Overview
I often demonstrated how a single person can benefit from Ansible Engine and used the command line tool myself. But there are so many benefits within Tower. It would be a shame not to take advantage of them. If you are part of an organisation with a centrally available Tower instance, that’s fine. If you don’t have access to a tower installation yet, you will be asstonished how easily this is achieved.
The goal of this essay is to set up Ansible Tower for personal usage. As Ansible is the tool to enable “everything as code”, i also aim for automated setup and avoid any manual clicking.
This small little post sets up an Ansible Tower environment as a virtual machine using vagrant and uploads a license file via cmd-line only.
Solution
Prerequisites
I’m running a Mac Book, i have installed vagrant and virtual box.
Download and first start
You find available vagrant boxes here [1] and easily find the relevant ansible/tower vagrant box, which will be used..
Downloading the Tower Box
MacBook:projects mschreie$ mkdir vagrant_tower MacBook:projects mschreie$ cd $_ MacBook:vagrant_tower mschreie$ vagrant init ansible/tower A `Vagrantfile` has been placed in this directory. You are now ready to `vagrant up` your first virtual environment! Please read the comments in the Vagrantfile as well as documentation on `vagrantup.com` for more information on using Vagrant. MacBook:vagrant_tower mschreie$ vagrant up Bringing machine 'default' up with 'virtualbox' provider... ==> default: Box 'ansible/tower' could not be found. Attempting to find and install... default: Box Provider: virtualbox default: Box Version: >= 0 ==> default: Loading metadata for box 'ansible/tower' default: URL: https://vagrantcloud.com/ansible/tower ==> default: Adding box 'ansible/tower' (v3.7.1) for provider: virtualbox default: Downloading: https://vagrantcloud.com/ansible/boxes/tower/versions/3.7.1/providers/virtualbox.box .... MacBook:vagrant_tower mschreie$ vagrant ssh Welcome to Ansible Tower! Log into the web interface here: https://10.42.0.42/ Username: admin Password: xxxxxxxxxxxx .. [vagrant@ansible-tower ~]$ [vagrant@ansible-tower ~]$ exit
If you want to stop the Tower VM just type:
[mschreie@mschreie ansible_tower]$ vagrant halt ==> default: Attempting graceful shutdown of VM... [mschreie@mschreie ansible_tower]$
Getting and Uploading a Demo License
Red Hat internal people may get one from here [2], customers from here [3].
I’m preparing some parameters for the upload. The downloaded license file file name will be different at your site:
license_file=/Users/mschreie/Downloads/license_4ab5449a6fd2475eb7000d300fb056ba.txt
user=$(vagrant ssh -c "bash /etc/profile.d/ansible-tower.sh" | awk '/Username:/ {print $2 }' | tr -d '\r')
password=$(vagrant ssh -c "bash /etc/profile.d/ansible-tower.sh" | awk '/Password:/ {print $2 }' | tr -d '\r')
curl --user $user:$password --insecure -H "Content-Type: application/json" -X POST -d "$(cat $license_file | sed -e '2i\
\ "eula_accepted": "true",')" https://10.42.0.42/api/v2/config/ {"company_name":"Red Hat","instance_count":50,"license_date":1625307911,"license_key":"de0xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","contact_email":"mschreie@redhat.com","contact_name":"Markus Schreier","hostname":"4abxxxxxxxxxxxxx","license_type":"enterprise","subscription_name":"Ansible Tower by Red Hat (50 Managed Nodes), RHT Internal","trial":true,"valid_key":true,"deployment_id":"29axxxxxxxxxxxxxxxxxx","current_instances":1,"available_instances":50,"free_instances":49,"time_remaining":31530675,"grace_period_remaining":31530675,"compliant":true,"date_warning":false,"date_expired":false,"features":{"activity_streams":true,"ha":true,"ldap":true,"multiple_organizations":true,"surveys":true,"system_tracking":true,"rebranding":true,"enterprise_auth":true,"workflows":true}} [vagrant@localhost ~]$
Be aware after “2i\” must be a new line. The new line again starts with a backslash.
Using Tower
With my favourite web browser i navigated to https://10.42.0.42/ (as given in the output of vagrant ssh, further above) after logging in with the credentials provided through “vagrant ssh“. Ansible Tower is ready to be used.
To change the admin password for Ansible Tower you could run the following commands:
new_password=redhat vagrant ssh -c "echo \"from django.contrib.auth.models import User; passwd='$new_password'; usr=User.objects.get(username='admin'); usr.set_password(passwd); usr.save();\" | sudo -i awx-manage shell"
Updates
The vagrant box is kept up to date. So it might easily be that you get info of a newer version, when starting this vagrant box the next time.
The update unfortunately will destroy and recreate the machine. Content within your machine will be lost.
To cope with this loss, there are following options
a) do any updates within the vagrant box. This would make the box a more and more individual object and you would be all on your own for updates, configuration and so fort. I do NOT recommend this idea.
b) Keep all playbooks in git repositories. Configure your system via cmd-line and API calls, so you can automate them.
– have every call in a document (like this blog) to easily cut&past
or even better:
– have the steps in a jupyter notebook, to execute them directly
c) stay on the initial version. I’d say it is fair to skip one or two minor versions. Even the automated config needs to be run through. But i would try not to leap behind too far. The step forward should not be too big.
The update steps are as follows:
mschreie-mac:vagrant_tower mschreie$ vagrant halt
==> default: Attempting graceful shutdown of VM...
mschreie-mac:vagrant_tower mschreie$ vagrant box update
.....
==> default: Successfully added box 'ansible/tower' (v3.7.2) for 'virtualbox'!mschreie-mac:vagrant_tower mschreie$ vagrant destroy
default: Are you sure you want to destroy the 'default' VM? [y/N] y
==> default: Forcing shutdown of VM...
==> default: Destroying VM and associated drives...mschreie-mac:vagrant_tower mschreie$ vagrant up… and unfortunately you also need to redeploy the license file – as explained above.
Conclusion
Setting up an Ansible Tower for personal use is a very easy task as there are vagrant boxes available to be used. If you know the way forward it might not be worth a blog post. Some intelligence should be put into automated configuration.
Links / Ressources
[1] https://app.vagrantup.com/ansible/boxes/tower
Markus Schreier 