Ansible

Configure passwordless ssh access to all servers - write an adhoc script to copy keys to other servers Storage has secondary disk attached Configure ansible user “davidt” with password for all servers. With passwordless sudo Add this to the ad hoc script Add roles path to ansible.cfg as ansible/roles Disable privillege escalation by default? Set ansible to manage 10 hosts at a time. Set davidt as ansible user VMS

Server hosting the storage: --- - name: Install Packages package: name: - nfs-utils state: present - name: Ensure directories to export exist file: # noqa 208 path: "{{ item }}" state: directory with_items: "{{ nfs_exports | map('split') | map('first') | unique }}" - name: Copy exports file template: src: exports.j2 dest: /etc/exports owner: root group: root mode: 0644 notify: reload nfs - name: Add firewall rule to enable NFS service ansible.posix.firewalld: immediate: true state: enabled permanent: true service: nfs notify: reload firewalld - name: Start and enable NFS service service: name: nfs-server state: started enabled: yes when: nfs_exports|length > 0 - name: Set SELinux boolean for NFS ansible.posix.seboolean: name: nfs_export_all_rw state: yes persistent: yes - name: install required package for sefcontext module yum: name: policycoreutils-python-utils state: present - name: Set proper SELinux context on export dir sefcontext: target: /{{ item }}(/.*)? setype: nfs_t state: present notify: run restorecon with_items: "{{ nfs_exports | map('split') | map('first') | unique }}" {% for host in nfs_hosts %} /data {{ host }} (rw,wdelay,root_squash,no_subtree_check,sec=sys,rw,root_squash,no_all_squash) {% endfor %} Variables: nfs_exports:

Why use EEs? Portable Ansible environments includes Ansible core version All desired collections Python dependencies Bindep dependencies Anything you need to run a playbook A container that has a specific version of Ansible. Can test execution in a specific Ansible environment to make sure it will work with that version.

Using Ansible Builder to build an Execution Environment

https://awx.wiki/installation https://github.com/MrMEEE/awx-rpm-v2 Error: fatal: [localhost]: FAILED! => {“msg”: “Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this. Please add this host’s fingerprint to your known_hosts file to manage this host.”}