説明
演習問題
演習に使用するインベントリーファイルの内容です。
hosts.yml
---
all:
children:
web:
hosts:
marutamachi: # CentOS/8.3 (RedHat)
takeyamachi: # CentOS/7.8 (RedHat)
oshikoji: # Debian10 (Debian)
mail:
hosts:
nijyo:
ebisugawa:
database:
hosts:
oshikoji:
oike:
group_vars/all.yml
---
ansible_user: vagrant
ansible_password: vagrant
host_vas/marutamachi.yml
---
ansible_host: 192.168.111.101
host_vas/takeyamachi.yml
---
ansible_host: 192.168.111.102
host_vas/ebisugawa.yml
---
ansible_host: 192.168.111.103
host_vas/nijyo.yml
---
ansible_host: 192.168.111.104
host_vas/oshikoji.yml
---
ansible_host: 192.168.111.105
ansible_python_interpreter: /usr/bin/python3
host_vas/oike.yml
---
ansible_host: 192.168.111.106
ansible_python_interpreter: /usr/libexec/platform-python
Q1. 各管理対象ノードに 3 件のアカウトを登録するプレイブック「 regist_account.yml 」を作成してください。登録する前に対象のアカウントが管理対象ノードの「 /etc/passwd 」ファイル内に登録されていないか確認してください。確認した結果、登録されていないときにアカウントを作成してください。
- アカウントは
vars_filesセクションを使用して取り込みます。 - 登録するアカウント
- taro
- jiro
- hanako
解答
- ディレクトリー「 host_vars/ 」と「 group_vars/ 」の内容や構成は変更しません(そのまま使用します)。
-
ansible.builtin.include_roleモジュールを使用して下記と同等の結果になるプレイブックを作成できます。
regist_account.yml
---
- name: Register multiple accounts.
hosts: all
gather_facts: no
vars_files:
- ./accounts.yml
tasks:
- name: Registe account.
ansible.builtin.include_tasks:
file: ./register_account.yml
loop: "{{ accounts }}"
register_account.yml
---
- name: Check the "/etc/passwd" file.
ansible.builtin.shell:
cmd: "cat /etc/passwd | grep {{ item }}"
changed_when: no
failed_when: result['rc'] not in [0, 1]
register: result
- name: Register an account.
ansible.builtin.user:
name: "{{ item }}"
when: result['rc'] != 0
become: yes
PLAY [Register multiple accounts.] *******************************************************************************************************************
TASK [Registe account.] ******************************************************************************************************************************
included: /home/y_mrok/code/chap25/register_account.yml for takeyamachi, oshikoji, marutamachi, nijyo, ebisugawa, oike => (item=tarto)
included: /home/y_mrok/code/chap25/register_account.yml for takeyamachi, oshikoji, marutamachi, nijyo, ebisugawa, oike => (item=jiro)
included: /home/y_mrok/code/chap25/register_account.yml for takeyamachi, oshikoji, marutamachi, nijyo, ebisugawa, oike => (item=hanako)
TASK [Check the "/etc/passwd" file.] *****************************************************************************************************************
ok: [oshikoji]
ok: [takeyamachi]
ok: [marutamachi]
ok: [ebisugawa]
ok: [oike]
ok: [nijyo]
TASK [Register an account.] **************************************************************************************************************************
changed: [oshikoji]
changed: [ebisugawa]
changed: [nijyo]
changed: [takeyamachi]
changed: [marutamachi]
changed: [oike]
TASK [Check the "/etc/passwd" file.] *****************************************************************************************************************
ok: [ebisugawa]
ok: [oshikoji]
ok: [takeyamachi]
ok: [nijyo]
ok: [marutamachi]
ok: [oike]
TASK [Register an account.] **************************************************************************************************************************
changed: [oshikoji]
changed: [ebisugawa]
changed: [nijyo]
changed: [takeyamachi]
changed: [marutamachi]
changed: [oike]
TASK [Check the "/etc/passwd" file.] *****************************************************************************************************************
ok: [oshikoji]
ok: [ebisugawa]
ok: [nijyo]
ok: [takeyamachi]
ok: [marutamachi]
ok: [oike]
TASK [Register an account.] **************************************************************************************************************************
changed: [oshikoji]
changed: [ebisugawa]
changed: [nijyo]
changed: [takeyamachi]
changed: [marutamachi]
changed: [oike]
PLAY RECAP *******************************************************************************************************************************************
ebisugawa : ok=9 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
marutamachi : ok=9 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
nijyo : ok=9 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
oike : ok=9 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
oshikoji : ok=9 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
takeyamachi : ok=9 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
y_mrok@ctrl:~/code/chap25$
冪等性を確認
y_mrok@ctrl:~/code/chap25$ ansible-playbook -i hosts.yml regist_account.yml
PLAY [Register multiple accounts.] *******************************************************************************************************************
TASK [Registe account.] ******************************************************************************************************************************
included: /home/y_mrok/code/chap25/register_account.yml for marutamachi, oshikoji, takeyamachi, ebisugawa, nijyo, oike => (item=tarto)
included: /home/y_mrok/code/chap25/register_account.yml for marutamachi, oshikoji, takeyamachi, ebisugawa, nijyo, oike => (item=jiro)
included: /home/y_mrok/code/chap25/register_account.yml for marutamachi, oshikoji, takeyamachi, ebisugawa, nijyo, oike => (item=hanako)
TASK [Check the "/etc/passwd" file.] *****************************************************************************************************************
ok: [oshikoji]
ok: [ebisugawa]
ok: [nijyo]
ok: [takeyamachi]
ok: [marutamachi]
ok: [oike]
TASK [Register an account.] **************************************************************************************************************************
skipping: [marutamachi]
skipping: [takeyamachi]
skipping: [oshikoji]
skipping: [nijyo]
skipping: [ebisugawa]
skipping: [oike]
TASK [Check the "/etc/passwd" file.] *****************************************************************************************************************
ok: [oshikoji]
ok: [ebisugawa]
ok: [nijyo]
ok: [takeyamachi]
ok: [marutamachi]
ok: [oike]
TASK [Register an account.] **************************************************************************************************************************
skipping: [marutamachi]
skipping: [takeyamachi]
skipping: [oshikoji]
skipping: [nijyo]
skipping: [ebisugawa]
skipping: [oike]
TASK [Check the "/etc/passwd" file.] *****************************************************************************************************************
ok: [oshikoji]
ok: [nijyo]
ok: [ebisugawa]
ok: [takeyamachi]
ok: [marutamachi]
ok: [oike]
TASK [Register an account.] **************************************************************************************************************************
skipping: [marutamachi]
skipping: [takeyamachi]
skipping: [oshikoji]
skipping: [nijyo]
skipping: [ebisugawa]
skipping: [oike]
PLAY RECAP *******************************************************************************************************************************************
ebisugawa : ok=6 changed=0 unreachable=0 failed=0 skipped=3 rescued=0 ignored=0
marutamachi : ok=6 changed=0 unreachable=0 failed=0 skipped=3 rescued=0 ignored=0
nijyo : ok=6 changed=0 unreachable=0 failed=0 skipped=3 rescued=0 ignored=0
oike : ok=6 changed=0 unreachable=0 failed=0 skipped=3 rescued=0 ignored=0
oshikoji : ok=6 changed=0 unreachable=0 failed=0 skipped=3 rescued=0 ignored=0
takeyamachi : ok=6 changed=0 unreachable=0 failed=0 skipped=3 rescued=0 ignored=0
y_mrok@ctrl:~/code/chap25$
Q2. アドホックコマンドでどれか 1 つの管理対象ノードの「 /etc/passwd 」ファイルを確認し、「 Q1. 」で登録したアカウントが存在することを確認してください。
解答
y_mrok@ctrl:~/code/chap25$ ansible marutamachi -i hosts.yml -a "cat /etc/passwd"
marutamachi | CHANGED | rc=0 >>
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:65534:65534:Kernel Overflow User:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
systemd-coredump:x:999:997:systemd Core Dumper:/:/sbin/nologin
systemd-resolve:x:193:193:systemd Resolver:/:/sbin/nologin
tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
polkitd:x:998:996:User for polkitd:/:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/lib/rpcbind:/sbin/nologin
unbound:x:997:993:Unbound DNS resolver:/etc/unbound:/sbin/nologin
sssd:x:996:992:User for sssd:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
chrony:x:995:991::/var/lib/chrony:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
rngd:x:994:990:Random Number Generator Daemon:/var/lib/rngd:/sbin/nologin
vagrant:x:1000:1000::/home/vagrant:/bin/bash
tarto:x:1001:1001::/home/tarto:/bin/bash
jiro:x:1002:1002::/home/jiro:/bin/bash
hanako:x:1003:1003::/home/hanako:/bin/bash
y_mrok@ctrl:~/code/chap25$
Q3. 管理対象ノードごとのディスクの空き容量の情報をコントロールノードに保存するプレイブック「 check_diskfree.yml 」を作成してください。
- 空き容量を確認する Linux コマンドは
dfです。 - コントロールノードに保存するファイルの名前は inventory_hostname に拡張子
.txtを付けてください。 例 marutamachi.txt
解答
- ディレクトリー「 host_vars/ 」と「 group_vars/ 」の内容や構成は変更しません(そのまま使用します)。
check_diskfree.yml
---
- name: Check the free disk space of each managed node.
hosts: all
gather_facts: no
tasks:
- name: Check the free space.
ansible.builtin.command:
cmd: "df"
changed_when: no
register: df_status
- name: Write down the free space information.
ansible.builtin.lineinfile:
path: "./{{ inventory_hostname }}.txt"
create: yes
line: "{{ item }}"
state: present
loop: "{{ df_status['stdout_lines'] }}"
delegate_to: localhost
y_mrok@ctrl:~/code/chap25$ ansible-playbook -i hosts.yml check_diskfree.yml
PLAY [Check the free disk space of each managed node.] ***********************************************************************************************
TASK [Check the free space.] *************************************************************************************************************************
ok: [oshikoji]
ok: [ebisugawa]
ok: [nijyo]
ok: [takeyamachi]
ok: [marutamachi]
ok: [oike]
TASK [Write down the free space information.] ********************************************************************************************************
changed: [takeyamachi -> localhost] => (item=ファイルシス 1K-ブロック 使用 使用可 使用% マウント位置)
changed: [marutamachi -> localhost] => (item=Filesystem 1K-blocks Used Available Use% Mounted on)
changed: [oshikoji -> localhost] => (item=Filesystem 1K-blocks Used Available Use% Mounted on)
changed: [ebisugawa -> localhost] => (item=Filesystem 1K-blocks Used Available Use% Mounted on)
changed: [nijyo -> localhost] => (item=Filesystem 1K-blocks Used Available Use% Mounted on)
changed: [takeyamachi -> localhost] => (item=devtmpfs 1932740 0 1932740 0% /dev)
changed: [oshikoji -> localhost] => (item=udev 2005748 0 2005748 0% /dev)
changed: [marutamachi -> localhost] => (item=devtmpfs 1994076 0 1994076 0% /dev)
changed: [ebisugawa -> localhost] => (item=udev 1997896 0 1997896 0% /dev)
changed: [nijyo -> localhost] => (item=udev 2006336 0 2006336 0% /dev)
changed: [oshikoji -> localhost] => (item=tmpfs 404172 5416 398756 2% /run)
changed: [marutamachi -> localhost] => (item=tmpfs 2011880 0 2011880 0% /dev/shm)
changed: [ebisugawa -> localhost] => (item=tmpfs 403084 928 402156 1% /run)
changed: [takeyamachi -> localhost] => (item=tmpfs 1940196 0 1940196 0% /dev/shm)
changed: [nijyo -> localhost] => (item=tmpfs 403936 608 403328 1% /run)
changed: [marutamachi -> localhost] => (item=tmpfs 2011880 8612 2003268 1% /run)
changed: [ebisugawa -> localhost] => (item=/dev/sda1 40593612 1960520 38616708 5% /)
changed: [oshikoji -> localhost] => (item=/dev/sda1 20510288 1383852 18061528 8% /)
changed: [nijyo -> localhost] => (item=/dev/sda1 40593612 1510188 39067040 4% /)
changed: [takeyamachi -> localhost] => (item=tmpfs 1940196 8700 1931496 1% /run)
changed: [marutamachi -> localhost] => (item=tmpfs 2011880 0 2011880 0% /sys/fs/cgroup)
changed: [oshikoji -> localhost] => (item=tmpfs 2020852 0 2020852 0% /dev/shm)
changed: [ebisugawa -> localhost] => (item=tmpfs 2015412 0 2015412 0% /dev/shm)
changed: [takeyamachi -> localhost] => (item=tmpfs 1940196 0 1940196 0% /sys/fs/cgroup)
changed: [nijyo -> localhost] => (item=tmpfs 2019668 0 2019668 0% /dev/shm)
changed: [marutamachi -> localhost] => (item=/dev/sda1 10474496 3807268 6667228 37% /)
changed: [oshikoji -> localhost] => (item=tmpfs 5120 0 5120 0% /run/lock)
changed: [ebisugawa -> localhost] => (item=tmpfs 5120 0 5120 0% /run/lock)
changed: [nijyo -> localhost] => (item=tmpfs 5120 0 5120 0% /run/lock)
changed: [takeyamachi -> localhost] => (item=/dev/sda1 41921540 3583156 38338384 9% /)
changed: [oshikoji -> localhost] => (item=tmpfs 2020852 0 2020852 0% /sys/fs/cgroup)
changed: [marutamachi -> localhost] => (item=tmpfs 402376 0 402376 0% /run/user/1000)
changed: [ebisugawa -> localhost] => (item=tmpfs 2015412 0 2015412 0% /sys/fs/cgroup)
changed: [takeyamachi -> localhost] => (item=tmpfs 388040 0 388040 0% /run/user/1000)
changed: [nijyo -> localhost] => (item=tmpfs 2019668 0 2019668 0% /sys/fs/cgroup)
changed: [oshikoji -> localhost] => (item=tmpfs 404168 0 404168 0% /run/user/1000)
changed: [oike -> localhost] => (item=Filesystem 1K-blocks Used Available Use% Mounted on)
changed: [ebisugawa -> localhost] => (item=/dev/loop0 56832 56832 0 100% /snap/core18/2128)
changed: [nijyo -> localhost] => (item=/vagrant 1952104948 762507888 1189597060 40% /vagrant)
changed: [oike -> localhost] => (item=devtmpfs 1993828 0 1993828 0% /dev)
changed: [ebisugawa -> localhost] => (item=/dev/loop1 33152 33152 0 100% /snap/snapd/12883)
changed: [nijyo -> localhost] => (item=tmpfs 403932 0 403932 0% /run/user/1000)
changed: [oike -> localhost] => (item=tmpfs 2011880 0 2011880 0% /dev/shm)
changed: [ebisugawa -> localhost] => (item=/dev/loop2 72064 72064 0 100% /snap/lxd/21029)
changed: [oike -> localhost] => (item=tmpfs 2011880 16780 1995100 1% /run)
changed: [ebisugawa -> localhost] => (item=/dev/loop3 33280 33280 0 100% /snap/snapd/13270)
changed: [oike -> localhost] => (item=tmpfs 2011880 0 2011880 0% /sys/fs/cgroup)
changed: [ebisugawa -> localhost] => (item=/dev/loop4 63360 63360 0 100% /snap/core20/1169)
changed: [oike -> localhost] => (item=/dev/sda2 18420736 1972368 16448368 11% /)
changed: [ebisugawa -> localhost] => (item=/dev/loop5 68864 68864 0 100% /snap/lxd/21545)
changed: [ebisugawa -> localhost] => (item=tmpfs 403080 0 403080 0% /run/user/1000)
changed: [oike -> localhost] => (item=tmpfs 402376 0 402376 0% /run/user/1000)
PLAY RECAP *******************************************************************************************************************************************
ebisugawa : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
marutamachi : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
nijyo : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
oike : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
oshikoji : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
takeyamachi : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
y_mrok@ctrl:~/code/chap25$
Q4. 「 Q3. 」を実行するとコントロールノードに複数のファイルが作成されます。そのファイルの内容を確認してください。
解答
y_mrok@ctrl:~/code/chap25$ ls -l
合計 40
-rw-rw-r-- 1 y_mrok y_mrok 511 10月 16 21:21 check_diskfree.yml
-rw-rw-r-- 1 y_mrok y_mrok 848 10月 16 21:22 ebisugawa.txt
drwxrwxr-x 2 y_mrok y_mrok 4096 10月 16 14:39 group_vars
drwxrwxr-x 2 y_mrok y_mrok 4096 8月 28 06:25 host_vars
-rw-rw-r-- 1 y_mrok y_mrok 285 10月 16 14:14 hosts.yml
-rw-rw-r-- 1 y_mrok y_mrok 398 10月 16 21:22 marutamachi.txt
-rw-rw-r-- 1 y_mrok y_mrok 549 10月 16 21:22 nijyo.txt
-rw-rw-r-- 1 y_mrok y_mrok 398 10月 16 21:22 oike.txt
-rw-rw-r-- 1 y_mrok y_mrok 456 10月 16 21:22 oshikoji.txt
-rw-rw-r-- 1 y_mrok y_mrok 437 10月 16 21:22 takeyamachi.txt
y_mrok@ctrl:~/code/chap25$ cat marutamachi.txt
Filesystem 1K-blocks Used Available Use% Mounted on
devtmpfs 1994076 0 1994076 0% /dev
tmpfs 2011880 0 2011880 0% /dev/shm
tmpfs 2011880 8612 2003268 1% /run
tmpfs 2011880 0 2011880 0% /sys/fs/cgroup
/dev/sda1 10474496 3807268 6667228 37% /
tmpfs 402376 0 402376 0% /run/user/1000
y_mrok@ctrl:~/code/chap25$ cat takeyamachi.txt
ファイルシス 1K-ブロック 使用 使用可 使用% マウント位置
devtmpfs 1932740 0 1932740 0% /dev
tmpfs 1940196 0 1940196 0% /dev/shm
tmpfs 1940196 8700 1931496 1% /run
tmpfs 1940196 0 1940196 0% /sys/fs/cgroup
/dev/sda1 41921540 3583156 38338384 9% /
tmpfs 388040 0 388040 0% /run/user/1000
y_mrok@ctrl:~/code/chap25$ cat ebisugawa.txt
Filesystem 1K-blocks Used Available Use% Mounted on
udev 1997896 0 1997896 0% /dev
tmpfs 403084 928 402156 1% /run
/dev/sda1 40593612 1960520 38616708 5% /
tmpfs 2015412 0 2015412 0% /dev/shm
tmpfs 5120 0 5120 0% /run/lock
tmpfs 2015412 0 2015412 0% /sys/fs/cgroup
/dev/loop0 56832 56832 0 100% /snap/core18/2128
/dev/loop1 33152 33152 0 100% /snap/snapd/12883
/dev/loop2 72064 72064 0 100% /snap/lxd/21029
/dev/loop3 33280 33280 0 100% /snap/snapd/13270
/dev/loop4 63360 63360 0 100% /snap/core20/1169
/dev/loop5 68864 68864 0 100% /snap/lxd/21545
tmpfs 403080 0 403080 0% /run/user/1000
y_mrok@ctrl:~/code/chap25$ cat nijyo.txt
Filesystem 1K-blocks Used Available Use% Mounted on
udev 2006336 0 2006336 0% /dev
tmpfs 403936 608 403328 1% /run
/dev/sda1 40593612 1510188 39067040 4% /
tmpfs 2019668 0 2019668 0% /dev/shm
tmpfs 5120 0 5120 0% /run/lock
tmpfs 2019668 0 2019668 0% /sys/fs/cgroup
/vagrant 1952104948 762507888 1189597060 40% /vagrant
tmpfs 403932 0 403932 0% /run/user/1000
y_mrok@ctrl:~/code/chap25$ cat oshikoji.txt
Filesystem 1K-blocks Used Available Use% Mounted on
udev 2005748 0 2005748 0% /dev
tmpfs 404172 5416 398756 2% /run
/dev/sda1 20510288 1383852 18061528 8% /
tmpfs 2020852 0 2020852 0% /dev/shm
tmpfs 5120 0 5120 0% /run/lock
tmpfs 2020852 0 2020852 0% /sys/fs/cgroup
tmpfs 404168 0 404168 0% /run/user/1000
y_mrok@ctrl:~/code/chap25$ cat oike.txt
Filesystem 1K-blocks Used Available Use% Mounted on
devtmpfs 1993828 0 1993828 0% /dev
tmpfs 2011880 0 2011880 0% /dev/shm
tmpfs 2011880 16780 1995100 1% /run
tmpfs 2011880 0 2011880 0% /sys/fs/cgroup
/dev/sda2 18420736 1972368 16448368 11% /
tmpfs 402376 0 402376 0% /run/user/1000
y_mrok@ctrl:~/code/chap25$