Monday, 12 August 2019

Ansible vault with roles



The Ansible vault implementation is best leveraged in conjunction with roles. Roles (as we discussed earlier) allow us to modularize our playbooks and reuse functionality within them. The specific area of the roles implementation we are going to look at would be the vars folder. The vars folder is where we define our variables and data points that are then used by the tasks and plays.
To begin with this tutorial, let's start by creating an Ansible playbook with the following folder and file structure (the contents of the files can be blank for now, as we will fill in the details in just a moment):
Once created, there are a few things that should become immediately apparent. The first is that the playbook we are creating is a simple vault test with a single role and a sensitive_data variable's implementation. Also, as you may have guessed, we will be using the sensitive_data.yml file to store our super secret information. The contents of this file should reflect the following:

---



secret_text: |



  The contents of this message are secret. This tape will explode in 5 seconds.
As we can see from the provided file content, we have a simple vars file with a variable defined within, titled secret_text.
The YAML syntax supports multi-line variable implementations. This is accomplished via the | or pipe character, which is provided at the end of the line.
Now that sensitive data has been created, let's encrypt our vars file using the Ansible vault encrypt command. This is accomplished via the following command-line entry:
#> ansible-vauult encrypt sensitive_data.yml
Now that the file is encrypted, we can create our role file, call it the main.yml file, and populate our role information. The contents of main.yml should look like the following:

---



- include_vars: sensitive_data.yml



- name: Copy sensitive data file from Ansible control server to target hosts



  copy:



    content="{{secret_text}}"



    dest=/tmp/secret_text.txt
Finally, let's create our playbook.yml file. These files are going to be really simple and only point to a single role (vaulttest). Let's take a look at the contents of these files:

---



# File: playbook.yml

- hosts: all

roles:


 - { role: vaulttest }
Now that we have all our files created, let's go ahead and commit our code to source control (if applicable) and test it out. The command to run the solution is provided next:
#> ansible-playbook -i 'localhost,' -c local playbook.yml --ask-vault-pass
The following is the output you should see when running it:
- No comments:

Friday, 2 August 2019

Run Django Server Permanently




=> Screen
=> Python manage.py runserver

After these two commands your django server will start.
Now its time to close your terminal. So press CTRL+a and CTRL+d  and close your terminal.
your server will not stop.
- No comments:

Thursday, 1 August 2019

ERROR! failed to combine variables, expected dicts but got a 'dict' and a 'Ansible Sequence':



=> Var folder in role does not support  " - Include "
- No comments:

Friday, 26 July 2019

Create an ec2 instance using anisble



---

- name: Create an ec2 instance
  hosts: web
  gather_facts: false

  vars:
      region: us-east-1
      instance_type: t2.micro
      ami: ami-05ea7729e394412c8
      keypair:

  tasks:

    - name: Create an ec2 instance
      ec2:
         aws_access_key: '********************'
         aws_secret_key: '****************************************'
         key_name: "{{ keypair }}"
         group: launch-wizard-26
         instance_type: "{{ instance_type }}"
         image: "{{ ami }}"
         wait: true
         region: "{{ region }}"
         count: 1
         vpc_subnet_id: subnet-02f498e16fd56c277
         assign_public_ip: yes
    register: ec2
- No comments:

Install software on remote windows machine



### Input Declaration

$targetHost = "localhost";
$targerFilePath = "\\$computer\C$\Tasks\Gateway"
$sourceFilePath = "c:\scripts\Tasks\*"
$ansibleInstallerPath = "c:\windows\Tasks\Cyberduck-Installer-7.0.1.30930.exe";
$pythonInstallerPath = "c:\windows\Tasks\Cyberduck-Installer-7.0.1.30930.exe";



### MainCode
   

### Check existence of gateway file and copy
if(![System.IO.File]::Exists($path))
  {
   ### Gateway Folder already Exists
   Write-Host "GatewayFolder already exists.";
   ###Copy all the content from engine & paste all the remote gateway
   Write-Host "Copy all the content from engine to gateway";
   Copy-Item $sourceFilePath $targerFilePath
 
        ###Trigger Ansible installer
        $installed = (Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | Where { $_.DisplayName -eq 'ansible' }) -ne $null
              If(-Not $installed)
        {
        Write-Host "Ansible  NOT is installed.";
            Write-Host "Installing ansible";

                Invoke-Command -ComputerName $targetHost -ScriptBlock {
                Start-Process $ansibleInstallerPath -ArgumentList '/silent' -Wait
                }
         }
         else
         {
        Write-Host "Ansible is already installed."
         }

        ###Trigger Python installer
        $installed = (Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | Where { $_.DisplayName -eq 'Python' }) -ne $null

        If(-Not $installed)
        {
        Write-Host "Python  NOT is installed.";
            Write-Host "Installing Python";

                Invoke-Command -ComputerName $targetHost -ScriptBlock {
                Start-Process $pythonInstallerPath -ArgumentList '/silent' -Wait
               
                }
         }
         else
         {
             Write-Host "Pyhton is already installed."
         }


        }
 else
 {
   ### Create Gateway Folder
    New-item -itemtype directory -path "Gateway"
      if(![System.IO.File]::Exists($path))
        {

           ###Copy all the content from engine & paste all the remote gateway 
              Copy-Item $sourceFilePath $targerFilePath

              Start-Sleep -s 15

           ###Trigger Ansible installer
              $installed = (Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | Where { $_.DisplayName -eq 'ansible' }) -ne $null

              If(-Not $installed)
        {
        Write-Host "Ansible  NOT is installed.";
            Write-Host "Installing ansible";

                Invoke-Command -ComputerName $targetHost -ScriptBlock {
                Start-Process $ansibleInstallerPath -ArgumentList '/silent' -Wait
               
                }
         }
         else
         {
             Write-Host "Ansible is already installed."
         }

    ###Trigger Python installer
        $installed = (Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | Where { $_.DisplayName -eq 'Python' }) -ne $null

        If(-Not $installed)
        {
        Write-Host "Python  NOT is installed.";
            Write-Host "Installing Python";

                Invoke-Command -ComputerName $targetHost -ScriptBlock {
                Start-Process $pythonInstallerPath -ArgumentList '/silent' -Wait
               
                }
         }
         else
         {
             Write-Host "Pyhton is already installed."
         }


        }
 

        }
        else
        {
          ### Unable to create Gateway Folder

                   Write-Host "Unable to create Gateway folder"
        }
- No comments:

Install software on remote linux machine


### Input Declaration

targetHost=localhost
targerFolderPath=/opt/raghu/gateway
sourceFolderPath=/tmp
ansibleInstallerPath=/opt/raghu
pythonInstallerPath=/opt/raghu


### Main Code

### Check existance of gateway file and copy

if [ -d $targerFolderPath ]; then
     echo "$targerFolderPath exist"
     #Copy all the content from engine & paste all the remote gateway
      sshpass -p "Pass@123" scp -r /tmp root@localhost:/opt/raghu/gateway


          if command -v python3.6 &>/dev/null; then
           echo Python 3 is already installed
           exit 1
          else
           echo Python 3 is not installed
           yum install gcc openssl-devel bzip2-devel -y
           cd /usr/src
           wget https://www.python.org/ftp/python/3.6.8/Python-3.6.8.tgz
           tar xzf Python-3.6.8.tgz
           cd Python-3.6.8
           ./configure --enable-optimizations
           make altinstall
           rm /usr/src/Python-3.6.8.tgz
           if command -v python3.6 &>/dev/null; then
              echo Python 3 is installed
              if command -v ansible &>/dev/null; then
                 echo anisble is already installed
                 exit 1
              else
                 echo ansible is not installed
                 echo installing ansible
                 pip3.6 install ansible
                     if command -v ansible &>/dev/null; then
                        echo installed ansible
                        exit 1
                     else
                        echo unable to install ansible by automation
                        exit 1
                     fi
              fi   
           else
              echo Unable to install python3 by automation
              exit 1
           fi
           fi

else
     echo "$targerFolderPath does not exist"
     mkdir -p /opt/raghu/gateway;
     #Copy all the content from engine & paste all the remote gateway\
     sshpass -p "Pass@123" scp -r /tmp root@localhost:/opt/raghu/gateway

      if [ -d $targerFolderPath ]; then
        echo "created gatewayfolder"

          if command -v python3.6 &>/dev/null; then
           echo Python 3 is already installed
           exit 1
          else
           echo Python 3 is not installed
           yum install gcc openssl-devel bzip2-devel -y
           cd /usr/src
           wget https://www.python.org/ftp/python/3.6.8/Python-3.6.8.tgz
           tar xzf Python-3.6.8.tgz
           cd Python-3.6.8
           ./configure --enable-optimizations
           make altinstall
           rm /usr/src/Python-3.6.8.tgz

           if command -v python3.6 &>/dev/null; then
              echo Python 3 is installed
              if command -v ansible &>/dev/null; then
                 echo anisble is already installed
                 exit 1
              else
                 echo ansible is not installed
                 echo installing ansible
                 pip3.6 install ansible
                     if command -v ansible &>/dev/null; then
                        echo installed ansible
                        exit 1
                     else
                        echo unable to install ansible by automation
                        exit 1
                     fi
               fi
            else
             echo Unable to install python3 by automation
             exit 1
            fi
         fi 
       else
        echo unable to create gateway via automation
        exit 1
       fi     
fi
- No comments:

Monday, 15 July 2019

Error : ERROR: Failed to log in as st2admin1: 401 Client Error: Unauthorized MESSAGE: Invalid or missing credentials for url: http://127.0.0.1:9100/tokens



 cd ~/.st2/token


 rm token-stadmin 
- No comments:
Subscribe to: Comments (Atom)

Git

1 git add ↳ It lets you add changes from the working directory into the staging area 2 git commit ↳ It lets you save a snapshot of currently...