Ansible Tower01

文档：http://docs.ansible.com/ansible-tower/ 
本文以Ansible-tower-3.1.2 OS为CentOS7.2为例。

1、安装前注意事项

1. The Tower installer creates a self-signed SSL certificate and keyfile at /etc/tower/tower.cert and /etc/tower/tower.key for HTTPS communication. These can be replaced after install with your own custom SSL certificates if you desire, but the filenames are required to be the same.(若是须要替换以前的/etc/tower/tower.cert、/etc/tower/tower.key证书，须要保证替换以后的证书和以前的证书名称相同)

2. If using Ansible version 1.8 or later, ensure that fact caching using Redis is not enabled in ansible.cfg on the Tower machine.(若是使用可执行版本1.8或更高版本，请确保在Ansible Tower上的ansible.cfg中未启用使用Redis的fact caching。)

3. Note that the Tower installation must be run from an internet connected machine that can install software from trusted 3rd-party places such as Ansible’s software repository, and your OS vendor’s software repositories.(请注意，Tower安装必须经过互联网链接的机器运行，该机器能够从可靠的第三方场所安装软件，如Ansible的软件仓库和您的OS供应商的软件库。)

4. (1)支持的操做系统： 
   Red Hat Enterprise Linux 7 64-bit 
   CentOS 7 64-bit 
   Ubuntu 14.04 LTS 64-bit 
   Ubuntu 16.04 LTS 64-bit 
   注意：Ansible Tower requires Red Hat Enterprise Linux 7.2 or later. 
   (2)最少2G内存，推荐4G+内存 
   (3)20 GB of dedicated hard disk space(20 GB专用硬盘空间) 
   10 GB of the 20 GB requirement must be dedicated to /var/, where Tower stores its files and working directories (dedicating less space will cause the installation to fail) 
   (4)64-bit support required (kernel and runtime)

2、安装过程

1.下载ansible tower 
下载地址：http://releases.ansible.com/ansible-tower/setup/ 
含有安装包文件的版本：http://releases.ansible.com/ansible-tower/setup-bundle/

wget http://releases.ansible.com/ansible-tower/setup-bundle/ansible-tower-setup-bundle-latest.el6.tar.gz
tar zxvf ansible-tower-setup-bundle-latest.el7.tar.gz
cd ansible-tower-setup-bundle-3.1.2-2.el7

2.安装ansible tower 
a.设置主机信息

sed -i "s#admin_password=''#admin_password='123456'#g" inventory
sed -i "s#pg_host=''#pg_host='127.0.0.1'#g" inventory 
sed -i "s#pg_port=''#pg_port='5432'#g" inventory

b.修改yum源(操做中并无修改，原地址也挺快)

sed -i 's#dl.fedoraproject.org/pub#mirrors.ustc.edu.cn#g' roles/packages_el/defaults/main.yml
sed -i 's/#baseurl=/baseurl=/g' roles/packages_el/files/epel-6.repo
sed -i 's/mirrorlist=/#mirrorlist=/g' roles/packages_el/files/epel-6.repo
sed -i 's#download.fedoraproject.org/pub#mirrors.ustc.edu.cn#g' roles/packages_el/files/epel-6.repo

yum -y install centos-release-scl-rh centos-release-scl
sed -i 's#mirror.centos.org#centos.ustc.edu.cn#g' /etc/yum.repos.d/CentOS-SCLo-scl.repo
sed -i 's#mirror.centos.org#centos.ustc.edu.cn#g' /etc/yum.repos.d/CentOS-SCLo-scl-rh.repo
yum -y install supervisor

c.安装Ansible tower

#./setup.sh

d.安装过程当中遇到的问题 
(1).在TASK [awx_install : Migrate the Tower database schema (may take awhile when upgrading).] 这一步会出现错误，提示信息是数据库链接不上 

使用yum安装

yum install
http://download.postgresql.org/pub/repos/yum/9.4/redhat/rhel-7.2-x86_64/pgdg-redhat94-9.4-3.noarch.rpm
yum install postgresql94-server postgresql94-contrib

设置开机启动

 systemctl enable postgresql-9.4.service 
 systemctl start postgresql-9.4.service

初始化数据库

 /usr/pgsql-9.4/bin/postgresql94-setup initdb

启动postgresql

service postgresql-9.4 start

建立用户

su - postgres
-bash-4.2$ psql
    postgres=# CREATE ROLE awx CREATEDB PASSWORD 'admin' LOGIN; 
    postgres=# \q
    -bash-4.2$ exit
sed -i 's#peer#md5#g' /var/lib/pgsql/9.4/data/pg_hba.conf
sed -i 's#ident#md5#g' /var/lib/pgsql/9.4/data/pg_hba.conf
service postgresql-9.4 restart

测试awx用户链接，输入密码链接，并建立数据库

-bash-4.2$ psql -U awx -d postgres -h 127.0.0.1
postgres=# create database awx;
postgres=# \q

再次./setup.sh进行安装tower 
(2).在TASK中fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "msg": "This machine does not have sufficient RAM to run Ansible Tower."} 
解决方法：增长内存，至少2G 
(3).在TASK中fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "msg": "Please set rabbitmq_password in the inventory file before running setup"} 
解决方法：安装RabbitMQ，具体见《RabbitMQ01》。

3、Web配置

访问Web界面，http://192.168.1.34/#/ 
用户名/密码为admin/123456

导入license 
没有的话，点击REQUEST LICENSE，去官方申请免费试用。

提交license，就进入了DASHBOARD页面。