by Tohid Tamboli, Saiprasad Parkar | Published March 19, 2019
Tired of repeatedly logging in to systems and manually entering commands. Need a tool to log in to n number of servers and run the given commands to it? Ansible might be the solution that you are looking for. Ansible can log into any number of servers and perform repetitive tasks without any hassle.
Ansible is an open source IT automation engine which can dramatically improve scalability, consistency, and reliability of your IT environment.
AWX is a web-based solution that makes Ansible even more easy to use for IT teams of all kinds. It is designed to be the hub for all your automation tasks. It has an amazing browsable REST API and allows you to control access, graphically manage or sync inventory with a wide variety of cloud sources, log all your jobs, and integrate well with Lightweight Directory Access Protocol (LDAP).
Ansible Tower is a commercial version based on AWX by Red Hat. Both, AWX and Ansible Tower have similar features.
This tutorial explains how to install Ansible and AWX on a Linux system and how to run a playbook using an AWX server and then assign access to inventory, credentials, and playbooks at an individual level. This makes it possible to set up push-button access to complex automation, and control who can use it and where you can run it.
Playbook – is a script written in YAML language, which contains tasks to be done on the remote servers.
Using AWX and Ansible, you can perform the following tasks:
This section lists the prerequisites and the steps to install Ansible and AWX.
Prerequisites to install Ansible and AWX:
Perform the following steps to install the prerequisites of Ansible and AWX using Red Hat Enterprise Linux 7 / CentOS 7.
Enable firewall using the following command:
# systemctl enable firewalld
# systemctl start firewalld
Allow the server to use the HTTP protocol.
# firewall-cmd --add-service=http --permanent;firewall-cmd --add-service=https --permanent
# systemctl restart firewalld
Install the EPEL repository.
# yum install http://download.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm
Install the prerequisite packages.
# yum install postgresql96-server -y
# yum install -y rabbitmq-server wget memcached nginx ansible
Perform the following steps to install and configure Ansible and AWX packages:
Add the AWX repository to yum.repos.d by performing the following tasks:
Download the repo using the wget command.
# wget https://copr.fedorainfracloud.org/coprs/mrmeee/awx/repo/epel-7/mrmeee-awx-epel-7.repo
Copy to repository to /etc/yum.repos.d/ and name it as awx-repo.repo.
#cp mrmeee-awx-epel-7.repo /etc/yum.repos.d/awx-rpm.repo
# yum install -y awx
Initialize (that is, load the default configuration of) the PostgreSQL server.
# /usr/pgsql-9.6/bin/postgresql96-setup initdb
Enable and start the rabbitmq-server
# systemctl enable rabbitmq-server
# systemctl start rabbitmq-server
Enable and start the PostgreSQL server.
# systemctl enable postgresql-9.6
# systemctl start postgresql-9.6
Enable and start Memcached.
# systemctl enable memcached
# systemctl start memcached
Add a user to the PostgreSQL server.
# sudo -u postgres createuser -S awx
! ignore the error (could not change directory to "/root": Permission denied)
Create a database in PostgreSQL.
# sudo -u postgres createdb -O awx awx
ignore the error (could not change directory to "/root": Permission denied)
Import the necessary data to the database for initializing.
# sudo -u awx /opt/awx/bin/awx-manage migrate
Initialize the configuration for AWX.
# echo "from django.contrib.auth.models import User; User.objects.create_superuser('admin', 'root@localhost', 'password')" | sudo -u awx /opt/awx/bin/awx-manage shell
# sudo -u awx /opt/awx/bin/awx-manage create_preload_data
# sudo -u awx /opt/awx/bin/awx-manage provision_instance --hostname=$(hostname)
# sudo -u awx /opt/awx/bin/awx-manage register_queue --queuename=tower --hostnames=$(hostname)
# cd /etc/nginx/
# cp nginx.conf nginx.conf.bkp
Replace the earlier version of nginx.conf with the new version.
Download the latest nginx.conf file using the following command.
# wget https://raw.githubusercontent.com/cupofcaffeine/ansible/working_one/nginx.conf
Copy the file to /etc/nginx.
# cp nginx.conf /etc/nginx/nginx.conf
# systemctl enable nginx
# systemctl start nginx
Start and enable the AWX services.
# systemctl enable awx-cbreceiver
# systemctl start awx-cbreceiver
# systemctl enable awx-celery-beat
# systemctl start awx-celery-beat
# systemctl enable awx-celery-worker
# systemctl start awx-celery-worker
# systemctl enable awx-channels-worker
# systemctl start awx-channels-worker
# systemctl enable awx-daphne
# systemctl start awx-daphne
# systemctl enable awx-web
# systemctl start awx-web
Open your browser and go to http://awx-server.com and then log in to the AWX server using the default credentials (user name: admin, password: password).Note: It is recommended to change your default password to a strong new password.
We have successfully completed the installation and configuration of Ansible and AWX packages.
Perform the following steps to run a playbook:
Log in to the AWX server with the default credentials (user name as admin and password as password).
Figure 1. Login Page
On the home page or the dashboard, you can see information about your AWX server and its overall status that includes the following details:
Figure 2. Dashboard
Add a new organization.
Figure 3. Creating a new organization
Add a new user.
Figure 4. Create a new user
Add a new inventory.
Adding an inventory is a task to add hosts to the server. All your remote hosts will come under inventory. An inventory can be divided into groups, such as development, testing, and production servers. To add a new inventory:
Figure 5. Create a new inventory
Host name can be a working IP address or a URL. For example, 192.168.1.23 or aaa.company.com.
Figure 6. Add a host to inventory
In AWX, credentials are stored separately. This is very efficient in a LDAP scenario where we can use a single credential to any number of hosts.
Figure 7. Add credentials of corresponding host.
Add a new project.
Figure 8. Creating a project
Add a new template.
Here we select the specific playbook to be executed from the project we added.
Figure 9. Creating template
Run the required job.
On the TEMPLATES page, select the template you want to run and click the job launcher icon.
Figure 10. Running a job
You will be redirected to the currently running job page. Notice that the verbose of the job you just ran is displayed.
Observe if the job ran successfully or not.
Figure 11. Verbose to job executed
Thus, by using AWX, it is possible to provide granularity on the privileges to be assigned.
In this tutorial we learnt how to install and configure Ansible and AWX on a Linux system (that is, Centos). We created an organization including an inventory and a project. We then created a template in which we used a playbook from the GitHub and executed the same. We also observed the verbose for the execution of a playbook and the status indicating whether it ran successfully.
January 29, 2019
January 24, 2019
January 28, 2019
Back to top