Install Ansible Automation Platform 2.X:
Updated: Nov 4, 2021
We are going to install the Ansible Automation Platform 2 in my lab along with one controller and one database system. Let’s start the installation step by step, as below:
Step 1: Download the Red Hat Ansible Automation Platform installer if your Red Hat Enterprise Linux environment is connected to the internet. Navigate to https://access.redhat.com/downloads/content/480 and select the Product Variant & the
Version, as below:
And download the Ansible Automation Platform installer bundle.
Step 2: Verify the necessary rpm repos are enabled.
[root@ansible4 ~]# subscription-manager repos --list-enabled
+----------------------------------------------------------+
Available Repositories in /etc/yum.repos.d/redhat.repo
+----------------------------------------------------------+
Repo ID: ansible-2.9-for-rhel-8-x86_64-rpms
Repo Name: Red Hat Ansible Engine 2.9 for RHEL 8 x86_64 (RPMs)
Repo URL: https://cdn.redhat.com/content/dist/layered/rhel8/x86_64/ansible/2.9/os
Enabled: 1
Repo ID: rhel-8-for-x86_64-baseos-rpms
Repo Name: Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs)
Repo URL: https://cdn.redhat.com/content/dist/rhel8/$releasever/x86_64/baseos/os
Enabled: 1
Repo ID: rhel-8-for-x86_64-appstream-rpms
Repo Name: Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs)
Repo URL: https://cdn.redhat.com/content/dist/rhel8/$releasever/x86_64/appstream/os
Enabled: 1Step 3: Verify the hostname and IP Address of the Systems.
[root@ansible4 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.121.210 ansible4.jazakallah.info ansible4
192.168.121.211 ansible4-db.jazakallah.info ansible4-db
192.168.121.212 ansible4-ah.jazakallah.info ansible4-ah
[root@ansible4 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 52:54:00:ff:5d:a1 brd ff:ff:ff:ff:ff:ff
inet 192.168.121.210/24 brd 192.168.121.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:feff:5da1/64 scope link
valid_lft forever preferred_lft foreverStep 4: Copy the file and Extract the files.
[root@ansible4 ~]# tar xvzf ansible-automation-platform-setup-<latest-version>.tar.gz
[root@ansible4 ~]# ls -l
-rw-------. 1 root root 1614 May 20 07:19 anaconda-ks.cfg
drwxr-xr-x. 6 root root 186 Nov 3 19:31 ansible-automation-platform-setup-bundle-2.0.1-1-early-access
Step 5: Open the inventory file with a vim editor and edit inventory file parameters to specify my installation scenario.
[root@ansible4 ~]# cd ansible-automation-platform-setup-bundle-2.0.1-1-early-access/
[root@ansible4 ansible-automation-platform-setup-bundle-2.0.1-1-early-access]# vim inventory
[automationcontroller]
ansible4.jazakallah.info ansible_connection=local
[automationhub]
[database]
ansible4-db.jazakallah.info
[servicescatalog_workers]
[all:vars]
admin_password='Redhat123'
pg_host='ansible4-db.jazakallah.info'
pg_port='5432'
pg_database='awx'
pg_username='awx'
pg_password='Redhat123'
pg_sslmode='prefer' # set to 'verify-full' for client-side enforced SSL
# Execution Environment Configuration
# Credentials for container registry to pull execution environment images from,
# comment out registry_username if authentication is not required
registry_url='registry.redhat.io'
registry_username='mh2xxx'
registry_password='XXXXXXXXX’
# Automation Hub Configuration
#
automationhub_admin_password=''
automationhub_pg_host=''
automationhub_pg_port=''
automationhub_pg_database='automationhub'
automationhub_pg_username='automationhub'
automationhub_pg_password=''
automationhub_pg_sslmode='prefer'
# By default if the automation hub package and its dependencies
# are installed they won't get upgraded when running the installer
# even if newer packages are available. One needs to run the ./setup.sh
# script with the following set to True.
#
# automationhub_upgrade = False
# By default when one uploads collections to Automation Hub
# an admin needs to approve it before it is made available
# to the users. If one wants to disble the content approval
# flow, the following setting should be set to False.
#
# automationhub_require_content_approval = True
# At import time collections can go through a series of checks.
# Behaviour is driven by galaxy-importer.cfg configuration.
# Example are ansible-doc, ansible-lint, flake8, ...
#
# The following parameter allow one to drive this configuration.
# This variable is expected to be a dictionnary.
#
# automationhub_importer_settings = None
# The default install will deploy a TLS enabled Automation Hub.
# If for some reason this is not the behavior wanted one can
# disable TLS enabled deployment.
#
# automationhub_disable_https = False
# The default install will deploy a TLS enabled Automation Hub.
# Unless specified otherwise the HSTS web-security policy mechanism
# will be enabled. This setting allows one to disable it if need be.
#
# automationhub_disable_hsts = False
# The default install will generate self-signed certificates for the Automation
# Hub service. If you are providing valid certificate via automationhub_ssl_cert
# and automationhub_ssl_key, one should toggle that value to True.
#
# automationhub_ssl_validate_certs = False
# SSL-related variables
# If set, this will install a custom CA certificate to the system trust store.
# custom_ca_cert=/path/to/ca.crt
# Certificate and key to install in nginx for the web UI and API
# web_server_ssl_cert=/path/to/tower.cert
# web_server_ssl_key=/path/to/tower.key
# Certificate and key to install in Automation Hub node
# automationhub_ssl_cert=/path/to/automationhub.cert
# automationhub_ssl_key=/path/to/automationhub.key
# Server-side SSL settings for PostgreSQL (when we are installing it).
# postgres_use_ssl=False
# postgres_ssl_cert=/path/to/pgsql.crt
# postgres_ssl_key=/path/to/pgsql.keyNote: I need to change the RAM requirements at collections/ansible_collections/ansible/automation_platform_installer/roles/preflight/defaults/main.yml to adjust my installation scenario.
required_ram: 4000
Step 6: To run the Red Hat Ansible Automation Platform installer setup script.
[root@ansible4 ansible-automation-platform-setup-bundle-2.0.1-1-early-access]# ./setup.sh
Installation will take 15-20 minutes and will see the successful installation messages at end of the installation, as below.
Step 7: To verify the Ansible Automation Platform services status installation completed.
[root@ansible4 ansible-automation-platform-setup-bundle-2.0.1-1-early-access]# automation-controller-service status
● automation-controller.service - Automation Controller service
Loaded: loaded (/etc/systemd/system/automation-controller.service; enabled; vendor preset: disabled)
Active: active (exited) since Wed 2021-11-03 20:15:10 +08; 34min ago
Process: 900 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
Main PID: 900 (code=exited, status=0/SUCCESS)
Tasks: 0 (limit: 30150)
Memory: 0B
CGroup: /system.slice/automation-controller.service
:::::::::::::CUTSOMEOUTPUT:::::::::::::
● redis.service - Redis persistent key-value database
Loaded: loaded (/usr/lib/systemd/system/redis.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/redis.service.d
└─limit.conf, override.conf
Active: active (running) since Wed 2021-11-03 20:15:10 +08; 34min ago
Main PID: 863 (redis-server)
Tasks: 4 (limit: 30150)
Memory: 8.3M
CGroup: /system.slice/redis.service
└─863 /usr/bin/redis-server 127.0.0.1:0
:::::::::::::CUTSOMEOUTPUT:::::::::::::
● nginx.service - The nginx HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/nginx.service.d
└─override.conf
Active: active (running) since Wed 2021-11-03 20:15:10 +08; 34min ago
Process: 893 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
Process: 872 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
Process: 866 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
Main PID: 897 (nginx)
Tasks: 2 (limit: 30150)
Memory: 4.0M
CGroup: /system.slice/nginx.service
├─897 nginx: master process /usr/sbin/nginx
└─898 nginx: worker process
:::::::::::::CUTSOMEOUTPUT:::::::::::::
● supervisord.service - Process Monitoring and Control Daemon
Loaded: loaded (/usr/lib/systemd/system/supervisord.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/supervisord.service.d
└─override.conf
Active: active (running) since Wed 2021-11-03 20:15:10 +08; 34min ago
Process: 815 ExecStart=/usr/bin/supervisord -c /etc/supervisord.conf (code=exited, status=0/SUCCESS)
Main PID: 855 (supervisord)
Tasks: 35 (limit: 30150)
Memory: 1.4G
CGroup: /system.slice/supervisord.service
:::::::::::::CUTSOMEOUTPUT:::::::::::::
● automation-controller.service - Automation Controller service
Loaded: loaded (/etc/systemd/system/automation-controller.service; enabled; vendor preset: disabled)
Active: active (exited) since Wed 2021-11-03 20:15:10 +08; 34min ago
Process: 900 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
Main PID: 900 (code=exited, status=0/SUCCESS)
Tasks: 0 (limit: 30150)
Memory: 0B
CGroup: /system.slice/automation-controller.service
:::::::::::::CUTSOMEOUTPUT:::::::::::::
● redis.service - Redis persistent key-value database
Loaded: loaded (/usr/lib/systemd/system/redis.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/redis.service.d
└─limit.conf, override.conf
Active: active (running) since Wed 2021-11-03 20:15:10 +08; 34min ago
Main PID: 863 (redis-server)
Tasks: 4 (limit: 30150)
Memory: 8.3M
CGroup: /system.slice/redis.service
└─863 /usr/bin/redis-server 127.0.0.1:0
:::::::::::::CUTSOMEOUTPUT:::::::::::::.
● nginx.service - The nginx HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/nginx.service.d
└─override.conf
Active: active (running) since Wed 2021-11-03 20:15:10 +08; 34min ago
Process: 893 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
Process: 872 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
Process: 866 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
Main PID: 897 (nginx)
Tasks: 2 (limit: 30150)
Memory: 4.0M
CGroup: /system.slice/nginx.service
├─897 nginx: master process /usr/sbin/nginx
└─898 nginx: worker process
:::::::::::::CUTSOMEOUTPUT:::::::::::::
● supervisord.service - Process Monitoring and Control Daemon
Loaded: loaded (/usr/lib/systemd/system/supervisord.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/supervisord.service.d
└─override.conf
Active: active (running) since Wed 2021-11-03 20:15:10 +08; 34min ago
Process: 815 ExecStart=/usr/bin/supervisord -c /etc/supervisord.conf (code=exited, status=0/SUCCESS)
Main PID: 855 (supervisord)
Tasks: 35 (limit: 30150)
Memory: 1.4G
CGroup: /system.slice/supervisord.service
:::::::::::::CUTSOMEOUTPUT:::::::::::::
Step 8: To verify the Ansible Automation Platform User Interface at https://ansible4.jazakallah.info.
Step 9: To configured the subscription manager and activate the instance in the controller instance.
we can use username and password for the activation, If we have connected environments.
Note: Disconnected environments with Satellite will be able to use the login flow on vm-based installations if they have configured the subscription manager on the controller instance to connect to their Satellite instance. Recommended workarounds for disconnected environments without Satellite include [1] downloading a manifest from access.redhat.com in a connected environment, then uploading it to the disconnected controller instance, or [2] connecting to the Internet through a proxy server. More details at https://docs.ansible.com/automation-controller/4.0.0/html/userguide/import_license.html
For the next steps, we have to configure Ansible execution environments. we will continue in our next post at ansible-execution-environments.