Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Sander Van Vugt RHCE > Most Missed > Flashcards

Most Missed Flashcards

(60 cards)

Start Studying
1
Q

On all nodes create a directory for ansible’s sudo configuration. Allow it to not have to use a password

How is ansible tower different here?

A

vi /etc/sudoers.d/ansible

ansible ALL=(ALL) NOPASSWD:ALL

Ansible Tower allows you to store ansible’s password securely so it can use sudo

MOD SHOULD BE 0440

validate: /usr/sbin/visudo -cf %s

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

In your inventory, create servers in two groups, then combine the two groups into a group named server
Create 16 servers (1-16) that are ungrouped
Force one of your servers to use 192.168.10.1 everytime

A

[web]
ansible1 ansible_host=192.168.10.1

[db]
ansible2

[servers:children]
web
db

server[1:16]@example.com

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Show hosts in an inventory called inventory

Show all hosts in the inventory file

A

ansible-inventory -i /inventory –list-hosts
–list will do so in JSON format

ansible -i inventory all –list

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Create the ansible.cfg file

A

All of this can be used per playbook

[defaults]
remote_user = ansible
host_key_checking = false
inventory = inventory

[privilege_escalation]
become = True
become_method = sudo
become_user = root
become_ask_pass = False

[defaults] - generic info

[privilege_escalation] - How ansible user should require admin privileges to connect to managed hosts

remote_user - user used to connect to managed device

host_key_checking - Should ssh host keys be checked

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Show all hosts in this inventory
Show all hosts that aren’t a part of a group
Show a hierarchical overview of the inventory
Show the contents in json format

A

ansible -i inventory all –list-hosts
ansible -i inventory ungrouped –list-hosts
ansible-inventory -i inventory –graph
ansible-inventory -i inventory –list

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Say you don’t have python installed on a managed node. How would you install python?

A

ansible -u root -i inventory ansible3 –ask-pass -m raw -a ‘yum install python3’

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Using variables, create a user named ‘Lisa’ the name of the task should contain the variable as well as an ANSIBLE FACT that shows the hostname of the machine you’re running the playbook on.
What are ansible facts?

A
  • name: Add Users
    hosts: ansible1
    vars:
    users: lisa
    tasks:
    • name: Create user {{ users }} on host {{ ansible_hostname }}
      user:
      name: “{{ users }}”

FACTS - automatically set variables.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Create Cutsom Facts in under a group called software.
The facs should be for a package, service, state, and enabled = True.
Check if you can see the facts
Install a package Using all these custom facts

A

Use a playbook to copy the file over
vi custom.facts
[packages]
package = httpd
service = httpd
state = started
enabled = true

ansible all -m setup -a ‘filter=ansible_local’

vi install.yml
- name: install
hosts: all
tasks:
- name install
dnf:
name: “{{ ansible_facts[‘ansible_local’][‘custom’][‘software’][‘package’] }}”
state: “{{ ansible_facts[‘ansible_local’][‘custom’][‘software’][‘state’] }}”
- name: Start Service
service:
name: “{{ ansible_facts[‘ansible_local’][‘custom’][‘software’][‘service’] }}”
state: {{ ansible_facts[‘ansible_local’][‘custom’][‘software’][‘state’] }}
enabled: {{ ansible_facts[‘ansible_local’][‘custom’][‘software’][‘enabled’] }}

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

create variables for ansible2
create variables for nodes

A

REMEMBER: You do not have to specify the file, ansible will know what variables to grab based off of the hosts key.

In project folder:
mkdir host_vars
vim host_vars/ansible2
package: httpd

mkdir group_vars
vim group_vars/nodes
package: vsftpd

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Create a password file
use the password in it to create a playbook name secret.yml
run the playbook

run the playbook with you manually typing in the password

A

touch /root/.passfile
chmod 600 /root/passfile

ansible-vault –vault-password-file=/root/.passfile secret.yml

ansible-playbook –vault-password-file=/root/.passfile secret.yml

ansible-playbook –ask-vault-pass secret.yml

ansible-playbook –vault-id @prompt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are vault-ids?

use them in a playbook by creating two variable files with vault-ids, give them two separate password files and run the playbook

How do you manually enter passwords for all the encrypted files that have vault-ids?

A

Vault-ids are given to multiple files you want to use with different passwords in your playbook.

The vauld-ids, let ansible know what password file corresponds to the encrypted file you specify.

cd vars/

ansible-vault create common_one –vault-id sercret1@/path/to/passfile

package: httpd (contents of common_one)

ansible-vault create common_two –vault-id sercret2@/path/to/passfile

cd ../
vi test.yml

  • name: test
    hosts: all
    var_files:
    • vars/common_one
    • vars/common_two

ansible-playbook test.yml \
– vault-id sercret1@/path/to/passfile
– vault-id sercret2@/path/to/passfile

TO MANUALLY ENTER PASSWORDS AS THEY COME IN
ansible-playbook test.yml –vault-id @prompt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Delete your LV, VG and partition as well as the fstab entry for it

Create it all again

A

Example in System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Create a variable called ‘services’ and start the services listed in it via a loop

A
  • name: Service
    hosts: ansible2
    vars:
    services:
    - httpd
    - firewalld
    tasks:
    • name: Service
      service:
      name: “{{ item }}”
      state: started
      loop: “{{ services }}”
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Create a file with multivalued variables. You should have a variable named ‘users’ and the should contain three items of linda lisa and anna. These will have usernames, homedirectories and shells for the users. Import the variable file and loop through user creation for the users.

A

users:
- username: linda
homedir: /home/linda
shell: /bin/bash

  • username: lisa
    homedir: /home/lisa
    shell: /bin/bash
  • username: anna
    homedir: /home/linda
    shell: /bin/bash

  • name: Create Users
    hosts: ansible2
    vars_files:
    • vars/user-dictionary.yml
      tasks:
    • name: Create Users
      user:
      name: “{{ item[‘username’] }}”
      home: “{{ item[‘homedir’] }}”
      shell: “{{ item[‘shell’] }}”
      loop: “{{ users }}”
      Here we can see that users is what it’s looping through, so it’s looping through the list of dictionaries. First it goes to the first list item and grabs the username, homedir, and shell, next it goes back to the top and goes through the second item in the list, etc.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the main conditionals you can test?

A

variable is defined - if the var exists

variable is not defined - if the variable doesn’t exist

ansible_distribution in distributions - first variable is present in list mentioned as second
EXAMPLE:
when: ansible_os_family in [‘Debian’, ‘RedHat’, ‘Suse’]

variable - variabe is true, 1, or yes

not variable - variable is false, 0, or no

key == ‘value’
key > ‘value’
key <= ‘value’
key > ‘value’
key >= ‘value’
key != value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Create a playbook, have it ask the user a question on what package to install and store it in a variable.
Create a variable with a list of packages.
If the defined package doesn’t exist in the list, let the user know

A
  • name: Testing with the IN statement
    hosts: all
    vars_prompt:
    • name: my_answer
      prompt: Which package do you want to install?
      vars:
      supported_packages:
      • httpd
      • nmap
        gather_facts: false
        tasks:
    • name: Something
      debug:
      msg: ‘You are trying to install a supported package’
      when: my_answer in supported_packages
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Make all handlers run before an error popped up

A

force_handlers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Stop playbook when a failed task occurs

A

any_erros_fatal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Create a playbook that prints a fail message when the word ‘word’ is found in an echo command but continues going

A
  • name: Update the kernel
    hosts: all
    register_errors: yes
    tasks:
    • name: Print
      command: echo hello world
      ignore_errors: true
      register: command_result
    • name: Error
      fail:
      msg: Command has failed
      when: “‘world’ in command_result.stdout”
    • name: See if we get here
      debug:
      msg: second task executed
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What directive can we used to make sure that the output of a command never comes out as ‘changed’ only ‘ok’ and ‘failed’

A

changed_when: false

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

REMEMBER BLOCKS CAN’T LOOP

Create a block of tasks
First it will remove a file
If there are any issues with this task failing, create a file in /tmp called ‘rescuefile’ and allow the playbook to complete.
Next, regardless of success or failure of the first task, have a task run make a log message.
There should be a message noting everything that’s happening in the playbook.

A
  • name: using blocks
    hosts: all
    tasks:
    • name: Intended to be successful block
      block:
      • name: remove file
        shell:
        cmd: rm /var/www/html/index.html
      • name: print status
        debug:
        msg: ‘block was operated’
      • name: create a file
        rescue:
        • name: create a file
          shell:
          cmd: touch /tmp/rescuefile
        • name: print rescue status
          debug:
          msg: ‘Rescue complete’
          always:
          • name: log message
            shell:
            cmd: logger hello
        • name: always print this message
          debug:
          msg: logger update
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Register a files stats and make a condition based on one of the pieces of info. If it is not met, force the playbook to fail

A
  • stat:
    path: /tmp/temporary
    register: fs
  • debug:
    msg: “{{ fs }}”
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Register a files stats and make a condition based on one of the pieces of info. If it is not met, force the playbook to fail

A
  • command: touch /tmp/statfile
  • name stat file
    stat:
    path: /tmp/statfile
    register: fs
  • fail:
    msg: ‘unexpected file mode’
    when: st.stat.mode != ‘0640’
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Create a file named /tmp/hosts and add the below lines to it:
192.168.4.110 host1.example.com
192.168.4.110 host1.example.com

A 
- name: Add Hosts
  hosts: all
  tasks:
    - name: Create file
	  file:
	    path: /tmp/hosts
		state: touch
	- name: Add junk	
	  blockinfile:
		path: /tmp/hosts
		block: |
		192.168.4.110 host1.example.com
		192.168.4.110 host1.example.com
	state: present
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
What is a checksum used for? Copy over /etc/hosts to the managed node's /tmp directory. Add two lines to it for whatever hosts you want Register a checksum for /tmp/hosts Print the checksum grab the file from /tmp/hosts and put it in your tmp folder Where did the file go?
Checksums are used to determin if a file has changed and needs to be copied or updated. --- - name: Test hosts: all tasks: - name: copy copy: src: /etc/hosts dest: /tmp/hosts - name: Add junk blockinfile: path: /tmp/hosts block: | 192.168.4.110 host1.example.com 192.168.4.110 host1.example.com state: present - name: checksum stat: path: checksum_algorithm: md5 register: result - name: debug debug: msg: {{ result.stat.checksum }} - name: fetch file fetch: src: /tmp/hosts dest: /tmp A directory was created for it in tmp with it's name
26
Install Selinux commands Create a file Give it the contenxt type httpd_sys_content_type Run restorecon
--- - name: show selinux hosts: all tasks: - name: Install required packages dnf: name: policycoreutils-python-utils state: latest - name: Create test file file: name: /tmp/testfile state: touch - name: Set Selinux Context sefcontext: target: /tmp/selinux setype: httpd_sys_content_t state: present notify: - run restorecon handlers: - name: run restorecon command: restorecon -v /tmp/selinux
27
Create a playbook variable of httpd_read_user_content Enable SElinux in targeted mode Check the boolean's status/info and register it Show the boolean's status Enabled the boolean
--- - name: enable selinux and boolean hosts: ansible1 vars: - my_boolean: httpd_read_user_content tasks: - name: Enable SELinux selinux: policy: targeted state: enforcing - name: Check current {{ my_boolean }} boolean status shell: getsebool -a | grep {{ my_boolean }} register: bool_stat - name: Show boolean status debug: msg: the current {{ my_boolean }} status is {{ bool_stat.stdout }} - name: enable boolean seboolean: name: "{{ my_boolean }}" state: yes persistent: yes
28
Install , start and configure a webserver that has the DocumentRoot set to the /web directory. The file should be called index.html and it should say something welcoming the user to the server. Ensure that SElinux is enabled and allows acces to the web server document root. SElinux should allow user to publish web pages from their home directory. This will reveal something is wrong when you try to curl the page, figure out why. Best practice for a long playbook like this it to create the file header and add the task names prior.
--- - name: Managing web server SELinux properties hosts: ansible1 tasks: - name: Ensure SELinux is enabled and enforcing selinux: policy: targeted state: enforcing - name: install webserver dnf: name: httpd state: latest - name: start and enable webserver service: name: httpd state: started enabled: true - name: open firewall service block: - firewalld: service: http state: enabled immediate: yes - name: create /web directory file: path: /web state: directory - name: create index.html file in /web copy: content: | welcome to the web server dest: /web/index.html - name: use lineinfile to change webserver config lineinfile: path: /etc/httpd/conf/httpd.conf regexp: '^ line: '' - name: use sefcontext to set context on new documentroot sefcontext: target: /web(/.*)? setype: httpd_sys_content_t state: present - name: run resorecon shell: restorecon -Rv /web - name: allow web server to run user content seboolean: name: httpd_read_user_content state: yes persistent: yes
29
Create a jinja2 file that says the below and then send it to the server you want with permissions you assign to it #This file is managed by Ansible You are part of a group with the following members: member=ansible1:8080 member=ansible2:8080 member=ansible3:8080
Add the ansible_managed variable to you ansible.cfg {{ ansible_managed }} {% for host in groups['all'] %} member={{ host }}:8080 {% endfor %} vi test.yml template: src: jinja.j2 dest: /tmp/jinja owner: root group: root mode: 0777
30
Create a jinja2 template that prints either one of two things on a web server: if it's apache2: Welcome to Apache2 if its anything else Welcome to httpd Use a vairable in your playbook called apache_package that specifies where or not it is apache2 or httpd
vars: - apache_package: httpd tasks: - template src: jinja.j2 dest: /tmp/httpd.conf jinja file {% if kapache_package == 'apache2' %} welcome to apache2 {% else %} welcome to httpd {% endif %}
31
In terms of Jinja2, how do you convert your variable to json, yaml, or check if it contains an ip address
{{ myvar | to_json }} {{ myvar | to_yaml }} {{ myvar | ipaddr }}
32
Create custom role directory structure How do you add roles to your playbook?
ansible-galaxy init rolename role: - role1 - role2
33
How do you add role dependencies? Create one dependency that changes one of the default variables and another dependency that only runs when the server is in production
vi httin the meta/main.yml dependencies: - role: apache vars: apache_port: 80 - role: mariadb when: environment == 'production' (This will look for the environment variable in the playbook vars, roles, etc. Basically anywhere that has anything to do with the play)
34
Create a playbook that does something simple like printing a message. Create another playbook that prints a message that says it's importing a play, and then import your other playbook What should the main playbook be called?
vi site.yml --- - name: Run a task hosts: all tasks: - debug: msg; Importing Playbook - name: Importing a playbook import_playbook: test.yml Another example: - import_playbook: webserver.yml - name: Configure Load Balancer hosts: lb tasks: - name: Install HAProxy yum: name: haproxy state: present - import_playbook: database.yml
35
How do you statically import tasks? How do you dynamically import them? When should you use one or the other
import_tasks = static, read prior to playbook so they can't be modified to do anything else, they are what they are. include_tasks = dynamic. They're use the moment you need them dynamic when task is used in conditional, can assign variables, generally what you'd want to use.
36
Have the playbook request the user to create a variable named filesize. You should specify the user types in a file size in megabytes Use assert to check if the filesize is less than or equal to 100 or greater than or equal to 1 use an escape character in one of your messages Next create a zeroed out file of that size Assert fails a task, which means it will actually still try the task on all servers even if one fails
vars_prompt: - name: filesize prompt: "your message here" tasks assert: that: - "( filesize | int ) <= 100 }}" - "( filesize | int ) >= 1 }}" fail_msg: "fail\'s escape character" success_msg: "" - name: create a file command: dd if=/dev/zero of=/bigfile bs=1 count={{ filesize }}
37
What module do you use to store installed packages in facts? Perform a playbook that installs software, updates package information in facts. Next show package information
- package_facts: manager: auto - debug: var: ansible_facts.packages['nmap'] manage: This tells which package manager to communicate with. Auto auto detects appropriate package manager apparently what we're doing above is gathering facts on installed packages
38
Install FTP Start and Enable FTP Open firewall for FTP traffic Make sure FTP shared repo directory is available Download packages to the repo Use createrepo to generate metadata/index
Page 290
39
Fetch a gpg key and setup a repo client
- name: Get GPG pub key rpm_key: key: ftp://control.example.com/repo/RPM-GPG-KEY state: present - name: Set up the repo client yum_repository: file: myrepo name: myrepo description: example repo baseurl: ftp://control.example.com/repo enabled: yes gpgcheck: yes state: present I believe the below was a troubleshooting thing for the gpg keys from last time: rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
40
Create either an http repo or an ftp repo
install createrepo/createrepo_c subscription-manager repos --list-enabled subcription-manager repos --disable * - or just repo names mkdir /localrepo dnf install --downloadonly --downloaddir /localrepo vi /etc/yum.repos.d/local.repo [centos7] name=centos7 baseurl=file:///localrepo/ (this is the direcat ctory we created) enabled=1 gpgcheck=0 createrepo /localrepo dnf clean all (clear repo cache) dnf install nmap if you setup http your base will be baseurl=http://ansible3/repo baseurl=ftp://ansible3/repo localrepo should either be on /var/www/html/repo or var/ftp/repo/ or var/vsftpd/repo/ You will need to configure selinux appropriately here for ftp with user and pass baseurl=http://user:pass@example.com/myrepo/Dev-Repo
41
How do you change the httpd document root
regexp: '^' blockinfile: | Don't forget to change the actual DocumentRoot
42
Configure a New RHEL Managed Node user password should be configured a password should be set Run root commands with no password and in wheel group Register RHEL subscription username and pass in ansible vault add subscriptions rh-gluster-3-client-for-rhel-9-for-x86_64-rpms and rhel-8-for-x86_64-appstream-debug-rpms use tags
Add new host info in inventory Setup whatever you need to get the host running sudo dnf install sshpass (because we'll be working with ssh passwords in a non-interactive way) - name: Add host to inventory hosts: localhost tasks: - fail: msg: "Add the options -e newhost=hostname -e newhostip=ip and try again" when: (newhost is undefined) or (newhostip is undefined) - name: Add a new host to the inventory lineinfile: path: inventory state: present line: "{{ newhost }}" - name: Add new host to /etc/hosts lineinfile: path: /etc/hosts state: present line: "{{ nowhostip }} {{ newhost }}" tags: addhost second play - name: Configure a new RHEL host hosts: "{{ newhost }}" remote_user: root become: false tasks: - name: Configure user ansible user: name: ansible groups: wheel append: yes state: present - name: Set user password shell: 'echo password | passwd --stdin ansible' - name: Enable sudo without password lineinfile: path: /etc/sudoers regexp: '*%wheel' line: '%wheel ALL=(ALL) NOPASSWD: ALL' validate: /usr/sbin/visudo -cf %s - name: Create SSH directory in user ansible home file: path: /home/ansible/.ssh state: directory owner: ansible group: ansible - name: Copy SSH public key to remote host copy: src: /home/ansible/.ssh/id_rsa.pub dest: /home/ansible/.ssh/authorized_keys tags: setuphost (He's putting the tags on the same line as the - in - name) If you want to test so far: ansible-playbook -C -k site.yml -e newhost=ansible3 -e newhostip=192.168.10.123 (the k asks for root password) Now let's go add our RedHat subscription creds to a file ansible-vault create info.vault.yml rhsm_user: username rhsm_pass: user_pass Now we can finish the original playbook with our final play - name: Use subscription manager to register and sertup repos hosts: "{{ newhost }}" vars_files: - info.vault.yml tasks: - name: Register and subscribe {{ newhost }} redhat_subscription: username: "{{ rhsm_user }}" password: "{{ rhsm_pass }}" state: present - name: Configure additional repo access rhsm_repository: name: - rh-gluster-3-client-for-rhel-9-x86_64-rpms - rhel-8-for-x86_64-appstream-debug-rpms state: present tags: registerhost now let's run it ansible-playbook -k --ask-vault-pass site.yml -e newhost=ansible3 -e newhostip=192.168.10.123 -
43
In terms of the user module how do you add a primary and secondary groups for a user? How do you not overwrite previous secondary groups? Create an ssh key for them that's 2048 bits and store the private key in the user's private file
user: name: anna create_home: true groups: wheel,students append: true generate_ssh_key: true ssh_key_bits: 2048 ssh_key_file: .ssh/id_rsa groups is for extended groups group would be for primary, but it will make one with the same username automatically.
44
How would you change a the user ansible's password to 'password' via a playbook?
shell: 'echo password | passwd --stdin ansible'
45
How would you change the wheel group to not ask for passwords?
- name: Enable sudo without password lineinfile: path: /etc/sudoers regexp: '*%wheel' line: '%wheel ALL=(ALL) NOPASSWD: ALL' validate: /usr/sbin/visudo -cf %s
46
Create ssh logins on your own for an ansible host that isn't setup yet What keys do you copy?
You copy id_rsa.pub to the hosts authorized_keys - name: Create SSH directory in user ansible home file: path: /home/ansible/.ssh state: directory owner: ansible group: ansible - name: Copy SSH public key to remote host copy: src: /home/ansible/.ssh/id_rsa.pub dest: /home/ansible/.ssh/authorized_keys tags: setuphost (He's putting the tags on the same line as the - in - name)
47
Create a group named students and place a new user into that group and wheel. Make sure to setup ssh keys for the user
group: name: students state: present user: name: nathan create_home: true groups: student,wheel append: generate_ssh_key: true ssh_key_bits: 2048 ssh_key_file: .ssh/id_rsa
48
Create multiple groups that need sudo access and multiple groups that don't need sudo access via a variable file. Now create a template that gives sudo access to the groups that require it Create a playbook that creates the users and groups and adds them necessary groups to sudo that need to be Page 311
sudo_groups: - name: developers group_id: 5000 sudo: false - name: admins group_id: 5001 sudo: true {% for item in sudo_groups % } { % if item.sudo } %{{ item.name }} ALL=(ALL:ALL) NOPASSWD:ALL {% endif %} {% endfor %}
49
Show an example of how you would send your pub keys without using the copy module
- name: test hosts: ansible3 tasks: - name: copy auth keys authorized_key: user: ansible state: present key: "{{ lookup('file', '/home/danny/.ssh/id_rsa.pub') }}" Basically this means the user danny on YOUR server will be able to login as ansible on the REMOTE server Always Use Some Keys
50
ssh-keygen and generate-ssh-key have a major difference, what is it? How do you fix this?
generate_ssh_key doesn't add username@host which will make the key invalid, you will need to add it personally - name: keygen user: name: nathan generate_ssh_key: true ssh_key_comment: controller_user@controller
51
Create a hashed password for a user and use it
ansible ansible2 -m debug -a "msg={{ 'password_here' | password_hash('sha512') }}" >> yourplaybook you can trim the uneeded bits yourself or /msg yw - yank word or shell: echo 'password' | passwd -stdin ansible' You can also make the password a var in a file encrypted with vault
52
Using systemd, reload a daemon and ensure it is not masked, enable it too
systemd: name: httpd enabled: yes state: started masked: no daemon_reload: yes
53
Setup a cron job to run everyday at 4:05 and 19:05 as user ansible Now delete it
cron: name: "run fstrim" minute: "5" hour: "4,19" job: "fstrim" user: ansible minute hour day = of the month month weekday cron: name: "run fstrim" state: absent
54
Send the date once to /tmp/my-at-file in 5 minutes
at: command: "date > /tmp/my-at-file" count: 5 units: minutes unique: true state: present
55
Create a symbolic link to make the graphical target the default
file: src: /usr/lib/systemd/system/graphical.target dest: /etc/systemd/system/default.target state: link
56
Create a cron job to run upon a reboot
cron: name: "reboot" state: present special_time: reboot job: "echo rebooted at $(date) >> /tmp/rebooted"
57
Set a fact under disk2name: sdb if sdb exists Have the playbook make sure hosts without this disk not conitnue the playbook
- ignore_errors: true set_fact: dsk2name: sdb when: ansible_facts['devices']['sdb'] fail: msg: no second disk when: disk2name is not defined
58
Configure a playbook that creates more swapspace if swap is below 256 MiB
blcok: - name: make swap filesystem: fstype: swap dev: /dev/sdb1 - name: activate swap space command: swapon /dev/sdb1 when: ansible_swaptotal_mb < 256 lineinfile: path: /etc/fstab regexp: "^/dev/sdb1" swap swap default 0 0 Don't forget to add the entry in fstab A computer made of files is in a room. Uncle FeSter is TPYing in code for a game. He thinks he's a genius DEV
59
You're getting a 404 error with your system when attempting to download a package from redhat The repo file has the appropriate repos enabled There are no issues with selinux What do you do and what is the issue?
Syncing issue with redhat repos Reconfigure your subscription subscription-manager unregister subscription-manager clean subscription manager register subscription-manager attach --auto dnf clean all Try it again
60
You get a 403 error when attempting to download something from your personal repository What is the issue and how do you fix it?
Your GPG keys haven't been imported Check the keys that are imported rpm -qa gpg-pubkey* Next, import all keys over rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY* dnf clean all

Sander Van Vugt RHCE (18 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions