In this post I’m going to over getting a local AWX instance going on CentOS 8. AWX is the open source version of Ansible Tower and it is a web interface/API interface. AWX allows you to use things like HashiCorp Vault for credentials (which I’ve covered).

Don't worry, this will be super easy, barely an inconvenience.

I’m going to be installing CentOS 8 on Vmware ESXi 6.7. Your hypervisor shouldn’t matter however, you should be able to do this in any environment.

I’m creating a VM with 4 CPU and 8GB of RAM, 20GB of disk space. I’m using the CentOS 8 install DVD for the source install.

In the Setup for CentOS, In the Software Selection part, I set it to Minimal Install

Next, I set a static IP in the Network and Host Name section

Next, I clicked configure and then the IPv4 Settings tab. I’m going to set a static IP and I would recommend you do as well, If you do use DHCP, I’d make it a reservation.

Also set the host name to something like AWX.yourdomain

Once that is done, hit Begin Installation.

During the install set your root password and create your admin user.

Once the install is done, lets ssh in and login as your admin user.

First thing I’d do is a yum update to make sure everything is up to date.

sudo yum update -y

You also need to stop and disable the firewall or your containers will have trouble talking

sudo systemctl disable firewalld sudo systemctl stop firewalld

These next steps are from the docker page for CentOS

sudo yum remove docker \ docker-client \ docker-client-latest \ docker-common \ docker-latest \ docker-latest-logrotate \ docker-logrotate \ docker-engine

sudo yum install -y yum-utils \ device-mapper-persistent-data \ lvm2

sudo yum-config-manager \ --add-repo \ https://download.docker.com/linux/centos/docker-ce.repo

sudo yum install docker-ce docker-ce-cli containerd.io --nobest

Now let's enable and start docker

sudo systemctl enable docker sudo systemctl start docker

Now let's create the docker group and your admin user so that you can run the docker commands

sudo groupadd docker (may say docker group already exists, this is fine) sudo usermod -aG docker $USER (this adds the current user you are logged in as, which should be your admin)

Now log out of ssh and log back in to get your new group membership. Then run docker version as your admin user and you should get something like this.

docker version Client: Docker Engine - Community Version: 19.03.8 API version: 1.39 (downgraded from 1.40) Go version: go1.12.17 Git commit: afacb8b Built: Wed Mar 11 01:27:04 2020 OS/Arch: linux/amd64 Experimental: false Server: Docker Engine - Community Engine: Version: 18.09.1 API version: 1.39 (minimum version 1.12) Go version: go1.10.6 Git commit: 4c52b90 Built: Wed Jan 9 19:06:30 2019 OS/Arch: linux/amd64 Experimental: false

Now we need to install a few utilities for AWX.

sudo yum install python3 python3-devel git -y sudo pip3 install docker docker-compose ansible

Now we need to clone the AWX GitHub repo. At the time of this writing AWX 9.3.0 is out, but it didn’t seem to work for me, 9.2.0 on the other hand worked fine, so we will be getting that version.

git clone -b '9.2.0' https://github.com/ansible/awx.git

Next, we need to update the inventory file to point to our python3 install

cd awx/installer/ vi inventory Change the ansible_python_interpreter on the first line to look like this: ansible_python_interpreter="/usr/bin/env python3" We have to do this because python3 is the default in CentOS 8 and newer

There are some options you can change in here and I would at least recommend changing the passwords to something that isn’t the default. Also, the secret_key should be changed.

There are 4 passwords you can set. One is the PostgreSQL DB password. The next is the rabbitmq password. The next is the admin password for the web interface. The last isn't so much a password as it is a decrypt key for credentials. These 3 values are named like this in the inventory file

pg_password=awxpass rabbitmq_password=awxpass admin_password=password secret_key=awxsecret

You can quickly generate a new password for these by using the following command

openssl rand -hex 32

This will give you a random 32 character password, just make sure you don't lose them, especially the secret_key.

The admin_password should be set to something you'll remember as you'll use it to login after installations is complete.

Now it is time to install AWX. Run the following command and wait for the success message.

ansible-playbook -i inventory install.yml

This part does take several minutes, it is downloading the docker images and starting them with all the configuration on your machine. It is very much dependent on your internet connection and the speed of your system.

When it finishes you should get something similar to this.

PLAY RECAP ********************************************************************************************************************************************************************************************************************************** localhost : ok=16 changed=8 unreachable=0 failed=0 skipped=94 rescued=0 ignored=0

You can run the following command to see the running containers

docker container ls CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 85dbace2bbd5 ansible/awx_task:9.2.0 "/tini -- /bin/sh -c…" 50 seconds ago Up 48 seconds 8052/tcp awx_task fc4b48cc170a ansible/awx_web:9.2.0 "/tini -- /bin/sh -c…" About a minute ago Up 48 seconds 0.0.0.0:80->8052/tcp awx_web 46c9146ab856 redis "docker-entrypoint.s…" About a minute ago Up 48 seconds 6379/tcp awx_redis 7e7e7dbda34d memcached:alpine "docker-entrypoint.s…" About a minute ago Up 48 seconds 11211/tcp awx_memcached 7eff4975e315 postgres:10 "docker-entrypoint.s…" About a minute ago Up 48 seconds 5432/tcp awx_postgres

AWX should be up and running. Go to your servers ip and you should get the AWX login

Now that you have AWX up, get to experimenting and automating all the things. I plan on posting some playbooks and how I setup my templates.