Installing Ansible Automation Platform 2.5 or higher (containerized)
This is the most important part of the 'lab on proxmox'.. and the most resource
hungry part... this will cost you some resources.
A containerized ansible Automation Platform in its smallest installation consists of a VM
with the following spec's:
- memory: 16GB
- CPU's: 4
- storage: 60GB (minimum)
- network
- a fqdn hostname that will resolve through DNS
Create VM
Take your time to read the installation documentation, this will save you time in the end.
Be aware that the production version requires a license.
A redhat developer account is sufficient for our needs.
If you or your organization do not have a license, go awx.. .
Download the installation image for a redhat 9.5 system. Mount this image to install the VM. WARNING When using or upgrading to rhel 9.7, you might run into a bug where the automation platform web server craches before the installation is finished (uwsgi error). There is a solution from redhat For those who don't have an account: Add this task to your install playbook
- name: Adjust line in collection
ansible.builtin.lineinfile:
path: "collections/ansible_collections/ansible/containerized_installer/roles/automationcontroller/templates/uwsgi.ini.j2"
regexp: '^master-fifo'
line: "master-fifo = /tmp/awxfifo"
Create a VM that has the above specs as a minimum and install redhat linux from the mounted iso.
Be sure to install "Server with GUI" as your software selection.
After installation, shutdown the machine, remove the iso image, and start up the machine.
Create a non privileged user that wil install and run automation platform, I chose "rhaap".
Ensure that this user can sudo without password.
Install packages
As root install the following packages:
- wget
- rsync
- git-core
- vim
- tar
- ansible-core
- python3-pip
- python3-firewall
- python3-devel
- pkg-config
As user rhaap, install the following python packages using pip:
- pywheel
- pycairo
- firewall
Download the package
create a directory 'app' under /opt and make rhaap the owner of the directory:
chown rhaap:root app
cd into this new directory.
Get a copy of the containerized installer package onto the system:
Log on to the redhat site with your (developer)account and search for:
ansible-automation-platform-containerized-setup-bundle
When you find the download page, copy the download link and paste the link into your VM and download the file with wget.
Now, when the file is downloaded, untar the package:
tar xvzf ansible-automation-platform*.tar.gz
Prepare the installer
When all went well, you wil now have a directory under /opt/app, that has almost the full name of the
downloaded package.
cd into this directory
This is what you should see:
-rw-r--r--. 1 rhaap rhaap 702025 Apr 17 15:11 aap_install.log
-rw-r--r--. 1 rhaap rhaap 97 Apr 7 22:52 ansible.cfg
drwxr-xr-x. 4 rhaap rhaap 39 Apr 7 22:52 bundle
drwxr-xr-x. 3 rhaap rhaap 33 Apr 7 22:52 collections
-rw-r--r--. 1 rhaap rhaap 2888 Apr 17 11:06 inventory
-rw-r--r--. 1 rhaap rhaap 3414 Apr 7 22:52 inventory-growth
-rw-r--r--. 1 rhaap rhaap 37308 Apr 7 22:52 README.md
First thing to-do is correcting a small thing in the collection that you just unpacked, or you will get an error during installation and you eda won't work.
Edit the following file( if you are using the containerized installer ):
vi collections/ansible_collections/ansible/containerized_installer/roles/common/tasks/tls.yml
At the bottom of the file you will find this task, change the "mode: '0750'" to "mode: '0755'" and save the file.
- name: Create the PKI directories
ansible.builtin.file:
path: '{{ _ca_tls_dir }}/extracted/{{ item }}'
mode: '0755'
state: directory
loop:
- edk2
- java
- pem
- openssl
We will use the inventory-growth as our installation inventory, so we will replace inventory with a copy
of the inventory-growth, before editing.
cat inventory-growth > inventory
Now we need to edit this inventory file to tailor this to our installation.
# This is the AAP growth installer inventory file
# Please consult the docs if you're unsure what to add
# For all optional variables please consult the Red Hat documentation:
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation
# This section is for your AAP Gateway host(s)
# -----------------------------------------------------
[automationgateway]
<hostname-fqdn>
# This section is for your AAP Controller host(s)
# -----------------------------------------------------
[automationcontroller]
<hostname-fqdn>
# This section is for your AAP Automation Hub host(s)
# -----------------------------------------------------
[automationhub]
<hostname-fqdn>
# This section is for your AAP EDA Controller host(s)
# -----------------------------------------------------
[automationeda]
<hostname-fqdn>
# This section is for the AAP database
# -----------------------------------------------------
[database]
<hostname-fqdn>
[all:vars]
ansible_connection=local
bundle_install=true
bundle_dir=/opt/app/ansible-automation-platform-containerized-setup-bundle-2.5-12-x86_64/bundle/
# Common variables
postgresql_admin_username=postgres
postgresql_admin_password=redhat
registry_username=<redhat-developer-username>
registry_password=<redhat-developer-password>
redis_mode=standalone
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-general-inventory-variables
# -----------------------------------------------------
# AAP Gateway
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-gateway-variables
# -----------------------------------------------------
gateway_admin_password=redhat
gateway_pg_host=<hostname-fqdn>
gateway_pg_password=redhat
# AAP Controller
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-controller-variables
# -----------------------------------------------------
controller_admin_password=redhat
controller_pg_host=<hostname-fqdn>
controller_pg_password=redhat
controller_percent_memory_capacity=0.5
# AAP Automation Hub
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-hub-variables
# -----------------------------------------------------
hub_admin_password=redhat
hub_pg_host=<hostname-fqdn>
hub_pg_password=redhat
hub_seed_collections=false
# AAP EDA Controller
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#event-driven-ansible-controller
# -----------------------------------------------------
eda_admin_password=redhat
eda_pg_host=<hostname-fqdn>
eda_pg_password=redhat
As you see, I reset all passwords to redhat, in a homelab install this is of no consequence.
Never In Production
In a production setup, you wil run the installer and delete the inventory.
Run the installer
Start the installation:
ansible-playbook -i inventory ansible.containerized_installer.install
If all is well, the installer should run without issues now and in a few minutes your
ansible automation platform should be running and ready for logins through the browser.
https://<your-fqdn>
Post installation tasks
After you have installed Ansible Automation Platform, configure a Basic organization, Team
and user. Setup synchronisation between the private hub and the redhat/community repositories
Create a requirements.yml file with at least these collections in it:
---
collections:
- community.general
- community.vmware
- community.windows
- ansible.posix
- ansible.windows
and upload this file to the private hub to have these repositories synced and availlable.
Setup an 'ansible' user and generate a ssh-key pair on the controller.
This is one of the most important things to have working now, the rest is ansible configuration and
playbooks.