what is ansible playbook- Ansible basic

ntroduction

Ansible is an easy configuration management system that can be used to automate and organize your system configuration tasks for a large network of computers. While some other configuration management systems require many different packages to be installed on the server and client systems, with Ansible, you only need to install a server component and have SSH access to the client machines.
In a previous guide, we discussed how to install the Ansible software and learn basic commands. In this guide, we will discuss Ansible playbooks, which are Ansible's way of creating automated scripts to configure client computers.
We will assume that you have a configured Ansible server and a few clients, just as we left off in the last tutorial. In our guide, the server is a Ubuntu 12.04 machine, and the clients that we are going to be configuring are also Ubuntu 12.04 machines, for ease of explanation.

What are Ansible Playbooks?

Ansible playbooks are a way to send commands to remote computers in a scripted way. Instead of using Ansible commands individually to remotely configure computers from the command line, you can configure entire complex environments by passing a script to one or more systems.
Ansible playbooks are written in the YAML data serialization format. If you don't know what a data serialization format is, think of it as a way to translate a programmatic data structure (lists, arrays, dictionaries, etc) into a format that can be easily stored to disk. The file can then be used to recreate the structure at a later point. JSON is another popular data serialization format, but YAML is much easier to read.
Each playbook contains one or more plays, which map hosts to a certain function. Ansible does this through something called tasks, which are basically module calls.

Exploring a Basic Playbook

Let's look at a basic playbook:
---
- hosts: droplets
  tasks:
    - name: Installs nginx web server
      apt: pkg=nginx state=installed update_cache=true
      notify:
        - start nginx

  handlers:
    - name: start nginx
      service: name=nginx state=started
Let's break this down in sections so we can understand how these files are built and what each piece means.
The file starts with:
---
This is a requirement for YAML to interpret the file as a proper document. YAML allows multiple "documents" to exist in one file, each separated by ---, but Ansible only wants one per file, so this should only be present at the top of the file.
YAML is very sensitive to white-space, and uses that to group different pieces of information together. You should use only spaces and not tabs and you must use consistent spacing for your file to be read correctly. Items at the same level of indentation are considered sibling elements.
Items that begin with a - are considered list items. Items that have the format of key: value operate as hashes or dictionaries. That's pretty much all there is to basic YAML.
YAML documents basically define a hierarchical tree structure with the containing elements further to the left.
On the second line, we have this:
---
- hosts: droplets
This is a list item in YAML as we learned above, but since it is at the left-most level, it is also an Ansible "play". Plays are basically groups of tasks that are performed on a certain set of hosts to allow them to fulfill the function you want to assign to them. Each play must specify a host or group of hosts, as we do here.
Next, we have a set of tasks:
---
- hosts: droplets
  tasks:
    - name: Installs nginx web server
      apt: pkg=nginx state=installed update_cache=true
      notify:
        - start nginx
At the top level, we have "tasks:" at the same level as "hosts:". This contains a list (because it starts with a "-") which contains key-value pairs.
The first one, "name", is more of a description than a name. You can call this whatever you would like.
The next key is "apt". This is a reference to an Ansible module, just like when we use the ansible command and type something like:
ansible -m apt -a 'whatever' all
This module allows us to specify a package and the state that it should be in, which is "installed" in our case. The update-cache=true part tells our remote machine to update its package cache (apt-get update) prior to installing the software.
The "notify" item contains a list with one item, which is called "start nginx". This is not an internal Ansible command, it is a reference to a handler, which can perform certain functions when it is called from within a task. We will define the "start nginx" handler below.
---
- hosts: droplets
  tasks:
    - name: Installs nginx web server
      apt: pkg=nginx state=installed update_cache=true
      notify:
        - start nginx

  handlers:
    - name: start nginx
      service: name=nginx state=started
The "handlers" section exists at the same level as the "hosts" and "tasks". Handlers are just like tasks, but they only run when they have been told by a task that changes have occurred on the client system.
For instance, we have a handler here that starts the Nginx service after the package is installed. The handler is not called unless the "Installs nginx web server" task results in changes to the system, meaning that the package had to be installed and wasn't already there.
We can save this playbook into a file called something like "nginx.yml".
Just for some context, if you were to write this same file in JSON, it might look something like this:
[
    {
        "hosts": "droplets",
        "tasks": [
            {
                "name": "Installs nginx web server",
                "apt": "pkg=nginx state=installed update_cache=true",
                "notify": [
                    "start nginx"
                ]
            }
        ],
        "handlers": [
            {
                "name": "start nginx",
                "service": "name=nginx state=started"
            }
        ]
    }
]
As you can see, YAML is much more compact and most people would say more readable.

Running an Ansible Playbook

Once you have a playbook built, you can call it easily using this format:
ansible-playbook playbook.yml
For instance, if we wanted to install and start up Nginx on all of our droplets, we could issue this command:
ansible-playbook nginx.yml
Since the playbook itself specifies the hosts that it should run against (namely, the "droplets" group we created in the last tutorial), we do not have to specify a host to run against.
However, if we would like to filter the host list to only apply to one of those hosts, we can add a flag to specify a subset of the hosts in the file:
ansible-playbook -l host_subset playbook.yml
So if we only wanted to install and run Nginx on our "host3", we could type this:
ansible-playbook -l host3 nginx.yml

Adding Features to the Playbook

Right now our playbook looks like this:
---
- hosts: droplets
  tasks:
    - name: Installs nginx web server
      apt: pkg=nginx state=installed update_cache=true
      notify:
        - start nginx

  handlers:
    - name: start nginx
      service: name=nginx state=started
It is simple and it works, but all it is doing is installing a piece of software and starting it. That's not very beneficial by itself.
We can start to expand the functionality by adding tasks to our playbook.

Add a Default Index File

We can tell it to transfer a file from our Ansible server onto the host by adding some lines like this:
---
- hosts: droplets
  tasks:
    - name: Installs nginx web server
      apt: pkg=nginx state=installed update_cache=true
      notify:
        - start nginx

    - name: Upload default index.html for host
      copy: src=static_files/index.html dest=/usr/share/nginx/www/ mode=0644

  handlers:
    - name: start nginx
      service: name=nginx state=started
We can then make a directory called static_files in our current directory and place an index.html file inside.
mkdir static_files
nano static_files/index.html
Inside of this file, let's just create a basic html structure:
<html>
  <head>
    <title>This is a sample page</title>
  </head>
  <body>
    <h1>Here is a heading!</h1>
    <p>Here is a regular paragraph.  Wow!</p>
  </body>
</html>
Save and close the file.
Now, when we re-run the playbook, Ansible will check each task. It will see that Nginx is already installed on the host, so it will leave it be. It will see the new task section and replace the default index.html file with the one from our server.

Registering Results

When you are installing and configuring services manually, it is almost always necessary to know whether your actions were successful or not. We can cook this functionality into our playbooks by using "register".
For each task, we can optionally register its result (failure or success) in a variable that we can check later on.
When using this functionality, we also have to tell Ansible to ignore errors for that task, since normally it aborts the playbook execution for that host if any trouble happens.
So, if we want to check whether a task has failed or not to decide on subsequent steps, we can use the register functionality.
For instance, we could tell our playbook to upload an index.php file if it exists. If that task fails, we could instead try to upload an index.html file. We will check for the failure condition in the other task because we only want to upload the HTML file if the PHP file fails:
---
- hosts: droplets
  tasks:
    - name: Installs nginx web server
      apt: pkg=nginx state=installed update_cache=true
      notify:
        - start nginx

    - name: Upload default index.php for host
      copy: src=static_files/index.php dest=/usr/share/nginx/www/ mode=0644
      register: php
      ignore_errors: True

    - name: Remove index.html for host
      command: rm /usr/share/nginx/www/index.html
      when: php|success

    - name: Upload default index.html for host
      copy: src=static_files/index.html dest=/usr/share/nginx/www/ mode=0644
      when: php|failed

  handlers:
    - name: start nginx
      service: name=nginx state=started

Note: We have not configured our host to handle PHP files at this time, so even if you did upload a PHP file, it would not be processed correctly.
This new version tries to upload a PHP index file to the host. It registers the success of the operation into a variable called "php".
If this operation was successful, the task to remove the index.html file is run next.
If the operation failed, the index.html file is uploaded instead.

Conclusion

Now, you should have a good handle on how to automate complex tasks using Ansible. This is a basic example of how you can begin to build your configuration library.
Combining host and group definitions as we learned about in the first tutorial, and using available variables to fill in information, we can begin to put together complex computer systems that interact with each other. In a future article, we will discuss how to implement variables into our playbooks and create roles to help manage complex tasks.


courtesy : digitalocean.com
 
00:52Anuroop Melarayil

Installing, configuring , PHP in apache server ww.linuxtipsz.blogspot.in
























PHP is a server-side scripting language designed for web development but also used as a general-purpose programming language. Originally created by Rasmus Lerdorf in 1994,the PHP reference implementation is now produced by The PHP Group. PHP originally stood for Personal Home Page,but it now stands for the recursive backronym PHP: Hypertext Preprocessor.




PHP code may be embedded into HTML code, or it can be used in combination with various web template systems, web content management system and web frameworks. PHP code is usually processed by a PHP interpreter implemented as a module in the web server or as a Common Gateway Interface (CGI) executable. The web server combines the results of the interpreted and executed PHP code, which may be any type of data, including images, with the generated web page. PHP code may also be executed with a command-line interface (CLI) and can be used to implement standalone graphical applications.




The standard PHP interpreter, powered by the Zend Engine, is free software released under the PHP License. PHP has been widely ported and can be deployed on most web servers on almost every operating system and platform, free of charge.




The PHP language evolved without a written formal specification or standard until 2014, leaving the canonical PHP interpreter as a de facto standard. Since 2014 work has gone on to create a formal PHP specification.




During the 2010s there have been increased efforts towards standardisation and code sharing in PHP applications by projects such as PHP-FIG in the form of PSR-initiatives as well as Composer dependency manager and the Packagist repository.







Steps to configure PHP in apache webserver (HTTPD).




· Install php rpms using “Yum install php –y “ . If yo are facing any issue with yum please go to my post on Yum issues.




· Edit httpd.conf “ vi /etc/httpd/conf/httpd.conf” and add “LoadModule php5_module modules/libphp5.so” to the file




· Also add the below code snipet to http.conf and restart the apache server.










<FilesMatch \.phpgt;




SetHandler application/x-httpd-php




</FilesMatch>
10:09Anuroop Melarayil

Installing, configuring , allowing remote access in mysql server ww.linuxtipsz.blogspot.in


























MySQL (officially pronounced as /maɪ ˌɛskjuːˈɛl/ "My S-Q-L") is an open-source relational database management system (RDBMS). In July 2013, it was the world's second most[a] widely used RDBMS, and the most widely used open-source client–server model RDBMS.[9] It is named after Michael Widenius' (who is a co-founder of MySQL) daughter, My, while "SQL" stands as the abbreviation for Structured Query Language. The MySQL development project has made its source code available under the terms of the GNU General Public License, as well as under a variety of proprietary agreements. MySQL was owned and sponsored by a single for-profit firm, the Swedish company MySQL AB, now owned by Oracle Corporation. For proprietary use, several paid editions are available, and offer additional functionality.


MySQL is a popular choice of database for use in web applications, and is a central component of the widely used LAMP open-source web application software stack (and other "AMP" stacks). LAMP is an acronym for "Linux, Apache, MySQL, Perl/PHP/Python". Free-software open-source projects that require a full-featured database management system often use MySQL. Applications that use the MySQL database include: TYPO3, MODx, Joomla, WordPress, phpBB, MyBB, Drupal and other software. MySQL is also used in many high-profile, large-scale websites, including Google (though not for searches), Facebook ,Twitter,Flickr and YouTube.


On all platforms except Windows, MySQL ships with no GUI tools to administer MySQL databases or manage data contained within the databases. Users may use the included command line tools, or install MySQL Workbench via a separate download. Many third party GUI tools are also available.






Steps to install , configure and allow remote access in mysql server


1. Install the mysql rpms using yum “ yum install mysql ”. If you are facing any issues with yum please refer my previous post on yum issues.


2. Start mysqld service using “service mysqld start”


3. Configure your mysql database using “/usr/bin/mysql_secure_installation”


4. Now login to you mysql server using “mysql –u root -p” and enter the mysql root password which you have given in last step.


5. Now you can create database in your mysql server using “create database mysqldbtst;”


6. Now switch to mysqldbtst database using “use mysqldbtst;”


7. Grand access to the database using “grant all privileges on Testdb to 'testuser'@'%' identified by 'Test@123';”
10:32Anuroop Melarayil

Ansible server Installation on Centos ( Not ansible tower)

Ansible is a free-software platform for configuring and managing computers which combines multi-node software deployment, ad hoc task execution, and configuration management. It manages nodes (Linux nodes must have Python 2.4 or later installed on them, Windows nodes require PowerShell 3.0 or later) over SSH or over PowerShell.Modules work over JSON and standard output and can be written in any programming language. The system uses YAML to express reusable descriptions of systems. The main components of Ansible are


  • Inventory configuration file
  • Playbook file



07:14Anuroop Melarayil

USER MANAGEMENT BASICS


HERE I AM INTRODUCING SOME USER COMMAND AND THEIR USE IN OUR
DAILY USER ADMINISTRATION

useradd - for adding users to your linux machine

syntax : useradd -[option] [$username]

the main options are as listed below with a example.


useradd -u 508 -d /var/user1 -s /bin/bash newuser
create a user named newuser with uid 508 ,home directory /var/user1 and default shell as /bin/bash

useradd -M newuser4 
create a user named newuser4 without creating a home directory for the user

useradd -N newuser5
create a user named newuser5 without creating a private group for the user

useradd -r newuser6 
create a system user ie uid below 500


useradd -e 2013-12-05 newuser1
create a user named newuser1 with expire date 05-12-2013

useradd -g ftp newuser2
create a user named newuser2 with default group as ftp here instead of group name we can also use 
the gid of the perticular group

useradd -G ftp,root newuser3
create a user named newuser3 with primary group newuser3 and secondry groups root,ftp


usermod -Command used for modifying the user parameters.

syntax : usermod -[option] [$user]
the above mentioned options (ie useradd options) can also used with usermod


userdel : Command for deleting user

syntax : userdel -[option] [$user]

userdel without option will delete the user but it will not delete the home directory for the user for that we have to use -r option

userdel -r newuser3

this command remove newuser3 as well as its home directory

groupadd - Command used for adding a group

syntax : groupadd -[options] [$groupname]

here is some examples 

groupadd -g 567 newgroup

create a group named newgroup with gid 567

groupmod -Command for modifying group parameter 

groupdel - Command for removing a group 

                                                                                                                                 continued ...............

01:30Anuroop Melarayil

Configuring ISCSI initiator in Linux

Internet Small Computer System Interface is a Storage Area Network (SAN) protocol,It is an Internet Protocol (IP)-based storage networking standard for linking data storage facilities. By carrying SCSI commands over IP networks, iSCSI is used to facilitate data transfers over intranets and to manage storage over long distances. iSCSI can be used to transmit data over local area networks (LANs), wide area networks (WANs), or the Internet and can enable location-independent data storage and retrieval.
The icsci clients (called initiators) send SCSI commands to SCSI storage devices (targets) on remote servers. Unlike traditional Fibre Channel, which requires special-purpose cabling, iSCSI can be run over long distances using existing network infrastructure.

iSCSI Initiator (iSCSI client)
      An initiator typically serves the same purpose to a computer as a SCSI bus adapter would, except that instead of physically cabling SCSI devices (like hard drives and tape changers), an iSCSI initiator sends SCSI commands over an IP network. An initiator falls into two broad types:

Software initiator

A software initiator uses code to implement iSCSI. Software initiators are available for most popular operating systems and are the most common method of deploying iSCSI.

Hardware initiator


A hardware initiator uses dedicated hardware, typically in combination with software (firmware) running on that hardware, to implement iSCSI. 

 IQN ( iSCSI Qualified Name)
iSCSI qualified names are given to targets as well as initiator as a reference to them.Structure of  IQN is given below
iqn.<date (yyyy-mm) >.<reversed domain name >.<optional prefix>
                  
                Example :iqn.2012-03.in.ktux91.san:iscsi1



Configuring iSCSI Initiators

 yum install iscsi-initiator-utils

chkconfig iscsi on
chkconfig iscsid on
service iscsi start
To set an initiator name
Vi /etc/iscsi/initiatorname.iscsi
InitiatorName=iSCSI_Qualified_Name



iscsiadm    Utility to manage iscsi initiator
-m ->mode  = discovery | node |
-t -> type


Discovering Targets
iscsiadm -m discovery -t <target_type>  -p <target_ip>

Logging In to an iSCSI Target
iscsiadm -m node --targetname <target_name> -p <target_IP:port> -l

Once logged in we can find the device by fdisk -l,and configure it in the same way as we do the local disks.





For more videos on centos and other opensource solutions please visit ktux91

SIMPLE INCREMENTAL BACKUP USING rsync COMMAND

Backups  can be classified to two types.They are

1)Full backup
The entire data will be backup will be taken every time

2)Incremental backup

Incremental backup take the full backup at the first time ,from the second time it will compare the files in first backup and the files in the directory which backup to be taken and only copy the modified files .



rsync

The rsync utility allows you to copyfrom local sysstem to a remote system or copy between two local directories .If the files exist in the destination directory ,rsync only copy the differences in the file,this property of rsync make it ideal for incremental backup

here is the syntax for rsync

rsync [options] [source folder] [Destination]

Example

rsync -azv /etc/sysconfig /backup/

In the above example the entire sysconfig directory will be copied to /backup folder when firsttime we run this command ,from second time onwards rsync checks the files in folder /backup with /etc/sysconfig and only copy the differnce in sysconfig file to /backup folder
14:03Anuroop Melarayil

CONFIGURING PXE BOOT SERVER FOR INSTALLING LINUX WITHOUT CD OR OTHER MEDIA

FOR INSTALLING LINUX WITHOUT ANY CD OR OTHER MEDIA WE HAVE TO SETUP A PXE SERVER.PXE STANDS FOR PREBOOT EXECUTION ENVIRONMENT WHICH ALLOWS YOU TO BOOT DIRECTLY FROM YOUR PXE SERVER AND ACCESS THE DATA FROM PXE SERVER FOR FURTHER INSTALLATION.YOU CAN ALSO USE KICKSTART TO FILE TO INSTALL FOR FULLY AUTOMATED INSTALLATION.


REQUIREMENTS

1) CENTOS SERVER (CAN BE RHEL OR OTHER DISTRO)
2)CLIENT WITH A NIC SUPPORTS PXE

STEPS OF PXE SERVER INSTALLATION

1) INSTALLING PACKAGES REQUIRED FOR PXE SERVER
2)CONFIGURING DHCP SERVER FOR PXE SERVER
3) TFTP CONFIGURATION FOR PXE
4)VSFTP CONFIGURATION FOR PXE SERVER
5)PXE SERVER CONFIGURATION

PLEASE FOLLOW THE STEPS IN THE VIDEO FOR FURTHER REFERENCE

SERVER CONFIGURATION

CLIENT SIDE CONFIGURATION
THANKS IF ANY DOUBTS KEEP YOUR COMMENTS
12:54Anuroop Melarayil

ENABLE MINIMIZE AND MAXIMIZE IN FEDORA 17

Step 1.

install gnome-tweek-tool using yum

yum install gnome-tweek-tool

Step 2.

Run gnome tweek tool

ENABLE MINIMIZE AND MAXIMIZE IN FEDORA 17


Step 3.

select shell tab

ENABLE MINIMIZE AND MAXIMIZE IN FEDORA 17

Step 4.

change the value " arrangement of buttons ontitle bar" from close only to all

ENABLE MINIMIZE AND MAXIMIZE IN FEDORA 17
That's it

Automount NFS share by editing fstab file in centos /Rhel

For automounting NFS we have to /etc/fstab . The fstab file contains entries of partition to be auto mounted during linux system startup.please follow the video for
mounting nfs share automatically.


rsize - read size
wsize - write size
These two entries are used for bandwidth optimization 

Linux File Sharing Using NFS(nfs server configuration on centos/Rhel)

tion NFS stands for Network File System . NFS is a distributed file system protocol devoloped by sun microsystems at the year of 1984.Using nfs users can acces the shared data on other computers it also allows to automount the file system by adding entries to /etc/fstab. Auto mounting NFS topic we will discuss on our next video.NFS is built on open network computing remote procedure call (ONC RPC). NFS has total for versions starts from NFSV1 to NFSV4.The configration file for NETWORK FILE SYSTEM (NFS) is /etc/exports. We have to add entry for the directory which has to be shared.we can also define some acess controll For nfs by editing the file.Here i am going to give a small example for /etc/exports file

/user/shared  192.168.1.110/24(rw,sync)
    
This means that the directory /user/shared is shared using nfs and only the client having  ip 192.168.1.110 and subnet 255.255.255.0 is permission to access the directory over nfs.we can change the ipaddress and subnet with a '*' symbol to allow access permission for all.


/user/shared  *(rw,sync)


and also we can change rw with ro for read only permission
showmount -e command will help to find which folders are shared on the server using nfs.the syntax is given below

 showmount -e 192.168.1.100



here 192.168.1.100 is the ip of my nfs server.The nfs configuration of nfs server and how to mount the nfs share on the client is shown in below video






 

Secure linux system by using GRUB PASSWORD

oIt is very easy to change our root password when somebody get the physical acess to your system.
In order to protect your root password  we can protect your GRUB using a password.The Grub password
will restrict the physical user to enter to single user mode by editing the kernel parameter at the boot menu.
If grub password is set ,then it will prompt as password in order to edit the kernel parameters at the boot menu.
the following video will demonstrate you how to set grub password to your system


THANKS

SELINUX BASICS

Here i am going to explain the basic configuration of selinux.Through theses steps you can easily administrate
your selinux policies. Here is the simple step of enabling and disabling policies of different application.

In the above video i am enabling the anonymous write for ftp .The first step is to get the Boolean . If you want
to enable something about nfs then you have to type the below command.
 getsebool -a |grep nfs    
for ftp
getsebool -a |grep ftp
 After that you can set the value for Boolean using setsebool command  .For example
setsebool allow_ftpd_anon_write on

The above command will enable anonymous Ftp write through selinux,but it will be a temporary and it will go
back to it initial stage after system restart .For permanent changes ucan use -p along with setsebool
setsebool -p allow_ftpd_anon_write on

These are the basics of selinux  .Thank you all

Installing ubuntu on windows partiton

It is very easy to install ubuntu on your windows partiton with out formatting it .what we have to do is
just put the cd to the windows machine and boot windows and open the drive.the video will take you
through the further step




Thanks
23:33Anuroop Melarayil

SET USER PERMISSIONS IN LINUX

It is very easy to set user permissions for a file in Linux.For setting the user permissions in Linux we use ACL.
ACL means access control list.For enabling user permissions in Linux we have to edit the file /etc/fstab and add
the entry acl.In the video ,for setting user permissions on my root (/) partition i have edited the fstab and
added a entry "acl". And remounted my root partition .It will enable user permissions on my root partition
.Then i created a file for test named "acltest" and given only execute permission for my user "testuser"
.Then i exited from my root shell and try to read and write the file.it is giving a permission denied error because
the  permission set for test user is only execution.We can also list the permission using "getfacl" command
The syntax is

getfacl [filename]

NB: [ is not required


THANKS

SCO UNIX 5.5 INSTALLATION

This our first video training on UNIX .I am directly going to the video.



Thanks
11:09Anuroop Melarayil

Ubuntu 12.04 LTS (Precise Pangolin) Installation

Ubuntu is one of the popular Linux Distributions.The Latest version of Ubuntu is Ubuntu 12.04 LTS .Ubuntu 12.04 LTS (Precise Pangolin) was released on 26 april 2012.Ubuntu 12.04 is fourth long term support version
from ubuntu.One of the main changes of ubuntu 12.04 LTS is its fast booting.Here I am going to Demostrate
how to Install Ubuntu 12.04 LTS (Precise Pangolin).





 
04:23Anuroop Melarayil

HP LASERJET PRINTER INSTALLATION ON RHEL / CENTOS

Hp printers are coming in a lot of varieties. Hp printers are now common at any office are because they very
easy to manage and install. In windows Installation of hp printer will take less than one minute.But for Linux
Installing hp printers became a headache .Here i am providing you a video session which help to Install Hp
printers in linux with in two minutes.The first thing you need to do is just download the tar file from the below
link
Download Hp Laserjet Printer drivers

Then follow the steps in the video uploaded here .That's it.




Common Ftp Folder for all FTP users

As the requirement from some some of our blog user,i am forced to discuss about configuring
a common ftp folder for all users.The configuration file /etc/vsftpd/vsftpd.conf  contains all
configuration of our vsftp.so we can configure the common ftp folder for all users by editing
this file. The below video will guide you to configure the common ftp folder for all users.


Thanks