DevOps Tools

Disk Preparation and Configuration using Ansible

This guide will walk you through preparing, formatting, and mounting two disks (/dev/vdb and /dev/vdc) on a Linux system. Additionally, it covers enabling and configuring the firewall, as well as using Ansible for automation.

Preparing and Formatting Disks

Step 1: Prepare Disk /dev/vdb

To prepare the disk /dev/vdb, you need to create a partition table and a primary partition. The following command uses fdisk to achieve this:

echo -e "o\nn\np\n1\n\n\nw" | sudo fdisk /dev/vdb

Explanation:

  • o: Create a new empty DOS partition table.
  • n: Add a new partition.
  • p: Primary partition.
  • 1: Partition number 1.
  • The three \n characters are for default values for first sector, last sector, and the next prompt.
  • w: Write the changes and exit.

Step 2: Prepare Disk /dev/vdc

Similarly, prepare the disk /dev/vdc using the same command with the disk name changed:

echo -e "o\nn\np\n1\n\n\nw" | sudo fdisk /dev/vdc

Step 3: Format Both Disks

Format both disks with the ext4 filesystem using mkfs.ext4:

sudo mkfs.ext4 /dev/vdb
sudo mkfs.ext4 /dev/vdc

Step 4: Create Directories

Create mount points for the disks:

sudo mkdir /data1
sudo mkdir /data2

Step 5: Update /etc/fstab

Add the following entries to /etc/fstab to ensure the disks are mounted at boot:

/dev/vdb   /data1    ext4    defaults        0 0
/dev/vdc   /data2    ext4    defaults        0 0

Step 6: Mount All Filesystems

Mount all filesystems defined in /etc/fstab:

sudo mount -a

Firewall Configuration

Step 1: Enable and Start Firewalld

Enable and start the firewalld service:

sudo systemctl enable firewalld
sudo systemctl start firewalld

Step 2: Check Active Zones

Check the active zones in the firewall:

sudo firewall-cmd --get-active-zones

Step 3: List Services in Zones

List services for the public and internal zones:

sudo firewall-cmd --permanent --zone="public" --list-services
sudo firewall-cmd --permanent --zone="internal" --list-services

Step 4: Configure Interfaces and Ports

Assign eth1 to the internal zone and configure firewall rules:

sudo ip addr
sudo firewall-cmd --permanent --zone=internal --change-interface=eth1
sudo firewall-cmd --permanent --zone="internal" --add-source="192.168.100.0/24"
sudo firewall-cmd --permanent --zone="internal" --add-port=0-65535/tcp
sudo firewall-cmd --reload

Automation with Ansible

Step 1: Prepare Disks with Ansible

Use Ansible to create partitions on all servers:

ansible all-servers -i hosts -m parted -a "device=/dev/vdb number=1 state=present" --become
ansible all-servers -i hosts -m parted -a "device=/dev/vdc number=1 state=present" --become

Step 2: Format Disks with Ansible

Format the disks with ext4 filesystem:

ansible all-servers -i hosts -m filesystem -a "fstype=ext4 dev=/dev/vdb" --become
ansible all-servers -i hosts -m filesystem -a "fstype=ext4 dev=/dev/vdc" --become

Step 3: Mount Disks with Ansible

Mount the disks on all servers:

ansible all-servers -i hosts -m mount -a "fstype=ext4 src=/dev/vdb path=/data1 state=mounted" --become
ansible all-servers -i hosts -m mount -a "fstype=ext4 src=/dev/vdc path=/data2 state=mounted" --become

Step 4: Install Packages with Ansible

Install necessary packages:

ansible all-servers -i hosts -m yum -a "name=wget" --become
ansible all-servers -i hosts -m yum -a "name=telnet" --become
ansible all-servers -i hosts -m yum -a "name=java-1.8.0-openjdk-devel" --become

Step 5: Create Directories with Ansible

Create directories with specific permissions:

ansible all-servers -i hosts -m file -a "path=/data1/directory state=directory owner=admin group=admin mode=0755" --become
ansible all-servers -i hosts -m file -a "path=/data2/directory state=directory owner=admin group=admin mode=0755" --become

Step 6: Synchronize Data with Ansible

Synchronize data to the created directories:

ansible all-servers -i hosts -m synchronize -a "src=/home/training/ansible/data dest=/data1/directory" --become

Step 7: Update Bash Profile with Ansible

Add a line to the bash profile for setting the JAVA_HOME environment variable:

ansible all-servers -i hosts -m lineinfile -a "dest=/home/admin/.bash_profile state=present line='export JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64'"
ansible all-servers -i hosts -m command -a "cat /home/admin/.bash_profile"

Ansible Command Line Arguments

  • -i: Specify inventory.
  • -m: Specify module.
  • -a: Module arguments.
  • -u: User to connect to the remote host.
  • --become: Run as root.
  • --become-user: Perform tasks as a specific user.
  • -f, --forks: Control the degree of parallelism.
  • -h, --help: Display help.
  • -C, --check: Predict changes that might occur.
  • --syntax-check: Perform syntax check without executing.
  • -v, --verbose: Enable verbose output.

This guide covers disk preparation, formatting, and mounting for /dev/vdb and /dev/vdc on a Linux system, enabling and configuring the firewall, and using Ansible for automation. Detailed explanations for each command and Ansible usage are provided for IT professionals.

Ali Imran
Over the past 20+ years, I have been working as a software engineer, architect, and programmer, creating, designing, and programming various applications. My main focus has always been to achieve business goals and transform business ideas into digital reality. I have successfully solved numerous business problems and increased productivity for small businesses as well as enterprise corporations through the solutions that I created. My strong technical background and ability to work effectively in team environments make me a valuable asset to any organization.
https://ITsAli.com

Leave a Reply