Differences
This shows you the differences between two versions of the page.
|
scgc:laboratoare:07 [2020/04/06 21:31] darius.mihai [6. [BONUS - 5p] Ansible Install & Configuration] |
scgc:laboratoare:07 [2021/10/27 14:09] (current) maria.mihailescu |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== Laboratory 07. Configuration Management: Puppet, Ansible ====== | + | ====== Configuration Management: Puppet, Ansible ====== |
| ===== Lab Setup ===== | ===== Lab Setup ===== | ||
| - | * We will be using a virtual machine in the [[http://cloud.curs.pub.ro/|faculty's cloud]]. | + | * We will be using a virtual machine in the [[http://cloud.grid.pub.ro/|faculty's cloud]]. |
| - | * When creating a virtual machine follow the steps in this [[https://cloud.curs.pub.ro/about/tutorial-for-students/|tutorial]]. | + | |
| * When creating a virtual machine in the Launch Instance window: | * When creating a virtual machine in the Launch Instance window: | ||
| - | * For **Availability zone**, choose **CAMPUS**, **CI** or **hp** | ||
| * Select **Boot from image** in **Instance Boot Source** section | * Select **Boot from image** in **Instance Boot Source** section | ||
| * Select **SCGC Template** in **Image Name** section | * Select **SCGC Template** in **Image Name** section | ||
| Line 31: | Line 29: | ||
| ===== Tasks ====== | ===== Tasks ====== | ||
| - | ==== 1. [20p] Puppet Resources ==== | + | ==== 1. [10p] Puppet Resources ==== |
| Puppet is a configuration management tool. In order to describe the necessary configurations, Puppet uses its own declarative language. Puppet can manage both Linux and Windows systems. | Puppet is a configuration management tool. In order to describe the necessary configurations, Puppet uses its own declarative language. Puppet can manage both Linux and Windows systems. | ||
| Line 150: | Line 148: | ||
| Chech the **/etc/passwd** file to see if the user was actually removed. | Chech the **/etc/passwd** file to see if the user was actually removed. | ||
| - | ==== 2. [20p] Puppet Manifests ==== | + | ==== 2. [10p] Puppet Manifests ==== |
| Even though we can create, modify or remove resources from the command line, using **puppet resource** commands, this is not a scalable approach and not appropriate for complex scenarios. | Even though we can create, modify or remove resources from the command line, using **puppet resource** commands, this is not a scalable approach and not appropriate for complex scenarios. | ||
| Line 238: | Line 236: | ||
| <note important>If it doesn't already exist, the key pair for the **student** user must be generated beforehand. | <note important>If it doesn't already exist, the key pair for the **student** user must be generated beforehand. | ||
| - | Then, run the command ''ssh-add ~/.ssh.id_rsa''</note> | + | Then, run the command ''ssh-add ~/.ssh/id_rsa''</note> |
| <note>Use the Puppet documentation for the resource type [[https://puppet.com/docs/puppet/5.5/types/ssh_authorized_key.html|ssh_authorized_key]].</note> | <note>Use the Puppet documentation for the resource type [[https://puppet.com/docs/puppet/5.5/types/ssh_authorized_key.html|ssh_authorized_key]].</note> | ||
| Line 297: | Line 295: | ||
| ensure => file, | ensure => file, | ||
| mode => '0600', | mode => '0600', | ||
| - | source => '/root/examples/sshd_config', | + | source => '/root/config-files/sshd_config', |
| } | } | ||
| service { 'sshd': | service { 'sshd': | ||
| Line 439: | Line 437: | ||
| } | } | ||
| </code> | </code> | ||
| + | |||
| + | <note important> | ||
| + | Puppet has a modular implementation, and some functionality is provided through classes, some of which may be provided by certain modules. To use the ''%%str2bool%%'' function, you must install the ''%%puppet-module-puppetlabs-stdlib%%'' module using the ''%%apt%%'' package manager. | ||
| + | </note> | ||
| + | |||
| Apply the manifest and notice the state of the NTP service. | Apply the manifest and notice the state of the NTP service. | ||
| Line 461: | Line 464: | ||
| </note> | </note> | ||
| - | ==== 6. [BONUS - 5p] Ansible Install & Configuration ==== | + | ==== 6. [10p] Ansible Install & Configuration ==== |
| Ansible is a configuration management and provisioning tool, similar to Puppet. It uses SSH to connect to servers and run the configured tasks. | Ansible is a configuration management and provisioning tool, similar to Puppet. It uses SSH to connect to servers and run the configured tasks. | ||
| Line 534: | Line 537: | ||
| * ''%%--ask-pass --user=student%%'' - SSH connection parameters: interactive password input, login as **student** user | * ''%%--ask-pass --user=student%%'' - SSH connection parameters: interactive password input, login as **student** user | ||
| - | ==== 7. [BONUS - 5p] Ansible Facter ==== | + | ==== 7. [10p] Ansible Facter ==== |
| Ansible has a fact gathering system similar to Puppet. To extract facts about the remote host we can use the ''%%setup%%'' module. The information is returned as Python dictionaries, where values can be strings, arrays, or other dictionaries. | Ansible has a fact gathering system similar to Puppet. To extract facts about the remote host we can use the ''%%setup%%'' module. The information is returned as Python dictionaries, where values can be strings, arrays, or other dictionaries. | ||
| Line 577: | Line 580: | ||
| student@scgc:~$ mkdir config-files | student@scgc:~$ mkdir config-files | ||
| student@scgc:~$ cd config-files | student@scgc:~$ cd config-files | ||
| - | student@scgc:~/config-files$ cp /home/student/.google-authenticator . | + | student@scgc:~/config-files$ cp /home/student/.google_authenticator . |
| student@scgc:~/config-files$ cp /etc/pam.d/sshd . | student@scgc:~/config-files$ cp /etc/pam.d/sshd . | ||
| student@scgc:~/config-files$ cp /etc/ssh/sshd_config . | student@scgc:~/config-files$ cp /etc/ssh/sshd_config . | ||
