If you follow the right Oracle people, you probably already know that Oracle just released Oracle Linux Automation Manager:
Your #Ansible automation engine might be already there, included with your Oracle Linux subscription… https://t.co/RPZw37yOvs pic.twitter.com/aQZInFcUsv
— Ludovico Caldara (@ludodba) September 6, 2021
My understanding was that access to it required ULN access, so there was no way to just spin up a quick VM at home and try it out… but I was wrong.
As confirmed by Ludovico, there is public access:
I might have talked too early, it looks like a public repo is also available:https://t.co/XxZhs9oFDi
— Ludovico Caldara (@ludodba) September 7, 2021
I thought I will keep it simple for now, so I just created a VM with Vagrant and confirm you can test it out from home from that public repository.
First, add and enable the Automation public repository to your system:
[root@OracleAuto ~]# dnf config-manager --add-repo http://yum.oracle.com/repo/OracleLinux/OL8/automation/x86_64
Adding repo from: http://yum.oracle.com/repo/OracleLinux/OL8/automation/x86_64
[root@OracleAuto ~]# dnf repolist
repo id repo name
ol8_UEKR6 Latest Unbreakable Enterprise Kernel Release 6 for Oracle Linux 8 (x86_64)
ol8_appstream Oracle Linux 8 Application Stream (x86_64)
ol8_baseos_latest Oracle Linux 8 BaseOS Latest (x86_64)
yum.oracle.com_repo_OracleLinux_OL8_automation_x86_64 created by dnf config-manager from http://yum.oracle.com/repo/OracleLinux/OL8/automation/x86_64
[root@OracleAuto ~]# dnf config-manager --set-enabled yum.oracle.com_repo_OracleLinux_OL8_automation_x86_64
[root@OracleAuto ~]# dnf update
created by dnf config-manager from http://yum.oracle.com/repo/OracleLinux/OL8/automation/x86_64 108 kB/s | 437 kB 00:04
Last metadata expiration check: 0:00:01 ago on Tue 07 Sep 2021 07:35:18 PM UTC.
Dependencies resolved.
=====================================================================================================================================================================
Package Architecture Version Repository Size
=====================================================================================================================================================================
Installing:
kernel-uek x86_64 5.4.17-2102.204.4.4.el8uek ol8_UEKR6 66 M
Upgrading:
NetworkManager x86_64 1:1.30.0-10.0.1.el8_4 ol8_baseos_latest 2.6 M
NetworkManager-libnm x86_64 1:1.30.0-10.0.1.el8_4 ol8_baseos_latest 1.8 M
btrfs-progs x86_64 5.12.1-1.el8 ol8_UEKR6 858 k
dhcp-client x86_64 12:4.3.6-44.el8_4.1 ol8_baseos_latest 318 k
dhcp-common noarch 12:4.3.6-44.el8_4.1 ol8_baseos_latest 207 k
dhcp-libs x86_64 12:4.3.6-44.el8_4.1 ol8_baseos_latest 148 k
dmidecode x86_64 1:3.2-8.0.2.el8 ol8_baseos_latest 92 k
[....]
nvme-cli-1.12-4.el8_4.x86_64 openldap-2.4.46-17.el8_4.x86_64 oraclelinux-release-el8-1.0-19.el8.x86_64
procps-ng-3.3.15-6.0.1.el8.x86_64 python3-firewall-0.8.2-7.0.1.el8_4.noarch python3-rpm-4.14.3-14.el8_4.x86_64
rpm-4.14.3-14.el8_4.x86_64 rpm-build-libs-4.14.3-14.el8_4.x86_64 rpm-libs-4.14.3-14.el8_4.x86_64
rpm-plugin-selinux-4.14.3-14.el8_4.x86_64 rpm-plugin-systemd-inhibit-4.14.3-14.el8_4.x86_64 rsyslog-8.1911.0-7.0.1.el8_4.2.x86_64
selinux-policy-3.14.3-67.0.6.el8_4.1.noarch selinux-policy-targeted-3.14.3-67.0.6.el8_4.1.noarch systemd-239-45.0.2.el8_4.3.x86_64
systemd-libs-239-45.0.2.el8_4.3.x86_64 systemd-pam-239-45.0.2.el8_4.3.x86_64 systemd-udev-239-45.0.2.el8_4.3.x86_64
virt-what-1.18-9.el8_4.x86_64
Installed:
kernel-uek-5.4.17-2102.204.4.4.el8uek.x86_64
Complete!
[root@OracleAuto ~]#
After we update the system, we can search for the automation manager package
[root@OracleAuto ~]# dnf search automation-manager
Last metadata expiration check: 0:07:57 ago on Tue 07 Sep 2021 07:35:18 PM UTC.
================================================================= Name Matched: automation-manager ==================================================================
ol-automation-manager.src : Oracle Linux Automation Manager, based on AWX, provides a web-based user interface, REST API, and task engine built on top of Ansible.
ol-automation-manager.x86_64 : Oracle Linux Automation Manager, based on AWX, provides a web-based user interface, REST API, and task engine built on top of Ansible.
oraclelinux-automation-manager-release-el8.src : Oracle Linux Automation Manager yum repository configuration
oraclelinux-automation-manager-release-el8.x86_64 : Oracle Linux Automation Manager yum repository configuration
[root@OracleAuto ~]#
The automation package installation is fairly simple (for a default/test configuration, of course) and you can see an example below copied from the Oracle documentation:
Installing Oracle Linux Automation Manager
[root@OracleAuto ~]# dnf install ol-automation-manager
Last metadata expiration check: 0:09:39 ago on Tue 07 Sep 2021 07:35:18 PM UTC.
Dependencies resolved.
=====================================================================================================================================================================
Package Architecture Version Repository Size
=====================================================================================================================================================================
Installing:
ol-automation-manager x86_64 1.0.0-1.el8 yum.oracle.com_repo_OracleLinux_OL8_automation_x86_64 67 M
Installing dependencies:
aajohan-comfortaa-fonts noarch 3.001-2.el8 ol8_baseos_latest 148 k
ansible noarch 2.9.23-1.el8 yum.oracle.com_repo_OracleLinux_OL8_automation_x86_64 17 M
bzip2 x86_64 1.0.6-26.el8 ol8_baseos_latest 60 k
checkpolicy x86_64 2.9-1.el8 ol8_baseos_latest 346 k
emacs-filesystem noarch 1:26.1-5.el8 ol8_baseos_latest 69 k
fontconfig x86_64 2.13.1-3.el8 ol8_baseos_latest 274 k
fontpackages-filesystem noarch 1.44-22.el8 ol8_baseos_latest 16 k
gd x86_64 2.2.5-7.el8 ol8_appstream 144 k
[...]
redis-5.0.3-2.module+el8.0.0.z+5250+19ca22c8.x86_64 sos-4.0-11.0.1.el8.noarch
sshpass-1.06-9.el8.x86_64 supervisor-4.2.2-1.el8.noarch
uwsgi-2.0.18-4.0.1.el8.x86_64 xmlsec1-1.2.25-4.el8.x86_64
xmlsec1-openssl-1.2.25-4.el8.x86_64
Complete!
[root@OracleAuto ~]#
Next, we need to setup the configuration using AWX user.
Again, just following the documentation example:
[root@OracleAuto ~]# cat /etc/redis.conf
[...]
unixsocket /var/run/redis/redis.sock
unixsocketperm 775
[root@OracleAuto ~]# /var/lib/ol-automation-manager/ol-automation-manager-DB-init.sh
* Initializing database in '/var/lib/pgsql/data'
* Initialized, logs are in /var/lib/pgsql/initdb_postgresql.log
Database pre-setup is completed
[root@OracleAuto ~]#
[root@OracleAuto ~]# su -l awx -s /bin/bash
[awx@OracleAuto ~]$ awx-manage migrate
Operations to perform:
Apply all migrations: auth, conf, contenttypes, main, oauth2_provider, sessions, sites, social_django, sso, taggit
Running migrations:
Applying contenttypes.0001_initial... OK
Applying contenttypes.0002_remove_content_type_name... OK
Applying taggit.0001_initial... OK
Applying taggit.0002_auto_20150616_2121... OK
Applying auth.0001_initial... OK
Applying main.0001_initial... OK
Applying main.0002_squashed_v300_release... OK
Applying main.0003_squashed_v300_v303_updates... OK
Applying main.0004_squashed_v310_release... OK
Applying conf.0001_initial... OK
Applying conf.0002_v310_copy_tower_settings... OK
Applying main.0005_squashed_v310_v313_updates... OK
Applying main.0006_v320_release... OK
Applying main.0007_v320_data_migrations... OK
Applying main.0008_v320_drop_v1_credential_fields... OK
Applying main.0009_v322_add_setting_field_for_activity_stream... OK
[....]
Applying social_django.0002_add_related_name... OK
Applying social_django.0003_alter_email_max_length... OK
Applying social_django.0004_auto_20160423_0400... OK
Applying social_django.0005_auto_20160727_2333... OK
Applying social_django.0006_partial... OK
Applying social_django.0007_code_timestamp... OK
Applying social_django.0008_partial_timestamp... OK
Applying sso.0001_initial... OK
Applying sso.0002_expand_provider_options... OK
Applying taggit.0003_taggeditem_add_unique_index... OK
Let’s now create the management user and make sure you set the correct hostname/IP address for the "AWX Instance provision"
[awx@OracleAuto ~]$ awx-manage createsuperuser --username admin
Email address: [email protected]
Password:
Password (again):
Superuser created successfully.
[awx@OracleAuto ~]$
[awx@OracleAuto ~]$ awx-manage create_preload_data
Default organization added.
Demo Credential, Inventory, and Job Template added.
(changed: True)
[awx@OracleAuto ~]$ awx-manage provision_instance --hostname=OracleAuto
Successfully registered instance OracleAuto
(changed: True)
[awx@OracleAuto ~]$ awx-manage register_queue --queuename=tower --hostnames=OracleAuto
Creating instance group tower
Added instance OracleAuto to tower
(changed: True)
[awx@OracleAuto ~]$
[awx@OracleAuto ~]$ exit
logout
Once that is completed, we need to setup the HTTP server.
Since this is just a test, you can just create a ssl certicate to avoid issues login into your management interface (please, dont do this on your produciton system 🙂 )
[root@OracleAuto ~]# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/tower/tower.key -out /etc/tower/tower.crt
Generating a RSA private key
......+++++
.+++++
writing new private key to '/etc/tower/tower.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:
State or Province Name (full name) []:
Locality Name (eg, city) [Default City]:
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:
Email Address []:
[root@OracleAuto ~]#
I’m sure you can change the web server to your favourite one, but for now, we will setup nginx server that is the default one.
Here, we just made a backup of the default configuration and copied the default configuration from the documentation:
[root@OracleAuto ~]# mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bk
[root@OracleAuto ~]# nano /etc/nginx/nginx.conf
[root@OracleAuto ~]# cat /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
}
[root@OracleAuto ~]#
Last steps, just change some information on the tower setting file (just add your hostname/IP into CLUSTER_HOST_ID) and enable/start the Oracle Automation Manager Service with Systemd
[root@OracleAuto ~]# grep -i CLUSTER_HOST_ID /etc/tower/settings.py
CLUSTER_HOST_ID = "OracleAuto"
[root@OracleAuto ~]#
[root@OracleAuto ~]# systemctl enable --now ol-automation-manager.service
Created symlink /etc/systemd/system/multi-user.target.wants/ol-automation-manager.service → /usr/lib/systemd/system/ol-automation-manager.service.
[root@OracleAuto ~]#
And voilà! you can now start managing your ansible playbooks directly from Oracle Automation Manager Interface
I really need to get more into Ansible and Automation, so this is could be a good way to start using Oracle own Automation manager 🙂
Comments