第22章 Registering the system by using RHEL system roles

Procedure

1. Store your sensitive variables in an encrypted file:

   1. Create the vault:

      $ ansible-vault create ~/vault.yml
      New Vault password: <password>
      Confirm New Vault password: <vault_password>

   2. After the ansible-vault create command opens an editor, enter the sensitive data in the <key>: <value> format:

      activationKey: <activation_key>
      organizationID: <organizationID>
      username: <username>
      password: <password>

   3. Save the changes, and close the editor. Ansible encrypts the data in the vault.

2. Create a playbook file, for example, ~/playbook.yml, with the following content:

   • To register by using an activation key and organization ID (recommended), use the following playbook:

     ---
     - name: Managing systems with the rhc RHEL system role
       hosts: managed-node-01.example.com
       vars_files:
         - ~/vault.yml
       tasks:
         - name: Registering system by using activation key and organization ID
           ansible.builtin.include_role:
             name: redhat.rhel_system_roles.rhc
           vars:
             rhc_auth:
               activation_keys:
                 keys:
                   - "{{ activationKey }}"
             rhc_organization: "{{ organizationID }}"

     The settings specified in the example playbook include the following:

     rhc_auth: activation_keys

     The key activation_keys specifies that you want to register by using the activation keys.

     For details about all variables used in the playbook, see the /usr/share/ansible/roles/rhel-system-roles.rhc.README.md file on the control node.

   • To register by using a username and password, use the following playbook:

     ---
     - name: Managing systems with the rhc RHEL system role
       hosts: managed-node-01.example.com
       vars_files:
         - ~/vault.yml
       tasks:
         - name: Registering system with username and password
           ansible.builtin.include_role:
             name: redhat.rhel_system_roles.rhc
           vars:
             rhc_auth:
               login:
                 username: "{{ username }}"
                 password: "{{ password }}"

   The settings specified in the example playbook include the following:

   +

   rhc_auth: login

   The key login specifies that you want to register by using the username and password.

3. Validate the playbook syntax:

   $ ansible-playbook --syntax-check --ask-vault-pass ~/playbook.yml

   Note that this command only validates the syntax and does not protect against a wrong but valid configuration.

4. Run the playbook:

   $ ansible-playbook --ask-vault-pass ~/playbook.yml