top of page
Recent Posts

Install Ansible Automation Platform 2.X:

Updated: Nov 4, 2021

We are going to install the Ansible Automation Platform 2 in my lab along with one controller and one database system. Let’s start the installation step by step, as below:


Step 1: Download the Red Hat Ansible Automation Platform installer if your Red Hat Enterprise Linux environment is connected to the internet. Navigate to https://access.redhat.com/downloads/content/480 and select the Product Variant & the

Version, as below:

And download the Ansible Automation Platform installer bundle.


Step 2: Verify the necessary rpm repos are enabled.

 [root@ansible4 ~]# subscription-manager repos --list-enabled
+----------------------------------------------------------+
    Available Repositories in /etc/yum.repos.d/redhat.repo
+----------------------------------------------------------+
Repo ID:   ansible-2.9-for-rhel-8-x86_64-rpms
Repo Name: Red Hat Ansible Engine 2.9 for RHEL 8 x86_64 (RPMs)
Repo URL:  https://cdn.redhat.com/content/dist/layered/rhel8/x86_64/ansible/2.9/os
Enabled:   1

Repo ID:   rhel-8-for-x86_64-baseos-rpms
Repo Name: Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs)
Repo URL:  https://cdn.redhat.com/content/dist/rhel8/$releasever/x86_64/baseos/os
Enabled:   1

Repo ID:   rhel-8-for-x86_64-appstream-rpms
Repo Name: Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs)
Repo URL:  https://cdn.redhat.com/content/dist/rhel8/$releasever/x86_64/appstream/os
Enabled:   1

Step 3: Verify the hostname and IP Address of the Systems.


[root@ansible4 ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.121.210    ansible4.jazakallah.info    ansible4
192.168.121.211    ansible4-db.jazakallah.info    ansible4-db
192.168.121.212    ansible4-ah.jazakallah.info    ansible4-ah

[root@ansible4 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 52:54:00:ff:5d:a1 brd ff:ff:ff:ff:ff:ff
    inet 192.168.121.210/24 brd 192.168.121.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::5054:ff:feff:5da1/64 scope link
       valid_lft forever preferred_lft forever

Step 4: Copy the file and Extract the files.

[root@ansible4 ~]# tar xvzf ansible-automation-platform-setup-<latest-version>.tar.gz

[root@ansible4 ~]# ls -l
-rw-------. 1 root root      1614 May 20 07:19 anaconda-ks.cfg
drwxr-xr-x. 6 root root       186 Nov  3 19:31 ansible-automation-platform-setup-bundle-2.0.1-1-early-access

Step 5: Open the inventory file with a vim editor and edit inventory file parameters to specify my installation scenario.

[root@ansible4 ~]# cd ansible-automation-platform-setup-bundle-2.0.1-1-early-access/
[root@ansible4 ansible-automation-platform-setup-bundle-2.0.1-1-early-access]# vim inventory
[automationcontroller]
ansible4.jazakallah.info  ansible_connection=local

[automationhub]

[database]
ansible4-db.jazakallah.info

[servicescatalog_workers]

[all:vars]
admin_password='Redhat123'

pg_host='ansible4-db.jazakallah.info'
pg_port='5432'

pg_database='awx'
pg_username='awx'
pg_password='Redhat123'
pg_sslmode='prefer'  # set to 'verify-full' for client-side enforced SSL

# Execution Environment Configuration
# Credentials for container registry to pull execution environment images from,
# comment out registry_username if authentication is not required
registry_url='registry.redhat.io'
registry_username='mh2xxx'
registry_password='XXXXXXXXX’

# Automation Hub Configuration
#

automationhub_admin_password=''

automationhub_pg_host=''
automationhub_pg_port=''

automationhub_pg_database='automationhub'
automationhub_pg_username='automationhub'
automationhub_pg_password=''
automationhub_pg_sslmode='prefer'

# By default if the automation hub package and its dependencies
# are installed they won't get upgraded when running the installer
# even if newer packages are available. One needs to run the ./setup.sh
# script with the following set to True.
#
# automationhub_upgrade = False

# By default when one uploads collections to Automation Hub
# an admin needs to approve it before it is made available
# to the users. If one wants to disble the content approval
# flow, the following setting should be set to False.
#
# automationhub_require_content_approval = True

# At import time collections can go through a series of checks.
# Behaviour is driven by galaxy-importer.cfg configuration.
# Example are ansible-doc, ansible-lint, flake8, ...
#
# The following parameter allow one to drive this configuration.
# This variable is expected to be a dictionnary.
#
# automationhub_importer_settings = None

# The default install will deploy a TLS enabled Automation Hub.
# If for some reason this is not the behavior wanted one can
# disable TLS enabled deployment.
#
# automationhub_disable_https = False

# The default install will deploy a TLS enabled Automation Hub.
# Unless specified otherwise the HSTS web-security policy mechanism
# will be enabled. This setting allows one to disable it if need be.
#
# automationhub_disable_hsts = False

# The default install will generate self-signed certificates for the Automation
# Hub service. If you are providing valid certificate via automationhub_ssl_cert
# and automationhub_ssl_key, one should toggle that value to True.
#
# automationhub_ssl_validate_certs = False

# SSL-related variables

# If set, this will install a custom CA certificate to the system trust store.
# custom_ca_cert=/path/to/ca.crt

# Certificate and key to install in nginx for the web UI and API
# web_server_ssl_cert=/path/to/tower.cert
# web_server_ssl_key=/path/to/tower.key

# Certificate and key to install in Automation Hub node
# automationhub_ssl_cert=/path/to/automationhub.cert
# automationhub_ssl_key=/path/to/automationhub.key

# Server-side SSL settings for PostgreSQL (when we are installing it).
# postgres_use_ssl=False
# postgres_ssl_cert=/path/to/pgsql.crt
# postgres_ssl_key=/path/to/pgsql.key

Note: I need to change the RAM requirements at collections/ansible_collections/ansible/automation_platform_installer/roles/preflight/defaults/main.yml to adjust my installation scenario.
required_ram: 4000

Step 6: To run the Red Hat Ansible Automation Platform installer setup script.

[root@ansible4 ansible-automation-platform-setup-bundle-2.0.1-1-early-access]# ./setup.sh

Installation will take 15-20 minutes and will see the successful installation messages at end of the installation, as below.


Step 7: To verify the Ansible Automation Platform services status installation completed.

[root@ansible4 ansible-automation-platform-setup-bundle-2.0.1-1-early-access]# automation-controller-service status
 automation-controller.service - Automation Controller service
   Loaded: loaded (/etc/systemd/system/automation-controller.service; enabled; vendor preset: disabled)
   Active: active (exited) since Wed 2021-11-03 20:15:10 +08; 34min ago
  Process: 900 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
 Main PID: 900 (code=exited, status=0/SUCCESS)
    Tasks: 0 (limit: 30150)
   Memory: 0B
   CGroup: /system.slice/automation-controller.service

:::::::::::::CUTSOMEOUTPUT:::::::::::::

 redis.service - Redis persistent key-value database
   Loaded: loaded (/usr/lib/systemd/system/redis.service; enabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/redis.service.d
           └─limit.conf, override.conf
   Active: active (running) since Wed 2021-11-03 20:15:10 +08; 34min ago
 Main PID: 863 (redis-server)
    Tasks: 4 (limit: 30150)
   Memory: 8.3M
   CGroup: /system.slice/redis.service
           └─863 /usr/bin/redis-server 127.0.0.1:0

:::::::::::::CUTSOMEOUTPUT:::::::::::::

 nginx.service - The nginx HTTP and reverse proxy server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/nginx.service.d
           └─override.conf
   Active: active (running) since Wed 2021-11-03 20:15:10 +08; 34min ago
  Process: 893 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
  Process: 872 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
  Process: 866 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
 Main PID: 897 (nginx)
    Tasks: 2 (limit: 30150)
   Memory: 4.0M
   CGroup: /system.slice/nginx.service
           ├─897 nginx: master process /usr/sbin/nginx
           └─898 nginx: worker process

:::::::::::::CUTSOMEOUTPUT:::::::::::::

 supervisord.service - Process Monitoring and Control Daemon
   Loaded: loaded (/usr/lib/systemd/system/supervisord.service; enabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/supervisord.service.d
           └─override.conf
   Active: active (running) since Wed 2021-11-03 20:15:10 +08; 34min ago
  Process: 815 ExecStart=/usr/bin/supervisord -c /etc/supervisord.conf (code=exited, status=0/SUCCESS)
 Main PID: 855 (supervisord)
    Tasks: 35 (limit: 30150)
   Memory: 1.4G
   CGroup: /system.slice/supervisord.service
   
:::::::::::::CUTSOMEOUTPUT:::::::::::::

 automation-controller.service - Automation Controller service
   Loaded: loaded (/etc/systemd/system/automation-controller.service; enabled; vendor preset: disabled)
   Active: active (exited) since Wed 2021-11-03 20:15:10 +08; 34min ago
  Process: 900 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
 Main PID: 900 (code=exited, status=0/SUCCESS)
    Tasks: 0 (limit: 30150)
   Memory: 0B
   CGroup: /system.slice/automation-controller.service

:::::::::::::CUTSOMEOUTPUT:::::::::::::

 redis.service - Redis persistent key-value database
   Loaded: loaded (/usr/lib/systemd/system/redis.service; enabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/redis.service.d
           └─limit.conf, override.conf
   Active: active (running) since Wed 2021-11-03 20:15:10 +08; 34min ago
 Main PID: 863 (redis-server)
    Tasks: 4 (limit: 30150)
   Memory: 8.3M
   CGroup: /system.slice/redis.service
           └─863 /usr/bin/redis-server 127.0.0.1:0

:::::::::::::CUTSOMEOUTPUT:::::::::::::.

 nginx.service - The nginx HTTP and reverse proxy server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/nginx.service.d
           └─override.conf
   Active: active (running) since Wed 2021-11-03 20:15:10 +08; 34min ago
  Process: 893 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
  Process: 872 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
  Process: 866 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
 Main PID: 897 (nginx)
    Tasks: 2 (limit: 30150)
   Memory: 4.0M
   CGroup: /system.slice/nginx.service
           ├─897 nginx: master process /usr/sbin/nginx
           └─898 nginx: worker process

:::::::::::::CUTSOMEOUTPUT:::::::::::::

 supervisord.service - Process Monitoring and Control Daemon
   Loaded: loaded (/usr/lib/systemd/system/supervisord.service; enabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/supervisord.service.d
           └─override.conf
   Active: active (running) since Wed 2021-11-03 20:15:10 +08; 34min ago
  Process: 815 ExecStart=/usr/bin/supervisord -c /etc/supervisord.conf (code=exited, status=0/SUCCESS)
 Main PID: 855 (supervisord)
    Tasks: 35 (limit: 30150)
   Memory: 1.4G
   CGroup: /system.slice/supervisord.service
   
:::::::::::::CUTSOMEOUTPUT:::::::::::::

Step 8: To verify the Ansible Automation Platform User Interface at https://ansible4.jazakallah.info.

Step 9: To configured the subscription manager and activate the instance in the controller instance.

we can use username and password for the activation, If we have connected environments.


Note: Disconnected environments with Satellite will be able to use the login flow on vm-based installations if they have configured the subscription manager on the controller instance to connect to their Satellite instance. Recommended workarounds for disconnected environments without Satellite include [1] downloading a manifest from access.redhat.com in a connected environment, then uploading it to the disconnected controller instance, or [2] connecting to the Internet through a proxy server. More details at https://docs.ansible.com/automation-controller/4.0.0/html/userguide/import_license.html

For the next steps, we have to configure Ansible execution environments. we will continue in our next post at ansible-execution-environments.

542 views2 comments

Recent Posts

See All