LM
/
nwl-ci
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

doc,ansible: documented setup of AWX, added structure for a first playbook 

Documented the setup of an AWX instance using docker-compose.
Added a first playbook including inventory

Signed-off-by: Marc Mattmüller <marc.mattmueller@netmodule.com>
This commit is contained in:
Marc Mattmüller 2023-05-02 12:33:30 +02:00
parent d4f00bf431
commit 740a647460
6 changed files with 190 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@ -22,6 +22,14 @@ the NWL as declarative pipelines (multibranch):
+ a collection of commonly used functions, so that duplicated code can be
avoided
* inventory
- Ansible inventory with all managed hosts/devices
* playbooks
- Ansible playbooks
## Marginal Notes
This repository does NOT cover the setup of the Jenkins instance.

BIN
doc/src/nextlevel-ci/media/awx-credentials.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 144 KiB

BIN
doc/src/nextlevel-ci/media/awx-git-credentials.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 160 KiB

167
doc/src/nextlevel-ci/researchAnsible.rst Normal file
View File

@ -0,0 +1,167 @@
.. _researchAnsible:
*******************************
Research about Ansible Playbook
*******************************
Installation Ansible AWX
########################
The following steps bring up an AWX server using docker.
* Preparation steps
#. Install prerequisits:
.. note::
Assuming docker and docker-composed is already installed
.. code-block:: bash
sudo apt install nodejs npm -y
#npm install npm --global
sudo apt install python3-pip pwgen -y
sudo apt install ansible -y
#. Clone the repository and checkout a release (we use 17.1.0):
.. code-block:: bash
cd ~
git clone https://github.com/ansible/awx.git
cd awx
git fetch -t
git checkout 17.1.0
.. note::
Apparently AWX Operator (installation recommendation) requires Kubernetes Cluster. Thus, we use version
17.1.0 which supports docker.
#. Enter the installer directory and generate a secret key (used for the inventory):
.. code-block:: bash
cd installer
pwgen -N 1 -s 40
#. modify variables in ``./inventory`` according this:
.. code-block:: bash
admin_password=<your-password>
secret_key=<the generated secret key>
* Install and launch AWX
#. Install and start
.. code-block:: bash
ansible-playbook -i inventory install.yml
#. Verify if the AWX container is running:
.. code-block:: bash
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b740f5f3ff45 ansible/awx:17.1.0 "/usr/bin/tini -- /u…" 6 minutes ago Up 6 minutes 8052/tcp awx_task
c228d4f1f152 ansible/awx:17.1.0 "/usr/bin/tini -- /b…" 7 minutes ago Up 6 minutes 0.0.0.0:80->8052/tcp, :::80->8052/tcp awx_web
b2490b76eaf1 postgres:12 "docker-entrypoint.s…" 7 minutes ago Up 6 minutes 5432/tcp awx_postgres
95d644e325dd redis "docker-entrypoint.s…" 7 minutes ago Up 6 minutes 6379/tcp awx_redis
* Access Ansible AWX in your browser **http://your-server-ip**
* Verify docker containers
.. code-block:: bash
cd ~/.awx/awxcompose
# check the running containers
docker-compose ps
# check the docker images
docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
redis latest eca1379fe8b5 2 weeks ago 117MB
postgres 12 373e8ccb8b6c 2 weeks ago 373MB
centos 8 5d0da3dc9764 19 months ago 231MB
ansible/awx 17.1.0 599918776cf2 2 years ago 1.41GB
# verify logs with:
docker-compose logs
# stop the AWX instance with:
docker-compose down
# start the container with:
docker-compose up -d
Wohooo, now we have an AWX instance up and running. This instance helps you manage, scale and automatize your (IT-)
infrastructure. So let's have a further look in the next section.
Basic Setup in AWX
##################
SCM (=Git) Access
*****************
First of all your instance needs git credentials to have access to your infrastructure repository. I recommend to create
a new keypair so that you have a better overview about the access. So let's generate a new keypair:
.. code-block:: bash
cd ~/.ssh
ssh-keygen -t ed25519 -f awx -C "awx@localhost"
.. warning:: Use a strong passphrase and store it in a password manager
In your browser enter **http://your-server-ip** and log in to AWX with the user and password you have set. Let's add the
git credentials:
* Select the menu Resources >> Credentials and click *Add*:
|awxCredentials|
* Add the git credential parameters:
- Enter a name, a description and set the Credential Type to ``Source Control``
- Leave the username and password blank
- Copy the private key into the SCM Private Key field and the passphrase accordingly to its field.
- Press Save
|awxGitCredentials|
* Go to your git server and add the public key (*awx.pub*) to a dedicated user OR (more securely) add it as a Deploy
Key to each individual repository you want to use.
Machine Access
**************
Similar to the SCM access we setup login credentials for machines. You can create a placeholder credential which prompts
you for the password (use case for the password rotation):
* For the Credentials Type select ``Machine`` instead of ``Source Control``.
* For the password enable the checkbox "Prompt on launch"
subsection
**********
section
########
subsection
**********
title
==========================
subtitle
----------------------------
subsubtitle
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
.. |awxCredentials| image:: ./media/awx-credentials.png
:width: 700px
.. |awxGitCredentials| image:: ./media/awx-git-credentials.png
:width: 700px

4
inventory/ci-inventory Normal file
View File

@ -0,0 +1,4 @@
linux:
hosts:
10.115.101.98:
rls_info: /etc/os-release

11
playbooks/ci-info.yaml Normal file
View File

@ -0,0 +1,11 @@
- name: The First Playbook
hosts: linux
tags:
- rls
gather_facts: False
tasks:
- name: Get OS release Information
command: cat {{rls_info}}
- name: Get Host Name
command: hostname