This technical guide will walk you through the installations of Ansible v2.4.2.0, an open source configuration management and deployment tool, and Ansible Tower (web layer for Ansible) v3.4.1 on a RHEL 7 virtual machine. Ansible Tower is a RedHat supported and paid version of AWX, which is open source.
We will first enable the required repos:
sudo subscription-manager repos --enable rhel-7-server-ansible-2.6-rpms subscription-manager repos --enable rhel-7-desktop-optional-rpms
You can install the latest version of ansible using Yum:
yum install ansible
(Since we will be installing Ansible Tower on this same machine, it is recommended to use the Yum method to install Ansible).
-OR-
You can build the RPM package by downloading the latest version of Ansible code from Git. If choosing this method, first we will need to get all the pre-requisite libraries ready (some of these are optional):
yum update yum install python-dev python-pip wget yum install git yum update -y nss curl libcurl yum install rpm-build yum -y install python
Download the latest code, and build:
mkdir ansible cd ansible/ git clone https://github.com/ansible/ansible.git systemctl stop firewalld systemctl disable firewalld cd ./ansible/ make rpm rpm -Uvh ./rpm-build/ansible-*.noarch.rpm
Once installed, you can view and modify the default Ansible hosts file at /etc/ansible/hosts
You can also verify successful installation using the command:
ansible –-version
Now, we can go ahead and set up Ansible Tower on this machine. We will be using the integrated installation, which installs the GUI, the REST API, and the database – all on the same machine:
mkdir ansible-tower cd ansible-tower/ wget https://releases.ansible.com/ansible-tower/setup-bundle/ansible-tower-setup-bundle-3.4.1-1.el7.tar.gz tar xvzf ansible-tower-setup-bundle-3.4.1-1.el7.tar.gz cd ansible-tower-setup-bundle-3.4.1-1.el7/
Tower connects to the PostgreSQL database using password authentication. We will need to create a md5 hash to configure Tower to talk with the database. Replace <CUSTOM-DB-PASSWORD> with a password of your choosing:
python -c 'from hashlib import md5; print("md5" + md5("<CUSTOM-DB-PASSWORD>" + "awx").hexdigest())'Make a note of the hash key generated from this command. We will use it for our next step.
We have to now update the inventory file (located within ansible-tower-setup-bundle-3.4.1-1.el7 directory) with the passwords for the database, the hash key generated above, and a custom password of our choosing for rabbit_mq. Find the following lines and update them accordingly.
First, for setting the admin password for the console
admin_password='AdminPassword'
Next, set the password for database connectivity. Please note, this password should be the same as what you used to replace <CUSTOM-DB-PASSWORD> during the hash key generation step above. Also, we will paste the copied hash key, and set it for the hashed password line
pg_password='password' pg_hashed_password='md5f58b4d5d85dbde46651335d78bb56b8c'
And finally, choose a custom password for rabbit_mq
rabbitmq_password='password'
We are now ready to run the setup script
./setup.sh
Once all the steps are completed successfully, you can verify the Tower installation by going to the URL
https://<MACHINE-IP-OR-FQDN>:443
You can use the admin credentials (username: admin, password: admin password as defined in the inventory file) to log in and access the console. You can request a free Ansible Tower license for an evaluation environment of up to 10 nodes, or can purchase a RedHat subscription for larger environments, and some additional logging, management and support features.
If you have any questions about the steps documented here, would like more information on the installation procedure, or have any feedback or requests, please let us know at [email protected].
Anuj joined Keyva from Tech Data where he was the Director of Automation Solutions. In this role, he specializes in developing and delivering vendor-agnostic solutions that avoid the “rip-and-replace” of existing IT investments. Tuli has worked on Cloud Automation, DevOps, Cloud Readiness Assessments and Migrations projects for healthcare, banking, ISP, telecommunications, government and other sectors.
During his previous years at Avnet, Seamless Technologies, and other organizations, he held multiple roles in the Cloud and Automation areas. Most recently, he led the development and management of Cloud Automation IP (intellectual property) and related professional services. He holds certifications for AWS, VMware, HPE, BMC and ITIL, and offers a hands-on perspective on these technologies.
Like what you read? Follow Anuj on LinkedIn at https://www.linkedin.com/in/anujtuli/