How to install Ansible Tower on Red Hat / CentOS
![]() |
Ansible Tower Installation |
WHY RED HAT ANSIBLE TOWER?
Ansible Tower is a web-based UI that provides an
enterprise solution for IT automation. It
- has
a user-friendly dashboard
- complements
Ansible, adding automation, visual management, and monitoring capabilities.
- provides
user access control to administrators.
- graphically
manages or synchronizes inventories with a wide variety of sources.
- a
RESTful API
- And
much more…
ANSIBLE TOWER TYPES OF MODE
Depending on the needs of the enterprise,
Ansible Tower can be implemented using one of the following architectures.
Single Machine with Integrated Database
All Ansible Tower components, the web front-end, RESTful API back end, and PostgreSQL database resides on a single machine. This is the standard architecture.
Single Machine with Remote Database
The Ansible Tower web UI and RESTful API
back end are installed on a single machine, and the PostgreSQL database is
installed on another server on the same network. The remote database can be
hosted on a server with an existing PostgreSQL instance outside the management
of Ansible Tower. Another option is to have the Ansible Tower installer create
a PostgreSQL instance on the remote server, managed by Ansible Tower, and
populate it with the Ansible Tower database.
High Availability Multimachine Cluster
Earlier Ansible Tower versions offered a
redundant, active-passive architecture consisting of a single active node and
one or more inactive nodes. Starting with Red Hat Ansible Tower 3.1,this
architecture is now replaced by an active-active, high-availability cluster
consisting of multiple active Ansible Tower nodes. Each node in the cluster
hosts the Ansible Tower web UI and RESTful API back end and can receive and
process requests. In this cluster architecture, the PostgreSQL database is
hosted on a remote server. The remote database can reside either on a server
with an existing PostgreSQL instance outside the management of Ansible Tower,
or on a server with a PostgreSQL instance created by the installer and managed
by Ansible Tower.
OpenShift Pod with Remote Database
In this architecture, Red Hat Ansible
Tower operates as a container-based cluster running on Red Hat OpenShift. The
cluster runs on an OpenShift pod, which contains four containers to run the
Ansible Tower components. OpenShift adds or removes pods to scale Ansible Tower
up and down. The installation procedure for this architecture is different from
the other architectures.
RED HAT ANSIBLE TOWER FEATURES
Two types of license are available for
Ansible Tower: basic and enterprise. An enterprise license offers access to all
Ansible Tower features. A basic license offers access to only a subset of the Ansible
Tower features and does not include many enterprise-level options, such as
logging aggregation, and clustering. The following are some of the many
features offered by Ansible Tower for controlling, securing, and managing
Ansible in an enterprise environment.
Visual Dashboard
The Ansible Tower web UI displays a
Dashboard which provides a summary view of an enterprise's entire Ansible
environment. The Ansible Tower Dashboard allows administrators to easily see the
current status of hosts and inventories, as well as the results of recent job executions.
Role-based Access Control (RBAC)
Ansible Tower uses a Role-based Access
Control (RBAC) system which maintains security while streamlining user access
management. It simplifies the delegation of user access to Ansible Tower
objects such as Organizations, Projects, and Inventories.
Graphical Inventory Management
You can use the Ansible Tower web UI to
create inventory groups and add inventory hosts. You can also update
inventories from an external inventory source such as public cloud providers, local
virtualization environments, and an organization's custom configuration
management database (CMDB).
Job Scheduling
You can use Ansible Tower to schedule
playbook execution and updates from external data sources either on a one-time
basis or recurring at regular intervals. This allows routine tasks to be
performed unattended and is especially useful for tasks such as backup
routines, which are ideally executed during operational off-hours.
Real-time and Historical Job Status
Reporting
When you initiate a playbook execution in
Ansible Tower, the web UI displays the playbook's output and execution results
in real time. The results of previously executed jobs and scheduled job runs
are also available in Ansible Tower.
User-triggered Automation
Ansible simplifies IT automation and
Ansible Tower takes it a step further by enabling user self-service. The
Ansible Tower streamlined web UI, coupled with the flexibility of its RBAC system
allows administrators to reduce complex tasks to simple easy-to-use routines.
Remote Command Execution
Ansible Tower makes the on-demand
flexibility of Ansible ad hoc commands available through its remote command
execution feature. User permissions for remote command execution are enforced
using the Ansible Tower RBAC system.
Credential Management
Ansible Tower centrally manages
authentication credentials. This means that you can run Ansible plays on
managed hosts, synchronize information from dynamic inventory sources, and
import Ansible project content from version control systems. It encrypts the
passwords or keys provided so that they cannot be retrieved by Ansible Tower
users. Users can be granted the ability to use or replace these credentials
without actually exposing them to the user.
Centralized Logging and Auditing
Ansible Tower logs all playbook and remote
command execution. This provides the ability to audit when each job was
executed and by whom. In addition, Ansible Tower offers the ability to
integrate its log data into third-party logging aggregation solutions, such as
Splunk and Sumologic.
Integrated Notifications
Ansible Tower notifies you when its job
executions succeed or fail. Ansible Tower can deliver notifications using many
different applications, including email, Slack, and HipChat.
Multiplaybook Workflows
Complex operations often involve the
serial execution of multiple playbooks. Ansible Tower multiplaybook workflows
allow users to chain together multiple playbooks to facilitate the execution of
complex routines involving provisioning, configuration, deployment, and
orchestration. An intuitive workflow editor also helps to simplify the modelling
of multiplaybook workflows.
RESTful API
The Ansible Tower RESTful API exposes
every Ansible Tower feature available through the web UI. The API's browsable format
makes it self-documenting and simplifies the lookup of API usage information.
Requirements
Ansible Tower has the following
requirements:
- Supported
Operating Systems: Ansible Tower can be installed and is supported on
64-bit x86_64 versions of Red Hat Enterprise Linux 7, CentOS 7, and Ubuntu
16.04 LTS.
- The
latest stable release of Ansible
- 4
GB RAM minimum
- 20
GB hard disk
RED HAT ANSIBLE TOWER LICENSING AND
SUPPORT
Administrators interested in evaluating
Ansible Tower can obtain a trial license at no cost.
Instructions on how to get started are
available at https://www.ansible.com/tower-trial
Administrators interested in progressing
beyond trial licensing can choose from three types of Red Hat Ansible Tower
subscriptions:
• Self-support
Targeted at small deployments, this
includes a basic Ansible Tower subscription, with software maintenance and
upgrades but no technical support or service level agreement (SLA). Some "enterprise"
features of Ansible Tower are not included. Versions supporting up to 250
managed nodes are available. Larger deployments should consider the enterprise
subscriptions.
• Standard
The Standard edition includes an
enterprise Ansible Tower subscription with entitlement to all Ansible Tower
features and 8x5 technical support. Pricing is based on the number of nodes
that are managed.
• Premium
The Premium edition also includes an
enterprise Ansible Tower subscription with software maintenance and upgrades
and all Ansible Tower features, but with entitlement to 24x7 technical support.
Pricing is based on the number of nodes managed.
ANSIBLE TOWER INSTALLERS
Two different installation packages are
available for Ansible Tower.
The standard setup Ansible Tower
installation program can be downloaded from http://releases.ansible.com/ansible-tower/setup/
The latest version of Ansible Tower for Red
Hat Enterprise Linux 7 is always located at https://releases.ansible.com/ansibletower/setup/ansible-tower-setup-latest.tar.gz
This archive is smaller but requires internet
connectivity to download Ansible Tower packages from various package repositories.
A different, bundled installer for RHEL 7
is available at http://releases.ansible.com/ansible-tower/setup-bundle/ansible-tower-setup-bundle-latest.el7.tar.gz
This archive includes an initial set of
RPM packages for Ansible Tower so that it may be installed on systems
disconnected from the internet.
Those systems still need to be able to get
software packages for Red Hat Enterprise Linux 7 and the Red Hat Enterprise
Linux 7 Extras channel from
reachable sources. This may be preferred
by administrators in higher security environments. This installation method is
not currently available for Ubuntu.
INSTALLING ANSIBLE TOWER
The following procedure applies to the bundled installer to install Ansible Tower on a single Red Hat Enterprise Linux 7.4 or later system with access to the Red Hat Enterprise Linux 7 Extras repository.
1. As the root user, download the Ansible
Tower setup bundle to the system.
2. Extract the Ansible Tower setup bundle
and change into the directory containing the extracted contents.
3. Edit the inventory file to set
passwords for the Ansible Tower admin account (admin_password), the PostgreSQL
database user account (pg_password), and the
RabbitMQ messaging user account (rabbitmq_password).
4. Run the setup.sh script to start
the Ansible Tower installer.
[root@towerhost ansible-tower-setup-bundle-3.6.4-1]# ./setup.sh
...output omitted...
PLAY [Install Tower isolated node(s)] ***************************************************************************
skipping: no hosts matched
PLAY RECAP ***************************************************************************
localhost : ok=158 changed=83 unreachable=0 failed=0 skipped=81 rescued=0 ignored=3
The setup process completed successfully.
Setup log saved to /var/log/tower/setup-2020-05-07-15:21:03.log
[root@towerhost ansible-tower-setup-bundle-3.6.4-1]#
5. Now, open your browser, access the Ansible Tower web interface with your server’s IP or FQDN, the username is admin and the password that you configured in the inventory file.

6. Log in to the Ansible Tower web UI as
the Ansible Tower administrator with the admin account and the password you set
in the installer's inventory file.

7. Finaly, click on browse and provide
.pem license file, agree the End user license Agreement and click submit
button.

Congratulations…!!! You have successfully installed
Ansible Tower.
I admire this article for the well-researched content and excellent wording. it support company in houston. I got so involved in this material that I couldn’t stop reading. I am impressed with your work and skill. Thank you so much.
ReplyDeleteIt was my pleasure!
ReplyDelete