Ansible tower

[root@tower ~]# wget http://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-latest.tar.gz
–2017-01-30 20:46:20– http://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-latest.tar.gz
Resolving releases.ansible.com (releases.ansible.com)… 104.24.17.59, 104.24.16.59, 2400:cb00:2048:1::6818:103b, …
Connecting to releases.ansible.com (releases.ansible.com)|104.24.17.59|:80… connected.
HTTP request sent, awaiting response… 200 OK
Length: 737047 (720K) [application/x-gzip]
Saving to: ‘ansible-tower-setup-latest.tar.gz’

100%[======================================================================================================>] 7,37,047 3.47MB/s in 0.2s

2017-01-30 20:46:20 (3.47 MB/s) – ‘ansible-tower-setup-latest.tar.gz’ saved [737047/737047]

[root@tower ~]# ls -l
total 720
-rw-r–r–. 1 root root 737047 Oct 31 13:58 ansible-tower-setup-latest.tar.gz

[root@tower ~]# tar -xzvf ansible-tower-setup-latest.tar.gz
ansible-tower-setup-3.0.3/
ansible-tower-setup-3.0.3/group_vars/
.

.

.
[root@tower ~]# ll
total 724
drwxrwxr-x. 5 1004 1004 4096 Oct 31 13:58 ansible-tower-setup-3.0.3
-rw-r–r–. 1 root root 737047 Oct 31 13:58 ansible-tower-setup-latest.tar.gz

[root@tower ~]# cd ansible-tower-setup-3.0.3/
[root@tower ansible-tower-setup-3.0.3]# ll
total 56
-rw-rw-r–. 1 1004 1004 203 Oct 31 13:58 ansible.cfg
-rw-rw-r–. 1 1004 1004 128 Oct 31 13:58 backup.yml
drwxrwxr-x. 2 1004 1004 16 Oct 31 13:58 group_vars
-rw-rw-r–. 1 1004 1004 4781 Oct 31 13:58 install.yml
-rw-rw-r–. 1 1004 1004 194 Oct 31 13:58 inventory
drwxrwxr-x. 2 1004 1004 8192 Oct 31 13:58 licenses
-rw-rw-r–. 1 1004 1004 2510 Oct 31 13:58 README.md
-rw-rw-r–. 1 1004 1004 233 Oct 31 13:58 restore.yml
drwxrwxr-x. 18 1004 1004 4096 Oct 31 13:58 roles
-rwxrwxr-x. 1 1004 1004 9461 Oct 31 13:58 setup.sh

[root@tower ansible-tower-setup-3.0.3]# cat setup.sh
#!/usr/bin/env bash
# This script runs setup for Ansible Tower.
# It determines how Tower is to be installed, gives the proper command,
# and then executes the command if asked.

# ————-
# Initial Setup
# ————-

# Cause exit codes to trickle through piping.
set -o pipefail

# When using an interactive shell, force colorized output from Ansible.
if [ -t “0” ]; then
ANSIBLE_FORCE_COLOR=True
fi

# Set variables.
TIMESTAMP=$(date +”%F-%T”)
LOG_DIR=”/var/log/tower”
LOG_FILE=”${LOG_DIR}/setup-${TIMESTAMP}.log”
TEMP_LOG_FILE=’setup.log’

INVENTORY_FILE=”inventory”
OPTIONS=””

# What playbook should be run?
# By default, this is setup.log, unless we are doing a backup
# (specified in the options).
PLAYBOOK=”install.yml”

# -e bundle_install=false to override and disable bundle installer
OVERRIDE_BUNDLE_INSTALL=false

# ————-
# Helper functions
# ————-

# Be able to get the real path to a file.
realpath() {
echo $(cd $(dirname $1); pwd)/$(basename $1)
}

find_bundle_rpm() {
if [ -d bundle ]; then
find bundle -type f -iname “$1”
fi
}

is_ansible_installed() {
type -p ansible-playbook > /dev/null
}

is_bundle_install() {
[ -d “bundle” ] && [[ ${OVERRIDE_BUNDLE_INSTALL} == false ]]
}

distribution_id() {
RETVAL=””
if [ -z “${RETVAL}” -a -e “/etc/os-release” ]; then
. /etc/os-release
RETVAL=”${ID}”
fi

if [ -z “${RETVAL}” -a -e “/etc/centos-release” ]; then
RETVAL=”centos”
fi

if [ -z “${RETVAL}” -a -e “/etc/fedora-release” ]; then
RETVAL=”fedora”
fi

if [ -z “${RETVAL}” -a -e “/etc/redhat-release” ]; then
RELEASE_OUT=$(head -n1 /etc/redhat-release)
case “${RELEASE_OUT}” in
Red\ Hat\ Enterprise\ Linux*)
RETVAL=”rhel”
;;
CentOS*)
RETVAL=”centos”
;;
Fedora*)
RETVAL=”fedora”
;;
esac
fi

if [ -z “${RETVAL}” ]; then
RETVAL=”unknown”
fi

echo ${RETVAL}
}

distribution_major_version() {
for RELEASE_FILE in /etc/system-release \
/etc/centos-release \
/etc/fedora-release \
/etc/redhat-release
do
if [ -e “${RELEASE_FILE}” ]; then
RELEASE_VERSION=$(head -n1 ${RELEASE_FILE})
break
fi
done
echo ${RELEASE_VERSION} | sed -e ‘s|\(.\+\) release \([0-9]\+\)\([0-9.]*\).*|\2|’
}

log_success() {
if [ $# -eq 0 ]; then
cat
else
echo “$*”
fi
}

log_warning() {
echo -n “[warn] ”
if [ $# -eq 0 ]; then
cat
else
echo “$*”
fi
}

log_error() {
echo -n “[error] ”
if [ $# -eq 0 ]; then
cat
else
echo “$*”
fi
}

fatal_ansible_not_installed() {
log_error <<-EOF
Ansible is not installed on this machine.
You must install Ansible before you can install Tower.

For guidance on installing Ansible, consult
http://docs.ansible.com/intro_installation.html.
EOF
exit 32
}
# ————–
# Usage
# ————–

function usage() {
cat << EOF
Usage: $0 [options]

Options:
-i INVENTORY_FILE Path to ansible inventory file (default: ${INVENTORY_FILE})
-e EXTRA_VARS Set additional ansible variables as key=value or YAML/JSON
i.e. -e bundle_install=false will force an online install

-b Perform a database backup in lieu of installing.
-r Perform a database restore in lieu of installing.

-h Show this help message and exit

EOF
exit 64
}
# ————–
# Option Parsing
# ————–

while getopts ‘c:e:i:psuhbr’ OPTION; do
case $OPTION in
i)
INVENTORY_FILE=$(realpath $OPTARG)
;;
e)
OPTIONS=”$OPTIONS -e $OPTARG”
IFS=’=’ read -a kv <<< “$OPTARG”
if [ “${kv[0]}” == “bundle_install” ]; then
OVERRIDE_BUNDLE_INSTALL=true
fi
;;
b)
PLAYBOOK=”backup.yml”
TEMP_LOG_FILE=”backup.log”
OPTIONS=”$OPTIONS –force-handlers”
;;
r)
PLAYBOOK=”restore.yml”
TEMP_LOG_FILE=”restore.log”
OPTIONS=”$OPTIONS –force-handlers”
;;
*)
usage
;;
esac
done

# Sanity check: Test to ensure that Ansible exists.
is_ansible_installed
if [ $? -ne 0 ]; then
SKIP_ANSIBLE_CHECK=0
case $(distribution_id) in
ubuntu)
is_bundle_install
if [ $? -eq 0 ]; then
log_warning “Offline installation on Ubuntu is not supported.”
fi
apt-get install -y software-properties-common
add-apt-repository -y ppa:ansible/ansible
apt-get update
apt-get install -y ansible
;;
rhel|centos|ol)
DISTRIBUTION_MAJOR_VERSION=$(distribution_major_version)
is_bundle_install
if [ $? -eq 0 ]; then
log_warning “Will install bundled Ansible”
SKIP_ANSIBLE_CHECK=1
else
case ${DISTRIBUTION_MAJOR_VERSION} in
6)
yum install -y http://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
;;
7)
yum install -y http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
;;
esac
yum install -y ansible
fi
;;
fedora)
yum install -y ansible
;;
esac

# Check whether ansible was successfully installed
if [ ${SKIP_ANSIBLE_CHECK} -ne 1 ]; then
is_ansible_installed
if [ $? -ne 0 ]; then
log_error “Unable to install ansible.”
fatal_ansible_not_installed
fi
fi
fi

is_bundle_install
if [ $? -eq 0 ]; then
DISTRIBUTION_MAJOR_VERSION=$(distribution_major_version)
if [ “$(distribution_id)” == “centos” ] || [ “$(distribution_id)” == “rhel” ] || [ “$(distribution_id)” == “ol” ]; then
# Attempt to find ansible package for the current distro in the bundle bundle
ANSIBLE_RPM_PATH=$(find_bundle_rpm “ansible*.el${DISTRIBUTION_MAJOR_VERSION}.*noarch.rpm”)
# Attempt to find ansible dependencies from the bundle bundle
PYTHON_HTTPLIB_RPM_PATH=$(find_bundle_rpm “python-httplib*.rpm”)
PYTHON_KEYCZAR_RPM_PATH=$(find_bundle_rpm “python-keyczar*.rpm”)
PYTHON_ECDSA_RPM_PATH=$(find_bundle_rpm “python2-ecdsa*.rpm”)
LIBTOMCRYPT_RPM_PATH=$(find_bundle_rpm “libtomcrypt*.rpm”)
LIBTOMATH_RPM_PATH=$(find_bundle_rpm “libtommath*.rpm”)
SSHPASS_RPM_PATH=$(find_bundle_rpm “sshpass-*.rpm”)
# Distribution version-specific dependencies
if [ “$DISTRIBUTION_MAJOR_VERSION” -eq “6” ]; then
PYTHON_PARAMIKO_RPM_PATH=$(find_bundle_rpm “python-paramiko*.rpm”)
PYTHON_CRYPTO_RPM_PATH=$(find_bundle_rpm “python-crypto2.6*.rpm”)
PYTHON_JINJA_RPM_PATH=$(find_bundle_rpm “python-jinja2*.rpm”)
else
PYTHON_PARAMIKO_RPM_PATH=$(find_bundle_rpm “python2-paramiko*.rpm”)
PYTHON_CRYPTO_RPM_PATH=$(find_bundle_rpm “python2-crypto*.rpm”)
PYTHON_JINJA_RPM_PATH=””
fi
if [ -f “${ANSIBLE_RPM_PATH}” ]; then
yum install -y ${ANSIBLE_RPM_PATH} ${PYTHON_CRYPTO_RPM_PATH} ${PYTHON_HTTPLIB_RPM_PATH} ${PYTHON_KEYCZAR_RPM_PATH} ${PYTHON_PARAMIKO_RPM_PATH} ${PYTHON_ECDSA_RPM_PATH} ${SSHPASS_RPM_PATH} ${LIBTOMCRYPT_RPM_PATH} ${LIBTOMATH_RPM_PATH} ${PYTHON_JINJA_RPM_PATH}
else
log_error “Unable to find ansible rpm for el${DISTRIBUTION_MAJOR_VERSION}.”
fi
else
log_warning “Ignoring forced Ansible upgrade for bundle on $(distribution_id)”
fi
fi

# Change to the running directory for tower conf file and inventory file
# defaults.
cd “$( dirname “${BASH_SOURCE[0]}” )”
# Sanity check: Test to ensure that an inventory file exists.
if [ ! -f “${INVENTORY_FILE}” ]; then
log_error <<-EOF
No inventory file could be found at ${INVENTORY_FILE}.
Run ./configure to create one, or specify one manually with -i.
EOF
exit 64
fi

# Presume bundle install mode if directory “bundle” exists
# unless user overrides with “-e bundle_install=*”
if [ $PLAYBOOK == “install.yml” ]; then
is_bundle_install
if [ $? -eq 0 ]; then
OPTIONS=”$OPTIONS -e bundle_install=true”
fi
fi

# Run the playbook.
PYTHONUNBUFFERED=x ANSIBLE_FORCE_COLOR=$ANSIBLE_FORCE_COLOR \
ANSIBLE_ERROR_ON_UNDEFINED_VARS=True \
ansible-playbook -i “${INVENTORY_FILE}” -v \
$OPTIONS \
$PLAYBOOK 2>&1 | tee $TEMP_LOG_FILE

# Save the exit code and output accordingly.
RC=$?
if [ ${RC} -ne 0 ]; then
log_error “Oops! An error occured while running setup.”
else
log_success “The setup process completed successfully.”
fi

# Save log file.
if [ -d “${LOG_DIR}” ]; then
sudo cp ${TEMP_LOG_FILE} ${LOG_FILE}
if [ $? -eq 0 ]; then
sudo rm ${TEMP_LOG_FILE}
fi
log_success “Setup log saved to ${LOG_FILE}”
else
log_warning <<-EOF
${LOG_DIR} does not exist.
Setup log saved to ${TEMP_LOG_FILE}.
EOF
fi

exit ${RC}

[root@tower ansible-tower-setup-3.0.3]# ./setup.sh

TASK [preflight : Preflight check – Read in tower version] *********************
fatal: [localhost]: FAILED! => {“changed”: false, “failed”: true, “msg”: “file not found: /var/lib/awx/.tower_version”}
…ignoring

TASK [preflight : Preflight check – User must be on Tower 2.4.x to upgrade to 3.0.x] ***
skipping: [localhost] => {“changed”: false, “skip_reason”: “Conditional check failed”, “skipped”: true}

TASK [preflight : Preflight check – Passwords must be defined for a fresh install] ***
fatal: [localhost]: FAILED! => {“changed”: false, “failed”: true, “msg”: “Please configure passwords in the inventory file before running setup”}
to retry, use: –limit @/root/ansible-tower-setup-3.0.3/install.retry

PLAY RECAP *********************************************************************
localhost : ok=16 changed=0 unreachable=0 failed=1
[root@tower1 ansible-tower-setup-3.0.3]# cat inventory
[primary]
localhost ansible_connection=local

[secondary]

[database]

[all:vars]
admin_password=”
redis_password=”

pg_host=”
pg_port=”

pg_database=’awx’
pg_username=’awx’
pg_password=”

=====================
[root@tower1 ansible-tower-setup-3.0.3]# cat inventory
[primary]
localhost ansible_connection=local

[secondary]

[database]

[all:vars]
admin_password=’redhat
redis_password=’redhat

pg_host=”
pg_port=”

pg_database=’awx’
pg_username=’awx’
pg_password=’redhat
=========================
[root@tower ansible-tower-setup-3.0.3]# ./setup.sh
.
.
.
.
.

The setup process completed successfully.
Setup log saved to /var/log/tower/setup-2017-01-30-21:09:45.log

========================
[root@tower1 ~]# netstat -tlpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:6379 0.0.0.0:* LISTEN 4093/redis-server 1
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 5797/python
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 5828/httpd
tcp 0 0 127.0.0.1:5556 0.0.0.0:* LISTEN 6046/python
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 846/sshd
tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN 3910/postgres
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 958/master
tcp 0 0 0.0.0.0:10843 0.0.0.0:* LISTEN 5797/python
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 5828/httpd
tcp 0 0 127.0.0.1:6557 0.0.0.0:* LISTEN 5797/python
tcp 0 0 127.0.0.1:6564 0.0.0.0:* LISTEN 5798/python
tcp6 0 0 :::22 :::* LISTEN 846/sshd
tcp6 0 0 :::5432 :::* LISTEN 3910/postgres
tcp6 0 0 ::1:25 :::* LISTEN 958/master

tower1tower2tower3tower4tower5tower6tower7

 

https://rafishaikblog.wordpress.com/2017/07/11/ansible-tower-2/

 

Advertisements

2 thoughts on “Ansible tower

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s