Installing Ansible AWX on Debian 7.1
We decided to simplify the administration of a small group of servers on FreeBSD. It seems that there are not many servers of these servers, but still it often happens that you need to perform a number of tasks of the same type all at once.
Long thought, chose, compared, and yet came to the option to install the Ansible system. And for clarity, to fasten a web-face with the name AWX to it.
But bad luck, the server is on FreeBSD, and Debian is chosen as the “working” Linux. Ansible AWX supports as official RHEL / Fedora and Ubuntu.
As we all remember, Ubuntu came out of Debian, which means it should be aware of the ancestor. We will understand how to put AWX on Debian.
Background: freshly installed Debian 7.1 Wheezy with the included configuration options “SSH server” and “System utilities”.
The AWX installer is a sh script (a little more on this below), but the only thing that this script does is run the playbook for ansible, which means that before running this script you should install the ansible itself.
But then there is a surprise in wheezy it is not, so you have to connect the testing repository. I use Yandex mirrors, so I added the line to my /etc/apt/sources.list file:
Next, update the package lists:
')
And we set ourselves ansible with the necessary dependencies:
We agree with everything we are imputed to and we are waiting for the completion of the installation. Then we download awx, unfortunately it is not in the packages.
Unpacking
We are looking at what we have to deal with.
After reading the README.md file, we learn that we need to change the authentication data for PostgreSQL in the group_vars / all file, as well as a warning that pg_hba.conf and supervisord.conf will be overwritten. So, if you are not putting on a clean system, you should make the appropriate backups.
While everything is clear, now consider what the installer is about about which we already mentioned above:
From the contents it can be seen that the main and only task of this file is to run the playbook site.yml on a group of nodes specified in the myhosts file (in which only 127.0.0.1) from the same directory. The following parameter -c local specifies the mechanism for delivering commands to the target machine, in our case the ansible and the target machine are the same.
Also from the curious one can see that it is suggested to use sudo. But since we have a clean installation of Debian, this is the very same sudo, unlike Ubuntu, not included. This means either we delete the command, or we deliver sudo.
I removed the sudo call, and also added two more letters “v” for more detailed debugging.
View of the file after my editing:
Now let's move on to the most interesting, site.yml file.
The option for Debian is not visible, but here you can see 2 ready-made versions of the script for RHEL-based and for Ubuntu, and as it is known Ubuntu is a direct descendant of Debian. We will install it according to the Ubunt installation option, for this we add a mention of our OS in this playbook:
Since postgresql we will install version 9.3 we will slightly correct the path to its configuration files
Otherwise, for us there is nothing more interesting.
Lets go through the individual roles, and the first will be packages_ubuntu
The first interesting line to us is template: src = awx_repo.j2 dest = / etc / apt / sources.list.d / awx_repo.list - connect the repository, look into the file:
It seems everything is clear, 2 variables, in the first case the URL of the repository specified in the group_vars / all file, in the second case the code name of the operating system, we have it whezzy, but since there is nothing in the repository for wheezy, we will disguise as Ubuntu Raring Ringtail.
After “masking” the file takes the following form.
The next part checks to see if we have Precise Pangolin:
Since it has (Precise Pangolin) in the Django repository of the old version, and the AWX authors put a newer (1.5.4) alternative way. This problem does not threaten us, so you can not change anything. Also we change the condition in the handler file for httpd, from Ubunu to Debian:
The last line of Ubuntu is changed to Debian.
Similar actions need to be done for the following postgres role:
We cross our fingers and run
Installer apache settings placed in a folder
The contents of this folder are not included in the main apache config, so we need to move them:
Further, nothing complicated, we configure Apache, delete duplicate module calls and use.
Long thought, chose, compared, and yet came to the option to install the Ansible system. And for clarity, to fasten a web-face with the name AWX to it.
But bad luck, the server is on FreeBSD, and Debian is chosen as the “working” Linux. Ansible AWX supports as official RHEL / Fedora and Ubuntu.
As we all remember, Ubuntu came out of Debian, which means it should be aware of the ancestor. We will understand how to put AWX on Debian.
Background: freshly installed Debian 7.1 Wheezy with the included configuration options “SSH server” and “System utilities”.
The AWX installer is a sh script (a little more on this below), but the only thing that this script does is run the playbook for ansible, which means that before running this script you should install the ansible itself.
root@awx:~# apt-get install ansible … … E: ansible But then there is a surprise in wheezy it is not, so you have to connect the testing repository. I use Yandex mirrors, so I added the line to my /etc/apt/sources.list file:
deb http://mirror.yandex.ru/debian/ testing main contrib non-free Next, update the package lists:
root@awx:~# apt-get update ')
And we set ourselves ansible with the necessary dependencies:
root@awx:~# apt-get install ansible We agree with everything we are imputed to and we are waiting for the completion of the installation. Then we download awx, unfortunately it is not in the packages.
wget http://ansibleworks.com/releases/awx/setup/awx-setup-latest.tar.gz Unpacking
root@awx:~# tar xzvf awx-setup-latest.tar.gz We are looking at what we have to deal with.
root@awx:~/awx-setup-1.3.1# ls group_vars myhosts README.md roles setup.sh site.yml After reading the README.md file, we learn that we need to change the authentication data for PostgreSQL in the group_vars / all file, as well as a warning that pg_hba.conf and supervisord.conf will be overwritten. So, if you are not putting on a clean system, you should make the appropriate backups.
While everything is clear, now consider what the installer is about about which we already mentioned above:
root@awx:~/awx-setup-1.3.1# cat setup.sh #!/bin/bash getopts "e:" EXTRA_ARGS if [ "$OPTARG" != "" ]; then echo "Running with extra args: ${OPTARG}" sudo ANSIBLE_ERROR_ON_UNDEFINED_VARS=True ansible-playbook -i myhosts -c local -v -e "$OPTARG" site.yml else sudo ANSIBLE_ERROR_ON_UNDEFINED_VARS=True ansible-playbook -i myhosts -c local -v site.yml fi From the contents it can be seen that the main and only task of this file is to run the playbook site.yml on a group of nodes specified in the myhosts file (in which only 127.0.0.1) from the same directory. The following parameter -c local specifies the mechanism for delivering commands to the target machine, in our case the ansible and the target machine are the same.
Also from the curious one can see that it is suggested to use sudo. But since we have a clean installation of Debian, this is the very same sudo, unlike Ubuntu, not included. This means either we delete the command, or we deliver sudo.
I removed the sudo call, and also added two more letters “v” for more detailed debugging.
View of the file after my editing:
getopts "e:" EXTRA_ARGS if [ "$OPTARG" != "" ]; then echo "Running with extra args: ${OPTARG}" ANSIBLE_ERROR_ON_UNDEFINED_VARS=True ansible-playbook -i myhosts -c local -vvv -e "$OPTARG" site.yml else ANSIBLE_ERROR_ON_UNDEFINED_VARS=True ansible-playbook -i myhosts -c local -vvv site.yml fi Now let's move on to the most interesting, site.yml file.
root@awx:~/awx-setup-1.3.1# cat site.yml --- # This playbook deploys the AWX application (database, web and worker) to a # single server. - hosts: all tasks: - name: group hosts by distribution group_by: key="{{ ansible_distribution }}-{{ ansible_distribution_version }}" - hosts: RedHat-6*:CentOS-6*:SL-6* user: root roles: - { role: packages_el6 } - { role: postgres, pg_hba_location: "/var/lib/pgsql/data/pg_hba.conf" } - { role: awx_install } - { role: supervisor, sup_init_name: "supervisord", sup_conf_location: "/etc/supervisord.conf" } - { role: httpd, httpd_init_name: "httpd" } - { role: iptables } - { role: misc } - hosts: Ubuntu-12*:Ubuntu-13* user: root roles: - { role: packages_ubuntu } - { role: postgres, pg_hba_location: "/etc/postgresql/9.1/main/pg_hba.conf" } - { role: awx_install } - { role: supervisor, sup_init_name: "supervisor", sup_conf_location: "/etc/supervisor/conf.d/awx.conf" } - { role: httpd, httpd_init_name: "apache2" } - { role: misc } The option for Debian is not visible, but here you can see 2 ready-made versions of the script for RHEL-based and for Ubuntu, and as it is known Ubuntu is a direct descendant of Debian. We will install it according to the Ubunt installation option, for this we add a mention of our OS in this playbook:
- hosts: Ubuntu-12*:Ubuntu-13*:Debian* Since postgresql we will install version 9.3 we will slightly correct the path to its configuration files
- { role: postgres, pg_hba_location: "/etc/postgresql/9.3/main/pg_hba.conf" } Otherwise, for us there is nothing more interesting.
Lets go through the individual roles, and the first will be packages_ubuntu
root@awx:~/awx-setup-1.3.1# cat roles/packages_ubuntu/tasks/main.yml --- # Tasks to install required packages for awx - name: install ubuntu awx apt repository template: src=awx_repo.j2 dest=/etc/apt/sources.list.d/awx_repo.list - name: install python-pip package for ubuntu 12.04 apt: name=python-pip when: ansible_lsb.codename == "precise" - name: install django 1.5.4 via pip for ubuntu 12.04 pip: name=django version=1.5.4 when: ansible_lsb.codename == "precise" - name: install django via apt for ubuntu 12.10 or later apt: name=python-django when: ansible_lsb.codename != "precise" - name: install required packages via apt apt: name={{ item }} with_items: - apache2 - libapache2-mod-wsgi - postgresql - python-psycopg2 - python-setuptools - python-ldap - supervisor - git - subversion - mercurial - name: install awx package via apt apt: name=awx update_cache=yes force=yes state=latest The first interesting line to us is template: src = awx_repo.j2 dest = / etc / apt / sources.list.d / awx_repo.list - connect the repository, look into the file:
root@awx:~/awx-setup-1.3.1# cat roles/packages_ubuntu/templates/awx_repo.j2 deb {{ aw_repo_url }}/deb {{ansible_lsb.codename}} non-free It seems everything is clear, 2 variables, in the first case the URL of the repository specified in the group_vars / all file, in the second case the code name of the operating system, we have it whezzy, but since there is nothing in the repository for wheezy, we will disguise as Ubuntu Raring Ringtail.
After “masking” the file takes the following form.
root@awx:~/awx-setup-1.3.1# cat roles/packages_ubuntu/templates/awx_repo.j2 deb {{ aw_repo_url }}/deb raring non-free The next part checks to see if we have Precise Pangolin:
- name: install python-pip package for ubuntu 12.04 apt: name=python-pip when: ansible_lsb.codename == "precise" - name: install django 1.5.4 via pip for ubuntu 12.04 pip: name=django version=1.5.4 when: ansible_lsb.codename == "precise" - name: install django via apt for ubuntu 12.10 or later apt: name=python-django when: ansible_lsb.codename != "precise" Since it has (Precise Pangolin) in the Django repository of the old version, and the AWX authors put a newer (1.5.4) alternative way. This problem does not threaten us, so you can not change anything. Also we change the condition in the handler file for httpd, from Ubunu to Debian:
root@awx:~/awx-setup-1.3.1# cat roles/httpd/handlers/main.yml --- # Handlers for common notifications. - name: restart httpd service: name=httpd state=restarted when: ansible_distribution in ["CentOS","RedHat"] - name: restart apache2 service: name=apache2 state=restarted when: ansible_distribution in ["Ubuntu"] The last line of Ubuntu is changed to Debian.
Similar actions need to be done for the following postgres role:
root@awx:~/awx-setup-1.3.1# cat roles/postgres/tasks/main.yml # Tasks for configuring PostgreSQL server. - name: init postgresql command: service postgresql initdb creates=/var/lib/pgsql/data/PG_VERSION when: ansible_distribution != "Ubuntu" tags: postgresql We cross our fingers and run
root@awx:~/awx-setup-1.3.1# ./setup.sh PLAY RECAP ******************************************************************** 127.0.0.1 : ok=30 changed=12 unreachable=0 failed=0 Installer apache settings placed in a folder
root@awx:~/awx-setup-1.3.1# ls /etc/apache2/conf.d awx.conf awx-plain.conf The contents of this folder are not included in the main apache config, so we need to move them:
mv /etc/apache2/conf.d/awx* /etc/apache2/sites-enabled/ Further, nothing complicated, we configure Apache, delete duplicate module calls and use.
Source: https://habr.com/ru/post/203502/
All Articles