from sysadmin to cloud road to devops9 automation 101 install and enable apache and firewalld...
TRANSCRIPT
![Page 1: From SysAdmin to Cloud Road to DevOps9 Automation 101 Install and enable apache and firewalld Configure apache with a start page that shows the ip of each gce instance, for example:](https://reader035.vdocument.in/reader035/viewer/2022071214/6043d53feef40f70aa4bfc1b/html5/thumbnails/1.jpg)
Road to DevOps:From SysAdmin to Cloud
Automation 101
Alex CallejasTechnical Account Manager | GCS MéxicoSeptember, 2018
![Page 2: From SysAdmin to Cloud Road to DevOps9 Automation 101 Install and enable apache and firewalld Configure apache with a start page that shows the ip of each gce instance, for example:](https://reader035.vdocument.in/reader035/viewer/2022071214/6043d53feef40f70aa4bfc1b/html5/thumbnails/2.jpg)
Automation 1012
About meAlex CallejasTechnical Account Manager @Red Hat
@dark_axl
/rootzilopochtli
www.rootzilopochtli.com
![Page 3: From SysAdmin to Cloud Road to DevOps9 Automation 101 Install and enable apache and firewalld Configure apache with a start page that shows the ip of each gce instance, for example:](https://reader035.vdocument.in/reader035/viewer/2022071214/6043d53feef40f70aa4bfc1b/html5/thumbnails/3.jpg)
Automation 1013
+15 years ago 10 years ago 5 years ago Today
The time has changed
![Page 4: From SysAdmin to Cloud Road to DevOps9 Automation 101 Install and enable apache and firewalld Configure apache with a start page that shows the ip of each gce instance, for example:](https://reader035.vdocument.in/reader035/viewer/2022071214/6043d53feef40f70aa4bfc1b/html5/thumbnails/4.jpg)
Automation 1014
... and now, we're going to the cloud
![Page 5: From SysAdmin to Cloud Road to DevOps9 Automation 101 Install and enable apache and firewalld Configure apache with a start page that shows the ip of each gce instance, for example:](https://reader035.vdocument.in/reader035/viewer/2022071214/6043d53feef40f70aa4bfc1b/html5/thumbnails/5.jpg)
Automation 1015
But don't worry, it's nothing that the practice can't solve
![Page 6: From SysAdmin to Cloud Road to DevOps9 Automation 101 Install and enable apache and firewalld Configure apache with a start page that shows the ip of each gce instance, for example:](https://reader035.vdocument.in/reader035/viewer/2022071214/6043d53feef40f70aa4bfc1b/html5/thumbnails/6.jpg)
Automation 1016
How to start?
simple
![Page 7: From SysAdmin to Cloud Road to DevOps9 Automation 101 Install and enable apache and firewalld Configure apache with a start page that shows the ip of each gce instance, for example:](https://reader035.vdocument.in/reader035/viewer/2022071214/6043d53feef40f70aa4bfc1b/html5/thumbnails/7.jpg)
Automation 1017
A simple and basic example
webservers
load balancer
![Page 8: From SysAdmin to Cloud Road to DevOps9 Automation 101 Install and enable apache and firewalld Configure apache with a start page that shows the ip of each gce instance, for example:](https://reader035.vdocument.in/reader035/viewer/2022071214/6043d53feef40f70aa4bfc1b/html5/thumbnails/8.jpg)
Automation 1018
● Account on Google Cloud Platform
● Ansible installed on management node
○ Google Cloud Platform Guide
● We must also create a pair of RSA keys:
● If you use RHEL instances, you need subscribed with full support from Red Hat
○ Getting started with Red Hat Cloud Access
Prerequisites
$ ssh-keygen -t rsa -b 4096 -f <rsa key file>
![Page 9: From SysAdmin to Cloud Road to DevOps9 Automation 101 Install and enable apache and firewalld Configure apache with a start page that shows the ip of each gce instance, for example:](https://reader035.vdocument.in/reader035/viewer/2022071214/6043d53feef40f70aa4bfc1b/html5/thumbnails/9.jpg)
Automation 1019
● Install and enable apache and firewalld
● Configure apache with a start page that shows the ip of each gce instance, for example:
● Open the http port (80)
● Restart apache and firewalld to confirm the configuration
The role
$ cat apache_indexhtml.j2<!-- {{ ansible_managed }} --><html><head><title>Apache is running!</title></head><body><h1>Hello from {{ inventory_hostname }}</h1></body></html>$
![Page 10: From SysAdmin to Cloud Road to DevOps9 Automation 101 Install and enable apache and firewalld Configure apache with a start page that shows the ip of each gce instance, for example:](https://reader035.vdocument.in/reader035/viewer/2022071214/6043d53feef40f70aa4bfc1b/html5/thumbnails/10.jpg)
Automation 10110
1. The firewall rule to allow http traffic to our instances
2. Three instances based on Red Hat Enterprise Linux
or CentOS 7, for the preparation of each instance, the
aforementioned role will be used
3. The load balancer, indicating the name of our
backend instances
The playbooks
![Page 11: From SysAdmin to Cloud Road to DevOps9 Automation 101 Install and enable apache and firewalld Configure apache with a start page that shows the ip of each gce instance, for example:](https://reader035.vdocument.in/reader035/viewer/2022071214/6043d53feef40f70aa4bfc1b/html5/thumbnails/11.jpg)
Automation 10111
The playbooks$ cat gce-apache.yml---- name: Create gce webserver instances hosts: localhost connection: local gather_facts: True vars: service_account_email: <Your gce service account email> credentials_file: <Your json credentials file> project_id: <Your project id> instance_names: web1,web2,web3 machine_type: n1-standard-1 image: rhel-7 < centos-7 >
tasks: - name: Create firewall rule to allow http traffic gce_net: name: default fwname: "my-http-fw-rule" allowed: tcp:80 state: present src_range: "0.0.0.0/0" target_tags: "http-server" service_account_email: "{{ service_account_email }}" credentials_file: "{{ credentials_file }}" project_id: "{{ project_id }}"
![Page 12: From SysAdmin to Cloud Road to DevOps9 Automation 101 Install and enable apache and firewalld Configure apache with a start page that shows the ip of each gce instance, for example:](https://reader035.vdocument.in/reader035/viewer/2022071214/6043d53feef40f70aa4bfc1b/html5/thumbnails/12.jpg)
Automation 10112
The playbooks - name: Create instances based on image {{ image }} gce: instance_names: "{{ instance_names }}" machine_type: "{{ machine_type }}" image: "{{ image }}" state: present preemptible: true tags: http-server service_account_email: "{{ service_account_email }}" credentials_file: "{{ credentials_file }}" project_id: "{{ project_id }}" metadata: '{"sshKeys":"<Y our gce user: Your id_rsa_public key>"}' register: gce
- name: Save hosts data within a group add_host: hostname: "{{ item.public_ip }}" groupname: gce_instances_temp with_items: "{{ gce.instance_data }}"
Note: We must wait for the SSH port to be available, since if it is not listening, the playbook can send us an error and not execute the subsequent tasks and inject our previously created RSA public key to perform the post-creation tasks.
![Page 13: From SysAdmin to Cloud Road to DevOps9 Automation 101 Install and enable apache and firewalld Configure apache with a start page that shows the ip of each gce instance, for example:](https://reader035.vdocument.in/reader035/viewer/2022071214/6043d53feef40f70aa4bfc1b/html5/thumbnails/13.jpg)
Automation 10113
The playbooks
- name: Wait for ssh to come up wait_for: host={{ item.public_ip }} port=22 delay=10 timeout=60 with_items: "{{ gce.instance_data }}"
- name: Setting ip as instance fact set_fact: host={{ item.public_ip }} with_items: "{{ gce.instance_data }}"
- name: Configure instance post-creation hosts: gce_instances_temp gather_facts: True remote_user: <Your gce user> become: yes become_method: sudo
roles: - <path_to_role>/myapache$
![Page 14: From SysAdmin to Cloud Road to DevOps9 Automation 101 Install and enable apache and firewalld Configure apache with a start page that shows the ip of each gce instance, for example:](https://reader035.vdocument.in/reader035/viewer/2022071214/6043d53feef40f70aa4bfc1b/html5/thumbnails/14.jpg)
Automation 10114
The playbooks$ cat gce-lb.yml
---- name: Playbook to create gce load balancing instance hosts: localhost connection: local gather_facts: True
vars: service_account_email: < Your gce service account email> credentials_file: < Your json credentials file> project_id: < Your project id>
tasks:- name: Create gce load balancergce_lb:
name: lbserver state: present region: us-central1 members: ['us-central1-a/web1','us-central1-a/web2','us-central1-a/web3'] httphealthcheck_name: hc httphealthcheck_port: 80 httphealthcheck_path: "/" service_account_email: "{{ service_account_email }}" credentials_file: "{{ credentials_file }}" project_id: "{{ project_id }}"$
![Page 15: From SysAdmin to Cloud Road to DevOps9 Automation 101 Install and enable apache and firewalld Configure apache with a start page that shows the ip of each gce instance, for example:](https://reader035.vdocument.in/reader035/viewer/2022071214/6043d53feef40f70aa4bfc1b/html5/thumbnails/15.jpg)
Automation 10115
The playbooks
$ cat gce-lb-apache.yml
---# Playbook to create simple instances of gce rhel/apache with load balancing- import_playbook: gce-apache.yml- import_playbook: gce-lb.yml$
We use the following playbook to join both tasks and obtain the simple instances of GCE
Red Hat Enterprise Linux / Apache with load balancing:
![Page 16: From SysAdmin to Cloud Road to DevOps9 Automation 101 Install and enable apache and firewalld Configure apache with a start page that shows the ip of each gce instance, for example:](https://reader035.vdocument.in/reader035/viewer/2022071214/6043d53feef40f70aa4bfc1b/html5/thumbnails/16.jpg)
Automation 10116
The playbooks
$ ansible-playbook gce-lb-apache.yml --key-file <Your_id_rsa_key>
Run the playbook:
![Page 17: From SysAdmin to Cloud Road to DevOps9 Automation 101 Install and enable apache and firewalld Configure apache with a start page that shows the ip of each gce instance, for example:](https://reader035.vdocument.in/reader035/viewer/2022071214/6043d53feef40f70aa4bfc1b/html5/thumbnails/17.jpg)
Automation 10117
We’re ready!!
![Page 18: From SysAdmin to Cloud Road to DevOps9 Automation 101 Install and enable apache and firewalld Configure apache with a start page that shows the ip of each gce instance, for example:](https://reader035.vdocument.in/reader035/viewer/2022071214/6043d53feef40f70aa4bfc1b/html5/thumbnails/18.jpg)
Automation 10118
Next steps
Join Us!You only need a mail account: developers.redhat.com
Try itGet the trial: cloud.google.com
Share Share your doubts, scripts, playbooks, github, tricks, etc.
![Page 19: From SysAdmin to Cloud Road to DevOps9 Automation 101 Install and enable apache and firewalld Configure apache with a start page that shows the ip of each gce instance, for example:](https://reader035.vdocument.in/reader035/viewer/2022071214/6043d53feef40f70aa4bfc1b/html5/thumbnails/19.jpg)
Automation 10119
● Red Hat’s TAM Blog:○ Creating a load-balanced web service on cloud with Ansible
Other Posts:
● OpenSource.com:○ A sysadmin's guide to SELinux: 42 answers to the big
questions○ A sysadmin's handy cheat sheet for SELinux
Source
![Page 20: From SysAdmin to Cloud Road to DevOps9 Automation 101 Install and enable apache and firewalld Configure apache with a start page that shows the ip of each gce instance, for example:](https://reader035.vdocument.in/reader035/viewer/2022071214/6043d53feef40f70aa4bfc1b/html5/thumbnails/20.jpg)
THANK YOU!plus.google.com/+RedHat
linkedin.com/company/red-hat
youtube.com/user/RedHatVideos
facebook.com/redhatinc
twitter.com/RedHat