Ansible – Adding the AWX extension

In this post I want to go over adding AWX to the ansible server.

What is AWX and how does it help you?

AWX is an add on to the basic community edition, which allows you better control project use of ansible in an IT environment. You can find more information here.

Prerequisites

If you have already installed Ansible community edition, great, else these steps are covered here.

Additionally some other bits and pieces are required.

git
gcc
gcc-c++
ansible
nodejs
gettext
device-mapper-persistent-data
lvm2
bzip2
python3-pip

If you followed the guide above then the only things you need are these:

git
gcc
gcc-c++
nodejs
bzip2

Install these by running this command:

sudo dnf install git gcc gcc-c++ nodejs bzip2 -y

Once installed we need to add a repo for docker-ce.

sudo dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo

and then we need to install docker ce

sudo dnf install docker-ce -y

This leaves us with some more packages installed, run docker –version to verify that docker is installed and run the following command to start and enable docker.

sudo systemctl start docker && systemctl enable docker

Now we install docker-compose and check the version:

pip3 install docker-compose

docker-compose --version

Use the following command to use python version 3. (You should anyway since 2.x is unsupported now).

sudo alternatives --set python /usr/bin/python3

Thats the prerequisites completed.

Installing AWX

Now to install AWX itself we need to get it form the github repo.

To do this run the following command:

git clone https://github.com/ansible/awx.git

Afterwards we need to generate a secret, which you should keep handy for later:

openssl rand -base64 30

use your favourite editor to edit the following file: awx/installer/inventory

Change the following lines in the [all:vars] section (Some may already be there, I have highlighted the ones I found in bold/italic, so only the non-bold ones needs to be adapted, replace the secret with the secret you created above):

dockerhub_base=ansible
awx_task_hostname=awx
awx_web_hostname=awxweb
postgres_data_dir="/var/lib/pgdocker"
host_port=80
host_port_ssl=443
docker_compose_dir="~/.awx/awxcompose"
pg_username=awx
pg_password=awxpass
pg_database=awx
pg_port=5432
pg_admin_password=password
rabbitmq_password=awxpass
rabbitmq_erlang_cookie=cookiemonster
admin_user=admin
admin_password=password
create_preload_data=True
secret_key=cfePcEoYW5w8MIS5qY9CUraOwysaO+d6jS3u4TmD
awx_official=true
awx_alternate_dns_servers="8.8.8.8,8.8.4.4"
project_data_dir=/var/lib/awx/projects

Once these things have been changed, then create the dir for the postgres file dir.

mkdir /var/lib/pgdocker

Aand…. that is it we can install awx by running the following playbook from the installation folder (home/username/awx/installer).

sudo ansible-playbook -i inventory install.yml

Wait while your screen is flooded with tasks.

At the end you should have a screen like this (at least without failed, I hope):

Now just the last post steps:

Change selinux to “permissive” (please don’t disable it, it is there for a reason…)

You can do that by editing the /etc/sysconfig/selinux file

sudo vi /etc/sysconfig/selinux

Change the mode from enforcing to permissive.

Save the file and then we need to open a couple of firewall rules, and reload the service.:

sudo firewall-cmd --zone=public --add-masquerade --permanent
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --reload

Now check if you can access the AWX logon page via your web-browser, note http://fqdn: