RedHat EX294 Red Hat Certified Engineer (RHCE) exam for Red Hat Enterprise Linux 8 Exam Exam Practice Test Questions

• Question 1

  Create user accounts--------------------------> A list of users to be created can be found in the file called user_list.ymlsave to /home/admin/ansible/--> Using the password vault created elsewhere in this exam, create a playbook calledcreate_user.ymlthat creates user accounts as follows:--> Users with a job description of developer should be:--> created on managed nodes in the 'dev' and 'test' host groups assigned thepassword from the 'dev_pass'variable and these user should be member of supplementary group 'devops'.--> Users with a job description of manager should be:--> created on managed nodes in the 'prod' host group assigned the password fromthe 'mgr_pass' variableand these user should be member of supplementary group 'opsmgr'--> Passwords should use the 'SHA512' hash format. Your playbook should work usingthe vault password filecreated elsewhere in this exam.while practising you to create these file hear. But in exam have to download as perquestation.user_list.yml file consist:---user:- name: user1job: developer- name: user2job: manager

  • Explanation: Solution as: # pwd /home/admin/ansible # wget http://classroom.example.com/user_list.yml # cat user_list.yml # vim create_user.yml --- - name: hosts: all vars_files: - ./user_list.yml - ./vault.yml tasks: - name: creating groups group: name: '{{ item }}' state: present loop: - devops - opsmgr - name: creating user user: name: '{{ item.name }}' state: present groups: devops password: '{{ dev_pass|password_hash ('sha512') }}' loop: '{{ user }}' when: (inventory_hostname in groups['dev'] or inventory_hostname in groups['test']) and item.job == 'developer' - name: creating user user: name: '{{ item.name }}' state: present groups: opsmgr password: '{{ mgr_pass|password_hash ('sha512') }}' loop: '{{ user }}' when: inventory_hostname in groups['prod'] and item.job == 'manager' :wq! # ansible-playbook create_user.yml ---vault-password-file=password.txt ---syntax-check # ansible-playbook create_user.yml ---vault-password-file=password.txt

  Show Answer Answer: A Next

• Question 2

  Create a playbook called issue.yml in /home/sandy/ansible which changes the file /etc/issue on all managed nodes: If host is a member of (lev then write 'Development' If host is a member of test then write 'Test' If host is a member of prod then write 'Production'

  • Explanation: Solution as:

  Show Answer Answer: A Next

• Question 3

  Create a playbook called hwreport.yml that produces an output file called /root/hwreport.txt on all managed nodes with the following information:--------------------------------------------------------------------------------------------------------> Inventory host name--> Total memory in MB--> BIOS version--> Size of disk device vda--> Size of disk device vdbEach line of the output file contains a single key-value pair.* Your playbook should:hwreport.empty andsave it as /root/hwreport.txt--> Modify with the correct values.note: If a hardware item does not exist, the associated value should be set to NONE----------------------------------------------------------------------------------------------while practising you to create these file hear. But in exam have to download as perquestation.hwreport.txt file consists.my_sys=hostnamemy_BIOS=biosversionmy_MEMORY=memorymy_vda=vdasizemy_vdb=vdbsize

  • Explanation: Solution as: # pwd /home/admin/ansible # vim hwreport.yml - name: hosts: all ignore_errors: yes tasks: - name: download file get_url: url: http://classroom.example.com/content/ex407/hwreport.empty dest: /root/hwreport.txt - name: vdasize replace: regexp: 'vdasize' replace: '{{ ansible_facts.devices.vda.size }}' dest: /root/hwreport.txt register: op1 - debug: var: op1 - name: none replace: regexp: 'vdasize' replace: NONE dest: /root/hwreport.txt when: op1.failed == true - name: vdbsize replace: regexp: 'vdbsize' replace: '{{ ansible_facts.devices.vdb.size }}' dest: /root/hwreport.txt register: op2 - debug: var: op2 - name: none replace: regexp: 'vdbsize' replace: NONE dest: /root/hwreport.txt when: op2.failed == true - name: sysinfo replace: regexp: '{{item.src}}' replace: '{{item.dest}}' dest: /root/hwreport.txt loop: - src: 'hostname' dest: '{{ ansible_facts.fqdn }}' - src: 'biosversion' dest: '{{ ansible_facts.bios_version }}' - src: 'memory' dest: '{{ ansible_facts.memtotal_mb }}' :wq! # ansible-playbook hwreport.yml ---syntax-check # ansible-playbook hwreport.yml

  Show Answer Answer: A Next

• Question 4

  Create a role called apache in '/home/admin/ansible/roles' with the followingrequirements:--> The httpd package is installed, enabled on boot, and started.--> The firewall is enabled and running with a rule to allow access to the web server.--> template file index.html.j2 is used to create the file /var/www/html/index.htmlwith the output:Welcome to HOSTNAME on IPADDRESS--> Where HOSTNAME is the fqdn of the managed node and IPADDRESS is the IP-Address ofthe managed node.note: you have to create index.html.j2 file.--> Create a playbook called httpd.yml that uses this role and the playbook runs onhosts in the webservers host group.

  • Explanation: Solution as: ---------- # pwd /home/admin/ansible/roles/ # ansible-galaxy init apache # vim apache/vars/main.yml --- # vars file for apache http_pkg: httpd firewall_pkg: firewalld http_srv: httpd firewall_srv: firewalld rule: http webpage: /var/www/html/index.html template: index.html.j2 :wq! # vim apache/tasks/package.yml --- - name: Installing packages yum: name: - '{{http_pkg}}' - '{{firewall_pkg}}' state: latest :wq! # vim apache/tasks/service.yml --- - name: start and enable http service service: name: '{{http_srv}}' enabled: true state: started - name: start and enable firewall service service: name: '{{firewall_srv}}' enabled: true state: started :wq! # vim apache/tasks/firewall.yml --- - name: Adding http service to firewall firewalld: service: '{{rule}}' state: enabled permanent: true immediate: true :wq! # vim apache/tasks/webpage.yml --- - name: creating template file template: src: '{{template}}' dest: '{{webpage}}' notify: restart_httpd !wq # vim apache/tasks/main.yml # tasks file for apache - import_tasks: package.yml - import_tasks: service.yml - import_tasks: firewall.yml - import_tasks: webpage.yml :wq! # vim apache/templates/index.html.j2 Welcome to {{ ansible_facts.fqdn }} on {{ ansible_facts.default_ipv4.address }} # vim apache/handlers/main.yml --- # handlers file for apache - name: restart_httpd service: name: httpd state: restarted :wq! # cd .. # pwd /home/admin/ansible/ # vim httpd.yml --- - name: Including apache role hosts: webservers pre_tasks: - name: pretask message debug: msg: 'Ensure webserver configuration' roles: - ./roles/apache post_tasks: - name: Check webserver uri: url: 'http://{{ ansible_facts.default_ipv4.address }}' return_content: yes status_code: 200 :wq! # ansible-playbook httpd.yml ---syntax-check # ansible-playbook httpd.yml # curl http://serverx

  Show Answer Answer: A Next

• Question 5

  Rekey an existing Ansible vault as follows:-----------------------------------------------* Download Ansible vault from http:// classroom.example.com /secret.yml to /home/admin/ansible/* The current vault password is curabete* The new vault password is newvare* The vault remains in an encrypted state with the new password

  • Explanation: Solution as: # pwd /home/admin/ansible/ # wget http://classroom.example.com/secret.yml # chmod 0600 newpassword.txt # ansible-vault rekey vault.yml --new-vault-password-file=newpassword.txt

  Show Answer Answer: A Next