1
00:00:06,800 --> 00:00:09,019
- So let's go develop a solution.

2
00:00:09,019 --> 00:00:11,671
So this solution will
be a little bit bigger

3
00:00:11,671 --> 00:00:15,763
than the labs that we've seen so far.

4
00:00:15,763 --> 00:00:18,063
So let's call a lab seven yaml.

5
00:00:18,900 --> 00:00:21,614
In this solution we need
to do a couple of things.

6
00:00:21,614 --> 00:00:25,920
So we need to install vsftpd
on all of the managed host

7
00:00:25,920 --> 00:00:28,320
and copy the file etc vsftpd.

8
00:00:28,320 --> 00:00:31,410
That's definitely the first phase.

9
00:00:31,410 --> 00:00:34,022
So let's start with that

10
00:00:34,022 --> 00:00:39,022
and let's do name copy conf file to local.

11
00:00:43,737 --> 00:00:47,710
Posts all, tasks.

12
00:00:47,710 --> 00:00:49,050
So what are we going to do?

13
00:00:49,050 --> 00:00:51,525
Well in order to get a configuration file,

14
00:00:51,525 --> 00:00:55,333
we are going to install vsftpd.

15
00:00:56,520 --> 00:00:59,233
So that would be DNF.

16
00:01:03,970 --> 00:01:05,990
No dash because it's just properties,

17
00:01:05,990 --> 00:01:07,500
it's not the list.

18
00:01:07,500 --> 00:01:12,500
Name vsftpd state latest.

19
00:01:12,810 --> 00:01:17,390
And after installing it, we
can use the fetch module.

20
00:01:17,390 --> 00:01:19,993
So fetch the file.

21
00:01:20,848 --> 00:01:24,090
In order to do that, we are using fetch

22
00:01:25,120 --> 00:01:26,513
and this fetch-

23
00:01:29,900 --> 00:01:32,640
Well in order to use
fetch let's have a look

24
00:01:32,640 --> 00:01:34,122
at the documentation.

25
00:01:34,122 --> 00:01:37,350
It's always wise,
especially for those models

26
00:01:37,350 --> 00:01:40,153
that you don't use on a daily basis

27
00:01:40,153 --> 00:01:41,770
to have a look at the documentation.

28
00:01:41,770 --> 00:01:42,603
So there we go.

29
00:01:42,603 --> 00:01:46,480
Ansible dot fetch, we need flat.

30
00:01:46,480 --> 00:01:47,557
We need dest

31
00:01:48,910 --> 00:01:51,040
and we need SRC.

32
00:01:51,040 --> 00:01:54,308
I think that's enough, flat, dest and SRC.

33
00:01:54,308 --> 00:01:58,030
So SRC.

34
00:01:58,030 --> 00:02:02,830
That's what we start with,
etc, vsftpd, vsftpd dot conf.

35
00:02:05,733 --> 00:02:08,010
Flat, yes.

36
00:02:08,010 --> 00:02:10,663
And destination TMP,

37
00:02:11,770 --> 00:02:14,583
TMP vsftpd dot conf.

38
00:02:16,037 --> 00:02:20,261
So that should be doing it.

39
00:02:20,261 --> 00:02:23,286
And then we can do the second part.

40
00:02:23,286 --> 00:02:26,310
And in the second part,
we are going to work

41
00:02:26,310 --> 00:02:30,563
on the file that we have
just fetched to local.

42
00:02:38,270 --> 00:02:43,270
So in order to do that second
play, modify fell on control.

43
00:02:44,438 --> 00:02:48,393
We are going to run that on local host,

44
00:02:49,322 --> 00:02:50,690
become yes

45
00:02:50,690 --> 00:02:54,290
just to ensure that we have
sufficient permissions.

46
00:02:54,290 --> 00:02:59,290
Then tasks and in tasks,
what are going to do?

47
00:02:59,650 --> 00:03:04,520
Well, we are going to add line to file.

48
00:03:04,520 --> 00:03:07,572
If it's just one line that
we need to add to a file

49
00:03:07,572 --> 00:03:12,470
then line in file should
be what we are doing.

50
00:03:12,470 --> 00:03:17,393
So name tmp vsftpd dot conf.

51
00:03:19,189 --> 00:03:21,133
And then line.

52
00:03:22,890 --> 00:03:27,243
And what exactly is that line going to be?

53
00:03:28,109 --> 00:03:31,534
Well, let's look it up once more,

54
00:03:31,534 --> 00:03:34,693
ansible doc line in file.

55
00:03:37,330 --> 00:03:39,570
I wanna have look at some examples.

56
00:03:39,570 --> 00:03:44,570
So we have path, line and everything else,

57
00:03:44,950 --> 00:03:47,251
I think path, line and that should be it.

58
00:03:47,251 --> 00:03:51,370
We don't have to do anything very complex.

59
00:03:51,370 --> 00:03:54,291
So let's just add the line.

60
00:03:54,291 --> 00:03:57,281
I don't really mind where it is.

61
00:03:57,281 --> 00:04:00,230
And if you do mind where it is

62
00:04:00,230 --> 00:04:02,825
then you can always consider
doing an insert after

63
00:04:02,825 --> 00:04:07,825
or an insert before, but I
am just going to use line

64
00:04:08,180 --> 00:04:12,320
and we are going to specify what we want.

65
00:04:12,320 --> 00:04:13,838
So what do we want?

66
00:04:13,838 --> 00:04:17,510
Well, we want hash

67
00:04:19,540 --> 00:04:24,540
written on ansible hostname,

68
00:04:27,530 --> 00:04:29,903
so that should be doing it.

69
00:04:29,903 --> 00:04:34,567
So that is, that is making
sure that we have the template,

70
00:04:34,567 --> 00:04:36,780
the template on the local machine

71
00:04:36,780 --> 00:04:41,400
and now we can use a
third play, finish it.

72
00:04:43,622 --> 00:04:48,622
So, oops, I'm seeing syntax
highlighting, not going well.

73
00:04:48,946 --> 00:04:53,946
And I think we better look at the line

74
00:04:53,977 --> 00:04:55,340
and the quoting in the line.

75
00:04:55,340 --> 00:04:56,173
And what do we see?

76
00:04:56,173 --> 00:04:57,860
We see that in the line, examples

77
00:04:57,860 --> 00:04:59,706
there is quotes everywhere.

78
00:04:59,706 --> 00:05:03,330
The quote is interesting
because there's a hash here.

79
00:05:03,330 --> 00:05:05,350
Hash has a special meaning.

80
00:05:05,350 --> 00:05:07,730
So let's keep the quotes

81
00:05:07,730 --> 00:05:10,760
and let's do a quote to the beginning.

82
00:05:10,760 --> 00:05:12,523
And also to the end of this line.

83
00:05:12,523 --> 00:05:17,485
Then we get the name, finish
it, again on hosts, all.

84
00:05:17,485 --> 00:05:21,762
At this point, we already
have vsftpd installed.

85
00:05:21,762 --> 00:05:24,194
I'm using default become parameters.

86
00:05:24,194 --> 00:05:27,209
Obviously we do need tasks

87
00:05:27,209 --> 00:05:32,209
and we are going to to first copy it.

88
00:05:32,360 --> 00:05:34,193
So copy config.

89
00:05:35,430 --> 00:05:38,753
Well, copy is the wrong
word, use template.

90
00:05:41,100 --> 00:05:45,480
So template is what we are going to do.

91
00:05:45,480 --> 00:05:48,305
And oh, I made an error in line in file.

92
00:05:48,305 --> 00:05:49,138
Do you see that?

93
00:05:49,138 --> 00:05:50,920
That's what's happening
when you are doing things

94
00:05:50,920 --> 00:05:53,234
on the fly, it's always a bit confusing.

95
00:05:53,234 --> 00:05:56,790
When do you need a dash
to indicate a list?

96
00:05:56,790 --> 00:05:58,097
And when don't you need it?

97
00:05:58,097 --> 00:06:01,342
Well you don't need it to
put arguments to a module.

98
00:06:01,342 --> 00:06:05,503
So here SRC is going to be tmp vsftpd

99
00:06:08,349 --> 00:06:10,453
and there I can see that something else

100
00:06:10,453 --> 00:06:12,000
is going wrong as well.

101
00:06:12,000 --> 00:06:16,043
So the SRC must be vsftpd dot j2.

102
00:06:17,480 --> 00:06:21,485
We can easily fix that by
tweaking the destination here

103
00:06:21,485 --> 00:06:23,970
but we do want the template

104
00:06:23,970 --> 00:06:28,030
to be in the j2 templating format.

105
00:06:28,030 --> 00:06:29,800
So vsftpd j2

106
00:06:30,750 --> 00:06:35,750
and then once more ansible doc template.

107
00:06:37,720 --> 00:06:39,865
Some people like ansible doc minus S

108
00:06:39,865 --> 00:06:43,690
to jump directly to the destination.

109
00:06:43,690 --> 00:06:45,107
I don't do that.

110
00:06:45,107 --> 00:06:48,040
I like seeing all of the documentation

111
00:06:48,040 --> 00:06:50,540
so that if in any case,
I need more information

112
00:06:50,540 --> 00:06:54,790
about specific option, I don't
have to run another command.

113
00:06:54,790 --> 00:06:55,940
And what do we see?

114
00:06:55,940 --> 00:06:58,640
We see source and destination,
pretty straightforward.

115
00:06:58,640 --> 00:07:02,699
So let's just keep it
pretty straightforward.

116
00:07:02,699 --> 00:07:07,570
Dest etc vsftpd

117
00:07:07,570 --> 00:07:11,320
vsftpd dot conf.

118
00:07:11,320 --> 00:07:13,239
And we don't need anything else.

119
00:07:13,239 --> 00:07:18,239
Next, we are going to use name, start it.

120
00:07:20,960 --> 00:07:23,016
Notice that I'm managing Red Hat here.

121
00:07:23,016 --> 00:07:28,016
Rocky is Red Hat family,
so I can use service

122
00:07:28,610 --> 00:07:33,506
and in service, I can
make sure that name vsftpd

123
00:07:33,506 --> 00:07:38,506
as state, started and enabled, yes.

124
00:07:40,307 --> 00:07:43,060
Oops, syntax highlighting is warning us

125
00:07:43,060 --> 00:07:44,670
that we were forgetting something.

126
00:07:44,670 --> 00:07:49,670
Already fixed that, last open firewall.

127
00:07:50,300 --> 00:07:54,867
So that will be firewall D, name ftp.

128
00:07:55,840 --> 00:07:58,150
This is firewall D and in firewall D

129
00:07:58,150 --> 00:08:01,010
we are addressing
services and it's just ftp

130
00:08:01,010 --> 00:08:05,387
because it works also for pure
ftp and other ftp processes.

131
00:08:05,387 --> 00:08:09,436
And in firewall D the state
and enabled an immediate,

132
00:08:09,436 --> 00:08:12,280
that's worth checking as well,

133
00:08:12,280 --> 00:08:14,000
because it's a little bit confusing.

134
00:08:14,000 --> 00:08:19,000
So ansible doc on firewall
D and in the example

135
00:08:19,650 --> 00:08:23,530
we can see service and
service is the name.

136
00:08:23,530 --> 00:08:26,430
So we need service and
permanent and state.

137
00:08:26,430 --> 00:08:31,430
State is enabled and there
is this immediate as well.

138
00:08:33,170 --> 00:08:34,003
Isn't it?

139
00:08:34,003 --> 00:08:35,088
And yeah, there we go.

140
00:08:35,088 --> 00:08:37,552
So immediate, immediate, yes.

141
00:08:37,552 --> 00:08:38,820
Permanent, yes.

142
00:08:38,820 --> 00:08:42,017
State enabled and service is what we need.

143
00:08:42,017 --> 00:08:45,893
So back here, service,

144
00:08:50,040 --> 00:08:52,952
immediate, yes.

145
00:08:52,952 --> 00:08:55,700
Permanent, yes.

146
00:08:55,700 --> 00:08:58,260
And state enabled.

147
00:08:58,260 --> 00:08:59,370
Just double checking

148
00:08:59,370 --> 00:09:02,600
because these options are so close,

149
00:09:02,600 --> 00:09:04,910
but there we go, state enabled.

150
00:09:04,910 --> 00:09:06,404
That is what we need.

151
00:09:06,404 --> 00:09:08,890
So that should be doing it.

152
00:09:08,890 --> 00:09:11,420
Now, notice that I've
been improvising here.

153
00:09:11,420 --> 00:09:12,920
I like improvising.

154
00:09:12,920 --> 00:09:16,060
That is because I know
my stuff a little bit

155
00:09:16,060 --> 00:09:17,604
and I give it a fair chance

156
00:09:17,604 --> 00:09:20,420
that this is working out alright.

157
00:09:20,420 --> 00:09:23,970
And my approach is, if it's
not working out alright,

158
00:09:23,970 --> 00:09:27,190
then we will see.

159
00:09:27,190 --> 00:09:30,670
So ansible playbook on lab7 dot yaml

160
00:09:30,670 --> 00:09:32,623
and we'll see what comes out of it.

161
00:09:36,815 --> 00:09:39,120
So we go wrong in the second play,

162
00:09:39,120 --> 00:09:40,220
add line to file.

163
00:09:40,220 --> 00:09:44,910
Add line to file is telling
me destination tmp vsftpd.

164
00:09:44,910 --> 00:09:47,850
I can understand that
because add line to file

165
00:09:47,850 --> 00:09:51,080
it was just me overseeing it.

166
00:09:51,080 --> 00:09:54,940
Shouldn't be adding
anything to vsftpd dot conf.

167
00:09:54,940 --> 00:09:57,240
It should be adding it to the j2 file.

168
00:09:57,240 --> 00:09:59,482
We created the j2 file.

169
00:09:59,482 --> 00:10:02,219
Before we are going on,

170
00:10:02,219 --> 00:10:06,673
I might as well check and
yeah, we can see the j2 exists.

171
00:10:08,580 --> 00:10:10,960
Normally, if you want to create a playbook

172
00:10:10,960 --> 00:10:12,620
that's a little bit more efficient,

173
00:10:12,620 --> 00:10:16,863
especially in order to avoid
doing things again and again.

174
00:10:16,863 --> 00:10:20,459
You might want to use tags,
but let's do that later.

175
00:10:20,459 --> 00:10:22,803
I don't see any tags here.

176
00:10:22,803 --> 00:10:27,720
What I do see is that,
oh, in use template,

177
00:10:27,720 --> 00:10:29,202
that is just too obvious.

178
00:10:29,202 --> 00:10:34,202
I put it in tmp, not in etc.

179
00:10:34,860 --> 00:10:37,947
But the thing is, if you use tags,

180
00:10:37,947 --> 00:10:40,890
you can use a tag on every single play.

181
00:10:40,890 --> 00:10:42,840
And if you use a tag on every single play

182
00:10:42,840 --> 00:10:47,200
you can only run the place
that need to be started again

183
00:10:47,200 --> 00:10:52,200
and there we can see
that vsftpd is available.

184
00:10:52,435 --> 00:10:53,983
Is it, really?

185
00:10:53,983 --> 00:10:57,260
Well let's do a quick check ansible

186
00:10:58,240 --> 00:11:03,240
on ansible one minus a
system ctl status vsftpd.

187
00:11:06,140 --> 00:11:09,528
And I know that is not testing
access through the firewall

188
00:11:09,528 --> 00:11:11,900
but here we go, it's accessible.

189
00:11:11,900 --> 00:11:15,490
So I think this is enough
for lesson seven lab.

190
00:11:15,490 --> 00:11:17,393
Let's move on with the next lesson.