1 00:00:06,860 --> 00:00:10,330 - All right, let's create a solution for this lab. 2 00:00:10,330 --> 00:00:12,490 So I am creating, 3 00:00:12,490 --> 00:00:14,100 lesson3.yaml. 4 00:00:17,715 --> 00:00:20,660 And we need to start with the three hyphens 5 00:00:20,660 --> 00:00:23,200 and then the play header. 6 00:00:23,200 --> 00:00:25,280 So what are we going to do? 7 00:00:25,280 --> 00:00:29,377 Install and run vsftpd. 8 00:00:31,690 --> 00:00:34,530 We run it on hosts all, 9 00:00:34,530 --> 00:00:37,890 and then we specify the tasks. 10 00:00:37,890 --> 00:00:39,280 Task number one. 11 00:00:39,280 --> 00:00:43,870 Name, install the package. 12 00:00:43,870 --> 00:00:45,997 So definitely we need the packages 13 00:00:45,997 --> 00:00:48,057 and packages need to be vsftpd. 14 00:00:50,690 --> 00:00:54,050 Then, oops that's not good. 15 00:00:54,050 --> 00:00:55,080 I'm using package. 16 00:00:55,080 --> 00:00:56,851 Package is not name of the package. 17 00:00:56,851 --> 00:00:58,060 It's the name of the module. 18 00:00:58,060 --> 00:01:01,900 So vsftpd is an argument 19 00:01:01,900 --> 00:01:04,530 to that module, so this is how I need to do it. 20 00:01:04,530 --> 00:01:06,503 Package name vsftpd. 21 00:01:07,390 --> 00:01:10,730 Then we are going to use name, 22 00:01:10,730 --> 00:01:13,380 run the service. 23 00:01:13,380 --> 00:01:14,830 And in order to do so, 24 00:01:14,830 --> 00:01:17,000 we use a service module, 25 00:01:17,000 --> 00:01:18,930 and in the service module, 26 00:01:18,930 --> 00:01:21,911 we use name vsftpd, 27 00:01:21,911 --> 00:01:26,073 state started. 28 00:01:27,750 --> 00:01:29,490 Enabled, yes. 29 00:01:29,490 --> 00:01:31,870 Now, this is something that you need to double check, 30 00:01:31,870 --> 00:01:36,040 because myself, I'm always confused about the state 31 00:01:36,040 --> 00:01:37,950 and enable and stuff like that. 32 00:01:37,950 --> 00:01:39,270 Easiest way to double check, 33 00:01:39,270 --> 00:01:40,532 go to Ansible doc 34 00:01:40,532 --> 00:01:43,890 and have a look at what you can see here. 35 00:01:43,890 --> 00:01:45,292 So we can see states. 36 00:01:45,292 --> 00:01:46,920 Here we have state started. 37 00:01:46,920 --> 00:01:48,350 Here we have enabled, yes. 38 00:01:48,350 --> 00:01:49,550 So that is okay. 39 00:01:49,550 --> 00:01:53,513 State started, enabled yes is what it is. 40 00:01:54,590 --> 00:01:57,120 Then we have the firewall. 41 00:01:57,120 --> 00:02:00,560 Open firewall, and I'm going 42 00:02:00,560 --> 00:02:02,260 to use firewall d 43 00:02:03,520 --> 00:02:06,412 and I'm using name. 44 00:02:06,412 --> 00:02:08,060 Name, you said name? 45 00:02:08,060 --> 00:02:09,960 Again, I need to check this 46 00:02:09,960 --> 00:02:13,573 in my documentation, Ansible doc. 47 00:02:14,430 --> 00:02:18,900 So in firewall d, we are not using name. 48 00:02:18,900 --> 00:02:20,450 We're using service. 49 00:02:20,450 --> 00:02:23,620 So we have permanent state and immediate. 50 00:02:23,620 --> 00:02:26,970 So service, permanent state, immediate. 51 00:02:26,970 --> 00:02:31,433 So let's give it service vsftpd, 52 00:02:32,330 --> 00:02:33,290 state 53 00:02:37,900 --> 00:02:41,903 and now forgot which options to use, state enabled. 54 00:02:44,450 --> 00:02:46,410 Permanent, yes. 55 00:02:46,410 --> 00:02:49,640 And immediate, yes. 56 00:02:49,640 --> 00:02:51,010 And hey, do you see what's going wrong? 57 00:02:51,010 --> 00:02:53,920 Wrong lib syntax highlighting. 58 00:02:53,920 --> 00:02:55,930 D's and L's have syntax highlighting. 59 00:02:55,930 --> 00:02:57,330 I forgot a colon. 60 00:02:57,330 --> 00:02:58,163 You know what? 61 00:02:58,163 --> 00:03:00,280 Let's just run it while forgetting the colon 62 00:03:00,280 --> 00:03:02,580 and see, are we really don't need 63 00:03:02,580 --> 00:03:04,060 to do any syntax checking 64 00:03:04,060 --> 00:03:05,900 to figure out if it's doing all right? 65 00:03:05,900 --> 00:03:07,085 So Ansible playbook on, 66 00:03:07,085 --> 00:03:09,955 lesson3.yaml, is telling me what? 67 00:03:09,955 --> 00:03:12,490 It's telling me, oh, we have a problem 68 00:03:12,490 --> 00:03:16,910 and the problem seems to be here. 69 00:03:16,910 --> 00:03:18,501 As you can see, it's pretty accurate. 70 00:03:18,501 --> 00:03:20,640 So based on that information, 71 00:03:20,640 --> 00:03:25,640 we can easily identify that firewall d needs a colon. 72 00:03:25,650 --> 00:03:26,483 One more thing. 73 00:03:26,483 --> 00:03:27,970 I just changed my mind. 74 00:03:27,970 --> 00:03:29,550 Of course we can write a playbook 75 00:03:29,550 --> 00:03:33,115 that will do this on Ubuntu and on Rocky as well. 76 00:03:33,115 --> 00:03:36,200 But at this stage in the course, 77 00:03:36,200 --> 00:03:38,202 it's not reasonable to expect 78 00:03:38,202 --> 00:03:39,850 that you can already do that. 79 00:03:39,850 --> 00:03:41,650 So I'm skipping the Ubuntu part 80 00:03:41,650 --> 00:03:43,931 and we make this Rocky exclusively. 81 00:03:43,931 --> 00:03:45,640 So here we go. 82 00:03:45,640 --> 00:03:48,070 Again, we are running the playbook. 83 00:03:48,070 --> 00:03:49,070 Oh, one more thing. 84 00:03:49,070 --> 00:03:50,330 Do we need facts? 85 00:03:50,330 --> 00:03:51,540 I don't need facts. 86 00:03:51,540 --> 00:03:55,790 Gather facts set to no, there we go. 87 00:03:55,790 --> 00:03:57,453 It'll speed it up a little bit. 88 00:03:57,453 --> 00:04:00,590 Packages are not a part of the fact anyway. 89 00:04:00,590 --> 00:04:03,500 So it'll use yam to figure out 90 00:04:03,500 --> 00:04:06,350 if the packaging is installed, yes or no. 91 00:04:06,350 --> 00:04:08,350 And yam is using this cache 92 00:04:08,350 --> 00:04:09,820 and this cache is always slow. 93 00:04:09,820 --> 00:04:11,690 And that's just the way, how it is. 94 00:04:11,690 --> 00:04:14,940 You might want to consider optimizing yam and yam cache 95 00:04:14,940 --> 00:04:17,920 if you want to speed up that procedure, 96 00:04:17,920 --> 00:04:19,670 which for now we need to wait 97 00:04:19,670 --> 00:04:24,220 and sit it out and see what the result is going to be. 98 00:04:24,220 --> 00:04:25,053 So there we go. 99 00:04:25,053 --> 00:04:27,230 The package is installed right now. 100 00:04:27,230 --> 00:04:28,410 It is running the service, 101 00:04:28,410 --> 00:04:31,170 and once the service is started, 102 00:04:31,170 --> 00:04:33,563 it should go to firewall and we should be good. 103 00:04:35,350 --> 00:04:36,183 And oh no. 104 00:04:36,183 --> 00:04:37,016 What do we get? 105 00:04:37,016 --> 00:04:39,923 We get an invalid service on the firewall. 106 00:04:40,940 --> 00:04:41,920 So what is happening? 107 00:04:41,920 --> 00:04:45,565 Yeah, vsftpd is not amongst the existing services. 108 00:04:45,565 --> 00:04:47,470 Let me do a quick check. 109 00:04:47,470 --> 00:04:49,162 Firewall c and d. 110 00:04:49,162 --> 00:04:52,793 Dash dash, get services, 111 00:04:53,710 --> 00:04:56,620 is showing all the services that we have available 112 00:04:56,620 --> 00:04:58,210 and it's not vsftpd, 113 00:04:58,210 --> 00:05:00,970 it's FTP, as you can see right here. 114 00:05:00,970 --> 00:05:03,620 So we need to run it again, 115 00:05:03,620 --> 00:05:08,620 and we need to make that not the d and just FTP. 116 00:05:08,970 --> 00:05:11,250 So this should be doing it. 117 00:05:11,250 --> 00:05:12,853 Let's go there again. 118 00:05:14,440 --> 00:05:16,980 So now we can see that the firewall is open 119 00:05:16,980 --> 00:05:18,580 and hey, if you want to do it again, 120 00:05:18,580 --> 00:05:21,663 run it one more time to verify the item potency. 121 00:05:25,280 --> 00:05:26,113 And there we go. 122 00:05:26,113 --> 00:05:27,640 As you can see, this is a nice 123 00:05:27,640 --> 00:05:30,433 idempotent playbook, mission accomplished.