Red Hat has provided two GUI tools for centralized management of remote nodes using Ansible.
- Ansible Tower
- AWX
Ansible Tower is a web-based interface and REST API endpoint for Ansible. It provides centralized logging and auditing, role-based access control and push-button deployment.
AWX is an automation utility based on Ansible Tower that provides a web graphical interface, REST API as well as a task engine that allows users to manage their Ansible projects. In other words we can AWX is an open source version of Anisble Tower. With AWX, you can perform a number of tasks including inventory management, workflow automation, job scheduling, managing credentials and reporting to mention just a few.
One advantage with AWX is that you get to leverage all the enterprise features that ship with Ansible Tower for an unlimited number of nodes. In other words, the 10-node limit doesn’t apply to AWX. Additionally, AWX is ideal for lab or development environments. It’s however not considered an ideal tool for production environments compared to Ansible Tower.
AWX needs a containerized environment to function. A couple of options that support AWX include Kubernetes, OpenShift and Docker Compose. In this guide, however, we are going to use Docker compose because it’s quite easy to set up and is resource friendly.
Requirements for Ansible AWX
Before we get started, ensure that the CentOS 8 node has the following:
- 4 GB of RAM
- 3.4 GHz CPU with 2 Cores
- 20 GB of Hard disk space
- CentOS 8 needs to be running Openshift, Docker or Kubernetes
- Ansible needs to be already installed
With all the requirements fulfilled, let’s get the ball rolling!
Step 1) Install EPEL on CentOS 8
Begin by installing EPEL on CentOS 8 node because it provides some of the quintessential packages required by AWX. Therefore, log in as root user to your CentOS 8 node and run the command:
[root@awx-ansible ~]# dnf install epel-release -y
Step 2) Install additional packages and dependencies
Additionally, we need to take an extra step and install essential packages that will be required as we get along with the installation of AWX:
[root@awx-ansible ~]# dnf install git gcc gcc-c++ nodejs gettext device-mapper-persistent-data lvm2 bzip2 python3-pip
Sample Output
Step 3) Install Docker CE on CentOS 8
RedHat / CentOS no longer supports the direct installation of docker, so if you run dnf install docker-ce, you are going to run into an error. To install docker on CentOS 8, we need to append the Docker repository to the system using the dnf config-manager tool.
[root@awx-ansible ~]# dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
The next step is to install Docker, run the command:
[root@awx-ansible ~]# dnf install docker-ce-3:18.09.1-3.el7
Now, run the following command to know what exact version of docker we have installed.
[root@awx-ansible ~]# rpm -qa | grep docker or [root@awx-ansible ~]# docker --version
Now, proceed to start and enable docker using the commands
[root@awx-ansible ~]# systemctl start docker [root@awx-ansible ~]# systemctl enable --now docker.service
With docker installed, we can now proceed to install Docker compose.
Note: Run the following command to set python command to use python 3 because in CentOS 8 and RHEL8, python 3 is installed as dependency when we install ansible
[root@awx-ansible ~]# alternatives --set python /usr/bin/python3
Step 4) Install Docker-Compose on CentOS 8
For the installation of docker-compose, we will use the pip command. Pip is python’s package manager that allows you to install python packages.
To install, we are going to use pip3 since the system is running using python3
[root@awx-ansible ~]# pip3 install docker-compose
Great! we can now proceed to install AWX.
Step 5) Install Ansible AWX
To install AWX, first clone the Git repo as shown:
[root@awx-ansible ~]# git clone https://github.com/ansible/awx.git
Next, navigate to the awx/installer directory and locate the inventory file. We need to adjust a few parameters:
Note: Don not forget to set the default python interpreter to python3
[root@awx-ansible ~]# cd awx/installer/ [root@awx-ansible installer]# vi inventory localhost ansible_connection=local ansible_python_interpreter="/usr/bin/env python3" postgres_data_dir=/var/lib/pgdocker awx_official=true project_data_dir=/var/lib/awx/projects awx_alternate_dns_servers="4.2.2.1,4.2.2.2"
Equally crucial is the need to configure the Admin & Postgres password
pg_admin_password=postgrespass@123 admin_password=Linuxtechi@123
Thereafter, be sure to generate a cryptographic key for encryption of the inventory file
[root@awx-ansible ~]# openssl rand -base64 30
Copy the secret key and append it to the secret_key entry as follows in the inventory file,
secret_key=SGYsSWciI5yRDQeZuEm5wW98pQeJMG+ACABPsGfC
Save and exit the inventory file.
To confirm and print out the changes made, run the command:
[root@awx-ansible installer]# grep -v '^#' inventory | grep -v '^$'
To install AWX run the Ansible command:
[root@awx-ansible installer]# ansible-playbook -i inventory install.yml
This takes about 4-5 minutes for docker to run the necessary containers and build containers, so relax and enjoy your cup of tea! The output below will be a confirmation that all went perfectly well.
After the installation is done, you can check the containers which are launched via docker-compose
[root@awx-ansible installer]# docker ps
In Case OS firewall is enabled and running, then allow the http port (80) and https (443) using following commands,
[root@awx-ansible installer]# firewall-cmd --zone=public --add-masquerade --permanent [root@awx-ansible installer]# firewall-cmd --permanent --add-service=http [root@awx-ansible installer]# firewall-cmd --permanent --add-service=https [root@awx-ansible installer]# firewall-cmd --reload
Step 5) Accessing AWX GUI Portal
To access AWX web console, open your browser and type in your Ansible’s AWX server IP and hit ENTER.
http://awx-server-ip-address
Provide the username and password for Admin and hit ENTER. This will thereafter display AWX’s dashboard as shown:
And that’s how you install AWX with docker-compose on a CentOS 8 server.
Read Also : How to Run and Schedule Ansible Playbook Using AWX GUI
Is anyone getting this error?
TASK [local_docker : Start the containers] ***********************************************************
fatal: [localhost]: FAILED! => {“changed”: false, “errors”: [], “module_stderr”: “”, “module_stdout”: “latest: Pulling from library/redis\nDigest: sha256:157a95b41b0dca8c308a33489dfdb28019e033110320414b4b16fad7d28c0f9f\nStatus: Downloaded newer image for redis:latest\nalpine: Pulling from library/memcached\nDigest: sha256:4194d5286561f9cf4c26c977c48ad469bb3f4a674134be4c5de6d407d8239620\nStatus: Downloaded newer image for memcached:alpine\n10: Pulling from library/postgres\nDigest: sha256:14daf738e3619f221bdd29fee02d3951016d6ed09c86d0287bdc34364f5539c1\nStatus: Downloaded newer image for postgres:10\n”, “msg”: “Error starting project 404 Client Error: Not Found (\”b’manifest for ansible/awx_web:11.2.0 not found’\”)”}
I have been following the tutorial and am on the latest version of Centos 8.1.1911 (4.18.0-147.8.1.el8_1.x86_64)
I’m getting this error
TASK [local_docker : Start the containers] **************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {“changed”: false, “errors”: [], “module_stderr”: “”, “module_stdout”: “”, “msg”: “Error starting project 404 Client Error: Not Found (\”b\”pull access denied for ansible/awx, repository does not exist or may require ‘docker login’\”\”)”}
when cloning a build (Step 5 in this article)
use the -b switch (to specify the build version)
git clone -b 11.2.0 https://github.com/ansible/awx.git
it solves the issue!
taken from here is a problem for everyone.)
https://github.com/ansible/awx/issues/7246
I successfully configured & launched the AWX web UI. But when i try to login it says, Invalid username and/or password. Please try again.
When i verify the logs by docker logs -f awx_web , i could see the below errors,
2020-06-22 15:54:02,971 WARNING awx.api.generics Login failed for user admin from 172.18.0.1
2020-06-22 15:54:03,213 WARNING django.request Unauthorized: /api/login/
2020-06-22 15:54:03,213 WARNING django.request Unauthorized: /api/login/
Any help would be grateful.
on this step ( ansible-playbook -i inventory install.yml ) the system is not having ansible-playbook )
ansible-playbook is not in my server. i have not missed anything, what i am missing?
Hi Jen,
There could be two reasons for that, either you have not cloned awx git repo or you might be running the command from wrong directory.
Super notes, thanks for sharing. If anyone wants to know how to “configure SSL on Ansible AWX” using a self signed certificate then this should help you. This wasn’t documented propertly anywhere!
SSL on Ansible AWX
These steps worked seamlessly for us as of July 2020 version of AWX on Centos 8 server.
cd into the directory for your awx/inventory file
In my environment this was in /opt/awx/ so…
cd /opt/awx/installer
edit your “inventory” file and uncomment following 3 lines and add in the 4 line (change the directory path to the location where you will be storing your server.crt and server.key files)
host_port=80
host_port_ssl=443
ssl_certificate=/opt/awx/certs/server.crt
ssl_certificate_key=/opt/awx/certs/server.key
cd into /opt/awx/
mkdir certs/
cd into certs/
Run the following command to create your self-signed certificate.
openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout server.key -out server.crt -subj “/C=GB/ST=UK/L=London/O=OrganisationName/OU=Product Engineering/CN=awx.local/[email protected]”
From the directory which contains your awx/installer/inventory file run the following to update your configuation
ansible-playbook -i inventory install.yml
Then test your connection and hopefully SSL will now work for you! 🙂
Hope this helps you. If so please comment and let me know.
Sel
Pradeep,
I had same issue, I don’t think you are installing Ansible locally at all anywhere. ansible-playbook command isn’t found, not even in pip. I went the route of pip3 install ansible and then ran the command.
i have this error after run the command [ # ansible-playbook -i inventory install.yml]
fatal: [localhost]: FAILED! => {“changed”: false, “errors”: [], “module_stderr”: “”, “module_stdout”: “15.0.0: Pulling from ansible/awx\n”, “msg”: “Error starting project unauthorized: authentication required”}
Great tutorial.
My requirement is I need to setup AWX auto scalable and HA. Is there any automation like terraform, cloudformation or ansible to deploy latest version of AWX on AWS.
Please help
I am getting below errors:
TASK [local_docker : Start the containers] **************************************************************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {“changed”: false, “errors”: [], “module_stderr”: “”, “module_stdout”: “latest: Pulling from library/redis\n”, “msg”: “Error starting project error pulling image configuration: Get ‘https://production.cloudflare.docker.com/registry-v2/docker/registry/v2/blobs/sha256/08/08502081bff61084d64fc76f0f90ea39b89935cd071d9e12c5374ae191ff53c0/data?verify=1624536303-%2FTjVbrf5Qzo7XaF3Ar6xaJjkCCo%3D’: dial tcp 104.18.125.25:443: i/o timeout”}
PLAY RECAP **********************************************************************************************************************************************************************************************************************************
localhost : ok=15 changed=4 unreachable=0 failed=1 skipped=97 rescued=0 ignored=0