Below are the mongo db playbook tree structure where "main.yaml" will be secured using ansible vault features.
=======================================================================
[root@labin005 ansible]# pwd
[root@labin005 ansible]# pwd
/etc/ansible
[root@labin005 ansible]# cat mongo.yaml ( Main Playbook which will call a roles)
---
- hosts: mongo_UT_Servers ( Hosts are defined in /etc/ansible/hosts file in a Group)
gather_facts: True
roles:
- mongo
[root@labin005 ansible]# tree roles/mongo
roles/mongo
├── files
│ ├── access.conf
│ └── hosts
├── tasks
│ ├── access_user.yaml
│ ├── filesystem.yaml
│ ├── folder.yaml
│ ├── group.yaml
│ ├── grub.yaml
│ ├── inventory
│ ├── kernel_Tunning.yaml
│ ├── main.yaml
│ ├── mount.yaml
│ ├── permission.yaml
│ ├── sudo.yaml
│ ├── swap_off.yaml
│ └── user.yaml
├── templates
└── vars
├── main.yaml
└── vault.yaml
4 directories, 17 files
[root@labin005 ansible]#
========================================================================
Creating an Encrypted File
/etc/ansible/roles/mongo/tasks/main.yaml play book.
[root@labin005 ~]# ansible-vault encrypt /etc/ansible/roles/mongo/tasks/main.yaml
New Vault password:
Confirm New Vault password:
=======================================================================
Run Ansible Playbook with Encrypted Variables --ask-vault-pass
[root@labin005 ansible]# ansible-playbook mongo.yaml --check --ask-vault-pass
Vault password:
PLAY [mongo_UT_Servers]
********************************************************************
TASK [Gathering Facts] **********************************************************************
ok: [labin0103-4]
ok: [labin0103-3]
ok: [labin0103-6]
ok: [labin0104-4]
ok: [labin0103-5]
ok: [labin0103-2]
ok: [labin0111]
TASK [mongo : Create a Group for mongodb | Executing group.yaml] ****************************
changed: [labin0103-6]
changed: [labin0103-5]
changed: [labin0103-4]
changed: [labin0103-3]
changed: [labin0103-2]
changed: [labin0104-4]
changed: [labin0111]
TASK [mongo : MongoDB | Create a User for mongodb | Executing user.yaml] ********************
changed: [labin0103-6]
changed: [labin0103-5]
changed: [labin0103-3]
changed: [labin0103-4]
changed: [labin0103-2]
changed: [labin0104-4]
changed: [labin0111]
TASK [mongo : MongoDB | Filesystem fixlib configuration | Running a filesystem.yaml] ********
changed: [labin0103-4]
changed: [labin0103-3]
changed: [labin0103-6]
changed: [labin0103-5]
changed: [labin0103-2]
changed: [labin0104-4]
changed: [labin0111]
TASK [mongo : MongoDB | Filesystem mongod_data_directory configuration....] *****************
changed: [labin0103-6]
changed: [labin0103-5]
changed: [labin0103-4]
changed: [labin0103-2]
changed: [labin0103-3]
changed: [labin0104-4]
changed: [labin0111]
TASK [mongo : MongoDB | Format new partition fixlib_software_directory] *********************
fatal: [labin0103-5]: FAILED! => {"changed": false, "msg": "Device /dev/sdb1 not found."}
fatal: [labin0103-6]: FAILED! => {"changed": false, "msg": "Device /dev/sdb1 not found."}
fatal: [labin0103-4]: FAILED! => {"changed": false, "msg": "Device /dev/sdb1 not found."}
fatal: [labin0103-2]: FAILED! => {"changed": false, "msg": "Device /dev/sdb1 not found."}
fatal: [labin0103-3]: FAILED! => {"changed": false, "msg": "Device /dev/sdb1 not found."}
fatal: [labin0104-4]: FAILED! => {"changed": false, "msg": "Device /dev/sdb1 not found."}
fatal: [labin0111]: FAILED! => {"changed": false, "msg": "Device /dev/sdb1 not found."}
to retry, use: --limit @/etc/ansible/mongo.retry
PLAY RECAP **********************************************************************************
labin0111 : ok=5 changed=4 unreachable=0 failed=1
labin0103-2 : ok=5 changed=4 unreachable=0 failed=1
labin0103-3 : ok=5 changed=4 unreachable=0 failed=1
labin0103-4 : ok=5 changed=4 unreachable=0 failed=1
labin0103-5 : ok=5 changed=4 unreachable=0 failed=1
labin0103-6 : ok=5 changed=4 unreachable=0 failed=1
labin0104-4 : ok=5 changed=4 unreachable=0 failed=1
Note: This playbook is executed to check vault configuration only , since /dev/sdb1 is not created on the servers due to that playbook giving disk failed status.
