Ansible AWX may be the OpenSource form of ansible tower. AWX provides a user that is web-based, REST API, and task engine built on top of Ansible. It is the project that is upstream Tower, a commercial derivative of AWX.
In this guide, I shall explain to you how exactly to install and configure AWX utilizing Docker.
i’ll be utilizing 3 servers with centos 7 installation that is minimal SELinux in permissive mode.
- 192.168.1.25 AWX Server
- 192.168.1.21 client1
- 192.168.1.22 client2
System Requirements for AWX Server
- At least 4GB of memory.
- At least 2 cpu cores.
- At least 20GB of space.
- Running Docker, Openshift, or Kubernetes.
Check the SELinux configuration.
sestatus
Result:
[[email protected] ~]# sestatus SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: permissive Mode from config file: permissive Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 28 [[email protected] ~]#
Disable firewalld.
[[email protected] installer]# systemctl stop firewalld [[email protected] installer]# systemctl disable firewalld Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed symlink fedoraproject.FirewallD1.service that is/etc/systemd/system/dbus-org13; [[email protected] installer]#
Adding the host entries in /etc/hosts
[[email protected] ~]# cat /etc/hosts 192.168.1.25 awx.sunil.cc awx 192.168.1.21 client1.sunil.cc client1 192.168.1.22 client2.sunil.cc client2 [[email protected] ~]#
Enable epel repo.
[[email protected] ~]# yum install -y epel-release
Install the packages.
[[email protected] ~]# yum install -y yum-utils device-mapper-persistent-data lvm2 ansible git python-devel python-pip python-docker-py vim-enhanced
Configure docker ce stable repository.
[[email protected] ~]# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
Installing docker.
[[email protected] ~]# yum install docker-ce -y
Start docker solution.
[[email protected] ~]# systemctl begin docker
Enable docker solution.
[[email protected] ~]# systemctl enable docker
Cloning the AWX repo.
[[email protected] ~]# git clone https://github.com/ansible/awx.git [[email protected] ~]# cd awx/ [[email protected] awx]# git clone https://github.com/ansible/awx-logos.git [[email protected] awx]# pwd /root/awx [[email protected] awx]#
Go in to the installer directory within /root/awx.
[[email protected] awx]# cd installer/
Edit the next parameters in stock.
[[email protected] awx]# vim stock postgres_data_dir=/var/lib/pgdocker awx_official=true awx_alternate_dns_servers="4.2.2.1,4.2.2.2" project_data_dir=/var/lib/awx/projects
Your setup should appear to be this.
[[email protected] installer]# cat stock |grep -v "#" localhost ansible_connection=local ansible_python_interpreter="/usr/bin/env python" [all:vars] dockerhub_base=ansible dockerhub_version=latest rabbitmq_version=3.6.14 awx_secret_key=awxsecret postgres_data_dir=/var/lib/pgdocker host_port=80 docker_compose_dir=/var/lib/awx pg_username=awx pg_password=awxpass pg_database=awx pg_port=5432 awx_official=true awx_alternate_dns_servers="4.2.2.1,4.2.2.2" project_data_dir=/var/lib/awx/projects [[email protected] installer]#
Now deploying AWX via Docker.
[[email protected] installer]# ansible-playbook inventory install.yml that is-i -vv
This will take a while depending upon the configuration of the server.
To check the deployment of ansible play for AWX run the command that is below
[[email protected] installer]# docker container ls CONTAINER ID IMAGE COMMAND CREATED REPUTATION PORTS NAMES 318c7c95dcbb ansible/awx_task:latest "/tini -- /bin/sh -c." 12 mins ago Up 12 mins 8052/tcp awx_task 642c2f272e31 ansible/awx_web:latest "/tini -- /bin/sh -c." 12 mins ago Up 12 mins 0.0.0.0:80->8052/tcp awx_web 641b42ab536f memcached:alpine "docker-entrypoint.s." 18 mins ago Up 18 mins 11211/tcp memcached b333012d90ac rabbitmq:3 "docker-entrypoint.s." 19 mins ago Up 19 mins 4369/tcp, 5671-5672/tcp, 25672/tcp rabbitmq ada52935513a postgres:9.6 "docker-entrypoint.s." 19 mins ago Up 19 mins 5432/tcp postgres [[email protected] installer]#
AWX is prepared and that can be accessed through the web browser.
username is “admin” as well as the password is “password”.
Configure passwordless login from AWX host
Create a person on all 3 hosts. Proceed with the actions below on all 3 servers.
[[email protected] ~]# useradd ansible [[email protected] ~]# useradd ansible [[email protected] ~]# useradd ansible
Generating ssh key:
[[email protected] ~]# su - ansible [[email protected] ~]$ ssh-keygen Generating public/private rsa key pair. Enter file where to save lots of the main element (/home/ansible/.ssh/id_rsa): Created directory '/home/ansible/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase once more: Your recognition was conserved in /home/ansible/.ssh/id_rsa. Your key that is public has saved in /home/ansible/.ssh/id_rsa.pub. The fingerprint that is key: SHA256:j30gyTVQxcWIocdKMbVieZvfJzGkCjXhjtc5qu+fE8o [email protected] The main element's randomart image is: +---[RSA 2048]----+ | +o==.+. | | O.oo . | | * @ . | | is + + | | S * = o | | B =.o o | | ..=.o.o .| | .E... o | | .oo.o. | +----[SHA256]-----+ [[email protected] ~]$
Adding the sudoers entry on all 3 servers as a entry that is last the file.
[[email protected] ~]# visudo ansible ALL=(each) NOPASSWD: ALL
Copy the information of id_rsa.pub to authorized_keys on all 3 servers.
[[email protected] .ssh]$ pet id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4QmuzjVnGUnT1o6xGXD3DCDPUMiTf0xUkOU4kYrkpxHYZ1nWG1MBNGWChywobnTKYDh4c23w that is****************************************************************************************************************************************************************************)+ftSyPHAdeV6KOwADOu6MXvMXHMK3EDe4jn+R0ZArQTEF2qKSBgve(*****************************************************************************************************************************)ULmWCREW9e6fTXLmOowIBDAar01CThmAzYCnBDNAFOsolh9dL1CKwLCvOyK1UBgJlfrzdGI/+fS7aFiaqhXpt6hI4xndJf [email protected] [[email protected] .ssh]$ pwd /home/ansible/.ssh [[email protected] ~]$ cat .ssh/authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4QmuzjVnGUnT1o6xGXD3DCDPUMiTf0xUkOU4kYrkpxHYZ1nWG1MBNGWChywobnTKYDh4c23w that is****************************************************************************************************************************************************************************)+ftSyPHAdeV6KOwADOu6MXvMXHMK3EDe4jn+R0ZArQTEF2qKSBgve(*****************************************************************************************************************************)ULmWCREW9e6fTXLmOowIBDAar01CThmAzYCnBDNAFOsolh9dL1CKwLCvOyK1UBgJlfrzdGI/+fS7aFiaqhXpt6hI4xndJf [email protected] [[email protected] ~]$chmod 600 .ssh/authorized_keys
client1
[[email protected] ~]# su - ansible [[email protected] ~]$ ls [[email protected] ~]$ mkdir .ssh [[email protected] ~]$ pet .ssh/authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4QmuzjVnGUnT1o6xGXD3DCDPUMiTf0xUkOU4kYrkpxHYZ1nWG1MBNGWChywobnTKYDh4c23w that is****************************************************************************************************************************************************************************)+ftSyPHAdeV6KOwADOu6MXvMXHMK3EDe4jn+R0ZArQTEF2qKSBgve(*****************************************************************************************************************************)ULmWCREW9e6fTXLmOowIBDAar01CThmAzYCnBDNAFOsolh9dL1CKwLCvOyK1UBgJlfrzdGI/+fS7aFiaqhXpt6hI4xndJf [email protected] [[email protected] ~]$ chmod 700 .ssh [[email protected] ~]$ chmod 600 .ssh/authorized_keys
client2
[[email protected] ~]# su - ansible [[email protected] ~]$ ls [[email protected] ~]$ mkdir .ssh [[email protected] ~]$ cat .ssh/authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4QmuzjVnGUnT1o6xGXD3DCDPUMiTf0xUkOU4kYrkpxHYZ1nWG1MBNGWChywobnTKYDh4c23w that is****************************************************************************************************************************************************************************)+ftSyPHAdeV6KOwADOu6MXvMXHMK3EDe4jn+R0ZArQTEF2qKSBgve(*****************************************************************************************************************************)ULmWCREW9e6fTXLmOowIBDAar01CThmAzYCnBDNAFOsolh9dL1CKwLCvOyK1UBgJlfrzdGI/+fS7aFiaqhXpt6hI4xndJf [email protected] [[email protected] ~]$ chmod 700 .ssh [[email protected] ~]$ chmod 600 .ssh/authorized_keys
Validating the login that is keyless********)
[[email protected] .ssh]$ ssh client1 The authenticity of host 'client1 (192.168.1.21)' can't be established. ECDSA fingerprint that is key SHA256:TUQNYdF4nxofGwFO7/z+Y5dUETVEI0xPQL4n1cUcoCI. ECDSA fingerprint that is key MD5:5d:73:1f:64:0e:03:ac:a7:7b:33:76:08:6d:09:90:26. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'client1,192.168.1.21' (ECDSA) to the list of known hosts. Last login: Sun Mar 4 13:39:33 2018 [[email protected] ~]$ exit logout Connection to client1 closed. [[email protected] .ssh]$ [[email protected] .ssh]$ ssh client2 The authenticity of host 'client2 (192.168.1.22)' can't be established. ECDSA fingerprint that is key SHA256:7JoWzteeQBwzc4Q3GGN+Oa4keUPMca/jtqv7gmmEZxg. ECDSA fingerprint that is key MD5:85:77:3a:a3:07:31:d4:c1:41:ed:30:db:74:b4:ce:67. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'client2,192.168.1.22' (ECDSA) to the list of known hosts. Last login: Sun Mar 4 13:51:27 2018 [[email protected] ~]$ exit logout Connection to client2 closed. [[email protected] .ssh]$
Now click on this icon and go to credentials -> add
Choose an organization and fill in the username and description.
Here the username is “ansible”
Choose ‘machine’ under credential type and fill the details.
Get the key that is private AWX host.
[[email protected] .ssh]$ pwd /home/ansible/.ssh [[email protected] .ssh]$ pet id_rsa id_rsa id_rsa.pub [[email protected] .ssh]$ pet id_rsa -----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEAuEJrs41ZxlJ09aOsRlw9wwgz1DIk39MVJDlOJGK5KcR2GdZ1 htTATRlgoclqG50ymA4eHPNPn7UsjxwHXleijsAAzrujF7zFxzCtxA3uI5/kdGQK 0ExBdqikgYL3tt8ELuSKKnVo7waCBBqscNy5GG3RsWeXaipT+Xj5ESmpeE53FfrZ Ybng2is/EH714M/sto3NxzFgB+mu1GLAyrrQ7bZgw1VMHzHL6EvY9lWDlB5Ewnp8 f9mN9velC5lgkRFvXun01y5jqMCAQwGq9NQk4ZgM2ApwQzQBTrKJYfXS9QisCwrz sitVAYCZX683RiP/n0u2hYmqoV6beoSOMZ3SXwIDAQABAoIBAQCcfiUU6S9fJfca DTmqxHrcIyJJzZDN3GvvSRBaDNLwa2BWz3Mf4Z+1m6Ebp4IME/W9ePgQZIGyxeAj Z43Gja2Nifrlmi2JYpWjeG+MvLwN26XfSHx6rtlGmzKkoIQc98qIvSevqepGYAOa 0sC0VnKKEfNvtei+jVam4hy/e9/oQWHV8c/yueLWpCx2pWOy5m7WVLdwNQSK+8pu sxHLFTNCSC9wddBN80FVxhJQ7L4D2DzcprhcfUz6Uz7Ju7v8MtSksirDnaGliWJ3 NvxhntJYKvgQ30pvBr//y0lYnAB+O0jJhOpHlgD2hNSlI8sgUxmVyl+gC9Dhnq+v 1uKm3CThAoGBAOx+YIGGT/ymqJ53k8Dj4keKctI4+E3p/7Tr2jEyRff177VUjITQ UnrRTw1W+XSE5cszitVYbv0WUwTJoSSrKaRaVG7iORaqcv0LkG8gnlcrcifRXSl5 5xMsPCw0adwtoyhrHQLbENntMl+iQw2JbE6fvldvNe2kPdL3B2T7Jw1RAoGBAMd1 GvsOHLaKtTD0me+wgGnql0GIp90elE7rQ1p6VMxZkE68b+0jX9xHAt2zxocR84+L Gi6uAZvBqnwmH48c7Do6/oulrJXH2OcT6S8+F/kM7PWNT0Z0J0MW/+npVoPwSihZ N4/uanR47L0YYVlTRgxmakSUZnitrEz754V+YjivAoGBAM1qtC6tWHrO0/XZTbik +F5FrphVLbCXiSlAF6TV0xqfP5gUmX2faZUOi4i9vC3uZZ9L5NKNXtJseq3U6Sht l90PLPmnfAjpArozOkCcZ4y1yxE09KPbI9BugtGusSizZ13rNCbP22I/eprA2Vc/ v5jHflB547DIEX9WXNDkqjYRAoGACD3ag40tuo04t3Ej+zd71uSOo3KWHRjqX+hw vAhaAKeiwt4ecdoIV/3HLIoFJgej3MaOqmceQeVaug6JN0ympjFR20tZOkcru0Cj XgRe0Tergun34J1kEe2dXXj6zjDbn5cwKI5db7qfbaDYROyf9Fs3AOZw5YOnnva5 tlZmkJkCgYB0tuVLQSOWsqjTAgkw7tDIMOds9o8dpGJTvXxcs2qWJIDQPQWxHVSl Qimh5DFBkrNDAYKKC386KaZOEKwG7G1YuGbh1+ns3piscJaBi2lPaeA1Y/QA6pCT t9Hbdzre5x0gDbKSHOk+QLJkVdfQX9jamRE6W0k0pXVF6ur8N5zfxA== -----END RSA PRIVATE KEY----- [[email protected] .ssh]$
Private key (instance).
-----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEAuEJrs41ZxlJ09aOsRlw9wwgz1DIk39MVJDlOJGK5KcR2GdZ1 htTATRlgoclqG50ymA4eHPNPn7UsjxwHXleijsAAzrujF7zFxzCtxA3uI5/kdGQK 0ExBdqikgYL3tt8ELuSKKnVo7waCBBqscNy5GG3RsWeXaipT+Xj5ESmpeE53FfrZ Ybng2is/EH714M/sto3NxzFgB+mu1GLAyrrQ7bZgw1VMHzHL6EvY9lWDlB5Ewnp8 f9mN9velC5lgkRFvXun01y5jqMCAQwGq9NQk4ZgM2ApwQzQBTrKJYfXS9QisCwrz sitVAYCZX683RiP/n0u2hYmqoV6beoSOMZ3SXwIDAQABAoIBAQCcfiUU6S9fJfca DTmqxHrcIyJJzZDN3GvvSRBaDNLwa2BWz3Mf4Z+1m6Ebp4IME/W9ePgQZIGyxeAj Z43Gja2Nifrlmi2JYpWjeG+MvLwN26XfSHx6rtlGmzKkoIQc98qIvSevqepGYAOa 0sC0VnKKEfNvtei+jVam4hy/e9/oQWHV8c/yueLWpCx2pWOy5m7WVLdwNQSK+8pu sxHLFTNCSC9wddBN80FVxhJQ7L4D2DzcprhcfUz6Uz7Ju7v8MtSksirDnaGliWJ3 NvxhntJYKvgQ30pvBr//y0lYnAB+O0jJhOpHlgD2hNSlI8sgUxmVyl+gC9Dhnq+v 1uKm3CThAoGBAOx+YIGGT/ymqJ53k8Dj4keKctI4+E3p/7Tr2jEyRff177VUjITQ UnrRTw1W+XSE5cszitVYbv0WUwTJoSSrKaRaVG7iORaqcv0LkG8gnlcrcifRXSl5 5xMsPCw0adwtoyhrHQLbENntMl+iQw2JbE6fvldvNe2kPdL3B2T7Jw1RAoGBAMd1 GvsOHLaKtTD0me+wgGnql0GIp90elE7rQ1p6VMxZkE68b+0jX9xHAt2zxocR84+L Gi6uAZvBqnwmH48c7Do6/oulrJXH2OcT6S8+F/kM7PWNT0Z0J0MW/+npVoPwSihZ N4/uanR47L0YYVlTRgxmakSUZnitrEz754V+YjivAoGBAM1qtC6tWHrO0/XZTbik +F5FrphVLbCXiSlAF6TV0xqfP5gUmX2faZUOi4i9vC3uZZ9L5NKNXtJseq3U6Sht l90PLPmnfAjpArozOkCcZ4y1yxE09KPbI9BugtGusSizZ13rNCbP22I/eprA2Vc/ v5jHflB547DIEX9WXNDkqjYRAoGACD3ag40tuo04t3Ej+zd71uSOo3KWHRjqX+hw vAhaAKeiwt4ecdoIV/3HLIoFJgej3MaOqmceQeVaug6JN0ympjFR20tZOkcru0Cj XgRe0Tergun34J1kEe2dXXj6zjDbn5cwKI5db7qfbaDYROyf9Fs3AOZw5YOnnva5 tlZmkJkCgYB0tuVLQSOWsqjTAgkw7tDIMOds9o8dpGJTvXxcs2qWJIDQPQWxHVSl Qimh5DFBkrNDAYKKC386KaZOEKwG7G1YuGbh1+ns3piscJaBi2lPaeA1Y/QA6pCT t9Hbdzre5x0gDbKSHOk+QLJkVdfQX9jamRE6W0k0pXVF6ur8N5zfxA== -----END RSA PRIVATE KEY-----
Copy the personal key under ssh personal key and then click on salvage.
Click on Inventories and then click on incorporate stock.
Fill the main points consequently.
Click on hosts -> include host.
Add the under details********) that is:(*********************)
Add the below details for client2.
Test the connectivity via AWX.
Select both the hosts and click on run commands.
Choose ping and other details and click on Launch.
That’s it for this tutorial. I will show you in the tutorial that is next to install AWX via rpm and how exactly to run playbooks, doing API calls in further tutorials.
Comments