use ansible playbook to manage 3 servers.

Use Ansible to manage three servers.

The Ansible documentation at http://docs.ansible.com/ansible/list_of_all_modules.html will be a great help.

An example Ansible workspace is at https://github.com/KrumphauChicken/ansible_example.

Given:

  • A VirtualBox appliance files. Contain
  • These machines are all 32-bit, so you will be able to boot them even on cheap laptops without 64-bit virtualization support.
  • All machines have user/pass: root / electric dancy pants and student / space ranger blues
  • Set up an Ansible workspace in a Git repositoy. You don’t have to track it on GitHub or BitBucket, but it would be good practice to.
  • Create an inventory file for the three managed machines.
  • Create a playbook with roles to manage the basic setup of all three machines:
  • Create a playbook and roles to set up iptables on each machine.
  • Zipped archive of your Git-tracked Ansible workspace.
  • On each of the “tiny” servers and “controller”, open Settings > Network > Adapter 1.
  • At this point, all of the VMs should be able to connect to each other and to the internet, as I’ve set their first NIC to the static IPs mentioned in the appliance list. Ping each server from the controller to test. Start homeworking.
  • (Optional) On the controller, enable the second adapter, and do any of the following.

◦ tiny-debian8-32 (IP 10.0.5.101)

◦ tiny-centos7-32 (IP 10.0.5.102)

◦ tiny-centos7-32-b (IP 10.0.5.103)

◦ fed-lxde-32 (IP 10.0.5.100)

◦ Download at: http://168.235.98.161/controller.ova and http://168.235.98.161/tiny_servers.ova • You must use either the fed-lxde-32 machine offered in controller.ova .

Requirements:

◦ Create a new user named “manager”.

▪ Make manager an admin with all sudo rights (add to wheel group or change the sudoers file).

▪ Create and transfer ssh keys for manager to the server’s authorized keys..

◦ Install the packages for mtr, tcpdump, nano, and cowsay.

◦ Set the primary DNS server for the machines to 10.0.5.1, and the secondary to 209.244.0.3.

◦ All servers should drop all UDP and TCP as the default policy.

◦ Open up TCP ports 21, 22, 53, and 123, and UDP port 53 on all servers.

◦ Open up TCP ports 25, 110, and 143 on tiny-centos7.

◦ Open up TCP ports 80 and 443 on tiny-centos7-b.

Turn in:

Network setup:

 

Networking:

Zach showed me that the network is not imported with the appliance, so here is how to set up the network. • File > Preferences > Network > NAT Networks (the global VirtualBox preferences.) ◦ Create a new network, and call it whatever you want. I’ll refer to it as Servers. ◦ Change the network CIDR to 10.0.5.0/24, and uncheck “Supports DHCP”.

◦ Enable the adapter, and attach it to “NAT Network”, “Servers”.

◦ Set it to bridged using your host wired or wifi connection. Find out when IP it’s on, and you can work on the Ansible config on your laptop and scp it to the controller to test.

◦ Set it to a host-only network (make one in the global preferences), and do the same thing, but it’s an internal network only the host computer can see.

◦ Set up guest additions instead of all this, and use a shared folder (may not be enough room on the VM’s disk).

◦ Ignore all of this and just do the work on controller.