Hands-on with AWX
AWX is the open-source project behind Red Hat® Automation Platform
Ansible needs no introduction. It’s the most preferred DevOps tool for automation and configuration management. It dominates the other tools like Chef and Puppet. Personally, I think it’s thanks to its “agentless” architecture.. and also because it’s free 🎉🆓
AWX, on the other hand, is the web UI and REST API solution for Ansible. It centralizes and controls Ansible infrastructure with a visual dashboard, role-based access control, job scheduling, and graphical inventory management.
This article aims to run a quick setup of AWX which includes among other steps: Creating an organization, configuring user security, and creating a Job Template that runs a cool playbook. We won't be forgetting about good practices 😉
AWX is the open source project behind Red Hat® Automation Platform. The configuration of the two is quite similar. Therefore, the following setup can fully apply to Ansible Automation Controller as well.
Install
The tools install is not covered in this article. Here we suppose that you have everything already installed and preconfigured.
If that’s not the case, here are some “HOWTOs” that I found useful: Ansible AWX Tower
Setup
Step 1: Create an organization
Connect to AWX using an admin user, and add a new organization.
Step 2: Create an Inventory
The inventory contains the hosts upon which the playbook operates.
Step 3: Create a Host
Once the inventory is created, add a host to it.
Step 4: Create a User
The user should be added to the newly created organization.
Here, to simplify we created a local user. But, in production, I would always recommend adding an LDAP Technical User.
Step 5: Create a Project
For testing purposes, you may use my GitHub project.
Step 6: Create an SSH Credential
These credentials will be used in Job Templates and will help connect to the servers using SSH.
Again, here we’re using username/password as credential Type Details. But, in production, SSH Keys are encouraged.
Step 7: Create a Job Template
We select the Inventory, Project, and Credentials we’ve just created. While the playbook will be detected automatically by AWX.
Step 8: Add User’s roles
At this step, you will need to attribute the following necessary roles to your technical user :
“Execute” and “Read” on the Job Template & “Use” role on the credentials
Step 9: Launch the Job Template
Connect to AWX using the created user and launch the Job Template. Make sure that you have all the permissions, and the job status is Successful.
Another way of doing that would be via AWX API. You may use a UI tool like Postman, or just use the cURL command :
curl --location --request POST ‘http://*.*.*.*/api/v2/job_templates/<job id>/launch/' --header ‘Authorization: Basic <base 64 encoding of the user name and password>’AWX is really a powerful tool. I’ve been using it for a while now. It’s undeniably the easiest tool out there for managing Ansible.
That being said, I do believe that it shouldn’t be your Go-To tool. AWX is not all perfect. For instance, with the Isolated-Nodes configuration, the Job output is not displayed live. And in my experience, the overall time of executing a playbook with AWX is much slower than with Jenkins.
All in all, what I’m saying is that easy integration with Ansible shouldn’t be you’re only criterion. You want to consider all your options before settling on a specific tool.