How-to guide on Ansible Tower Backup and Restore on Azure

Ansible Tower Backup and Restore on Azure

The following blog is a step-by-step guide which has been developed to assist with an Ansible Tower DB recovery in Azure.

This document applies to the configuration with Ansible Tower DB on the external Azure PaaS PostgreSQL.

DATABASE RECOVERY IN AZURE

1. To recover PostgreSQL Database in Azure, navigate to the Database in the Azure Portal and click Restore:

2. Select the Restore Point and specify the name. For simplicity, use the current name of the server and add at the end the number. For example: azpsg-asttaae01-r01

3. Initiate the Restore.

4. Once the restore is finished, navigate to the restored database and click on ‘Connexion Security’. Under VNET Rules, click Adding existing virtual network and configure it to allow communication between the AT servers and the database.

5. Open SSH session to ALL Ansible Tower Nodes and stop all ansible tower services using the following command:

# ansible-tower-service stop

6. Execute the following set of commands ON EACH node:

# cd /etc/tower/conf.d # cp postgres.py postgres.py.orig

Once the postgres database restore is finished, the Azure will append a suffix to the end of the server name and username. For example, if ‘*-r01’ was added to the hostname, the new name of the db will read: ‘azpsg-asttaee01-r01.postgres.database.azure.com‘ and the user will be: 'azpsgasttaae01admin@azpsg-asttaee01-r01'

7. Edit postgres.py file and update lines 8 and 10.

# Ansible Tower database settings.  DATABASES = {    'default': {        'ATOMIC_REQUESTS': True,        'ENGINE': 'awx.main.db.profiled_pg',        'NAME': 'awx',        'USER': 'azpsgasttaae01admin@azpsg-asttaee01',        'PASSWORD': """password""",        'HOST': 'azpsg-asttaee01.postgres.database.azure.com',        'PORT': '5432',        'OPTIONS': { 'sslmode': 'prefer',                     'sslrootcert': '/etc/pki/tls/certs/ca-bundle.crt',        },    } } 

TO:

# Ansible Tower database settings.  DATABASES = {    'default': {        'ATOMIC_REQUESTS': True,        'ENGINE': 'awx.main.db.profiled_pg',        'NAME': 'awx',        'USER': 'azpsgasttaae01admin@azpsg-asttaee01-r01',        'PASSWORD': """password""",        'HOST': 'azpsg-asttaee01-r01.postgres.database.azure.com',        'PORT': '5432',        'OPTIONS': { 'sslmode': 'prefer',                     'sslrootcert': '/etc/pki/tls/certs/ca-bundle.crt',        },    } } 

8. Once the configuration file has been updated on all the hosts, start the ansible daemons:

# ansible-tower-service start

9. Confirm that all the nodes are visible:

[root@node00002 conf.d]#  awx-manage list_instances [tower capacity=411]         node00001 capacity=137 version=3.8.4 heartbeat="2021-11-04 03:33:16"         node00002 capacity=137 version=3.8.4 heartbeat="2021-11-04 03:33:26"         node00003 capacity=137 version=3.8.4 heartbeat="2021-11-04 03:33:16" 

RESTORE POSTGRES DB USING PG_DUMP

The following process can be used to recover the Database:

1. Restore the Postgres DB as indicated in the section above
2. Connect to the Ansible Node
3. Ensure ansbile-tower-services are stopped (ansible-tower-services stop)
4. Use the following command to dump the awx database from the RECOVERED DB:

pg_dump -Fc -v --host=azpsg-asttaae01-r01.postgres.database.azure.com --port=5432 --dbname=awx --user='azpsgasttaae01admin@azpsg-asttaae01-r01' -f /ansiblebkp/awx-db-backup.dump

5. Connect to the original database:

psql "host=azpsg-asttaae01.postgres.database.azure.com port=5432 dbname=postgres user=azpsgasttaae01admin@azpsg-asttaae01 password=<your_password> sslmode=require"

6. Rename existing DB:

alter database awx rename to awx_04112021;

7. Recreate the awx database:

CREATE DATABASE awx WITH TEMPLATE = template0 ENCODING = 'UTF8' LC_COLLATE = 'en-US' LC_CTYPE = 'en-US';

8. Exit the database:

postgres=> q

9. Restore the database:

pg_restore -v --no-owner --host=azpsg-asttaee01-restored.postgres.database.azure.com --port=5432 --user=azpsgasttaae01admin@azpsg-asttaee01 --dbname=awx /ansiblebkp/awx-db-backup.dump

10. Remove old database once AT is operable:

11. Connect to the database using the following command:

 psql "host=azpsg-asttaee01-restored.postgres.database.azure.com port=5432 dbname=postgres user=azpsgasttaae01admin@azpsg-asttaee01 password=<your_password> sslmode=require"

12. List available databases:

postgres=> l                                                                    List of databases          Name          |        Owner        | Encoding |          Collate           |           Ctype            |          Access privileges -----------------------+---------------------+----------+----------------------------+----------------------------+-------------------------------------  awx                   | azpsgasttaae01admin | UTF8     | en-US                      | en-US                      |  awx_04112021          | azpsgasttaae01admin | UTF8     | en-us                      | en-us                      | 

13. Drop the database:

postgres=> drop database awx_04112021; DROP DATABASE 

For more Ansible and Open Source how-to guides check out How to configure Ansible Automation SAML SSO with Red Hat SSO.