Menu

Virtual Geek

Tales from real IT system administrators world and non-production environment

Step by Step guide to configure first Project Job Template on Ansible AWX Tower

Although I have already written an article on this topic earlier in Getting started Ansible AWX tower for IT automation run first playbook but since there is a new version available and I installed it, while testing it I found the instructions are same but portal gui is little bit different. So I thought of creating a complete step by step guide.

Installation guide on Ansible and AWX server
Install Ansible AWX Tower on Ubuntu Linux OS
Step by Step Install Ansible on Ubuntu OS
Install Ansible AWX on Microsoft Windows OS

Ansible tower awx awx-operatore ubuntu linux ansible awx organization devops yml yaml devops automation

To start configuration I will create a Organization first on the Ansible AWX tower. An organization in the tower is a logical collection of Users, Teams, Projects, and Inventories, and is the highest level in the Tower object hierarchy.

Click on the Organizations under Access from the left side pane. Click Add button to Create New Organization. Provide it a Name, Description and click Save button. Whatever resources henceforth I will create, they will be created under this organization.

Redhat ansible awx tower yaml yml organizations automation devops run your first project on awx create new organization automation templates credentials projects inventories hosts jobs.png

Once Organization is created check the Details tab. Here you can provide Access to different teams and users. Go Back to Organizations to view and verify new Organization is created successfully.

Redhat ansible awx tower back to orgniazations details description galaxy credentials default project templates devops automation yml yaml ansible playbook.png

An Inventory is a list/collection of hosts against which playbook can be executed/run, It is same as an Ansible inventory file. Inventories are separated into groups and these groups hold the real hosts. Groups may be obtained manually, by entering host names into Ansible AWX, or from one of Ansible AWX Tower’s supported cloud providers.

Next is create Inventory under Resources >> Inventories from left side pane. This Inventory will have hostnames added, Against this servers I will run my playbooks. Click Add button and select Add inventory. In the Create new inventory wizard give it a name, description and choose the organization created earlier. Save the inventory. There are no hosts added in it, its empty right now.

Ansible AWX tower development add smart inventories create new inventory variables yaml json organization projects templates hosts users Credential types.png

Once new inventory is created it will land on Details tab. Next choose Hosts tab. It is blank and will show No Hosts Found, Please add Hosts to populate this list. Click Add button. Add ip or fqdn in the name and Save one by one.

Redhat ansible awx tower inventories hosts groups yaml json organization yaml yml JSON localhost inventory templates credentials projects types notification applications run command.png

Once hosts ip/fqdn names are saved, Verify Details, You can add the hosts to Groups. Click Back to Hosts, Once you are on the Inventory, you can disable or enable hosts here. Go back to Inventories. The hosts added in the inventory are linux servers for testing (It is localhost).

Hosts facts groups jobs inventories redhat ansible awx tower awx-operator templates credentials projects inventories hosts organizations users teams schedules workflow.png

Verify Inventory is created successfully under Inventories pane.

Redhat ansible awx tower awx-operator inventories inventory templates awx portal awx-ee postgresql projects hosts credential types workflow approvals activity stream schedules.png

Credentials are used by Ansible AWX for authentication validation when initiating Jobs against hosts/servers, synchronizing with inventory sources, and importing project content from a version control system. You can assign users and teams the capability to use these credentials, without essentially revealing the credential to the user. If you have a user transfer to a different team or leave the organization, you don’t have to re-key all of your systems just because that credential was available in Ansible AWX.

To start creating new Credentials from left side pane under Resources click Add button. Under Create New Credential wizard I am creating credential to store github username and password. Provide it proper name. Choose Credential Type as Source Control

SCM (source control) credentials are used with Projects to clone and update local source code repositories from a remote revision control system such as Git, Subversion, or Mercurial.

Since this is simple project, I am providing UserName and Password. (You can use additionally SCM private key and passphrase for authentication).

Redhat ansible awx tower server AWX create new credential type organization username and password source control scm private key private key notifications.png

Check the details, Password is Encrypted. Go Back to Credentials. On the Credentials pane verify new Source Control credential is listed. Next click Add button again to add another credential to authenticate and connect to hosts added into inventory.

Redhat Ansible Tower awx linux ubuntu credentials details github password credential type source control add templates projects inventories hosts organizations users access teams administration devops schedules.png

Proceed with Create New Credential wizard, Provide Name, select same Organization created earlier. In the Credential Type choose Machine from drop down box to connect to Linux hosts added in the Inventory. Provide Username and Password Additionally you can use SSH Private Key, Signed SSH Certificate, passphrase and other authentication types for authentication. Save the configuration.

create new credential Linux root machine credential type details username password prompt on launch ssh private key signed SSH certificate private key passphrase privilege escalation method privilege escalation username.png

Click Back to Credentials and verify details and on the Credentials view test it is created successfully.

Redhat ansible awx tower crednetial machine source control ping ansible galaxy automation hub api token linux ubuntu localhost inventories tempalates projects hosts orgnizations.png

For next configuration I need Github https url, so I have collected from github.com, and stored test_ping.yml to test my ansible playbook.

Github.com ansible twoer gather_facts true name hosts localhost ping playbook yml yaml tower redhat ubuntu kubernetes container docker rkt.png

Next create a new Project. Select Projects from left side pane. Provide it a name, keep it in the same organization which we created earlier. On the Source Control credential Type choose Git and Source control URL is github url from where I will use Ansible yml/yaml playbooks stored on the github.com as shown in the above screenshot. Select the below option accordingly.

Source control URL Example URLs for GIT Source Control include:

  • https://github.com/ansible/ansible.git
  • [email protected]:ansible/ansible.git
  • git://servername.example.com/ansible.git

Note: When using SSH protocol for GitHub or Bitbucket, enter an SSH key only, do not enter a username (other than git). Additionally, GitHub and Bitbucket do not support password authentication when using SSH. GIT read only protocol (git://) does not use username or password information.

Source Control Branch/Tag/Commit: Branch to checkout. In addition to branches, you can input tags, commit hashes, and arbitrary refs. Some commit hashes and refs may not be available unless you also provide a custom refspec.

Source Control RefSpec: A refspec to fetch (passed to the Ansible git module). This parameter allows access to references via the branch field not otherwise available.
Note: This field assumes the remote name is "origin".
Examples include:

  • refs/*:refs/remotes/origin/*
  • refs/pull/62/head:refs/remotes/origin/pull/62/head

The first fetches all references. The second fetches the Github pull request number 62, in this example the branch needs to be "pull/62/head".

Update Revision on Launch Each time a job runs using this project, update the revision of the project prior to starting the job.

Select source control credential for github earlier configured. Save the project.

Redhat Ansible AWX tower create new project default execution environment secure control credential type yaml github git source control url tage commit clean delete.png

Just for testing, this ansible yaml playbook is simple and ping remote server/system and provide ping status report.

---
- name: Check connectivity to remote servers
  hosts: localhost #All
  gather_facts: false
  tasks:
    - name: ping
      ping:

Once project is created, verify Details the last job Status is Successful means it is able to download the files stored on the github. Go Back to Projects. New Project will list there in the list. Here whenever you make changes on the github directory make sure you Sync to download all the required playbook and make it up-to-date on the Ansible AWX server.

redhat linux ubuntu Ansible awx tower projects inventories hosts templates credentials orgnizations yml source control type git github revision scm cache jobs schedules workflow approvals application.png

This is last step of configuration and configuration of Job Templates. A job template is a definition and set of parameters for running an Ansible job. Job templates are useful to execute the same job many times. Job templates also encourage the reuse of Ansible playbook content and collaboration between teams.

Choose Resources >> Templates click Add button from drop down menu list, select Add job template

Redhat ansible tower awx dashboard jobs schedules activity stream workflow approvals step by step guide book playbook yml yaml.png

In the Create New Job Template, I am joining all the pieces together, created so far and keeping all other options default. Select the Name of Job Template, Description, in the Job Type select Run. (For job templates, select run to execute the playbook. Select check to only check playbook syntax, test environment setup, and report problems without executing the playbook). In the Inventory select the inventory containing the hosts you want this job to manage. 

Next choose the project containing the playbook you want this job to execute. 

Select the yml/yaml ansible playbook stored on the github playbook to be executed by this job. Select credentials for accessing the nodes this job will be ran against. You can only select one credential of each type. For machine credentials (SSH), checking "Prompt on launch" without selecting credentials will require you to select a machine credential at run time. If you select credentials and check "Prompt on launch", the selected credential(s) become the defaults that can be updated at run time.

Click save to set the template configuration.

Create new job template job type run inventory project prompt on launch execution environment playbook test-ping.yml ymal credentials projects inventories hosts organizations.png

After saving Template configuration, on the Details tab click Launch button to execute job.

ansible awx template lauch execution environment awx ee organization playbook yml yaml job type run details access notifications schedules jobs survey credentials projects inventories hosts organizations.png

After launching a Job template AWX it lands on the Views >> Jobs view. Here I see Playbook executed successfully and I am getting successful ping pong result with tasks successful green colour box.

Redhat ansible awx dashboard jobs schedules activity stream workflow approval output successful play book check connectivity taks ok projects devops.png

In additionally whenever you want to launch playbook, go to Resources >> Templates and click launch rocket icon. You can reuse and same job playbook can be launched from Views >> Jobs.

Redhat github ansible awx dashboard jobs credentials activity stream workflow approvals projects inventories templates credentials launch playbook run source control update.png

Useful Articles
Ansible selectattr The error was TemplateRuntimeError no test named 'equalto'
ansible create an array with set_fact
Ansible get information from esxi advanced settings nested dictionary with unique keynames
Install Ansible AWX Tower on Ubuntu Linux
Ansible AWX installation error Cannot have both the docker-py and docker python modules
Ansible AWX installation error docker-compose run --rm --service-ports task awx-manage migrate --no-input
docker: Got permission denied while trying to connect to the Docker daemon socket
Ansible AWX Tower create Manual SCM (Source Control Credential Type) project

Go Back



Comment

Blog Search

Page Views

12273411

Follow me on Blogarama