Mike,
Thanks for your patience and assistance. I wanted to do it the way you
suggested so that I get in the habit of crafting my roles that can be
useful in other ways later. With that said, I think I am getting the hang
of what you are saying. I started completely over and separated my roles. I
also changed my naming convention on everything so that things don't get
lost in translation here. So, this is what I have so far:
This is what my directory structure now looks like. If you notice, I
created a directory called *powerbroker,* which is essentially my project.
Then, I created a sub-dir in there called *powerbroker_install *because
I'll eventually create another called *powerbroker_uninstall *later. Within
*powerbroker_install *I created three roles with *ansible-galaxy init *
*role_name* for dev|prod|test. Then, I have my host file, called
*powerbroker_hosts *and my *site.yml* right under the parent directory
*powerbroker_install*.
Here is a view:
roles
└── powerbroker
├── powerbroker_install
│ ├── pb_install_dev
│ │ ├── README.md
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── files
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── meta
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ └── main.yml
│ │ ├── templates
│ │ ├── tests
│ │ │ ├── inventory
│ │ │ └── test.yml
│ │ └── vars
│ │ └── main.yml
│ ├── pb_install_prod
│ │ ├── README.md
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── files
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── meta
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ └── main.yml
│ │ ├── templates
│ │ ├── tests
│ │ │ ├── inventory
│ │ │ └── test.yml
│ │ └── vars
│ │ └── main.yml
│ ├── pb_install_test
│ │ ├── README.md
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── files
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── meta
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ └── main.yml
│ │ ├── templates
│ │ ├── tests
│ │ │ ├── inventory
│ │ │ └── test.yml
│ │ └── vars
│ │ └── main.yml
│ ├── powerbroker_hosts
│ └── site.yml
Legend:
blue are the project and subdir of the project
green are the roles
yellow are the files I touched
So far, I have only worked in *pb_install_test*. The only file I touched
here is the following:
- pb_install_test/tasks/main.yml
Here is the content of the file:
---
# tasks file for pb_install_test
- name: install required nfs packages
yum: name={{ item }} state=present
with_items:
- nfs-utils
- nfs-utils-lib
- name: mount nfs share
mount: name=/tmp/pb_install src="hostname.server.com:/src/path"
fstype=nfs opts="vers=3" state=mounted
- name: install pbis and pbul
shell: /tmp/pb_install/pbis_install e1
- name: join systems to domain and correct ou
shell: /opt/pbis/bin/domainjoin-cli join --notimesync --disable hostname
--ou OU=UNIX,OU=Servers,DC=sub,DC=domain,DC=com subdomain.server.com
Then, I worked on *powerbroker_install/site.yml*. This is the content of
the file:
---
########################## Test Servers ###########################
- name: install powerbroker (pbis and pbul) to all test servers
hosts: e1servers
become: yes
roles:
- pb_install_test
########################## Dev Servers ###########################
#- name: install powerbroker (pbis and pbul) to all dev servers
# hosts: e2servers
# become: yes
# roles:
# - pb_install_dev
########################## Prod Servers ###########################
#- name: install powerbroker (pbis and pbul) to all prod servers
# hosts: e3servers
# become: yes
# roles:
# - pb_install_prod
########################## Variables Prompt ########################
vars_prompt:
- name: "ansible_sudo_pass"
prompt: "SUDO password"
private: yes
I turned off (commented out) the others because I am not ready to push to
those yet ;)
Looks like this is going to work well. However, I am running into a snag.
My last task needs me to provide a password. The task I am referring to is
from this file
- pb_install_test/tasks/main.yml
This is the actual task I am referring to:
- name: join systems to domain and correct ou
shell: /opt/pbis/bin/domainjoin-cli join --notimesync --disable hostname
--ou OU=UNIX,OU=Servers,DC=sub,DC=domain,DC=com subdomain.server.com
Not long ago while starting out, I was doing something like this to pass a
password to a command but not sure if this is the best approach for this:
- name: join systems to domain and correct ou
expect:
command: /bin/bash -c "/opt/pbis/bin/domainjoin-cli join --
notimesync --disable hostname --ou OU=UNIX,OU=Servers,DC=sub,DC=domain,DC=com
subdomain.server.com"
responses:
Password for Administrator: "password123"
While that worked before (I haven't tried it again), I feel like maybe
there is a better and more secure way to do this. Thoughts?
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/804cb06f-8177-4a7c-b44a-81d020b1d5d8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
