What Should I know About The RHCE Exam
RHCE 8 EX294 exam practice question 3
Question
Create a playbook with the name, install.yml in /home/lisa/ansible. The playbook will do the following:
– Execute on managed hosts in the production host group
-install the web services which are; php, httpd, and postgresql.
-start and enable the web services which are; php,httpd, and postgresql. If any of the web services fails to be started and enabled, print the message “one of the services can’t be started and enabled”.
-Turn off EnableSendfile option in the httpd configuration file (/etc/httpd/conf/httpd.conf).
To turn it off, the EnableSendfile option must be set as; (EnableSendfile off). The httpd service must be restarted for changes to take effect.
– add the http and https connections to the firewall rule.
The conditions for the tasks to run are as follow:
-The operating system must be Red Hat
-System memory must be greater than 152 mb
If you must create a variable file, it should be created with the name, lamp.yml, and in /home/lisa/ansible.
This question is based on creating playbook in the RHCE 8/EX294 course on this website. If you have gone through this course, solving this wouldn’t be a problem.
Creating and managing Ansible Playbook
Answer
1. Create the playbook, install.yml
*change directory to ansible
[lisa@drdev1 ~]$ cd /home/lisa/ansible*create the playbook
[lisa@drdev1 ansible]$ vim install.yml---
- name: Install packages
hosts: production
vars:
webpackages:
- httpd
- php
- postgresql
tasks:
- name: install web packages
yum:
name: "{{ item }}"
state: present
loop: "{{ webpackages }}"
when: ansible_distribution == "RedHat" and ansible_memtotal_mb > 152
- name: start and enable web service
block:
- name: start and enable web service only
service:
name: "{{ item }}"
state: started
enabled: yes
loop: "{{ webpackages }}"
when: ansible_distribution == "RedHat" and ansible_memtotal_mb > 152
rescue:
- name: debug configuration error
debug:
msg: "one of the services can't be started and enabled"
- name: edit httpd configuration file
replace:
path: /etc/httpd/conf/httpd.conf
regexp: 'EnableSendfile on'
replace: 'EnableSendfile off'
backup: yes
notify: restart httpd
- name: Add services to firewall
firewalld:
service: "{{ item }}"
permanent: true
immediate: true
state: enabled
loop:
- https
- http
handlers:
- name: restart httpd
service:
name: httpd
state: started
NOTE: It is advisable you always use handlers at the end of tasks in a play because handlers always execute at the end of a play. Other tasks after the handlers may not execute. It is most times also advisable you use the force_handlers keyword because handlers will ONLY execute if the task calling the handlers results in a changed state.
You can always click on the links just before the answers above to know more about a specific topic if you are not very familiar with the topics. You can also use the practice questions video version where a lot are explained verbally.
You should also know that the end game is for these tasks to run as the question required, hence, you don’t have to write this playbook just exactly as I did. There are other ways this playbook can be written, and some of them are shown at the end of this answer.
We also welcome your ideas and other ways this playbook can be written in the comment section below or click here
by joining other colleagues to learn different ways and ideas.
2. Do a playbook syntax check
[lisa@drdev1 ansible]$ ansible-playbook install.yml --syntax-check
playbook: install.yml3. Run the playbook.
[lisa@drdev1 ansible]$ ansible-playbook install.yml
PLAY [Install packages] ************************************************************......
4. If you wish, you can verify your configuration.
one of the ways to do this is to verify some or all of the packages installed
[lisa@drdev1 ansible]$ ansible hqdev1.tekneed.com -a 'rpm -q postgresql'
hqdev1.tekneed.com | CHANGED | rc=0 >>
postgresql-10.17-1.module+el8.4.0+11249+895597ab.x86_64Solution Summary
cd /home/lisa/ansible
vim install.yml
ansible-playbook install.yml –syntax-check
ansible-playbook install.yml
ansible hqdev1.tekneed.com -a ‘rpm -q postgresql’
The playbook can also be written as below
---
- name: Install packages
hosts: production
vars:
webpackages:
- httpd
- php
- postgresql
tasks:
- name: install start and enable web services
block:
- name: install web packages
yum:
name: "{{ webpackages }}"
state: present
- name: start and enable web service
service:
name: "{{ item }}"
state: started
enabled: yes
loop: "{{ webpackages }}"
when: ansible_distribution == "RedHat" and ansible_memtotal_mb > 152
rescue:
- name: debug configuration error
debug:
msg: "one of the services can't be started and enabled"
- name: edit httpd configuration file
replace:
path: /etc/httpd/conf/httpd.conf
regexp: 'EnableSendfile on'
replace: 'EnableSendfile off'
backup: yes
notify: restart httpd
- name: Add services to firewall
firewalld:
service: "{{ item }}"
permanent: true
immediate: true
state: enabled
loop:
- https
- http
handlers:
- name: restart httpd
service:
name: httpd
state: started
You may also decide to create a variable file, lamp.yml and define the variables in there, then create a playbook that will refer to the variable.
*create the variable file
[lisa@drdev1 ansible]$ vim lamp.yml---
webpackages:
- httpd
- php
- postgresql
mem_value: 152
*create the playbook
[lisa@drdev1 ansible]$ vim install.yml---
- name: Install packages
hosts: production
vars_files: lamp.yml
tasks:
- name: install start and enable web services
block:
- name: install web packages
yum:
name: "{{ webpackages }}"
state: present
- name: start and enable web service
service:
name: "{{ item }}"
state: started
enabled: yes
loop: "{{ webpackages }}"
when: ansible_distribution == OS and ansible_memtotal_mb > mem_value
rescue:
- name: debug configuration error
debug:
msg: "one of the services can't be started and enabled"
- name: edit httpd configuration file
replace:
path: /etc/httpd/conf/httpd.conf
regexp: 'EnableSendfile on'
replace: 'EnableSendfile off'
backup: yes
notify: restart httpd
- name: Add services to firewall
firewalld:
service: "{{ item }}"
permanent: true
immediate: true
state: enabled
loop:
- https
- http
handlers:
- name: restart httpd
service:
name: httpd
state: started
click on the link below to watch video on RHCE 8 EX294 exam practice question 3
Watch Video On RHCE 8 EX294 Exam Practice Question 3
Watch Video On Ansible Installation In Linux
Your feedback is welcomed. If you love others, you will share with others
handlers:
– name: restart httpd
service:
name: httpd
state: started I think it should be state: restarted
Why did you use a block if there is only one task in it? Is block required order to use a rescue clause?
Block was used to address the failure scenario of any service. ( as per question )