------------------------------------- /ch6/6.3.2/nxos_itasks/tftp_server_config.yml: -------------------------------------------------------------------------------- 1 | - name: install xinetd & tftp-server 2 | yum: 3 | name: "{{ item }}" 4 | state: present 5 | with_items: 6 | - "xinetd" 7 | - "tftp-server" 8 | 9 | - name: make tftp_shared directory 10 | become: yes 11 | become_user: vagrant 12 | file: 13 | path: /home/vagrant/tftp_shared 14 | state: directory 15 | mode: 0777 16 | 17 | - name: replace tftp's config 18 | replace: 19 | path: "{{ item.path }}" 20 | regexp: "{{ item.regexp }}" 21 | replace: "{{ item.replace }}" 22 | with_items: 23 | - { path: "/etc/xinetd.d/tftp", regexp: "root", replace: "vagrant" } 24 | - { path: "/etc/xinetd.d/tftp", regexp: "-s /var/lib/tftpboot", 25 | replace: "-c -p -u vagrant -s /home/vagrant/tftp_shared" } 26 | 27 | - name: modify tftp's config 28 | lineinfile: 29 | path: /etc/xinetd.d/tftp 30 | regexp: 'disable' 31 | line: 'disable = disable' 32 | 33 | - name: modify tftp service's config 34 | replace: 35 | path: /usr/lib/systemd/system/tftp.service 36 | regexp: '-s /var/lib/tftpboot' 37 | replace: '-c -p -u vagrant -s /home/vagrant/tftp_shared' 38 | -------------------------------------------------------------------------------- /ch6/6.3.2/nxos_itasks/xinetd_service_restart.yml: -------------------------------------------------------------------------------- 1 | - name: service daemon restart 2 | systemd: 3 | state: restarted 4 | daemon_reload: yes 5 | name: tftp 6 | 7 | - name: xinetd service restart 8 | service: 9 | name: xinetd 10 | state: restarted 11 | -------------------------------------------------------------------------------- /ch6/6.3.2/nxos_tftp_backup_adv.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup tftp to backup NXOS's running-config 3 | hosts: localhost 4 | become: yes 5 | tasks: 6 | - include_tasks: "./nxos_itasks/tftp_server_config.yml" 7 | - include_tasks: "./nxos_itasks/selinux_permissive.yml" 8 | - include_tasks: "./nxos_itasks/xinetd_service_restart.yml" 9 | 10 | - name: Request to backup NXOS's running-config 11 | hosts: nxos 12 | vars: 13 | ansible_user: admin 14 | ansible_password: vagrant 15 | tasks: 16 | - include_tasks: ./nxos_itasks/nxos_backup_adv.yml 17 | 18 | - name: selinux restore on ansible-server 19 | hosts: localhost 20 | gather_facts: no 21 | become: yes 22 | tasks: 23 | - include_tasks: ./nxos_itasks/selinux_enforcing.yml 24 | -------------------------------------------------------------------------------- /ch6/6.3.3/Old_known+auth.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sysnet4admin/_Book_Ansible/1498199c6c2c5a0f8ef46a5aae9a616b06d0a04f/ch6/6.3.3/Old_known+auth.zip -------------------------------------------------------------------------------- /ch6/6.3.3/Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | Vagrant.configure("2") do |config| 5 | 6 | #===============# 7 | # Cumulus nodes # 8 | #===============# 9 | 10 | #Ansible-Cumulus01 11 | config.vm.define "ansible-cl01" do |cl| 12 | cl.vm.box = "CumulusCommunity/cumulus-vx" 13 | cl.vm.box_version = "3.6.0" 14 | cl.vm.box_check_update = false 15 | cl.vm.provider "virtualbox" do |vb| 16 | vb.name = "Ansible-Cumulus01(github_SysNet4Admin)" 17 | vb.customize ['modifyvm', :id, '--macaddress1', '080027000061'] 18 | vb.customize ['modifyvm', :id, '--natnet1', '10.0.61.0/24'] 19 | end 20 | cl.vm.host_name = "ansible-cl01" 21 | cl.vm.network "public_network", ip: "192.168.1.61" 22 | cl.vm.network "private_network", virtualbox__intnet: "swp2", auto_config: false 23 | cl.vm.network "private_network", virtualbox__intnet: "swp3", auto_config: false 24 | cl.vm.network "private_network", virtualbox__intnet: "swp4", auto_config: false 25 | cl.vm.network "forwarded_port", guest: 22, host: 60061, auto_correct: true, id: "ssh" 26 | cl.vm.synced_folder "../data", "/vagrant", disabled: true 27 | end 28 | 29 | #Ansible-Cumulus02 30 | config.vm.define "ansible-cl02" do |cl| 31 | cl.vm.box = "CumulusCommunity/cumulus-vx" 32 | cl.vm.box_version = "3.6.0" 33 | cl.vm.box_check_update = false 34 | cl.vm.provider "virtualbox" do |vb| 35 | vb.name = "Ansible-Cumulus02(github_SysNet4Admin)" 36 | vb.customize ['modifyvm', :id, '--macaddress1', '080027000062'] 37 | vb.customize ['modifyvm', :id, '--natnet1', '10.0.62.0/24'] 38 | end 39 | cl.vm.host_name = "ansible-cl02" 40 | cl.vm.network "public_network", ip: "192.168.1.62" 41 | cl.vm.network "private_network", virtualbox__intnet: "swp2", auto_config: false 42 | cl.vm.network "private_network", virtualbox__intnet: "swp3", auto_config: false 43 | cl.vm.network "private_network", virtualbox__intnet: "swp4", auto_config: false 44 | cl.vm.network "forwarded_port", guest: 22, host: 60062, auto_correct: true, id: "ssh" 45 | cl.vm.synced_folder "../data", "/vagrant", disabled: true 46 | end 47 | 48 | #Ansible-Cumulus03 49 | config.vm.define "ansible-cl03" do |cl| 50 | cl.vm.box = "CumulusCommunity/cumulus-vx" 51 | cl.vm.box_version = "3.6.0" 52 | cl.vm.box_check_update = false 53 | cl.vm.provider "virtualbox" do |vb| 54 | vb.name = "Ansible-Cumulus03(github_SysNet4Admin)" 55 | vb.customize ['modifyvm', :id, '--macaddress1', '080027000063'] 56 | vb.customize ['modifyvm', :id, '--natnet1', '10.0.63.0/24'] 57 | end 58 | cl.vm.host_name = "ansible-cl03" 59 | cl.vm.network "public_network", ip: "192.168.1.63" 60 | cl.vm.network "private_network", virtualbox__intnet: "swp2", auto_config: false 61 | cl.vm.network "private_network", virtualbox__intnet: "swp3", auto_config: false 62 | cl.vm.network "private_network", virtualbox__intnet: "swp4", auto_config: false 63 | cl.vm.network "forwarded_port", guest: 22, host: 60063, auto_correct: true, id: "ssh" 64 | cl.vm.synced_folder "../data", "/vagrant", disabled: true 65 | end 66 | 67 | #Ansible-Cumulus04 68 | config.vm.define "ansible-cl04" do |cl| 69 | cl.vm.box = "CumulusCommunity/cumulus-vx" 70 | cl.vm.box_version = "3.6.0" 71 | cl.vm.box_check_update = false 72 | cl.vm.provider "virtualbox" do |vb| 73 | vb.name = "Ansible-Cumulus04(github_SysNet4Admin)" 74 | vb.customize ['modifyvm', :id, '--macaddress1', '080027000064'] 75 | vb.customize ['modifyvm', :id, '--natnet1', '10.0.64.0/24'] 76 | end 77 | cl.vm.host_name = "ansible-cl04" 78 | cl.vm.network "public_network", ip: "192.168.1.64" 79 | cl.vm.network "private_network", virtualbox__intnet: "swp2", auto_config: false 80 | cl.vm.network "private_network", virtualbox__intnet: "swp3", auto_config: false 81 | cl.vm.network "private_network", virtualbox__intnet: "swp4", auto_config: false 82 | cl.vm.network "forwarded_port", guest: 22, host: 60064, auto_correct: true, id: "ssh" 83 | cl.vm.synced_folder "../data", "/vagrant", disabled: true 84 | end 85 | 86 | #================# 87 | # Ansible Server # 88 | #================# 89 | 90 | config.vm.define "ansible-server" do |cfg| 91 | cfg.vm.box = "centos/7" 92 | cfg.vm.provider "virtualbox" do |vb| 93 | vb.name = "Ansible-Server(github_SysNet4Admin)" 94 | end 95 | cfg.vm.host_name = "ansible-server" 96 | cfg.vm.network "public_network", ip: "192.168.1.10" 97 | cfg.vm.network "forwarded_port", guest: 22, host: 60010, auto_correct: true, id: "ssh" 98 | cfg.vm.synced_folder "../data", "/vagrant", disabled: true 99 | cfg.vm.provision "shell", inline: "yum install epel-release -y" 100 | cfg.vm.provision "shell", inline: "yum install ansible -y" 101 | cfg.vm.provision "file", source: "ansible_env_ready.yml", 102 | destination: "ansible_env_ready.yml" 103 | cfg.vm.provision "shell", inline: "ansible-playbook ansible_env_ready.yml" 104 | cfg.vm.provision "file", source: "cl_auto_pass.yml", destination: "cl_auto_pass.yml" 105 | cfg.vm.provision "shell", inline: "ansible-playbook cl_auto_pass.yml", 106 | privileged: false 107 | end 108 | end 109 | -------------------------------------------------------------------------------- /ch6/6.3.3/ansible_env_ready.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Setup for the Ansible's Environment 3 | hosts: localhost 4 | gather_facts: no 5 | 6 | tasks: 7 | - name: Add "/etc/ansible/hosts" 8 | blockinfile: 9 | path: /etc/ansible/hosts 10 | block: | 11 | [spine] 12 | 192.168.1.61 13 | 192.168.1.62 14 | 15 | [leaf] 16 | 192.168.1.63 17 | 192.168.1.64 18 | 19 | [cl:children] 20 | spine 21 | leaf 22 | 23 | - name: Create vim env's directories & files 24 | shell: "{{ item }}" 25 | with_items: 26 | - "mkdir -p /home/vagrant/.vim/autoload /home/vagrant/.vim/bundle" 27 | - "touch /home/vagrant/.vimrc" 28 | - "touch /home/vagrant/.bashrc" 29 | 30 | - name: Install vim-enhanced 31 | yum: 32 | name: vim-enhanced 33 | state: present 34 | 35 | - name: Install git 36 | yum: 37 | name: git 38 | state: present 39 | 40 | - name: Download pathogen.vim 41 | shell: "curl -fLo /home/vagrant/.vim/autoload/pathogen.vim 42 | https://tpo.pe/pathogen.vim" 43 | 44 | - name: Git clone vim-ansible-yaml 45 | git: 46 | repo: https://github.com/chase/vim-ansible-yaml.git 47 | dest: /home/vagrant/.vim/bundle/vim-ansible-yaml 48 | 49 | - name: Configure vimrc 50 | lineinfile: 51 | path: /home/vagrant/.vimrc 52 | line: "{{ item }}" 53 | with_items: 54 | - "set number" 55 | - "execute pathogen#infect()" 56 | - "syntax on" 57 | 58 | - name: Configure Bashrc 59 | lineinfile: 60 | path: /home/vagrant/.bashrc 61 | line: "{{ item }}" 62 | with_items: 63 | - "alias ans='ansible'" 64 | - "alias anp='ansible-playbook'" 65 | -------------------------------------------------------------------------------- /ch6/6.3.3/cl_auto_pass.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create authority between ansible-server and cumulus-nodes 3 | hosts: cl 4 | connection: local 5 | vars: 6 | ansible_password: vagrant 7 | ansible_become_pass: CumulusLinux! 8 | 9 | tasks: 10 | - name: ssh-keyscan for known_hosts file 11 | command: /usr/bin/ssh-keyscan -t ecdsa {{ ansible_host }} 12 | register: keyscan 13 | 14 | - name: input key 15 | lineinfile: 16 | path: ~/.ssh/known_hosts 17 | line: "{{ item }}" 18 | create: yes 19 | with_items: 20 | - "{{ keyscan.stdout_lines }}" 21 | 22 | - name: ssh-keygen for authorized_keys file 23 | command: | 24 | ssh-keygen -C cumulus@{{ ansible_hostname }} \ 25 | -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N '' 26 | ignore_errors: yes 27 | run_once: true 28 | 29 | - name: input key for each node 30 | connection: ssh 31 | become: yes 32 | authorized_key: 33 | user: cumulus 34 | state: present 35 | key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}" 36 | -------------------------------------------------------------------------------- /ch6/6.3.4/cl_conf_ospf.yml: -------------------------------------------------------------------------------- 1 | - name: Config hostname and SVI for spineA 2 | hosts: spine[0] 3 | remote_user: cumulus 4 | tasks: 5 | - name: put in config 6 | nclu: 7 | commands: 8 | - add hostname ansible-spineA 9 | - add vlan 10 ip address 10.0.10."{{ ansible_all_ipv4_addresses[0][-2:] }}"/24 10 | - add interface swp4 ip address 10.0.101."{{ 11 | ansible_all_ipv4_addresses[0][-2:] }}"/24 12 | atomic: true 13 | 14 | - name: Config hostname and SVI for spineB 15 | hosts: spine[1] 16 | remote_user: cumulus 17 | tasks: 18 | - name: put in config 19 | nclu: 20 | commands: 21 | - add hostname ansible-spineB 22 | - add vlan 10 ip address 10.0.10."{{ ansible_all_ipv4_addresses[0][-2:] }}"/24 23 | - add interface swp4 ip address 10.0.102."{{ 24 | ansible_all_ipv4_addresses[0][-2:] }}"/24 25 | atomic: true 26 | 27 | - name: Config hostname and SVI leafA 28 | hosts: leaf[0] 29 | remote_user: cumulus 30 | tasks: 31 | - name: put in config 32 | nclu: 33 | commands: 34 | - add hostname ansible-leafA 35 | - add interface swp4 ip address 10.0.101."{{ 36 | ansible_all_ipv4_addresses[0][-2:] }}"/24 37 | atomic: true 38 | 39 | - name: Config hostname and SVI for leafB 40 | hosts: leaf[1] 41 | remote_user: cumulus 42 | tasks: 43 | - name: put in config 44 | nclu: 45 | commands: 46 | - add hostname ansible-leafB 47 | - add interface swp4 ip address 10.0.102."{{ 48 | ansible_all_ipv4_addresses[0][-2:] }}"/24 49 | atomic: true 50 | 51 | - name: Config OSPF for all 52 | hosts: cl 53 | remote_user: cumulus 54 | tasks: 55 | - name: put in config 56 | nclu: 57 | commands: 58 | - add ospf router-id 0.0.0."{{ ansible_all_ipv4_addresses[0][-2:] }}" 59 | - add ospf network 10.0.0.0/16 area 0.0.0.0 60 | atomic: true 61 | -------------------------------------------------------------------------------- /ch6/6.3.4/cl_lldp.yml: -------------------------------------------------------------------------------- 1 | - name: for new hostname 2 | service: 3 | name: lldpd 4 | state: restarted -------------------------------------------------------------------------------- /ch6/6.3.4/cl_ospf_adv.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Config peer-link 3 | hosts: spine 4 | gather_facts: no 5 | remote_user: cumulus 6 | tasks: 7 | - include_tasks: cl_peerlink.yml 8 | 9 | - name: Import playbook for ospf config 10 | import_playbook: cl_conf_ospf.yml 11 | 12 | - name: lldp service restart 13 | hosts: cl 14 | gather_facts: no 15 | become: yes 16 | vars: 17 | ansible_user: cumulus 18 | ansible_become_pass: CumulusLinux! 19 | tasks: 20 | - include_tasks: cl_lldp.yml -------------------------------------------------------------------------------- /ch6/6.3.4/cl_peerlink.yml: -------------------------------------------------------------------------------- 1 | - name: for bond, bridge and vids 2 | nclu: 3 | commands: 4 | - add bond bond0 bond slaves swp2,3 5 | - add bridge 6 | - add bridge bridge ports bond0 7 | - add bridge bridge vids 10 8 | - add bridge bridge pvid 1 9 | atomic: true 10 | -------------------------------------------------------------------------------- /ch7/7.1.1/install/CentOS.yml: -------------------------------------------------------------------------------- 1 | - name: install epel-release 2 | action: "{{ ansible_pkg_mgr }} name=epel-release state=latest" 3 | - name: install nginx web server 4 | action: "{{ ansible_pkg_mgr }} name=nginx state=present" 5 | - name: upload default index.html for web server 6 | get_url: url=https://www.nginx.com dest=/usr/share/nginx/html/ mode=0644 7 | notify: 8 | - restart nginx web server -------------------------------------------------------------------------------- /ch7/7.1.1/install/Ubuntu.yml: -------------------------------------------------------------------------------- 1 | - name: install nginx web server 2 | action: "{{ ansible_pkg_mgr }} name=nginx state=present update_cache=yes" 3 | - name: upload default index.html for web server 4 | get_url: url=https://www.nginx.com dest=/usr/share/nginx/html/ 5 | mode=0644 validate_certs=no 6 | notify: 7 | - restart nginx web server -------------------------------------------------------------------------------- /ch7/7.1.1/install/nginx_install_w_handlers.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install nginx on the nodes 3 | hosts: nodes 4 | become: yes 5 | vars: 6 | lnx_name: "{{ 'CentOS' if ansible_distribution == 'CentOS' 7 | else 'Ubuntu' if ansible_distribution == 'Ubuntu' 8 | else 'Just Linux' }}" 9 | 10 | tasks: 11 | - name: nginx for any linux 12 | include_tasks: "{{ lnx_name }}.yml" 13 | 14 | handlers: 15 | - name: restart nginx web server 16 | service: name=nginx state=restarted -------------------------------------------------------------------------------- /ch7/7.1.1/remove_from_6.2.4/CentOS_remo.yml: -------------------------------------------------------------------------------- 1 | - name: remove epel-release 2 | action: "{{ ansible_pkg_mgr }} name=epel-release state=absent" 3 | - name: remove nginx web server 4 | action: "{{ ansible_pkg_mgr }} name=nginx state=absent" -------------------------------------------------------------------------------- /ch7/7.1.1/remove_from_6.2.4/Ubuntu_remo.yml: -------------------------------------------------------------------------------- 1 | - name: remove nginx web server 2 | action: "{{ ansible_pkg_mgr }} name=nginx state=absent autoremove=yes" -------------------------------------------------------------------------------- /ch7/7.1.1/remove_from_6.2.4/nginx_remove_w_if.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Remove nginx on the nodes 3 | hosts: nodes 4 | become: yes 5 | vars: 6 | lnx_name: "{{ 'CentOS' if ansible_distribution == 'CentOS' 7 | else 'Ubuntu' if ansible_distribution == 'Ubuntu' 8 | else 'Just Linux' }}" 9 | 10 | tasks: 11 | - name: nginx for any linux 12 | include_tasks: "{{ lnx_name }}_remo.yml" -------------------------------------------------------------------------------- /ch7/7.1.2/install/CentOS.yml: -------------------------------------------------------------------------------- 1 | - name: install epel-release 2 | action: "{{ ansible_pkg_mgr }} name=epel-release state=latest" 3 | - name: install nginx web server 4 | action: "{{ ansible_pkg_mgr }} name=nginx state=present" 5 | - name: upload default index.html for web server 6 | get_url: url=https://www.nginx.com dest=/usr/share/nginx/html/ mode=0644 7 | notify: 8 | - restart nginx web server -------------------------------------------------------------------------------- /ch7/7.1.2/install/Ubuntu.yml: -------------------------------------------------------------------------------- 1 | - name: install nginx web server 2 | action: "{{ ansible_pkg_mgr }} name=nginx state=present update_cache=yes" 3 | - name: upload default index.html for web server 4 | get_url: url=https://www.nginx.com dest=/usr/share/nginx/html/ 5 | mode=0644 validate_certs=no 6 | notify: 7 | - restart nginx web server -------------------------------------------------------------------------------- /ch7/7.1.2/install/group_vars/GroupName: -------------------------------------------------------------------------------- 1 | lnx_name: "{{ 'CentOS' if ansible_distribution == 'CentOS' 2 | else 'Ubuntu' if ansible_distribution == 'Ubuntu' 3 | else 'Just Linux' }}" -------------------------------------------------------------------------------- /ch7/7.1.2/install/host_vars/192.168.1.NodeIP: -------------------------------------------------------------------------------- 1 | lnx_name: "{{ 'CentOS' if ansible_distribution == 'CentOS' 2 | else 'Ubuntu' if ansible_distribution == 'Ubuntu' 3 | else 'Just Linux' }}" -------------------------------------------------------------------------------- /ch7/7.1.2/install/nginx_install_wo_vars.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install nginx on the nodes 3 | hosts: nodes 4 | become: yes 5 | 6 | tasks: 7 | - name: nginx for any linux 8 | include_tasks: "{{ lnx_name }}.yml" 9 | 10 | handlers: 11 | - name: restart nginx web server 12 | service: name=nginx state=restarted -------------------------------------------------------------------------------- /ch7/7.1.2/remove_from_6.2.4/CentOS_remo.yml: -------------------------------------------------------------------------------- 1 | - name: remove epel-release 2 | action: "{{ ansible_pkg_mgr }} name=epel-release state=absent" 3 | - name: remove nginx web server 4 | action: "{{ ansible_pkg_mgr }} name=nginx state=absent" -------------------------------------------------------------------------------- /ch7/7.1.2/remove_from_6.2.4/Ubuntu_remo.yml: -------------------------------------------------------------------------------- 1 | - name: remove nginx web server 2 | action: "{{ ansible_pkg_mgr }} name=nginx state=absent autoremove=yes" -------------------------------------------------------------------------------- /ch7/7.1.2/remove_from_6.2.4/nginx_remove_w_if.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Remove nginx on the nodes 3 | hosts: nodes 4 | become: yes 5 | vars: 6 | lnx_name: "{{ 'CentOS' if ansible_distribution == 'CentOS' 7 | else 'Ubuntu' if ansible_distribution == 'Ubuntu' 8 | else 'Just Linux' }}" 9 | 10 | tasks: 11 | - name: nginx for any linux 12 | include_tasks: "{{ lnx_name }}_remo.yml" -------------------------------------------------------------------------------- /ch7/7.1.3/install/CentOS.yml: -------------------------------------------------------------------------------- 1 | - name: install epel-release 2 | action: "{{ ansible_pkg_mgr }} name=epel-release state=latest" 3 | - name: install nginx web server 4 | action: "{{ ansible_pkg_mgr }} name=nginx state=present" 5 | notify: 6 | - restart nginx web server 7 | -------------------------------------------------------------------------------- /ch7/7.1.3/install/Ubuntu.yml: -------------------------------------------------------------------------------- 1 | - name: install nginx web server 2 | action: "{{ ansible_pkg_mgr }} name=nginx state=present update_cache=yes" 3 | notify: 4 | - restart nginx web server 5 | -------------------------------------------------------------------------------- /ch7/7.1.3/install/index.j2: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Nginx Web Server 6 | 7 | 8 |

Welcome to Ansible world!

9 |

Here is Nginx Cluster {{ idx }}/{{ nu }}

10 | 11 | -------------------------------------------------------------------------------- /ch7/7.1.3/install/nginx_install_w_template.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install nginx on the nodes 3 | hosts: nodes 4 | become: yes 5 | vars: 6 | nu: "{{ groups.nodes | count }}" 7 | idx: "{{ groups.nodes.index(inventory_hostname)+1 | int }}" 8 | lnx_name: "{{ 'CentOS' if ansible_distribution == 'CentOS' 9 | else 'Ubuntu' if ansible_distribution == 'Ubuntu' 10 | else 'Just Linux' }}" 11 | 12 | tasks: 13 | - name: nginx for any linux 14 | include_tasks: "{{ lnx_name }}.yml" 15 | 16 | - name: create web page for each node 17 | template: 18 | src: index.j2 19 | dest: /usr/share/nginx/html/index.html 20 | mode: 0644 21 | backup: yes 22 | 23 | handlers: 24 | - name: restart nginx web server 25 | service: name=nginx state=restarted 26 | -------------------------------------------------------------------------------- /ch7/7.1.3/remove_from_6.2.4/CentOS_remo.yml: -------------------------------------------------------------------------------- 1 | - name: remove epel-release 2 | action: "{{ ansible_pkg_mgr }} name=epel-release state=absent" 3 | - name: remove nginx web server 4 | action: "{{ ansible_pkg_mgr }} name=nginx state=absent" -------------------------------------------------------------------------------- /ch7/7.1.3/remove_from_6.2.4/Ubuntu_remo.yml: -------------------------------------------------------------------------------- 1 | - name: remove nginx web server 2 | action: "{{ ansible_pkg_mgr }} name=nginx state=absent autoremove=yes" -------------------------------------------------------------------------------- /ch7/7.1.3/remove_from_6.2.4/nginx_remove_w_if.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Remove nginx on the nodes 3 | hosts: nodes 4 | become: yes 5 | vars: 6 | lnx_name: "{{ 'CentOS' if ansible_distribution == 'CentOS' 7 | else 'Ubuntu' if ansible_distribution == 'Ubuntu' 8 | else 'Just Linux' }}" 9 | 10 | tasks: 11 | - name: nginx for any linux 12 | include_tasks: "{{ lnx_name }}_remo.yml" -------------------------------------------------------------------------------- /ch7/7.1.4/Jinja live parser.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://cryptic-cliffs-32040.herokuapp.com/ 3 | -------------------------------------------------------------------------------- /ch7/7.1.4/hosts/hosts.j2: -------------------------------------------------------------------------------- 1 | #Create by template at {{ ansible_date_time.iso8601 }} 2 | 3 | 127.0.0.1 {{ ansible_hostname }} 4 | 192.168.1.10 ansible-server 5 | {% for ip in range(nu | int) %} 6 | {{ groups.nodes[ip] }} node{{ groups.nodes[ip][-3:] }} 7 | {% endfor %} -------------------------------------------------------------------------------- /ch7/7.1.4/hosts/hosts_template.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create hosts file by template 3 | hosts: nodes 4 | become: yes 5 | vars: 6 | nu: "{{ groups.nodes | count }}" 7 | 8 | tasks: 9 | - name: replace hosts file 10 | template: 11 | src: hosts.j2 12 | dest: /etc/hosts -------------------------------------------------------------------------------- /ch7/7.1.4/nginx/install/CentOS.yml: -------------------------------------------------------------------------------- 1 | - name: install epel-release 2 | action: "{{ ansible_pkg_mgr }} name=epel-release state=latest" 3 | - name: install nginx web server 4 | action: "{{ ansible_pkg_mgr }} name=nginx state=present" 5 | notify: 6 | - restart nginx web server 7 | -------------------------------------------------------------------------------- /ch7/7.1.4/nginx/install/Ubuntu.yml: -------------------------------------------------------------------------------- 1 | - name: install nginx web server 2 | action: "{{ ansible_pkg_mgr }} name=nginx state=present update_cache=yes" 3 | notify: 4 | - restart nginx web server 5 | -------------------------------------------------------------------------------- /ch7/7.1.4/nginx/install/index.j2: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Nginx Web Server 6 | 7 | 8 | 9 |

Welcome to Ansible world!

10 |

Here is Nginx Cluster {{ idx }}/{{ nu }}

11 | 12 | -------------------------------------------------------------------------------- /ch7/7.1.4/nginx/install/ins_chk.j2: -------------------------------------------------------------------------------- 1 | {% if ansible_distribution == 'Ubuntu' %} 2 | [ OS : Ubuntu ] 3 | >> dpkg -l | grep nginx 4 | OR 5 | >> service nginx status 6 | {% elif ansible_distribution == 'CentOS' and ansible_distribution_major_version == '7' %} 7 | [ OS : CentOS ver7 ] 8 | >> yum list installed | grep nginx 9 | OR 10 | >> systemctl status nginx 11 | {% elif ansible_distribution == 'CentOS' and ansible_distribution_major_version < '7' %} 12 | [ OS : CentOS ver6 ] 13 | >> yum list installed | grep nginx 14 | OR 15 | >> service nginx status 16 | {% else %} 17 | >> service nginx status (* Gernally) 18 | {% endif %} 19 | -------------------------------------------------------------------------------- /ch7/7.1.4/nginx/install/nginx_install_w_template_n_chk.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install nginx on the nodes 3 | hosts: nodes 4 | become: yes 5 | vars: 6 | nu: "{{ groups.nodes | count }}" 7 | idx: "{{ groups.nodes.index(inventory_hostname)+1 | int }}" 8 | lnx_name: "{{ 'CentOS' if ansible_distribution == 'CentOS' 9 | else 'Ubuntu' if ansible_distribution == 'Ubuntu' 10 | else 'Just Linux' }}" 11 | 12 | tasks: 13 | - name: nginx for any linux 14 | include_tasks: "{{ lnx_name }}.yml" 15 | 16 | - name: create web page for each node 17 | template: 18 | src: index.j2 19 | dest: /usr/share/nginx/html/index.html 20 | mode: 0644 21 | backup: yes 22 | 23 | - name: check nginx service 24 | debug: msg="{{lookup('template','ins_chk.j2').split('\n')}}" 25 | 26 | handlers: 27 | - name: restart nginx web server 28 | service: name=nginx state=restarted 29 | -------------------------------------------------------------------------------- /ch7/7.1.4/nginx/remove_from_6.2.4/CentOS_remo.yml: -------------------------------------------------------------------------------- 1 | - name: remove epel-release 2 | action: "{{ ansible_pkg_mgr }} name=epel-release state=absent" 3 | - name: remove nginx web server 4 | action: "{{ ansible_pkg_mgr }} name=nginx state=absent" -------------------------------------------------------------------------------- /ch7/7.1.4/nginx/remove_from_6.2.4/Ubuntu_remo.yml: -------------------------------------------------------------------------------- 1 | - name: remove nginx web server 2 | action: "{{ ansible_pkg_mgr }} name=nginx state=absent autoremove=yes" -------------------------------------------------------------------------------- /ch7/7.1.4/nginx/remove_from_6.2.4/nginx_remove_w_if.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Remove nginx on the nodes 3 | hosts: nodes 4 | become: yes 5 | vars: 6 | lnx_name: "{{ 'CentOS' if ansible_distribution == 'CentOS' 7 | else 'Ubuntu' if ansible_distribution == 'Ubuntu' 8 | else 'Just Linux' }}" 9 | 10 | tasks: 11 | - name: nginx for any linux 12 | include_tasks: "{{ lnx_name }}_remo.yml" -------------------------------------------------------------------------------- /ch7/7.2.1/install/nginx_install_w_roles.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install nginx on the nodes 3 | hosts: nodes 4 | become: yes 5 | 6 | roles: 7 | - role: ./roles/nginx -------------------------------------------------------------------------------- /ch7/7.2.1/install/roles/nginx/files/nginx.conf: -------------------------------------------------------------------------------- 1 | #user nobody; 2 | worker_processes 1; 3 | 4 | #error_log logs/error.log; 5 | #error_log logs/error.log notice; 6 | #error_log logs/error.log info; 7 | 8 | #pid logs/nginx.pid; 9 | 10 | 11 | events { 12 | worker_connections 1024; 13 | } 14 | 15 | 16 | http { 17 | include mime.types; 18 | default_type application/octet-stream; 19 | 20 | #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 21 | # '$status $body_bytes_sent "$http_referer" ' 22 | # '"$http_user_agent" "$http_x_forwarded_for"'; 23 | 24 | #access_log logs/access.log main; 25 | 26 | sendfile on; 27 | #tcp_nopush on; 28 | 29 | #keepalive_timeout 0; 30 | keepalive_timeout 65; 31 | 32 | #gzip on; 33 | 34 | server { 35 | listen 8080; 36 | server_name localhost; 37 | 38 | #charset koi8-r; 39 | 40 | #access_log logs/host.access.log main; 41 | 42 | location / { 43 | root html; 44 | index index.html index.htm; 45 | } 46 | 47 | #error_page 404 /404.html; 48 | 49 | # redirect server error pages to the static page /50x.html 50 | # 51 | error_page 500 502 503 504 /50x.html; 52 | location = /50x.html { 53 | root html; 54 | } 55 | 56 | # proxy the PHP scripts to Apache listening on 127.0.0.1:80 57 | # 58 | #location ~ \.php$ { 59 | # proxy_pass http://127.0.0.1; 60 | #} 61 | 62 | # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 63 | # 64 | #location ~ \.php$ { 65 | # root html; 66 | # fastcgi_pass 127.0.0.1:9000; 67 | # fastcgi_index index.php; 68 | # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; 69 | # include fastcgi_params; 70 | #} 71 | 72 | # deny access to .htaccess files, if Apache's document root 73 | # concurs with nginx's one 74 | # 75 | #location ~ /\.ht { 76 | # deny all; 77 | #} 78 | } 79 | 80 | 81 | # another virtual host using mix of IP-, name-, and port-based configuration 82 | # 83 | #server { 84 | # listen 8000; 85 | # listen somename:8080; 86 | # server_name somename alias another.alias; 87 | 88 | # location / { 89 | # root html; 90 | # index index.html index.htm; 91 | # } 92 | #} 93 | 94 | 95 | # HTTPS server 96 | # 97 | #server { 98 | # listen 443 ssl; 99 | # server_name localhost; 100 | 101 | # ssl_certificate cert.pem; 102 | # ssl_certificate_key cert.key; 103 | 104 | # ssl_session_cache shared:SSL:1m; 105 | # ssl_session_timeout 5m; 106 | 107 | # ssl_ciphers HIGH:!aNULL:!MD5; 108 | # ssl_prefer_server_ciphers on; 109 | 110 | # location / { 111 | # root html; 112 | # index index.html index.htm; 113 | # } 114 | #} 115 | 116 | } -------------------------------------------------------------------------------- /ch7/7.2.1/install/roles/nginx/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart nginx web server 3 | service: name=nginx state=restarted 4 | -------------------------------------------------------------------------------- /ch7/7.2.1/install/roles/nginx/tasks/CentOS.yml: -------------------------------------------------------------------------------- 1 | - name: install epel-release for {{ ansible_distribution }} 2 | action: "{{ ansible_pkg_mgr }} name=epel-release state=latest" 3 | - name: install nginx web server for {{ ansible_distribution }} 4 | action: "{{ ansible_pkg_mgr }} name=nginx state=present" -------------------------------------------------------------------------------- /ch7/7.2.1/install/roles/nginx/tasks/Ubuntu.yml: -------------------------------------------------------------------------------- 1 | - name: install nginx web server for {{ ansible_distribution }} 2 | action: "{{ ansible_pkg_mgr }} name=nginx state=present update_cache=yes" -------------------------------------------------------------------------------- /ch7/7.2.1/install/roles/nginx/tasks/config.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: port from 80 to 8080 3 | copy: 4 | src: nginx.conf 5 | dest: /etc/nginx/nginx.conf 6 | mode: 0644 7 | 8 | - name: create web page for each node 9 | template: 10 | src: index.j2 11 | dest: /usr/share/nginx/html/index.html 12 | mode: 0644 13 | backup: yes 14 | notify: 15 | - restart nginx web server 16 | -------------------------------------------------------------------------------- /ch7/7.2.1/install/roles/nginx/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: install nginx for any linux 3 | include_tasks: "{{ lnx_name }}.yml" 4 | 5 | - name: configure nginx 6 | include_tasks: config.yml -------------------------------------------------------------------------------- /ch7/7.2.1/install/roles/nginx/templates/index.j2: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Nginx Web Server 6 | 7 | 8 |

Welcome to Ansible world!

9 |

Here is Nginx Cluster {{ idx }}/{{ nu }}

10 | 11 | -------------------------------------------------------------------------------- /ch7/7.2.1/install/roles/nginx/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | nu: "{{ groups.nodes | count }}" 3 | idx: "{{ groups.nodes.index(inventory_hostname)+1 | int }}" 4 | lnx_name: "{{ 'CentOS' if ansible_distribution == 'CentOS' 5 | else 'Ubuntu' if ansible_distribution == 'Ubuntu' 6 | else 'Just Linux' }}" 7 | -------------------------------------------------------------------------------- /ch7/7.2.1/remove_from_6.2.4/CentOS_remo.yml: -------------------------------------------------------------------------------- 1 | - name: remove epel-release 2 | action: "{{ ansible_pkg_mgr }} name=epel-release state=absent" 3 | - name: remove nginx web server 4 | action: "{{ ansible_pkg_mgr }} name=nginx state=absent" -------------------------------------------------------------------------------- /ch7/7.2.1/remove_from_6.2.4/Ubuntu_remo.yml: -------------------------------------------------------------------------------- 1 | - name: remove nginx web server 2 | action: "{{ ansible_pkg_mgr }} name=nginx state=absent autoremove=yes" -------------------------------------------------------------------------------- /ch7/7.2.1/remove_from_6.2.4/nginx_remove_w_if.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Remove nginx on the nodes 3 | hosts: nodes 4 | become: yes 5 | vars: 6 | lnx_name: "{{ 'CentOS' if ansible_distribution == 'CentOS' 7 | else 'Ubuntu' if ansible_distribution == 'Ubuntu' 8 | else 'Just Linux' }}" 9 | 10 | tasks: 11 | - name: nginx for any linux 12 | include_tasks: "{{ lnx_name }}_remo.yml" -------------------------------------------------------------------------------- /ch7/7.2.2/install/Ansible Galaxy - Find, reuse, and share the best Ansible content.url: -------------------------------------------------------------------------------- 1 | [InternetShortcut] 2 | URL=https://galaxy.ansible.com/ 3 | -------------------------------------------------------------------------------- /ch7/7.2.2/install/jdauphant.nginx.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install nginx on the nodes by jdauphant 3 | hosts: nodes 4 | become: yes 5 | 6 | roles: 7 | - role: jdauphant.nginx -------------------------------------------------------------------------------- /ch7/7.2.2/remove_from_6.2.4/CentOS_remo.yml: -------------------------------------------------------------------------------- 1 | - name: remove epel-release 2 | action: "{{ ansible_pkg_mgr }} name=epel-release state=absent" 3 | - name: remove nginx web server 4 | action: "{{ ansible_pkg_mgr }} name=nginx state=absent" -------------------------------------------------------------------------------- /ch7/7.2.2/remove_from_6.2.4/Ubuntu_remo.yml: -------------------------------------------------------------------------------- 1 | - name: remove nginx web server 2 | action: "{{ ansible_pkg_mgr }} name=nginx state=absent autoremove=yes" -------------------------------------------------------------------------------- /ch7/7.2.2/remove_from_6.2.4/nginx_remove_w_if.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Remove nginx on the nodes 3 | hosts: nodes 4 | become: yes 5 | vars: 6 | lnx_name: "{{ 'CentOS' if ansible_distribution == 'CentOS' 7 | else 'Ubuntu' if ansible_distribution == 'Ubuntu' 8 | else 'Just Linux' }}" 9 | 10 | tasks: 11 | - name: nginx for any linux 12 | include_tasks: "{{ lnx_name }}_remo.yml" --------------------------------------------------------------------------------