AWX stands for “Ansible Web eXecutable” and it is a free and open source project that allows you to easily manage and control Ansible projects. AWX provides a robust web-based user interface and REST API, and allows you to manage or synchronize inventory with other cloud sources, access control, and integrate with LDAP.
In this tutorial, we will show you how to install AWX Ansible AWX with Docker on CentOS 8.
precondition
- CentOS 8 server with at least 4GB RAM.
- Log in as root or a user with sudo privileges
Before starting
Add an EPEL repository to the system with the following command:
dnf install epel-release -y
Next, you will need to install some additional packages required to run AWX on the system. You can install them all with the following command:
dnf install git gcc gcc-c++ ansible nodejs gettext device-mapper-persistent-data lvm2 bzip2 python3-pip -y
Once all packages are installed, you can move to the next step.
Install Docker and Docker Compose
Next, we need to install Docker to run AWX inside a Docker enclosure. By default, the latest version of Docker is not available in the default CentOS 8 repositories, so you need to add the Docker repository on your system. You can add the Docker repository with the following command:
dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
Once added, install the latest stable version of Docker with the following command:
dnf install docker-ce-3:18.09.1-3.el7 -y
Once Docker is installed, check which version of Docker is installed with the following command:
docker --version
You should get something like this:
Docker version 19.03.7, build 7141c199a2
After that, start the Docker service and enable it to start after restarting the system with the following command:
systemctl start docker systemctl enable docker
You can check the status of the Docker service with the following command:
systemctl status docker
You should get something like this:
? docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Active: active (running) since Wed 2020-03-11 02:36:04 EDT; 23min ago
Docs: https://docs.docker.com
Main PID: 5882 (dockerd)
Tasks: 101
Memory: 2.6G
CGroup: /system.slice/docker.service
??5882 /usr/bin/dockerd -H fd://
??5899 containerd --config /var/run/docker/containerd/containerd.toml --log-level info
??8815 containerd-shim -namespace moby -workdir /var/lib/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/4b91575d64b1b>
??8847 containerd-shim -namespace moby -workdir /var/lib/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/0f36c9784f748>
??8894 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 80 -container-ip 172.18.0.5 -container-port 8052
??8899 containerd-shim -namespace moby -workdir /var/lib/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/47300ec1c26ff>
??8923 containerd-shim -namespace moby -workdir /var/lib/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/9827b9831fa5b>
??9631 containerd-shim -namespace moby -workdir /var/lib/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/166b153faa275>
After that, install Docker compose with the following command:
pip3 install docker-compose
Once installed, check the Docker version for writing with the following command:
docker-compose --version
You will see the following result:
docker-compose version 1.25.4, build unknown
Finally, run the following command to set the python command to use python 3:
alternatives --set python /usr/bin/python3
Install Ansible AWX on CentOS 8
First, download the latest version of Ansible AWX from the Git Hub repository with the following command:
git clone https://github.com/ansible/awx.git
Next, create a secret key to encrypt the inventory file with the following command:
openssl rand -base64 30
You will get the following output:
R+kbcDEUS8DlAftAbtWafVfLZ0lUy+Paqo3fEtep
NBNote: Note the secret key that appears by copying and pasting it into a text editor, because you have to paste it into the inventory file.
Next, go to the directory to awx / installer / and edit the repository file with a text editor nano:
cd awx/installer/ nano inventory
Change the following lines:
[all:vars] dockerhub_base=ansible awx_task_hostname=awx awx_web_hostname=awxweb postgres_data_dir="/var/lib/pgdocker" host_port=80 host_port_ssl=443 docker_compose_dir="~/.awx/awxcompose" pg_username=awx pg_password=awxpass pg_database=awx pg_port=5432 pg_admin_password=password rabbitmq_password=awxpass rabbitmq_erlang_cookie=cookiemonster admin_user=admin admin_password=password create_preload_data=True secret_key=R+kbcDEUS8DlAftAbtWafVfLZ0lUy+Paqo3fEtep awx_official=true awx_alternate_dns_servers="8.8.8.8,8.8.4.4" project_data_dir=/var/lib/awx/projects
Save and close the file when done. Then create a directory for Postgres:
mkdir /var/lib/pgdocker
Finally, run the following command to install AWX:
ansible-playbook -i inventory install.yml
After the installation has finished successfully, you should get the following output:
skipping: [localhost] TASK [local_docker : Load web image] ********************************************************************************************************** skipping: [localhost] TASK [local_docker : Load task image] ********************************************************************************************************* skipping: [localhost] TASK [local_docker : Set full image path for local install] *********************************************************************************** skipping: [localhost] TASK [local_docker : Set DockerHub Image Paths] *********************************************************************************************** ok: [localhost] TASK [local_docker : Create ~/.awx/awxcompose directory] ************************************************************************************** changed: [localhost] TASK [local_docker : Create Docker Compose Configuration] ************************************************************************************* changed: [localhost] => (item=environment.sh) changed: [localhost] => (item=credentials.py) changed: [localhost] => (item=docker-compose.yml) changed: [localhost] => (item=nginx.conf) TASK [local_docker : Render SECRET_KEY file] ************************************************************************************************** changed: [localhost] TASK [local_docker : Start the containers] **************************************************************************************************** changed: [localhost] TASK [local_docker : Update CA trust in awx_web container] ************************************************************************************ changed: [localhost] TASK [local_docker : Update CA trust in awx_task container] *********************************************************************************** changed: [localhost] PLAY RECAP ************************************************************************************************************************************ localhost : ok=14 changed=6 unreachable=0 failed=0 skipped=95 rescued=0 ignored=0
The above command will create and start all of the Docker containers needed for AWX. You can check the container in operation using the following command:
docker ps
You will see the following result:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 4b91575d64b1 ansible/awx_task:9.2.0 "/tini -- /bin/sh -c…" About a minute ago Up About a minute 8052/tcp awx_task 9827b9831fa5 ansible/awx_web:9.2.0 "/tini -- /bin/sh -c…" About a minute ago Up About a minute 0.0.0.0:80->8052/tcp awx_web 47300ec1c26f postgres:10 "docker-entrypoint.s…" About a minute ago Up About a minute 5432/tcp awx_postgres 166b153faa27 ansible/awx_rabbitmq:3.7.4 "docker-entrypoint.s…" About a minute ago Up 58 seconds 4369/tcp, 5671-5672/tcp, 15671-15672/tcp, 25672/tcp awx_rabbitmq 0f36c9784f74 memcached:alpine "docker-entrypoint.s…" About a minute ago Up About a minute 11211/tcp awx_memcached
Configure SELinux and Firewall
By default, SELinux is enabled in CentOS 8. It is recommended that you disable it to run AWX in a Docker environment. You can disable it by editing the following files:
nano /etc/sysconfig/selinux
Find the following line:
SELINUX=enforcing
And replace it with the following line:
SELINUX=disabled
Save and close the file when done. Then restart the system to implement the changes. Next, you will need to allow http and https services through your firewall. You can allow them with the following command:
firewall-cmd --zone=public --add-masquerade --permanent firewall-cmd --permanent --add-service=http firewall-cmd --permanent --add-service=https
After that, restart the firewall service to apply the changes:
firewall-cmd --reload
Access the AWX web interface
Now, open your web browser and type the URL http: // domain_ or_server-ip. You will be directed to the AWX login page:
Enter the username and password of the administrator you set in the stock file and click the button sign in. You will see the AWX virtual dashboard on the following page:
Conclusion
Congratulations! You have successfully installed AWX with Docker on CentOS 8. You can now easily manage and control Ansible projects using the AWX web interface.
.