Getting Started with Ansible Tower — AWX — part 1

This is a two parts article, Part-1 will cover installation and configuration of AWX and part-2 will cover using tower-cli to interact with api.

AWX is Open Source upstream project for Ansible Tower. The installation process using Docker is well documented in their github repo -

After cloning the repo just run the following command -

Start the build

If you are not pushing images to a Docker registry, start the build by running the following:

# Set the working directory to installer
$ cd installer
# Run the Ansible playbook
$ ansible-playbook -i inventory install.yml

It runs ansible-playbook as local connection on the host and download docker images and run them from docker registry -

localhost ansible_connection=local

Those who are running behind the proxy, can configure the proxy for host using ansible role —

Since the above is running inventory, the variable of the inventory can be modified using the extra variable parameters e.g change the docker user password -

$ ansible-playbook -i inventory -e docker_registry_password=password install.yml

Before running the above, it will require the following to be installed on the system -

  1. Ansible
  2. Docker
  3. Docker-py Python Module

Jeff Geerling streamlined the above process, creating ansible role — https://github.com/geerlingguy/ansible-role-awx

Since the above role, does not allow the custom inventory (a pull request is being made), I have created a simple role to include custom dns server and custom data path-

After installation is complete, the site can be accessed using http://awx_site_name

Use the default creds to log in for the first time.

  • admin
  • password

Configuration of AWX

To run Ansible Playbook against Linux/Windows machine, we need to configure the following -

  1. Projects— it will contain ansible playbook, config, roles, templates etc and will host into a SCM project e.g. github
  2. Crendentials — user name/password or ssh key to connect to remote machine
  3. Inventories — what servers the playbook will run against and connection specific configuration
  4. Templates— Job template to associate all of the above and run the playbook

You may need two types of credentials — Source Control Credential for SCM e.g. private git and another for the machine to connect to -

To create SCM credentials, click on the CREDENTIALS tab on left and fill out the credentials like below -

To create machine credential, provide user name and password or ssh key -

Now create a project, there are couple of ansible projects are in my repo e.g.

https://github.com/riponbanik/vagrant-bind-ansible

Now create inventory, ansible by default ssh connection. Add Hosts and Group variable with user name and host details for Linux Inventory -

For windows, use connection info like below -

At the end create job template and save - the job can be configured as either run or check mode.

To run the template, click on Rocket Icon in the templates tab for the respective template -

Job status can be seen from the Jobs tab — look out for individual jobs e.g. SCM update which download playbook from repo and Playbook Run which run playbook against machine.

Known Issues -

  1. Adding proxy as Environment Variable in the playbook causes the connection fails to the target machine
  2. Adding roles from Ansible Galaxy is not supported yet — please download and put the roles in the roles folder of the repository.

This concludes part-1 of the series. Any feedback or comment is greatly appreciated.

Everything is Code