Free Red-Hat EX407 Exam Dumps Questions

CORRECT TEXT
Create a playbook /home/bob/ansible/timesync.yml that runs on hosts in the webservers host group and does the following:
• Uses the timesync RHEL system role.
• Sets the ntp server to 0.uk.pool.ntp.org
• Sets the timezone to UTC
Solution:
Solution as:


Does this meet the goal?

Correct Answer:A

CORRECT TEXT
=====================================================================
==============
control.realmX.example.com _ workstation.lab.example.com node1.realmX.example.com _ servera.lab.example.com node2.realmX.example.com _ serverb.lab.example.com node3.realmX.example.com _ serverc.lab.example.com node4.realmX.example.com _ serverd.lab.example.com node5.realmX.example.com
- username:root, password:redhat
- username:admin, password:redhat
note1. don??t change ??root?? or ??admin?? password.
note2. no need to create ssh-keygen for access, its pre-defined
note3. SELinux is in enforcing mode and firewalld is disabled/stop on whole managed hosts.
=====================================================================
==============
Create an Ansible vault to store user passwords as follows:
* The name of the vault is valut.yml
* The vault contains two variables as follows:
- dev_pass with value wakennym
- mgr_pass with value rocky
* The password to encrypt and decrypt the vault is atenorth
* The password is stored in the file /home/admin/ansible/password.txt
Solution:
Solution as:
# pwd
/home/admin/ansible
# echo "atenorth" >password.txt
# chmod 0600 password.txt
# ansible-vault create vault.yml --vault-password-file=password.txt
---
- dev_pass: wakennym
- mgr_pass: rocky wq
# cat vault.yml
$ANSIBLE_VAULT;1.1;AES256 363838623761643164363536653437656433313934333735646137626665313130343364
38353662
3464346331346461306337633632393563643531376139610a3435313261306632666135
33633562
386234393166313064636237613439393732633331343532643338343532643439343737
65643737
3535303630626666370a6436633666343838633933386166616666323531393064363164
30616334
653861343933636431333637386561306365323464313762656130663261626434376430
64313863
6633333537303334333437646163343666666132316639376531
# ansible-vault view vault.yml password:******
---
- dev_pass: wakennym
- mgr_pass: rocky

Does this meet the goal?

Correct Answer:A

CORRECT TEXT
Install and configure ansible
User bob has been created on your control node. Give him the appropriate permissions on the control node. Install the necessary packages to run ansible on the control node.
Create a configuration file /home/bob/ansible/ansible.cfg to meet the following requirements:
• The roles path should include /home/bob/ansible/roles, as well as any other path that may be required for the course of the sample exam.
• The inventory file path is /home/bob/ansible/inventory.
• Ansible should be able to manage 10 hosts at a single time.
• Ansible should connect to all managed nodes using the bob user. Create an inventory file for the following five nodes: nodel.example.com
node2.example.com node3.example.com node4.example.com node5.example.com
Configure these nodes to be in an inventory file where node1 is a member of group dev. nodc2 is a member of group test, nodc3 is a member of group proxy, nodc4 and node 5 are members of group prod. Also, prod is a member of group webservers.
Solution:
In/home/sandy/ansible/ansible.cfg [defaults] inventory=/home/sandy/ansible/inventory
roles_path=/home/sandy/ansible/roles remote_user= sandy host_key_checking=false [privilegeescalation]
become=true become_user=root become_method=sudo become_ask_pass=false
In /home/sandy/ansible/inventory
[dev]
node 1 .example.com [test] node2.example.com [proxy]
node3 .example.com [prod] node4.example.com node5 .example.com [webservers:children] prod

Does this meet the goal?

Correct Answer:A

CORRECT TEXT
=====================================================================
==============
control.realmX.example.com _ workstation.lab.example.com node1.realmX.example.com _ servera.lab.example.com node2.realmX.example.com _ serverb.lab.example.com node3.realmX.example.com _ serverc.lab.example.com node4.realmX.example.com _ serverd.lab.example.com node5.realmX.example.com
- username:root, password:redhat
- username:admin, password:redhat
note1. don??t change ??root?? or ??admin?? password.
note2. no need to create ssh-keygen for access, its pre-defined
note3. SELinux is in enforcing mode and firewalld is disabled/stop on whole managed hosts.
=====================================================================
==============
Create user accounts
------------------------
--> A list of users to be created can be found in the file called user_list.yml
which you should download from http://classroom.example.com/user_list.yml and save to /home/admin/ansible/
--> Using the password vault created elsewhere in this exam, create a playbook called create_user.yml
that creates user accounts as follows:
--> Users with a job description of developer should be:
--> created on managed nodes in the "dev" and "test" host groups assigned the password from the "dev_pass"
variable and these user should be member of supplementary group "devops".
--> Users with a job description of manager should be:
--> created on managed nodes in the "prod" host group assigned the password from the "mgr_pass" variable
and these user should be member of supplementary group "opsmgr"
--> Passwords should use the "SHA512" hash format. Your playbook should work using the vault password file
created elsewhere in this exam.
while practising you to create these file hear. But in exam have to download as per questation.
user_list.yml file consist:
---
user:
- name: user1 job: developer
- name: user2 job: manager
Solution:
Solution as:
# pwd
/home/admin/ansible
# wget http://classroom.example.com/user_list.yml
# cat user_list.yml
# vim create_user.yml
---
- name: hosts: all vars_files:
- ./user_list.yml
- ./vault.yml tasks:
- name: creating groups group:
name: "{{ item }}" state: present
loop:
- devops
- opsmgr
- name: creating user user:
name: "{{ item.name }}" state: present
groups: devops
password: "{{ dev_pass|password_hash ('sha512') }}" loop: "{{ user }}"
when: (inventory_hostname in groups['dev'] or inventory_hostname in groups['test']) and item.job == "developer"
- name: creating user user:
name: "{{ item.name }}" state: present
groups: opsmgr
password: "{{ mgr_pass|password_hash ('sha512') }}" loop: "{{ user }}"
when: inventory_hostname in groups['prod'] and item.job == "manager" wq!
# ansible-playbook create_user.yml -–vault-password-file=password.txt -–syntax-check
# ansible-playbook create_user.yml -–vault-password-file=password.txt

Does this meet the goal?

Correct Answer:A

CORRECT TEXT
Create a playbook called regulartasks.yml which has the system that append the date to
/root/datefile every day at noon. Name is job 'datejob'
Solution:
Solution as:


Does this meet the goal?

Correct Answer:A

CORRECT TEXT
===================================================================================
control.realmX.example.com _ workstation.lab.example.com
node1.realmX.example.com _ servera.lab.example.com
node2.realmX.example.com _ serverb.lab.example.com
node3.realmX.example.com _ serverc.lab.example.com
node4.realmX.example.com _ serverd.lab.example.com
node5.realmX.example.com
- username:root, password:redhat
- username:admin, password:redhat
note1. don??t change ??root?? or ??admin?? password.
note2. no need to create ssh-keygen for access, its pre-defined
note3. SELinux is in enforcing mode and firewalld is disabled/stop on whole managed hosts.
===================================================================================
Create a role called apache in "/home/admin/ansible/roles" with the following requirements:
--> The httpd package is installed, enabled on boot, and started.
--> The firewall is enabled and running with a rule to allow access to the web server.
--> template file index.html.j2 is used to create the file /var/www/html/index.html with the output:
Welcome to HOSTNAME on IPADDRESS
--> Where HOSTNAME is the fqdn of the managed node and IPADDRESS is the IP-
Address of the managed node.
note: you have to create index.html.j2 file.
--> Create a playbook called httpd.yml that uses this role and the playbook runs on hosts in the webservers host group.
Solution:
Solution as:
----------
# pwd
/home/admin/ansible/roles/
# ansible-galaxy init apache
# vim apache/vars/main.yml
---
# vars file for apache http_pkg: httpd firewall_pkg: firewalld http_srv: httpd firewall_srv: firewalld rule: http
webpage: /var/www/html/index.html template: index.html.j2
wq!
# vim apache/tasks/package.yml
---
- name: Installing packages yum:
name:
- "{{http_pkg}}"
- "{{firewall_pkg}}" state: latest
wq!
# vim apache/tasks/service.yml
---
- name: start and enable http service service:
name: "{{http_srv}}" enabled: true
state: started
- name: start and enable firewall service service:
name: "{{firewall_srv}}" enabled: true
state: started wq!
# vim apache/tasks/firewall.yml
---
- name: Adding http service to firewall firewalld:
service: "{{rule}}" state: enabled permanent: true immediate: true wq!
# vim apache/tasks/webpage.yml
---
- name: creating template file template:
src: "{{template}}"
dest: "{{webpage}}" notify: restart_httpd
!wq
# vim apache/tasks/main.yml
# tasks file for apache
- import_tasks: package.yml
- import_tasks: service.yml
- import_tasks: firewall.yml
- import_tasks: webpage.yml wq!
# vim apache/templates/index.html.j2
Welcome to {{ ansible_facts.fqdn }} on {{ ansible_facts.default_ipv4.address }}
# vim apache/handlers/main.yml
---
# handlers file for apache
- name: restart_httpd
service: name: httpd
state: restarted wq!
# cd ..
# pwd
/home/admin/ansible/
# vim httpd.yml
---
- name: Including apache role hosts: webservers
pre_tasks:
- name: pretask message debug:
msg: 'Ensure webserver configuration' roles:
- ./roles/apache post_tasks:
- name: Check webserver uri:
url: "http://{{ ansible_facts.default_ipv4.address }}" return_content: yes
status_code: 200 wq!
# ansible-playbook httpd.yml –-syntax-check
# ansible-playbook httpd.yml
# curl http://serverx

Does this meet the goal?

Correct Answer:A