在 CentOS 7 上 RPM 安装 Ansible AWX
在之前的教程中 ,我向您展示了如何通过 docker 部署 Ansible AWX。 同时,我发现了两
个为 AWX 构建 rpm 包的项目。 因此,在本教程中,我将向您展示如何在 CentOS 7 上从 RPM
文件安装 Ansible AWX。Ansible AWX 是 Ansible Tower 软件的开源版本。
我将在宽松模式下使用 3 台服务器, CentOS 7 最低安装和 SELinux。
192.168.1.25 AWX 服务器
192.168.1.21 client1
192.168.1.22 client2
AWX 服务器的最低系统要求
至少 4GB 的内存
至少 2 个 cpu 核心
至少 20GB 的空间
运行 Docker,Openshift 或 Kubernetes
检查 SELinux 配置。
[root@awx ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: permissive
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28
[root@awx ~]#
添加主机条目
/etc/hosts
[root@awx ~]# cat /etc/hosts
192.168.1.25 awx.sunil.cc awx
192.168.1.21 client1.sunil.cc client1
192.168.1.22 client2.sunil.cc client2
[root@awx ~]#
添加防火墙规则
[root@awx ~]# systemctl enable firewalld
Created symlink from
/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service to
/usr/lib/systemd/system/firewalld.service.
Created symlink from
/etc/systemd/system/multi-user.target.wants/firewalld.service to
/usr/lib/systemd/system/firewalld.service.
[root@awx ~]# systemctl start firewalld
[root@awx ~]# firewall-cmd --add-service=http --permanent;firewall-cmd
--add-service=https --permanent
success
success
[root@awx ~]# systemctl restart firewalld
[root@awx ~]#
启用 CentOS EPEL 存储库。
[root@awx ~]# yum install -y epel-release
我们需要 postgresql 9.6 来安装 AWX。
启用 postgreSQL 回购。
[root@awx ~]# yum install -y
https://download.postgresql.org/pub/repos/yum/9.6/redhat/rhel-7-x86_64/pgdg
-centos96-9.6-3.noarch.rpm
安装 postgreSQL。
[root@awx ~]# yum install postgresql96-server -y
安装其他必要的 RPM。
[root@awx ~]# yum install -y rabbitmq-server wget memcached nginx ansible
安装 Ansible AWX
添加 AWX 回购。
[root@awx ~]# wget -O /etc/yum.repos.d/awx-rpm.repo
https://copr.fedorainfracloud.org/coprs/mrmeee/awx/repo/epel-7/mrmeee-awx-e
pel-7.repo
安装 rpm
[root@awx ~]# yum install -y awx
初始化数据库
[root@awx ~]# /usr/pgsql-9.6/bin/postgresql96-setup initdb
Initializing database ... OK
[root@awx ~]#
开始 Rabbitmq 服务
[root@awx ~]# systemctl start rabbitmq-server
[root@awx ~]# systemctl enable rabbitmq-server
Created symlink from
/etc/systemd/system/multi-user.target.wants/rabbitmq-server.service to
/usr/lib/systemd/system/rabbitmq-server.service.
[root@awx ~]#
启动 PostgreSQL 服务
[root@awx ~]# systemctl enable postgresql-9.6
Created symlink from
/etc/systemd/system/multi-user.target.wants/postgresql-9.6.service to
/usr/lib/systemd/system/postgresql-9.6.service.
[root@awx ~]# systemctl start postgresql-9.6
启动 Memcached 服务
[root@awx ~]# systemctl enable memcached
Created symlink from
/etc/systemd/system/multi-user.target.wants/memcached.service to
/usr/lib/systemd/system/memcached.service.
[root@awx ~]# systemctl start memcached
创建 Postgres 用户
[root@awx ~]# sudo -u postgres createuser -S awx
could not change directory to "/root": Permission denied
[root@awx ~]#
忽略错误
创建数据库
[root@awx ~]# sudo -u postgres createdb -O awx awx
could not change directory to "/root": Permission denied
[root@awx ~]#
忽略错误
将数据导入数据库
[root@awx ~]# sudo -u awx /opt/awx/bin/awx-manage migrate
初始化 AWX 的配置
[root@awx ~]# echo "from django.contrib.auth.models import User;
User.objects.create_superuser('admin', 'root@localhost', 'password')" | sudo
-u awx /opt/awx/bin/awx-manage shell
[root@awx ~]# sudo -u awx /opt/awx/bin/awx-manage create_preload_data
Default organization added.
Demo Credential, Inventory, and Job Template added.
[root@awx ~]# sudo -u awx /opt/awx/bin/awx-manage provision_instance
--hostname=$(hostname)
Successfully registered instance awx.sunil.cc
(changed: True)
[root@awx ~]# sudo -u awx /opt/awx/bin/awx-manage register_queue
--queuename=tower --hostnames=$(hostname)
Creating instance group tower
Added instance awx.sunil.cc to tower
(changed: True)
[root@awx ~]#
配置 Nginx
采取 nginx.conf 的备份
[root@awx ~]# cd /etc/nginx/
[root@awx nginx]# pwd
/etc/nginx
[root@awx nginx]# cp nginx.conf nginx.conf.bkp
替换 nginx conf 文件
[root@awx nginx]# wget -O /etc/nginx/nginx.conf
https://raw.githubusercontent.com/sunilsankar/awx-build/master/nginx.conf
启用并启动 nginx 服务
[root@awx ~]# systemctl start nginx
[root@awx ~]# systemctl enable nginx
启动 awx 服务
systemctl start awx-cbreceiver
systemctl start awx-dispatcher
systemctl start awx-channels-worker
systemctl start awx-daphne
systemctl start awx-web
确保服务在重启过程中启动
systemctl enable awx-cbreceiver
systemctl enable awx-dispatcher
systemctl enable awx-channels-worker
systemctl enable awx-daphne
systemctl enable awx-web
从 AWX 服务器配置无密码登录
在所有 3 台主机上创建一个用户。
在本教程中,我将在所有 3 台服务器上创建一个用户。
[root@awx ~]# useradd ansible
[root@client1 ~]# useradd ansible
[root@clien2 ~]# useradd ansible
在 awx 服务器中生成 ssh 密钥
[root@awx nginx]# su - ansible
[ansible@awx ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/ansible/.ssh/id_rsa):
Created directory '/home/ansible/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/ansible/.ssh/id_rsa.
Your public key has been saved in /home/ansible/.ssh/id_rsa.pub.
The key fingerprint is: