How to install Ansible Tower on Red Hat / CentOS

Ansible Tower Installation
Ansible Tower Installation

WHY RED HAT ANSIBLE TOWER?

Ansible Tower is a web-based UI that provides an enterprise solution for IT automation. It

  • has a user-friendly dashboard
  • complements Ansible, adding automation, visual management, and monitoring capabilities.
  • provides user access control to administrators.
  • graphically manages or synchronizes inventories with a wide variety of sources.
  • a RESTful API
  • And much more…​

ANSIBLE TOWER TYPES OF MODE

Depending on the needs of the enterprise, Ansible Tower can be implemented using one of the following architectures.

Single Machine with Integrated Database

All Ansible Tower components, the web front-end, RESTful API back end, and PostgreSQL database resides on a single machine. This is the standard architecture.

Single Machine with Remote Database

The Ansible Tower web UI and RESTful API back end are installed on a single machine, and the PostgreSQL database is installed on another server on the same network. The remote database can be hosted on a server with an existing PostgreSQL instance outside the management of Ansible Tower. Another option is to have the Ansible Tower installer create a PostgreSQL instance on the remote server, managed by Ansible Tower, and populate it with the Ansible Tower database.

High Availability Multimachine Cluster

Earlier Ansible Tower versions offered a redundant, active-passive architecture consisting of a single active node and one or more inactive nodes. Starting with Red Hat Ansible Tower 3.1,this architecture is now replaced by an active-active, high-availability cluster consisting of multiple active Ansible Tower nodes. Each node in the cluster hosts the Ansible Tower web UI and RESTful API back end and can receive and process requests. In this cluster architecture, the PostgreSQL database is hosted on a remote server. The remote database can reside either on a server with an existing PostgreSQL instance outside the management of Ansible Tower, or on a server with a PostgreSQL instance created by the installer and managed by Ansible Tower.

OpenShift Pod with Remote Database

In this architecture, Red Hat Ansible Tower operates as a container-based cluster running on Red Hat OpenShift. The cluster runs on an OpenShift pod, which contains four containers to run the Ansible Tower components. OpenShift adds or removes pods to scale Ansible Tower up and down. The installation procedure for this architecture is different from the other architectures.

RED HAT ANSIBLE TOWER FEATURES

Two types of license are available for Ansible Tower: basic and enterprise. An enterprise license offers access to all Ansible Tower features. A basic license offers access to only a subset of the Ansible Tower features and does not include many enterprise-level options, such as logging aggregation, and clustering. The following are some of the many features offered by Ansible Tower for controlling, securing, and managing Ansible in an enterprise environment.

Visual Dashboard

The Ansible Tower web UI displays a Dashboard which provides a summary view of an enterprise's entire Ansible environment. The Ansible Tower Dashboard allows administrators to easily see the current status of hosts and inventories, as well as the results of recent job executions.

Role-based Access Control (RBAC)

Ansible Tower uses a Role-based Access Control (RBAC) system which maintains security while streamlining user access management. It simplifies the delegation of user access to Ansible Tower objects such as Organizations, Projects, and Inventories.

Graphical Inventory Management

You can use the Ansible Tower web UI to create inventory groups and add inventory hosts. You can also update inventories from an external inventory source such as public cloud providers, local virtualization environments, and an organization's custom configuration management database (CMDB).

Job Scheduling

You can use Ansible Tower to schedule playbook execution and updates from external data sources either on a one-time basis or recurring at regular intervals. This allows routine tasks to be performed unattended and is especially useful for tasks such as backup routines, which are ideally executed during operational off-hours.

Real-time and Historical Job Status Reporting

When you initiate a playbook execution in Ansible Tower, the web UI displays the playbook's output and execution results in real time. The results of previously executed jobs and scheduled job runs are also available in Ansible Tower.

User-triggered Automation

Ansible simplifies IT automation and Ansible Tower takes it a step further by enabling user self-service. The Ansible Tower streamlined web UI, coupled with the flexibility of its RBAC system allows administrators to reduce complex tasks to simple easy-to-use routines.

Remote Command Execution

Ansible Tower makes the on-demand flexibility of Ansible ad hoc commands available through its remote command execution feature. User permissions for remote command execution are enforced using the Ansible Tower RBAC system.

Credential Management

Ansible Tower centrally manages authentication credentials. This means that you can run Ansible plays on managed hosts, synchronize information from dynamic inventory sources, and import Ansible project content from version control systems. It encrypts the passwords or keys provided so that they cannot be retrieved by Ansible Tower users. Users can be granted the ability to use or replace these credentials without actually exposing them to the user.

Centralized Logging and Auditing

Ansible Tower logs all playbook and remote command execution. This provides the ability to audit when each job was executed and by whom. In addition, Ansible Tower offers the ability to integrate its log data into third-party logging aggregation solutions, such as Splunk and Sumologic.

Integrated Notifications

Ansible Tower notifies you when its job executions succeed or fail. Ansible Tower can deliver notifications using many different applications, including email, Slack, and HipChat.

Multiplaybook Workflows

Complex operations often involve the serial execution of multiple playbooks. Ansible Tower multiplaybook workflows allow users to chain together multiple playbooks to facilitate the execution of complex routines involving provisioning, configuration, deployment, and orchestration. An intuitive workflow editor also helps to simplify the modelling of multiplaybook workflows.

RESTful API

The Ansible Tower RESTful API exposes every Ansible Tower feature available through the web UI. The API's browsable format makes it self-documenting and simplifies the lookup of API usage information.

Requirements

Ansible Tower has the following requirements:

  • Supported Operating Systems: Ansible Tower can be installed and is supported on 64-bit x86_64 versions of Red Hat Enterprise Linux 7, CentOS 7, and Ubuntu 16.04 LTS.
  • The latest stable release of Ansible
  • 4 GB RAM minimum
  • 20 GB hard disk

RED HAT ANSIBLE TOWER LICENSING AND SUPPORT

Administrators interested in evaluating Ansible Tower can obtain a trial license at no cost.

Instructions on how to get started are available at https://www.ansible.com/tower-trial

Administrators interested in progressing beyond trial licensing can choose from three types of Red Hat Ansible Tower subscriptions:

Self-support

Targeted at small deployments, this includes a basic Ansible Tower subscription, with software maintenance and upgrades but no technical support or service level agreement (SLA). Some "enterprise" features of Ansible Tower are not included. Versions supporting up to 250 managed nodes are available. Larger deployments should consider the enterprise subscriptions.

Standard

The Standard edition includes an enterprise Ansible Tower subscription with entitlement to all Ansible Tower features and 8x5 technical support. Pricing is based on the number of nodes that are managed.

Premium

The Premium edition also includes an enterprise Ansible Tower subscription with software maintenance and upgrades and all Ansible Tower features, but with entitlement to 24x7 technical support. Pricing is based on the number of nodes managed.

ANSIBLE TOWER INSTALLERS

Two different installation packages are available for Ansible Tower.

The standard setup Ansible Tower installation program can be downloaded from http://releases.ansible.com/ansible-tower/setup/

The latest version of Ansible Tower for Red Hat Enterprise Linux 7 is always located at https://releases.ansible.com/ansibletower/setup/ansible-tower-setup-latest.tar.gz

This archive is smaller but requires internet connectivity to download Ansible Tower packages from various package repositories.

A different, bundled installer for RHEL 7 is available at http://releases.ansible.com/ansible-tower/setup-bundle/ansible-tower-setup-bundle-latest.el7.tar.gz

This archive includes an initial set of RPM packages for Ansible Tower so that it may be installed on systems disconnected from the internet.

Those systems still need to be able to get software packages for Red Hat Enterprise Linux 7 and the Red Hat Enterprise Linux 7 Extras channel from

reachable sources. This may be preferred by administrators in higher security environments. This installation method is not currently available for Ubuntu.

INSTALLING ANSIBLE TOWER

The following procedure applies to the bundled installer to install Ansible Tower on a single Red Hat Enterprise Linux 7.4 or later system with access to the Red Hat Enterprise Linux 7 Extras repository.

1. As the root user, download the Ansible Tower setup bundle to the system.

Ansible bundle download

2. Extract the Ansible Tower setup bundle and change into the directory containing the extracted contents.

Ansible pkg extract

3. Edit the inventory file to set passwords for the Ansible Tower admin account (admin_password), the PostgreSQL database user account (pg_password), and the

RabbitMQ messaging user account (rabbitmq_password).

Inventory modification

4. Run the setup.sh script to start the Ansible Tower installer.

[root@towerhost ansible-tower-setup-bundle-3.6.4-1]# ./setup.sh

...output omitted...

PLAY [Install Tower isolated node(s)] ***************************************************************************

skipping: no hosts matched

PLAY RECAP ***************************************************************************

localhost                  : ok=158  changed=83   unreachable=0    failed=0    skipped=81   rescued=0    ignored=3

The setup process completed successfully.

Setup log saved to /var/log/tower/setup-2020-05-07-15:21:03.log

[root@towerhost ansible-tower-setup-bundle-3.6.4-1]#



5. Now, open your browser, access the Ansible Tower web interface with your server’s IP or FQDN, the username is admin and the password that you configured in the inventory file.

Ansible Tower GUI mode

6. Log in to the Ansible Tower web UI as the Ansible Tower administrator with the admin account and the password you set in the installer's inventory file.


Ansible Tower Gui login

7. Finaly, click on browse and provide .pem license file, agree the End user license Agreement and click submit button.

Ansible Tower License

Congratulations…!!! You have successfully installed Ansible Tower.


You can view video here and subscribe to my channel.

https://youtu.be/uDwMHN3feEA



Comments

Popular posts from this blog

How to Install and Configure Kubernetes Cluster and Docker on CentOS8/RHEL8

How to install Ansible on RHEL8 / CentOS8