This is the final challenge where we try to put most of what you have learned together.
Your operations team and your application development team like what they see in Tower. To really use it in their environment they put together these requirements:
All webservers (node1, node2 and node3) should go in one group.
As the webservers can be used for development purposes or in production, there has to be a way to flag them accordingly as “stage dev” or “stage prod”.
node1 and node3 should be used as a development systems and node2 in production.Of course the content of the world famous application “index.html” will be different between dev and prod stages.
There should be a title on the page stating the environment.
There should be a content field.
The content writer wweb should have access to a survey to change the content for dev and prod servers.
All code is already in place - this is a Tower lab after all and not about configuring Apache. Check out the Ansible Workshop Examples git repository at https://github.com/ansible/workshop-examples (again with the correct tag or branch). There you will find the playbook webcontent.yml, which calls the role role_webcontent.
Compared to the previous Apache installation role there is a major difference: there are now two versions of an index.html template, and a task deploying the template file which has a variable as part of the template file name.
Here are the files for you to review (path is relative to the Github repository):
<body>
<h1>This is a development webserver, have fun!</h1>
{{ dev_content }}
</body>
<body>
<h1>This is a production webserver, take care!</h1>
{{ prod_content }}
</body>
Only the part deploying the template is shown
[...]
- name: Deploy index.html from template
template:
src: "{{ stage }}_index.html.j2"
dest: /var/www/html/index.html
notify: apache-restart
There is of course more then one way to accomplish this, but here is what you should do:
Make sure all hosts are in the inventory group Webserver.
Define a variable stage with the value dev for the Webserver inventory:
stage: dev to the inventory Webserver by putting it into the VARIABLES field beneath the three start-yaml dashes. Click SAVEMake sure to add the variable to the inventory and not to the new node3!
stage: prod but this time only for node2 (by clicking the hostname in the HOSTS view). Click SAVEThis way the host variable overrides the variable set at the Inventory level because it’s more specific and takes precedence.
Make sure to keep the three dashes that mark the YAML start in place!
Create a new Job Template named Create Web Content that
targets the Webserver inventory
uses the Playbook rhel/apache/webcontent.yml from the Ansible Workshop Examples Project
Defines two variables: dev_content: default dev content and prod_content: default prod content in the EXTRA VARIABLES FIELD
Uses Workshop Credentials and runs with privilege escalation.
Save and run the template.
This time we use the power of Ansible to check the results: execute curl to get the web content from each node, orchestrated by an ad hoc command on the command line of your code-server terminal:
We are using the ansible_host variable in the URL to access every node in the inventory group.
[ansible-1 ~]$ ansible web -m command -a "curl -s http://{{ ansible_host }}"
[WARNING]: Consider using the get_url or uri module rather than running 'curl'. If you need to use command because get_url or uri is insufficient you can add 'warn: false' to this command task or set 'command_warnings=False' in ansible.cfg to get rid of this message.
node2 | CHANGED | rc=0 >>
<body>
<h1>This is a production webserver, take care!</h1>
prod wweb
</body>
node1 | CHANGED | rc=0 >>
<body>
<h1>This is a development webserver, have fun!</h1>
dev wweb
</body>
node3 | CHANGED | rc=0 >>
<body>
<h1>This is a development webserver, have fun!</h1>
dev wweb
</body>
Note the warning in the first line about not to use curl via the command module since there are better modules right within Ansible. We will come back to that in the next part.
Add a survey to the Template to allow changing the variables dev_content and prod_content.
Add permissions to the Team Web Content so the Template Create Web Content can be executed by wweb.
Run the survey as user wweb.
Check the results again from your code-server terminal. Since we got a warning last time using curl via the command module, this time we will use the dedicated uri module. As arguments it needs the actual URL and a flag to output the body in the results.
[student<N>ansible ~]$ ansible web -m uri -a "url=http://{{ ansible_host }} return_content=yes"
node3 | SUCCESS => {
"accept_ranges": "bytes",
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"connection": "close",
"content": "<body>\n<h1>This is a development webserver, have fun!</h1>\nwerners dev content\n</body>\n",
"content_length": "87",
"content_type": "text/html; charset=UTF-8",
"cookies": {},
"cookies_string": "",
"date": "Tue, 29 Oct 2019 11:14:24 GMT",
"elapsed": 0,
"etag": "\"57-5960ab74fc401\"",
"last_modified": "Tue, 29 Oct 2019 11:14:12 GMT",
"msg": "OK (87 bytes)",
"redirected": false,
"server": "Apache/2.4.6 (Red Hat Enterprise Linux)",
"status": 200,
"url": "http://18.205.236.208"
}
[...]
You have to figure this one out by yourself! ;-)
You have done all the required configuration steps in the lab already. If unsure, just refer back to the respective chapters.
Congratulations, you finished your labs! We hope you enjoyed your first encounter with Ansible Tower as much as we enjoyed creating the labs.