3.1. Quick-start setup

This section describes the needed steps to setup a Test bench from a common point of view in quick and fast way. In the further sections covers special use cases which are described in detail then.

The setup of Ansible is explained on the Ansible Getting Started page. Here is only the setup of the managed nodes and special details for the management system covered. For every system you want to manage, you need to have the client’s SSH key in the authorized_keys file of the managed system and Python.

3.1.1. Prerequisites

On the managing system you need the Ansible package.

# yum -y install ansible

Make sure that Python is installed on the managed node(s). If not, install the Python package. If you have performed a minimal Fedora installation Python is available. Otherwise:

# yum -y install python

3.1.2. Fedora Security Lab test bench git repository

You need to clone the Fedora Security Lab test bench git repository which contains all the playbooks. Playbooks are recipes to perform task on a remote system.

$ git clone git@github.com:fabaff/fsl-test-bench.git

If you want to contribute back to this Project, please fork it first.

3.1.3. SSH key

Then you must copy the SSH key of the managing system to the authorized_keys file of . Lauch the command from below on the managing system.

$ sudo ssh-copy-id -i /root/.ssh/id_rsa.pub root@[IP address of the node]

3.1.4. /etc/ansible/hosts

The file /etc/ansible/hosts shall contain all managed hosts to be setup up. The available groups are:

  • fsl-tb: Default group name for machine which uses the all-in-one playbook
  • fsl-tb-vpn: Group name for machine which acts as VPN servers
  • fsl-tb-master: Hosts for FSL Test bench guests when using virtualization
  • fsl_hosts: Hosts to install the Fedora Security Lab package set

Those groups are mentioned in the playbooks to setup only the named hosts.

More information about this topic are available are in the Ansible documentation.

3.1.5. Variables

After cloning the git repository, please review and edit the variables files.

The file variables/sensitive.yml contains all passwords for root, the users, and the details for the certificate. Please edit this file according to your needs.

In the file variables/local.yml are several networking preferences stored. If you run into conflicts with your local network settings (e.g. IP range, etc.) please change the values.

3.1.6. Run it

Now let Ansible do the work. Below the command is shown to setup the Fedora Security Lab Test bench with the all-in-one.yml playbook.

$ sudo ansible-playbook fsl-test-bench/all-in-one.yml

All hosts which belongs to the fsl-tb group will be converted into Fedora Security Lab Test benches.