Transcription
Red Hat Certified Engineer(RHEL 8 RHCE)Course NavigationI n t r odu ct ionSection 1Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an d Cor eCom pon en t s of An sibleSection 3I n st all an d Con f igu r ean An sible Con t r olNodeSection 4Con f igu r e An sibleM an aged NodesSection 5Scr ipt Adm in ist r at ionTask sSection 6Cr eat e An sible Playsan d Playbook sSection 7Use An sible M odu lesf or Syst emAdm in ist r at ion Task sSection 8Exam Pr epar at ionNext Sect ion s
Red Hat Certified Engineer(RHEL 8 RHCE)Course NavigationCr eat e an d UseTem plat es t o Cr eat eCu st om izedCon f igu r at ion FilesSection 9Cr eat e an d Wor kw it h RolesSection 10M an agin g Par allelismSection 11Pr ot ect Sen sit ive Dat ain Playbook s w it hAn sible Vau ltSection 12An sibleDocu m en t at ionSection 13Con clu sionSection 14Exam Pr epar at ionPr eviou s Sect ion s
IntroductionCourse NavigationAbou t t h e Cou r seI n t r odu ct ionSection 1Abou t thet h eCourseCou r seAboutAbout the AuthorAbout the ExamBasic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an d Cor eCom pon en t s of An sibleSection 3I n st all an d Con f igu r ean An sible Con t r olNodeWelcom e to the Linux Academ y Red Hat Cer t if ied En gin eer (RHEL8 RHCE) course.This course is designed to prepare you to sit and pass the Red HatCertified Engineer exam (EX294).As of the creation of this course, there are two versions of the RedHat Certified Engineer exam - one for Red Hat Enterprise Linux 7(EX300) and one for Red Hat Enterprise Linux 8 (EX294). This coursewas created based on the objectives of the RHEL 8 version of theexam which is EX294.Section 4Con f igu r e An sibleM an aged NodesThis diagram will be used as a reference point throughout thecourse and can be used as a study guide as you prepare for theexam .Section 5Scr ipt Adm in ist r at ionTask sThis course was split up, Rob creating all of the labs, and m eteaching the lessons. We thank you for taking this course and lookforward to working through the m aterial with you!Section 6M at t h ew Pear sonRob M ar t iCr eat e An sible Playsan d Playbook sSection 7Back t o M ainLinux Academ y Training ArchitectsNext
IntroductionCourse NavigationAbou t t h e ExamI n t r odu ct ionSection 1Abou t thet h eCourseCou r seAboutAbou t thet h eAuthorAu t h orAboutAboutAbou t thet h eExamExamBasic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an d Cor eCom pon en t s of An sibleSection 3I n st all an d Con f igu r ean An sible Con t r olNodeSection 4Con f igu r e An sibleM an aged NodesSection 5Scr ipt Adm in ist r at ionTask sSection 6Cr eat e An sible Playsan d Playbook sSection 7Back t o M ainExam For m at- It is a hands-on exam that requires you toperform real-world tasks.- You will have four hours to com plete the exam .- You will be given m ultiple system s and m ustinstall and configure Ansible in order toperform system adm inistration tasks.- Your work will be evaluated by running theplaybooks created in the exam against freshsystem s.- Internet access will not be provided andcandidates are not allowed to bring physical orelectronic docum entation or notes.- Exam results are usually reported within 3 days.The exam objectives can be viewed here:Exam Object ives
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationUn der st an d an d Use Essen t ial ToolsI n t r odu ct ionSection 1Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssentialTopics in t h is sect ion in clu de:Understanding and using the basic tools for an operatingsystem is essential to adm inistering that system . In this section,we will review these tools and show exam ples of how to usethese on a Red Hat Enterprise Linux 8 host.Operate RunningSystem sConfigure Local StorageCreate and Configure FileSystem sLog in t o aRem ot e Ser vervia SSHCr eat e Filesan dDir ect or iesI n pu t / Ou t pu tRedir ect ionView an dAn alyze TextAr ch ive Filesan dDir ect or iesEscalat ePr ivilegesFile an dDir ect or yPer m ission sSyst emDocu m en t at ionDeploy, Configure, andMaintain system sManage Users andGroupsManage Security (Part 1)Un der st an d Cor eCom pon en t s of An sibleSection 3I n st all an d Con f igu r ean An sible Con t r olNodeSection 4BackBack t o M ainNext
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationUn der st an d an d Use Essen t ial ToolsI n t r odu ct ionSection 1Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssentialOperate RunningSystem sConfigure Local Storage- Log in t o r em ot e ser ver : s s h us er name@hos t- Log ou t of h ost : ex i tCreate and Configure FileSystem sDeploy, Configure, andMaintain system sManage Users andGroupsManage Security (Part 1)Un der st an d Cor eCom pon en t s of An sibleSection 3I n st all an d Con f igu r ean An sible Con t r olNodeSection 4Back t o M ainBack
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationUn der st an d an d Use Essen t ial ToolsI n t r odu ct ionSection 1Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssentialOperate RunningSystem sConfigure Local StorageCreate and Configure FileSystem sDeploy, Configure, andMaintain system sManage Users andGroupsManage Security (Part 1)Un der st an d Cor eCom pon en t s of An sibleSection 3I n st all an d Con f igu r ean An sible Con t r olNodeSection 4Back t o M ain- Cr eat e dir ect or y: mk di r di r ec t or y name - Cr eat e f ile: t ouc h f i l e or v i f i l e- Rem ove dir ect or y: r m - r di r ec t or y or r mdi r( f or empt y di r ec t or y )- Rem ove f ile: r m f i l eBack
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationUn der st an d an d Use Essen t ial ToolsI n t r odu ct ionSection 1Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssentialOperate RunningSystem sConfigure Local StorageCreate and Configure FileSystem sDeploy, Configure, andMaintain system sManage Users andGroupsManage Security (Part 1)Un der st an d Cor eCom pon en t s of An sibleSection 3I n st all an d Con f igu r ean An sible Con t r olNodeSection 4Back t o M ain-St an dar d ou t pu t (STDOUT): , St an dar d in pu t (STDI N): , St an dar d er r or (STDERR): 2 , 2 Pipes : Back
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationUn der st an d an d Use Essen t ial ToolsI n t r odu ct ionSection 1Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssentialOperate RunningSystem sConfigure Local Storage- View w it h t ext edit or : vi f i l e- Pr in t f ile con t en t s t o STDOUT: c at- Pr in t lin es m at ch in g a pat t er n : gr epCreate and Configure FileSystem sDeploy, Configure, andMaintain system sManage Users andGroupsManage Security (Part 1)Un der st an d Cor eCom pon en t s of An sibleSection 3I n st all an d Con f igu r ean An sible Con t r olNodeSection 4Back t o M ainBack
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationUn der st an d an d Use Essen t ial ToolsI n t r odu ct ionSection 1Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssentialOperate RunningSystem sConfigure Local StorageCreate and Configure FileSystem sDeploy, Configure, andMaintain system sManage Users andGroupsManage Security (Part 1)Un der st an d Cor eCom pon en t s of An sibleSection 3I n st all an d Con f igu r ean An sible Con t r olNodeSection 4Back t o M ain- Com pr ession opt ion s: gzip, bzip, xz, et c.- Cr eat e ar ch ive:t ar - c v z f ar c hi v e name f i l e1 f i l e2- Ext r act ar ch ive:t ar - x v z f ar c hi v e. gzBack
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationUn der st an d an d Use Essen t ial ToolsI n t r odu ct ionSection 1Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssentialOperate RunningSystem sConfigure Local Storage- Becom e t h e r oot u ser : s udo - i or s udo s u - Ru n com m an d as r oot u ser : s udo c ommandCreate and Configure FileSystem sDeploy, Configure, andMaintain system sManage Users andGroupsManage Security (Part 1)Un der st an d Cor eCom pon en t s of An sibleSection 3I n st all an d Con f igu r ean An sible Con t r olNodeSection 4Back t o M ainBack
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationUn der st an d an d Use Essen t ial ToolsI n t r odu ct ionSection 1Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssentialOperate RunningSystem sConfigure Local StorageCreate and Configure FileSystem sDeploy, Configure, andMaintain system sManage Users andGroupsManage Security (Part 1)Un der st an d Cor eCom pon en t s of An sibleSection 3I n st all an d Con f igu r ean An sible Con t r olNodeSection 4Back t o M ain-Ch an ge ow n er sh ip: c hown us er : gr oup f i l eCh an ge per m ission s (n u m er ic): c hmod 764 f i l eCh an ge per m ission (sym bolic): c hmod u r w f i l eSpecial per m ission s: s et ui d (4 or u s ), s et gi d (2 org s ), s t i c k y bi t (1 or a t )Back
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationUn der st an d an d Use Essen t ial ToolsI n t r odu ct ionSection 1Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssentialOperate RunningSystem sConfigure Local StorageCreate and Configure FileSystem sDeploy, Configure, andMaintain system sManage Users andGroupsManage Security (Part 1)Un der st an d Cor eCom pon en t s of An sibleSection 3I n st all an d Con f igu r ean An sible Con t r olNodeSection 4Back t o M ain-m an pages: man c ommand or man s ec t i on c ommandin f o: i nf o c ommand/ us r / s har e/ docapr opos: apr opos c ommand or man - k c ommandBack
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationI n t r odu ct ionOper at e Ru n n in g Syst em sSh u t dow n an d Reboot Syst em sSection 1Basic Red Hat Cer t if iedAdm in ist r at or Sk ills-s y st emc t l power of fs y st emc t l r eboots y st emc t l - - hel p man sy st emc t lSection 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssentialOper at eRunningRu n n in gOperateSyst ems sSystemConfigure Local StorageCreate and Configure FileSystem sDeploy, Configure, andMaintain system sManage Users andGroupsManage Security (Part 1)Un der st an d Cor eCom pon en t s of An sibleSection 3I n t er r u pt Boot Pr ocess an d Ch an ge t h e r oot Passw or d1. Edit the kernel boot param eters by pressing e2. Go t o the end of the ?linux? line by pressing Ct r l e,rem oving r o c r as h and add r d. br eak enf or c i ng 03. St ar t the system by pressing Ct r l x4. Rem ou n t the root of the system :mount - o r emount , r w / s ys r oot5. Sw it ch to / sy s r oot :chr oot / s y sr oot6. Reset the r oot password:pas s wd7. En able SELinux relabeling:t ouc h / . aut or el abel8. Exit the shell:ex i tI n st all an d Con f igu r ean An sible Con t r olNodeSection 4BackBack t o M ainNext
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationI n t r odu ct ionOper at e Ru n n in g Syst em sSt ar t , St op, an d Ch eck Net w or k Ser vice St at u sSection 1- Check the status of a service:Basic Red Hat Cer t if iedAdm in ist r at or Sk illss y s t emc t l st at us ser vi ce name. ser vi ce- Start a service:Section 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssentialOper at eRunningRu n n in gOperateSyst ems sSystems y s t emc t l st ar t s er v i c e name. s er vi c e- Stop a service:s y s t emc t l st at us ser vi ce name. ser vi ce- Gain m ore inform ation:j our nal c t l - x eConfigure Local StorageCreate and Configure FileSystem sView Pr ocesses an d Resou r ce Ut ilizat ionDeploy, Configure, andMaintain system s-Manage Users andGroups-Print a list of active process:ps - efManage Security (Part 1)View real-tim e list of processes and resourceutilization:t opUn der st an d Cor eCom pon en t s of An sible-I n st all an d Con f igu r ean An sible Con t r olNodeSection 4Term inate a running process:k i l l - 15, ki l l - 9, ki l l - lSection 3Copy Files Bet w een Rem ot e Syst em s- Secure Copy:scp f i l e name user name@ser ver : / pat h/ t o/ di r-Secure FTP:sf t p user name@ser verBackBack t o M ainNext
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationI n t r odu ct ionCon f igu r e Local St or ageList St or age Devices:Section 1Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssential-dfl sbl kbl ki df di sk - lOper at eRunningRu n n in gOperateSyst ems sSystemCon f igu r eLocalLocalSt or ageConfigureStorageCreate and Configure FileSystem sDeploy, Configure, andMaintain system sManage Users andGroupsManage Security (Part 1)Un der st an d Cor eCom pon en t s of An sibleSection 3I n st all an d Con f igu r ean An sible Con t r olNodeSection 4Cr eat e a Par t it ion :1. Use f di sk to m anipulate partition table:f di sk / dev/ devi ce name2. Use p to print the partition table and oto create a DOS (MBR) partition table.3. Use n to create a new partition.4. Set it as a prim ary partition using p andaccept the defaults for partition num ber,first sector, and last sector.5. List partition types using l. Change thepartition type to Linux LVM (8e) using t .6. Write the table to disk using w .BackBack t o M ainNext
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationI n t r odu ct ionSection 1Con f igu r e Local St or ageCr eat e an LVM Logical Volu m e:1. Create physical volum e:pvcr eat e / dev/ devi ce nameBasic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssentialOper at eRunningRu n n in gOperateSyst ems sSystemCon f igu r eLocalLocalSt or ageConfigureStorageCreate and Configure FileSystem sDeploy, Configure, andMaintain system sManage Users andGroupsManage Security (Part 1)Un der st an d Cor eCom pon en t s of An sibleSection 3I n st all an d Con f igu r ean An sible Con t r olNodeSection 42. List physical volum es:pvs3. Create volum e group:vgcr eat e vol gr oup / dev/ devi ce name4. List volum e groups:vgs5. Create logical volum e:l vcr eat e - L 1G - n new l v vol gr oup6. List logical volum es:l vsDelet e a Logical Volu m e, Volu m e Gr ou p, an dPh ysical Volu m e:1. Delete logical volum e:l vr emove vol gr oup/ new l v2. Delete volum e group:vgr emove vol gr oup3. Delete physical volum e:pvr emove / dev/ devi ce nameBackBack t o M ainNext
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationI n t r odu ct ionCr eat e an d Con f igu r e File Syst em sCr eat in g an d M ou n t in g File Syst em sSection 1Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssentialOper at eRunningRu n n in gOperateSyst ems sSystemCon f igu r eLocalLocalSt or ageConfigureStorageCr eat eandan dConfigureCon f igu rFilee FileCreateSyst ems sSystemDeploy, Configure, andMaintain system sManage Users andGroupsManage Security (Part 1)Un der st an d Cor eCom pon en t s of An sibleSection 31. Create a file system on a logical volum e:mkf s. ext 4 / pat h/ t o/ l v2. Mount a file system :mount / pat h/ t o/ l v / pat h/ t o/ di r3. List m ounted file system s: df - h4. Add m ount inform ation to / et c/ f st ab forboot persistence:UUI D UUI D NUMBER / mount / poi ntf s t ype def aul t s 0 0Ext en d Logical Volu m es1. Increase underlying logical volum e:l vext end - L 500M / dev/ vol gr p/ l og vol2. Unm ount filesystem : umount / pat h/ t o/ mount3. Run file system check:e2f sck - f / dev/ vol gr p/ l og vol4. Resize file system :r esi ze2f s / dev/ vol gr p/ l og vol5. List m ounted file system s: df - hI n st all an d Con f igu r ean An sible Con t r olNodeSection 4BackBack t o M ainNext
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationI n t r odu ct ionSection 1Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssentialOper at eRunningRu n n in gOperateSyst ems sSystemCr eat e an d Con f igu r e File Syst em sM ou n t a Net w or k File Syst em s1. Install required packages:yum i nst al l nf s- ut i l s2. Start required services:syst emct l st ar t r pcbi nd3. Show file system exports on the client:showmount - e SERVER I P4. Mount a network file system : mount - t nf sSERVER I P: / ser ver / di r / cl i ent / di rCon f igu r eLocalLocalSt or ageConfigureStorageCr eat eandan dConfigureCon f igu rFilee FileCreateSyst ems sSystemDeploy, Configure, andMaintain system sManage Users andGroupsManage Security (Part 1)Un der st an d Cor eCom pon en t s of An sibleSection 3I n st all an d Con f igu r ean An sible Con t r olNodeSection 4Cr eat e Collabor at ive Dir ect or ies w it h set -GI D1. Create directory: mkdi r / new/ di r2. Configure set-GID on directory:chmod g s / new/ di r3. Create file in new directory:t ouch / new/ di r / newFi l eWor k in g w it h Vir t u al Dat a Opt im izer (VDO)1. Install required packages: yum install vdo2. Create a vdo volum e: vdo cr eat e- - name vdo vol - - devi ce / dev/ devName- - vdoLogi cal Si ze vol si ze3. View inform ation on vdo volum es:vdost at s - - huBackBack t o M ainNext
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationI n t r odu ct ionDeploy, Con f igu r e, an d M ain t ain syst em sSt ar t , St op, an d En able Ser vicesSection 1Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssentialOper at eRunningRu n n in gOperateSyst ems sSystem- View yum repositories:l s - a / et c/ yum. r epos. d- Install packages: yum i nst al l packageName- Start a service:syst emct l st ar t name. ser vi ce- Enable a service:syst emct l enabl e name. ser vi ce- Stop a service: syst emct l st op name. ser vi ceCon f igu r eLocalLocalSt or ageConfigureStorageCr eat eandan dConfigureCon f igu rFilee FileCreateSyst ems sSystemDeploy,Configure,Con f igu r e,an dDeploy,andM ain t ainsystemsyst emMaintains sManage Users andGroupsManage Security (Part 1)Un der st an d Cor eCom pon en t s of An sibleSection 3Sch edu le Task s Usin g at an d cr on-View the crontab: cat / et c/ cr ont abAdd a task to a user crontab: cr ont ab - eList tasks in a user 's crontab: cr ont ab - lSchedule a task using the at com m and: at t i meList the scheduled jobs: at qDelete a job: at r m j ob numI n st all an d Con f igu r ean An sible Con t r olNodeSection 4BackBack t o M ainNext
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationI n t r odu ct ionSection 1Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssentialOper at eRunningRu n n in gOperateSyst ems sSystemCon f igu r eLocalLocalSt or ageConfigureStorageDeploy, Con f igu r e, an d M ain t ain syst em sCon f igu r e Syst em s t o Boot in t o Specif ic Tar getAu t om at ically- Check the current configuration:syst emct l get - def aul t- Change the current target:syst emct l i sol at e name. t ar get- Set the default configuration:syst emct l set - def aul t name. t ar get- Change target to rescue m ode:syst emct l r escueCr eat eandan dConfigureCon f igu rFilee FileCreateSyst ems sSystemDeploy,Configure,Con f igu r e,an dDeploy,andM ain t ainsystemsyst emMaintains sManage Users andGroupsManage Security (Part 1)Un der st an d Cor eCom pon en t s of An sibleSection 3I n st all an d Con f igu r ean An sible Con t r olNodeCon f igu r e Tim e Ser vice Clien t1. Install required packages: yum i nst al l chr ony2. Start and enable the chronyd service:syst emct l st ar t chr onyd && syst emct lenabl e chr onyd3. Add the NTP server (server SERVER IP) address to/etc/chrony: vi / et c/ chr ony4. Restart the chronyd service:syst emct l r est ar t chr onydSection 4BackBack t o M ainNext
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationI n t r odu ct ionM an age User s an d Gr ou psCr eat e, Delet e, an d M odif y Local User sSection 1- View user inform ation:Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssentialOper at eRunningRu n n in gOperateSyst ems sSystemCon f igu r eLocalLocalSt or ageConfigureStoragei d us er namegr oups us er name/ et c / pas s wd/ et c / s hadow/ et c / gr oup- Create a user: user add user name- Modify a user: user mod - d - aG - L - U- Delete a user: user del user nameCr eat eandan dConfigureCon f igu rFilee FileCreateSyst ems sSystemDeploy,Configure,Con f igu r e,an dDeploy,andM ain t ainsystemsyst emMaintains sM an ageUsersUser sandan dManageGr ou psGroupsManage Security (Part 1)Un der st an d Cor eCom pon en t s of An sibleSection 3I n st all an d Con f igu r ean An sible Con t r olNodeCh an ge Passw or ds- Change a password: passwd user name- View password expiry inform ation:chage - l user name- Set password expiration by m ax days:chage - M days user name- Set password expiration by date:chage - E YYYY- MM- DD user nameSection 4BackBack t o M ainNext
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationI n t r odu ct ionM an age User s an d Gr ou psCr eat e, Delet e, an d M odif y Gr ou psSection 1- View group inform ation:i d user namegr oups user name/ et c/ passwd/ et c/ shadow/ et c/ gr oupBasic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssentialOper at eRunningRu n n in gOperateSyst ems sSystemCon f igu r eLocalLocalSt or ageConfigureStorageCr eat eandan dConfigureCon f igu rFilee FileCreateSyst ems sSystemDeploy,Configure,Con f igu r e,an dDeploy,andM ain t ainsystemsyst emMaintains sM an ageUsersUser sandan dManageGr ou psGroupsManage Security (Part 1)Un der st an d Cor eCom pon en t s of An sibleSection 3I n st all an d Con f igu r ean An sible Con t r olNode-Create a group: gr oupadd gr oupnameAdd user to a group: user mod - g - aGModify a group: gr oupmod - n - gDelete a group: gr oupdel gr oupnameCon f igu r e Su per u ser Access- View the sudoer s file: vi / et c/ sudoer s- Edit the sudoer s file: vi sudo- Grant a user sudo access by adding the followingline to / et c/ sudoer s :user nameALL ( ALL)ALL- Grant m em bers of a group sudo access by addingthe following line to / et c/ sudoer s :%gr oupnameALL ( ALL)ALLSection 4BackBack t o M ainNext
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationI n t r odu ct ionSection 1Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssentialOper at eRunningRu n n in gOperateSyst ems sSystemCon f igu r eLocalLocalSt or ageConfigureStorageCr eat eandan dConfigureCon f igu rFilee FileCreateSyst ems sSystemDeploy,Configure,Con f igu r e,an dDeploy,andM ain t ainsystemsyst emMaintains sM an ageUsersUser sandan dManageGr ou psGroupsManageM an ageSecuritySecu r it y(Part 1)Un der st an d Cor eCom pon en t s of An sibleSection 3I n st all an d Con f igu r ean An sible Con t r olNodeSection 4M an age Secu r it yCon f igu r e Fir ew all Set t in gs- Install firewalld: yum i nst al l f i r ewal l d- Start and enable firewalld:syst emct l st ar t f i r ewal l d &&syst emct l enabl e f i r ewal l d- View f i r ewal l - cmd options:f i r ewal l - cmd - h man f i r ewal l - cmd- List zones: f i r ewal l - cmd - - get - zones( - - get - def aul t - zone)- List everything added for or enabled in a zone:f i r ewal l - cmd - - l i st - al l - - zone publ i c- Add a service for a zone:f i r ewal l - cmd - - add- ser vi ce ser vi ce( - - per manent )- Add a port for a zone:f i r ewal l - cmd - - add- por t por t / pr ot ocol( - - per manent )- Reload firewall rules: f i r ewal l - cmd - - r el oadCon f igu r e Key Based Au t h en t icat ion f or SSH- Generate public and private key pair: ssh- keygen- Copy a public key to a rem ote server:ssh- copy- i d user name@r emot e host- Default public/private key location:/ home/ user name/ . ssh/BackBack t o M ainNext
Basic Red Hat Certified Adm inistrator SkillsCourse NavigationI n t r odu ct ionM an age Secu r it yWor k in g w it h SELin u xSection 1Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an dandan dUseu seUnderstandEssen t ialToolsToolsEssentialOper at eRunningRu n n in gOperateSyst ems sSystemCon f igu r eLocalLocalSt or ageConfigureStorageCr eat eandan dConfigureCon f igu rFilee FileCreateSyst ems sSystemDeploy,Configure,Con f igu r e,an dDeploy,andM ain t ainsystemsyst emMaintains sM an ageUsersUser sandan dManageGr ou psGroupsManageM an ageSecuritySecu r it y(Part 1)Un der st an d Cor eCom pon en t s of An sibleSection 3- View SELinux m odes: get enf or ce- Set m ode to perm issive or enforcing:set enf or ce 0 1- List booleans: get sebool - a- Turn booleans on or off:set sebool bool ean on of f( - P f or per manent )- List SELinux contexts: semanage f cont ext - l- View context on files and process:l s - Z ps - axZ- Change SELinux context:semanage f cont ext - a - t cont ext t ype' / di r ect or y( / . * ) ?'- Restore default contexts:r est or econ - R / di r ect or y- View SELinux policy violations:seal er t - a / var / l og/ audi t / audi t . l ogI n st all an d Con f igu r ean An sible Con t r olNodeSection 4BackBack t o M ainNext
Understand Core Com ponents of AnsibleCourse NavigationI n t r odu ct ionSection 1Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an d Cor eCom pon en t s of An sibleSection 3I n ven t or iesInventoriesModulesVariablesFactsPlays and PlaybooksConfiguration FilesI n ven t or iesI n ven t or ies ar e w h at An sible u ses t o locat e an dr u n again st m u lt iple h ost s.- Default location of the hosts file:/ et c/ ansi bl e/ host s- The default location of the hosts file can be set in/ et c/ ansi bl e/ ansi bl e. cf g.- It can be specified using the - i option whenrunning ansi bl e.- The file can contain individual hosts, groups ofhosts, groups of groups, and host and group levelvariables.- It can also Can contain variables that determ inehow you connect to a host.INI-based inventory file:I n st all an d Con f igu r ean An sible Con t r olNodemai l . ex ampl e. c om[ webs er v er s ]web01. ex ampl e. c omweb02. ex ampl e. c omSection 4Con f igu r e An sibleM an aged Nodes[ dbs er v er s ]db[ 01: 04] . ex ampl e. c omSection 5BackBack t o M ainNext
Understand Core Com ponents of AnsibleCourse NavigationI n ven t or iesI n t r odu ct ionSection 1YAML-based inventory file:Basic Red Hat Cer t if iedAdm in ist r at or Sk illsal l :hos t s :mai l . ex ampl e. c omc hi l dr en:webs er v er s :hos t s :web01. ex ampl e. c omweb02. ex ampl e. c omdbs er v er s :hos t s :db[ 01: 04] . ex ampl e. c omSection 2Un der st an d Cor eCom pon en t s of An sibleSection 3I n ven t or iesInventoriesModulesVariablesFactsPlays and PlaybooksConfiguration FilesI n st all an d Con f igu r ean An sible Con t r olNodeSection 4Con f igu r e An sibleM an aged NodesSection 5BackBack t o M ainNext
Understand Core Com ponents of AnsibleCourse NavigationI n t r odu ct ionSection 1Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an d Cor eCom pon en t s of An sibleSection 3I n ven t or iesInventoriesModulesM odu lesM odu lesUn der st an din g M odu les- Modules are essentially tools for particular tasks.- Modules can take, and usually do take,param eters.- Modules return JSON.- Run m odules from the com m and line or within aplaybook.- Ansible ships with a significant am ount ofm odules by default.- Custom m odules can be written.VariablesFactsPlays and PlaybooksConfiguration FilesI n st all an d Con f igu r ean An sible Con t r olNodeSection 4Con f igu r e An sibleM an aged NodesSection 5BackBack t o M ainNext
Understand Core Com ponents of AnsibleCourse NavigationI n t r odu ct ionSection 1Basic Red Hat Cer t if iedAdm in ist r at or Sk illsSection 2Un der st an d Cor eCom pon en t s of An sibleVar iablesUn der st an din g Var iables in An sible- Variables nam es should only contain letters,num bers, and underscores.- Variables should always start with a letter.- There are three m ain scopes for variables:GlobalHostPlaySection 3I n ven t or iesInventoriesModulesM odu lesVariablesVar iablesFactsPlays and PlaybooksConfiguration Files- They are typically used for configuration valuesand various param eters.- Variables can store the return value of executedcom m ands.- Variables m ay also be dictionaries.- Ansible provides a num ber of predefined variables.I n st all an d Con f igu r ean An sible Con t r olNodeSection 4Con f igu r e An sibleM an aged NodesSection 5BackBack t o M ainNext
Understand Core Com ponents of AnsibleCourse NavigationVar iablesI n t r odu ct ionSection 1Exam ple of Host Level Variables:Basic Red Hat Cer t if iedAdm in ist r at or Sk illsI NI f or mat :Section 2Un der st an d Cor eCom pon en t s of An sibleSection 3I n ven t or iesInventoriesModulesM odu lesVariablesVar iablesFactsPlays and Playbooks[ webs er v er s ]hos t 1 ht t p por t 80 max Reques t s Per Chi l d 500hos t 2 ht t p por t 305 max Reques t s Per Chi l d 600YAML f or mat :webs er v er s :hos t 1:ht t p por t :max Reques thos t 2:ht t p por t :max Reques t80s Per Chi l d: 500305s Per Chi l d: 600Configuration FilesI n st all an d Con f igu r ean An sible Con t r olNodeSection 4Con f igu r e An sibleM an aged NodesSection 5BackBack t o M ainNext
Understand Core Com ponents of AnsibleCourse NavigationI n t r odu ct ionSection 1
Hat Certified Engineer exam - one for Red Hat Enterprise Linux 7 (EX300) and one for Red Hat Enterprise Linux 8 (EX294). This course was created based on the objectives of the RHEL 8 version of the exam which is EX294. This diagram will be used as a reference point throughout the course and can be used as a
