Automation, Orchestration & DevOps > Class 9: Basic BIG-IP Configuration Management with Ansible > Section 1 - Ansible F5 Basic Exercises Source | Edit on
Exercise 1.0: Exploring the lab environment¶
Step 1¶
In the VS Code terminal section, navigate to the networking-workshop
directory.
[centos@ansible ~]$ cd networking-workshop/
[centos@ansible networking-workshop]$
Step 2¶
Run the ansible
command with the --version
command to look at
what is configured:
[centos@ansible networking-workshop]$ ansible --version
ansible [core 2.12.4]
config file = /home/centos/.ansible.cfg
configured module search path = ['/home/centos/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/centos/.local/lib/python3.8/site-packages/ansible
ansible collection location = /home/centos/.ansible/collections:/usr/share/ansible/collections
executable location = /home/centos/.local/bin/ansible
python version = 3.8.12 (default, Mar 31 2022, 14:42:38) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]
jinja version = 3.1.1
libyaml = True
Note: The Ansible version you see might differ from the above output
This command gives you information about the version of Ansible,
location of the executable, version of Python, search path for the
modules and location of the ansible configuration file
.
Step 3¶
Use the cat
command to view the contents of the ansible.cfg
file.
[centos@ansible networking-workshop]$ cat ~/.ansible.cfg
[defaults]
connection = smart
timeout = 60
inventory = /home/centos/networking-workshop/lab_inventory/hosts
host_key_checking = False
private_key_file = /home/centos/.ssh/aws-private.pem
[centos@ansible networking-workshop]$
Note the following parameters within the ansible.cfg
file:
inventory
: shows the location of the ansible inventory being usedprivate_key_file
: this shows the location of the private key used to login to devices (this won’t be present for UDF, we will use the default key)
Step 4¶
The scope of a play
within a playbook
is limited to the groups
of hosts declared within an Ansible inventory. Ansible supports
multiple
inventory
types. An inventory could be a simple flat file with a collection of
hosts defined within it or it could be a dynamic script (potentially
querying a CMDB backend) that generates a list of devices to run the
playbook against.
In this lab you will work with a file based inventory written in the
ini format. Use the cat
command to view the contents of your
inventory:
[centos@ansible networking-workshop]$ cat lab_inventory/hosts
The output will look similar to as follows:
[all:vars]
ansible_user=centos
ansible_ssh_pass=f5ansible
ansible_ssh_private_key_file=/home/centos/.ssh/aws-private.pem
[lb]
f5 ansible_host=10.1.20.7 ansible_user=admin private_ip=10.1.1.7 destination_ip=10.1.20.100 ansible_ssh_pass=f5ansible
[control]
ansible ansible_host=10.1.1.4 ansible_user=centos
[webservers]
host1 ansible_host=10.1.20.5 ansible_user=centos private_ip=10.1.1.5
host2 ansible_host=10.1.20.6 ansible_user=centos private_ip=10.1.1.6
Note that the IP addresses will be different in your environment.
Step 5¶
In the above output every [ ]
defines a group. For example
[webservers]
is a group that contains the hosts host1
and
host2
.
Note: A group called all always exists and contains all groups and hosts defined within an inventory.
We can associate variables to groups and hosts. Host variables are
declared/defined on the same line as the host themselves. For example
for the host f5
:
f5 ansible_host=10.1.20.7 ansible_user=admin private_ip=10.1.1.7 destination_ip=10.1.20.100 ansible_ssh_pass=f5ansible
f5
- The name that Ansible will use. This can but does not have to rely on DNSansible_host
- The IP address that ansible will use, if not configured it will default to DNSansible_user
- The user ansible will use to login to this host, if not configured it will default to the user the playbook is run fromprivate_ip
- This value is not reserved by ansible so it will default to a host variable. This variable can be used by playbooks or ignored completely.destination_ip
- This value is not reserved either, we are using it to define the Virtual Server IP we want.ansible_ssh_pass
- The password ansible will use to login to this host, if not configured it will assume the user the playbook ran from has access to this host through SSH keys.
Does the password have to be in plain text? No, Red Hat Ansible Tower can take care of credential management in an easy to use web GUI or a user may use ansible-vault
Go back to the home directory
[centos@ansible networking-workshop]$ cd ~
You have finished this exercise. Click here to return to the lab guide