Ansible AWX with Docker on CentOS 7

Introduction of AWX

Ansible AWS is the Open Source version of ansible tower. AWX provides a web-based user interface, REST API, and task engine built on top of Ansible. It is the upstream project for Ansible Tower, a commercial derivative of AWX.

System Requirements for AWX Server

  • At least 2 cpu cores.
  • At least 4GB RAM
  • > 20GB of Hard Disk Size

Check SELinux configuration

sestatus
Result:
[root@awx ~]# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   permissive
Mode from config file:          permissive
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28
[root@awx ~]#

Disbled firewalld
[root@awx installer]# systemctl stop firewalld
[root@awx installer]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@awx installer]#

 Enable epel repo
[root@awx ~]# yum install -y epel-release

 Install packages
[root@awx ~]# yum install -y yum-utils device-mapper-persistent-data lvm2 ansible git python-devel python-pip python-docker-py vim-enhanced gettext nodejs npm gcc-c++ bzip2
[root@awx ~]# pip install docker-compose

 Configure docker ce stable repository
[root@awx ~]# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

 Docker install and configuration
[root@awx ~]# yum install docker-ce -y
[root@awx ~]# systemctl start docker
[root@awx ~]# systemctl enable docker

 Git AWX repo to local folder
[root@awx ~]# git clone https://github.com/ansible/awx.git
[root@awx ~]# cd awx/
[root@awx awx]# git clone https://github.com/ansible/awx-logos.git
[root@awx awx]# pwd
/root/awx
[root@awx awx]# cd installer/

 Create awx user without password
[root@awx ~]# useradd awx
[root@awx ~]# passwd -d awx

 Create awx projects folder and change ownership / permission
[root@awx ~]# mkdir -p /home/awx/awx_projects/test
[root@awx ~]# chown -R awx:awx /home/awx/awx_projects
[root@awx ~]# chmod -R 775 /home/awx/awx_projects

Edit the following parameters in /root/awx/installer/inventory
[root@awx awx]# vim inventory

awx_task_hostname=awx
awx_web_hostname=awxweb
awx_official=true
awx_alternate_dns_servers="8.8.8.8,8.8.4.4"
host_port=80
secret_key=
project_data_dir=/root/awx/awx_projects

dockerhub_base=ansible
dockerhub_version=latest
docker_compose_dir=/root/awx/awx_projects

rabbitmq_version=latest
rabbitmq_password=C8DruSpbLhexv2AU
rabbitmq_erlang_cookie=cookiemonster

admin_user=admin
admin_password=password

create_preload_data=True

postgres_data_dir=/root/awx/pgdata
pg_username=awx
pg_database=awx
pg_port=5432
pg_password=

Configuration should look like this
[root@awx installer]# cat inventory |grep -v "#"

localhost ansible_connection=local ansible_python_interpreter="/usr/bin/env python"

[all:vars]

awx_task_hostname=awx
awx_web_hostname=awxweb
awx_official=true
awx_alternate_dns_servers="8.8.8.8,8.8.4.4"
host_port=80
secret_key=
project_data_dir=/root/awx/awx_projects

dockerhub_base=ansible
dockerhub_version=latest
docker_compose_dir=/root/awx/awx_projects

rabbitmq_version=latest
rabbitmq_password=C8DruSpbLhexv2AU
rabbitmq_erlang_cookie=cookiemonster

admin_user=admin
admin_password=password

create_preload_data=True

postgres_data_dir=/root/awx/pgdata
pg_username=awx
pg_database=awx
pg_port=5432
pg_password=

Deploy AWX via docker
[root@awx installer]# ansible-playbook -i inventory install.yml -vv

 Check deployment of ansible play for AWX
[root@awx installer]# docker container ls

CONTAINER ID        IMAGE                     COMMAND                  CREATED             STATUS              PORTS                                NAMES
318c7c95dcbb        ansible/awx_task:latest   "/tini -- /bin/sh -c."   12 minutes ago      Up 12 minutes       8052/tcp                             awx_task
642c2f272e31        ansible/awx_web:latest    "/tini -- /bin/sh -c."   12 minutes ago      Up 12 minutes       0.0.0.0:80->8052/tcp                 awx_web
641b42ab536f        memcached:alpine          "docker-entrypoint.s."   18 minutes ago      Up 18 minutes       11211/tcp                            memcached
b333012d90ac        rabbitmq:3                "docker-entrypoint.s."   19 minutes ago      Up 19 minutes       4369/tcp, 5671-5672/tcp, 25672/tcp   rabbitmq
ada52935513a        postgres:9.6              "docker-entrypoint.s."   19 minutes ago      Up 19 minutes       5432/tcp                             postgres

AWX is ready and can be accessed from web browser














Access using username "admin" and the password is "password"

Comments

Post a Comment

Popular posts from this blog

Zabbix Proxies on CentOS 7

Image
Overview A Zabbix proxy can collect performance and availability data on behalf of the Zabbix server. This way, a proxy can take on itself some of the load of collecting data and offload the Zabbix server. Also, using a proxy is the easiest way of implementing centralized and distributed monitoring, when all agents and proxies report to one Zabbix server and all data is collected centrally. A Zabbix proxy can be used to: Monitor remote locations Monitor locations having unreliable communications Offload the Zabbix server when monitoring thousands of devices Simplify the maintenance of distributed monitoring Setting up Proxy Server We will be using a separate Linux server with CentOS 7 as the base operating system with MariaDB database server installed on it that will be used as a local database for Proxy server. So in this article we assume that you already had set up your Zabbix Server. [root@localhost ~]# rpm --import http://repo.zabbix.com/RPM-GPG...
Read more

Configure & Install WMIC for Observium

WMI Poller Configuring Windows Firewall and User Access for WMI This guide assumes you know what Group Policy is. Allowing WMI Connections in Windows Firewall Enabling Firewall Settings via GPO 1.   Open Group Policy Management 2.   Create and/or edit the Group Policy Object you wish put these settings into   3.   Expand Computer Config > Policies > Windows Settings > Security Settings > Windows Firewall with Advanced Security > Windows Firewall with Advanced Security > Inbound Rules 4.   Create a New Rule under Inbound Rules 5.   Choose the Predefined option, and select Windows Management Instrumentation (WMI) from the drop-down list, click Next 6.   Select the "WMI-In" option and click Next 7.   Allow the connection > Finish Enabling Firewall Settings for Individual Server 1.   Open up Windows Firewall with Advanced Security, either through Control Pane...
Read more

Join CentOS 7 into Active Directory using realm and sssd

Image
Introduction to SSSD and Realmd   Staring from Red Hat 7 and CentOS 7, SSSD or 'System Security Services Daemon' and realm have been introduced. SSSD's main function is to access a remote identity and authentication resource through a common framework that provides caching and offline support to the system. SSSD provides PAM ans NSS integration and a database to store local users, as well as core and extended user data retrieved from a center server. The main reason to transition from winbind to sssd is that sssd can be used for both direct and indirect integration and allows to switch from one integration approach to another without significant migration costs. The most convenient way to configure SSSD or winbind in order to directly integrate a Linux system with AD is use the realm service. Because it allows callers to configure network authentication and domain membership in a standard way. The realm service automatically discovers information about accessib...
Read more