United Kingdom | Ansible AWX with Isolated Nodes

Sebastian Baszcyj - 20.10.202020201020

Ansible AWX with Isolated Nodes

United Kingdom | Ansible AWX with Isolated Nodes

Yes, I know… you would like to run some Ansible workloads using isolated nodes and on top of that – you would like to use the AWX for this purpose. The following is a pure process to do just what you need. No additional fluff. It has been tested in several environments with AWX 14.1.

Ahhh… and read to the end… there is a bonus awaiting you 🙂

  1. Install Centos8 host
  2. dnf update -y
  3. dnf install epel-release python3-pip python3-devel -y
  4. dnf install ansible rsync gcc -y
  5. dnf install gcc
  6. echo “alias python=python3” >> ~/.bashrc
  7. source ~/.bashrc
  8. ln –symbolic /usr/bin/python3 /usr/bin/python
  9. python3 -m pip install ansible-runner pywinrm
  10. mkdir /var/lib/awx
  11. useradd awx
  12. chown awx:awx /var/lib/awx
  13. ssh-keygen -t rsa -b 2048

on the AWX node with awx_task container:

  1. docker ps
  2. docker exec -it awx_task /bin/bash
  3. awx-manage provision_instance –hostname hostname –is-isolated
  4. awx-manage register_queue –queuename HKG –hostname hostname –controller tower
  5. awx-manage generate_isolated_key
  6. Copy the key to the isolated node to /home/awx/.ssh/authorized_keys
  7. On isolated node: chmod 640 /home/awx/.ssh/authorized_keys
  8. On AWX node in docker exec context:
  9. awx-manage test_isolated_connection –hostname hostname
  10. In the AWX GUI:

United Kingdom | Ansible AWX with Isolated Nodes

Confirm you can see HKG group (created with register_queue switch) … controller needs to be the controlling instance group. If you have one server in the instance group, this is the controlling group, if you have more, that is fine

11. Click on HKG (or whatever name) and Instances

12. Disable new node in the console:

United Kingdom | Ansible AWX with Isolated Nodes

13. Re-enable the node:

United Kingdom | Ansible AWX with Isolated Nodes

14. Wait and confirm the node stays Active

15. docker logs -f awx_task. Confirm the following logs entries are being displayed:

United Kingdom | Ansible AWX with Isolated Nodes

16. Configure the Inventory and select the instance group

17. Create the Template and select the instance group

18.Observe the job… Notice that in the Job details, the Execution node is set to one of the Isolated Nodes and The Instance Groups is set to the group specified in the Template:

United Kingdom | Ansible AWX with Isolated Nodes

19. In the docker logs -f awx_task, you should see the following execution tasks (this one indicates the content of the Project/Inventory and Template have been transferred to the Isolated Node:

United Kingdom | Ansible AWX with Isolated Nodes

20. At the time of running the ansible code, you can run journalctl -f on the isolated nod, you will see the directory where the artefacts are copied to and investigate.

BONUS

The following Ansible Playbook should be converted into a role. The role should be run from the AWX node (as we need to execute a few commands in awx_task container). Alternatively – you can run this from any other node, but keep in mind ‘delegate_to’.

United Kingdom | Ansible AWX with Isolated Nodes

United Kingdom | Ansible AWX with Isolated Nodes

United Kingdom | Ansible AWX with Isolated Nodes

United Kingdom | Ansible AWX with Isolated Nodes

THANK YOU FOR YOUR SUBMISSION!

United Kingdom | Ansible AWX with Isolated Nodes

The form was submitted successfully.

Join the Insentra Community with the Insentragram Newsletter

Hungry for more?

If you’re waiting for a sign, this is it.

We’re a certified amazing place to work, with an incredible team and fascinating projects – and we’re ready for you to join us! Go through our simple application process. Once you’re done, we will be in touch shortly!

Who is Insentra?

Imagine a business which exists to help IT Partners & Vendors grow and thrive.

Insentra is a 100% channel business. This means we provide a range of Advisory, Professional and Managed IT services exclusively for and through our Partners.

Our #PartnerObsessed business model achieves powerful results for our Partners and their Clients with our crew’s deep expertise and specialised knowledge.

We love what we do and are driven by a relentless determination to deliver exceptional service excellence.

United Kingdom | Ansible AWX with Isolated Nodes

Insentra ISO 27001:2013 Certification

SYDNEY, WEDNESDAY 20TH APRIL 2022 – We are proud to announce that Insentra has achieved the  ISO 27001 Certification.