Reading time: 3 min
Background
It is assumed that you have ansible working knowledge (control server, remote node, inventory, modules, ansible cfg etc.). So after working with ansible for a while and executing the playbooks on inventories (target hosts), one starts to feel the need for a web UI that helps get away from the chore. I use the word ‘chore’ only after one acquires the domain knowledge of understanding ansible internals. And that is possible only when using ansible from command line for quite some time and understanding the connecting pieces and workflows. That said, in an enterprise type of setting RBAC (role based access control) around playbooks, inventories, credentials to access the inventories, teams, groups will be needed. Hence Ansible Tower!
What is Ansible Tower
Centralize and control your Ansible infrastructure with a visual dashboard, role-based access control, job scheduling, and graphical inventory management. Tower’s REST API and CLI make it easy to embed Tower into existing tools and processes. From horse’s mouth
Product Customizations
There are different tower editions and prices for each edition.
The license file contains more details. In this blog, we will go ahead and use the Vagrant ansible image using the free tower trial. Follow the instructions on this page Give your details and Red Hat will send you a license file (.txt file) and in my case the license allowed usage of max. 10 nodes i.e. I can kick off ansible playbooks against an inventory of hosts that can contain up to 10 nodes.
Vagrant
Anyways after you follow the instructions to get the vagrant image, your vagrantfile should be something like the below.
# -*- mode: ruby -*-
# vi: set ft=ruby :
# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure("2") do |config|
# The most common configuration options are documented and commented below.
# For a complete reference, please see the online documentation at
# https://docs.vagrantup.com.
# Every Vagrant development environment requires a box. You can search for
# boxes at https://atlas.hashicorp.com/search.
config.vm.box = "ansible/tower"
There will be more commented out, but the main line is config.vm.box.
Place this Vagrant file in any directory and start the vm using ‘vagrant up’ command. Of course it is assumed that you have already installed Vagrant on your OS.
Access Tower
To get ansible web url and username/password, ssh into your vagrant ansible box as below. If private key is asked, just hit enter
F:\ansible\ansible-tower>vagrant ssh Enter passphrase for key 'F:/ansible/ansible-tower/.vagrant/machines/default/virtualbox/private_key': vagrant@127.0.0.1's password: Last login: Tue Jun 14 01:30:48 2016 from gateway Welcome to Ansible Tower! Log into the web interface here: https://10.42.0.42/ Username: admin Password: <your_password> The documentation for Ansible Tower is available here: http://www.ansible.com/tower/ For help, email support@ansible.com
Now hit the url that shows up on your screen and enter the credentails. The first time, you would have to import the license and in my case , it looks as below.
Once you imported the license successfully, follow the below steps to verify your tower is good to go
Test it Out!
Click Settings and set up each of the below
Organizations
Users
Credentials
root is the user to execute playbook on target host. The reason we chose root was because the sample playbook we will run at the end requires root (install ntp server and start it)
Inventories
Set up a sample_prod inventory
Add hosts to inventory
In my case, I upped three vagrant machines using the Vagrantfile at this location .So I had three machines with the ip’s in the vagrant file and I used the db and web ip’s in the above hosts values.
Projects
Now set up a sample project and point that to Git repo – https://github.com/ansible/ansible-examples/
Job Templates
Fill in the values as below
Instantiate a Job
Click the icon against the job template, so that it kicks off the playbook against db1 and web1 machines
Job Runs
Console Output
Conclusion
That is it! Importing a playbook from online, creating a job template and running the job against a set of inventory we already defined. Thats how easy Ansible can get.
Ther e are intricacies and more details to be able to apply Ansible tower to your already set up playbooks and identify exact needs how Ansible tower might help solve those.
However this post is to get you started quickly.
AWS Sandbox ?
Hit this page and pick the ami based on your aws region (e.g. in us-east-1, ami-a013f9cd)
- Choose t1.micro if you want to experiment with free tier. Go with defaults, review and launch. In the security groups, be sure to allow inbound 443 and 80. You can access ansible tower web ui using either of http 80 or https 443
- ssh into the machine with your key pair and notice that apache2 has virtual hosts created on 443 and 80 – This is the inbound port on which Tower serves all its web ui content.
- You might have to ssh once into the box to get the admin username and credential (similar screenshot which you get like the Vagrant machine above)
- Hit the url https://<public ip/dns> or http://<public ips/dns> (This URL will also be displayed in the minute of the day motd when ssh’d into the machine)
- The rest of the initial steps of importing license and subsequent steps are the same as above. Of course you have to have target hosts that can be reached by this ansible tower server to be able to execute playbooks (Above we used vagrant vm’s for setting up experimental lab – you can spin up more ec2 instances to experiment)
Feedback: pradeep@seleniumframework.com
AutomatorWorld 