Skip to content

infralovers/training-ansible-examples

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

45 Commits
extra
extra
 
 
roles/helloworld
roles/helloworld
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
ansible.cfg
ansible.cfg
 
 
example.yml
example.yml
 
 
inventory
inventory
 
 
server.yml
server.yml
 
 

Repository files navigation

playbooks

install ansible

install ansible by pip within a python virtualenv

virtualenv venv
source venv/bin/activate
pip3 install ansible==2.10.7

create ssh key

# for testing purposes we only the defaults without a passphrase
ssh-keygen

copy ssh identity to all hosts

ssh-copy-id coder@host.ansible-user-<your-user>-i-01.<prefix>.commandemy.training
ssh-copy-id coder@host.ansible-user-<your-user>-i-02.<prefix>.commandemy.training
ssh-copy-id coder@host.ansible-user-<your-user>-i-03.<prefix>.commandemy.training

update ~/playbooks/inventory with your user-number entries and animal

test ansible config with server.yml

cd playbooks
ansible-playbook server.yml

install cinc

$ curl -L https://omnitruck.cinc.sh/install.sh \
  | sudo bash -s -- -P cinc-workstation \
  -v 20.8.125 -c unstable
$ # on centos 8
$ sudo dnf group install "Development Tools"
  • Installation of the ansible provisioner
  • Installation of the docker driver
$ chef gem install kitchen-ansible
$ chef gem install kitchen-docker

Use remote docker with kitchen

ssh coder@host.ansible-user-<your-user>-i-01.<prefix>.commandemy.training hostname -f

# now use that as youre remote host
REMOTE_HOST=$(ssh coder@host.ansible-user-<your-user>-i-01.<prefix>.commandemy.training hostname -f)
export DOCKER_HOST=tcp://$REMOTE_HOST:2375
# check what you've got
echo $DOCKER_HOST
# chef if it is working
docker ps

Helpful Commands

use inspec to get compliance state of linux node:

cinc-auditor exec -i ~/.ssh/id_rsa \
-t ssh://coder@host.ansible-user-01-i-01.commandemy.training \
https://github.com/dev-sec/linux-baseline.git

run your inspec test against remote node:

cinc-auditor exec -i ~/.ssh/id_rsa \
-t ssh://coder@host.ansible-user-01-i-01.commandemy.training \
~/playbooks/roles/webserver/test/integration/default/inspec/

get the httpd config for centos-7

scp coder@host-git-<your-number>.commandemy.training:\
/etc/httpd/conf/httpd.conf \
~/playbooks/roles/webserver/templates/httpd.conf.8.j2

get the httpd config for centos-6 from kitchen

# get the port:
cd ~/playbooks/roles/webserver/
cat .kitchen/default-centos-67.yml
# now use that port in the scp commmand
scp -P <the-port-number> -i .kitchen/docker_id_rsa kitchen@127.0.0.1:/etc/httpd/conf/httpd.conf templates/httpd.conf.6.j2

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

3 watching

Forks

1 fork
Report repository

Releases

1 tags

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages