Lab 8 - Solution
""""""""""""""""

Mandatory
=========

Replace copy with template
--------------------------
* Change your ``ntp`` role
* Create the ``templates`` directory in your ntp role ``/home/ansible/training/roles/ntp/templates``
* Create the template file ``templates/ntp.conf.j2`` (copy the ntp.conf file from ``files/ntp.conf``)
* In your tasks file, replace the ``copy`` module with the ``template`` module
* Add a new task to start and enable the ntp service (see `Service Module <http://docs.ansible.com/ansible/2.5/modules/service_module.html>`_)
* Run the playbook
* Verify the configuration file
* If everything works, delete the file ``files/ntp.conf``

.. hint::

    Don't forget the ``.j2`` file extension.

.. code-block:: bash

    mkdir /home/ansible/training/roles/ntp/templates
    cp roles/ntp/files/ntp.conf roles/ntp/templates/ntp.conf.j2

.. code-block:: yaml

    # file: roles/ntp/tasks/main.yml
    - name: configure ntp
      template:
        src: ntp.conf.j2
        dest: /etc/ntp.conf
        owner: root
        group: root
        mode: 0644
      tags:
        - configuration

    - name: start and enable ntp
      service:
        name: ntp
        state: started
        enabled: yes
      tags:
        - service

    # run the playbook
    ansible-playbook ntp-role.yml

    # remove the old ntp.conf
    rm roles/ntp/files/ntp.conf

Use facts and ansible_header
----------------------------
* Add a comment in the ``ntp.conf.j2`` file with the fact ``ansible_os_family`` 
* Add a ``ansible_managed`` header in the ``ntp.conf.j2`` file
* Run the playbook and verify the configuration file on the managed host

.. code-block:: bash

    # file: roles/ntp/templates/ntp.conf.j2
    # {{ ansible_managed }}
    # {{ ansible_os_family }}
    ...

    # on the control node
    ansible-playbook ntp-role.yml

    # verify the configuration on the managed host
    ssh web1.<firstname>.lab "head /etc/ntp.conf"
    # Ansible managed
    # Debian

Loop
----
* Replace the ``pool server`` entries in your template file ``ntp.conf.j2``
* Loop over your ``ntp_servers`` list in the template ``ntp.conf.j2``
* Run the playbook with diff, to see the changes
* Verify the configuration file

.. code-block:: bash

    # file: roles/ntp/templates/ntp.conf.j2
    {% for srv in ntp_servers %}
    pool {{ srv }} iburst
    {% endfor %}

    # on the control node
    ansible-playbook ntp-role.yml --diff

    # on the remote host
    ssh web1.<firstname>.lab "cat /etc/ntp.conf"


When Conditionals
-----------------
* Make sure the ``ntp`` role works on ``Debian`` and ``RedHat``
* Create the variable file ``vars/RedHat.yml`` and add the variable ``ntp_service`` with the value ``ntpd``
* Create a new task to include the variable file ``RedHat.yml`` (see `Include_Vars Module <http://docs.ansible.com/ansible/2.5/modules/include_vars_module.html>`_) -> Put this task in first place, to ensure it run before all other tasks
* Ensure, the ``include_vars`` task is running only on the ``ansible_os_family`` **RedHat** (see Chapter Variables)

.. code-block:: yaml

    # file: roles/ntp/vars/RedHat.yml
    ---
    ntp_service: 'ntpd'

    # file: roles/ntp/tasks/main.yml
    ---
    - name: include redhat variables
      include_vars: RedHat.yml
      when: ansible_os_family == "RedHat"


* Define a role default in ``defaults/main.yml`` for the variable ``ntp_service`` with the value ``ntp``
* Use the new variable ``ntp_service`` in your ``handlers/main.yml`` and ``tasks/main.yml``

.. code-block:: yaml

    # file: roles/ntp/defaults/main.yml
    ...
    ntp_service: 'ntp'

    # file: roles/ntp/tasks/main.yml
    - name: start and enable ntp
      service:
        name: '{{ ntp_service }}'
        state: started
        enabled: yes
      tags:
        - service

    # file: roles/ntp/handlers/main.yml
    - name: restart ntp
      service:
        name: '{{ ntp_service }}'
        state: restarted

* Edit your installation task and use the ``package`` module instead of the ``apt`` module
* Edit your playbook to run the ntp role on the ``web`` hostgroup
* Run the playbook

.. code-block:: yaml

    # file: roles/ntp/tasks/main.yml
    - name: install ntp packages
      package:
        name: '{{ item }}'
        state: latest
      with_items:
        - '{{ ntp_packages }}'
      tags:
        - installation

    # file: ntp-role.yml
    ---
    - hosts: web

      roles:
        - ntp

    # run the playbook
    ansible-playbook ntp-role.yml


Overwrite role default with group_vars
--------------------------------------
* Create a group_vars file for your ``db`` hostgroup
* Add the list variable ``ntp_servers`` with the items ``ntp1.lab``, ``ntp2.lab`` and ``ntp3.lab``
* Edit your playbook to run the ntp role ``all`` hosts
* Run the playbook
* Verify your ``db`` host has other ntp servers

.. code-block:: yaml


    # file: group_vars/db.yml
    ---
    ntp_servers:
      - ntp1.lab
      - ntp2.lab
      - ntp3.lab

    # file: ntp-role.yml
    ---
    - hosts: all

      roles:
        - ntp

    # run the playbook
    ansible-playbook ntp-role.yml

    # on the remote host
    ssh db.<firstname>.lab "cat /etc/ntp.conf"

Commit your changes
-------------------
* add all files to your git repo and commit it

.. code-block:: bash

    git status
    git add roles/*
    git commit -m 'lab 8'