virtualenv venv
source venv/bin/activate
pip3 install ansible==2.10.7
# for testing purposes we only the defaults without a passphrase
ssh-keygen
ssh-copy-id [email protected]<your-user>-i-01.<prefix>.commandemy.training
ssh-copy-id [email protected]<your-user>-i-02.<prefix>.commandemy.training
ssh-copy-id [email protected]<your-user>-i-03.<prefix>.commandemy.training
update ~/playbooks/inventory
with your user-number entries and animal
test ansible config with server.yml
cd playbooks
ansible-playbook server.yml
$ curl -L https://omnitruck.cinc.sh/install.sh \
| sudo bash -s -- -P cinc-workstation \
-v 20.8.125 -c unstable
$ # on centos 8
$ sudo dnf group install "Development Tools"
- Installation of the ansible provisioner
- Installation of the docker driver
$ chef gem install kitchen-ansible
$ chef gem install kitchen-docker
ssh [email protected]<your-user>-i-01.<prefix>.commandemy.training hostname -f
# now use that as youre remote host
REMOTE_HOST=$(ssh [email protected]<your-user>-i-01.<prefix>.commandemy.training hostname -f)
export DOCKER_HOST=tcp://$REMOTE_HOST:2375
# check what you've got
echo $DOCKER_HOST
# chef if it is working
docker ps
use inspec to get compliance state of linux node:
cinc-auditor exec -i ~/.ssh/id_rsa \
-t ssh://[email protected] \
https://github.com/dev-sec/linux-baseline.git
run your inspec test against remote node:
cinc-auditor exec -i ~/.ssh/id_rsa \
-t ssh://[email protected] \
~/playbooks/roles/webserver/test/integration/default/inspec/
get the httpd config for centos-7
scp coder@host-git-<your-number>.commandemy.training:\
/etc/httpd/conf/httpd.conf \
~/playbooks/roles/webserver/templates/httpd.conf.8.j2
get the httpd config for centos-6 from kitchen
# get the port:
cd ~/playbooks/roles/webserver/
cat .kitchen/default-centos-67.yml
# now use that port in the scp commmand
scp -P <the-port-number> -i .kitchen/docker_id_rsa [email protected]:/etc/httpd/conf/httpd.conf templates/httpd.conf.6.j2