Automation

or the lie that is DevOps

AWX on CentOS 8

Log in to your CentOS 8 server, open a terminal window, and issue the following commands:

sudo dnf install epel-release -y
sudo dnf install git gcc gcc-c++ ansible nodejs gettext device-mapper-persistent-data lvm2 bzip2 python3-pip -y

How to install Docker and Docker Compose

(Podman coming soon.)

We now need to install both Docker and Docker Compose. The first thing to do is add the necessary repository with the command:

sudo dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo

Once the repository is added, install the latest version of Docker with the command:

sudo dnf install docker-ce-3:18.09.1-3.el7 -y

Start and enable the Docker engine with the commands:

sudo systemctl start docker
sudo systemctl enable docker

Add your user to the docker group with the command:

sudo usermod -aG docker $USER

Log out and log back in.

Install docker-compose via pip3 with the command:

sudo pip3 install docker-compose

Finally, set python to use Python 3 with the command:

alternatives --set python /usr/bin/python3

How to install AWX

Now we can finally install AWX. Clone the latest release with the command:

git clone https://github.com/ansible/awx.git

Next, generate a secret encryption key with the command:

openssl rand -base64 30

Copy the key that is generated to your clipboard.

Change into the newly downloaded AWX directory with the command:

cd awx/installer

Open the AWX inventory file with the command:

nano inventory

In that file, you'll need to (at a minimum), edit the following configuration options. First, locate the line:

secret_key=

In that line, paste the secret key you generated earlier. 

Next, look for the line:

admin_password=password

Change the password to a strong, unique password.

Finally, look for the line that starts with:

#awx_alternate_dns_servers=

Change that line to:

awx_alternate_dns_servers="8.8.8.8,8.8.4.4"

You can then go through the rest of the inventory file and edit as needed. But, the above changes should result in a successful installation.

Create a directory for Postgres with the command:

sudo mkdir /var/lib/pgdocker

Install AWX with the command:

sudo ansible-playbook -i inventory install.yml

This should take about five to10 minutes to complete.

SELinux and firewall

Before we can access the AWX site, we need to disable SELinux. Issue the command:

sudo nano /etc/sysconfig/selinux

Change the line:

SELINUX=enforcing

To:

SELINUX=disabled

Save and close the file. Restart your system so the changes will take effect. 

The last step is to modify the firewall. This is done with the following commands:

sudo firewall-cmd --zone=public --add-masquerade --permanent
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --reload

Control Node Setup

A deployment controller could be a dedicated server or a workstation.

 

From command line

Clone the Private Data System repository

git clone https://github.com/clusterapps/PrivateSystem.git

Review required settings.

From Tower or AWX

A:) Clone and modify for your own environment

git clone https://git.clusterapps.com/ansible/tower-pds-base.git

B:) Create a new Project and assign to specific groups.

step-by-step coming soon

Additional Settings

Additional items for a Windows environment.

Download the Windows virtio drivers. These drivers are needed to Windows guests running on KVM. 

On a web server or software distribution server:

wget https://fedorapeople.org/groups/virt/virtio-win/virtio-win.repo -O /etc/yum.repos.d/virtio-win.repo
yum install -y virtio-win
cp /usr/share/virtio-win/virtio-win.iso /var/www/html/iso/

 

Windows Build Server

A service for building custom WIM images for deployments. 

The WIM images may contain additional drivers or post setup deployment scripts. 

WIM images can be server or desktop OS and are useful in virtual and physical environment deployments. 

Build

To build the server, start with a fresh install of Windows Server. This example will be based on Windows Server 2016. The example should work on Windows Server 2019 with little to no modification. 

Only a few modifications were changed to the installation.

Download the Windows Builder role or Private Data System playbook to deploy the build server.

Update the inventory file.

Run the deploy-winbuild playbook.

Configure

Updates.
The Windows update portion of the build can be very time consuming. To speed up the build time and the WIM updating process, the updates will be downloaded ahead of time. This is not necessary to run manually since the buld scripts will run the updates tools too.

Sign in to the Windows Build Server and go to the <wsus-offline-updater> folder.

UpdateGenerator-Explorer.png

Run the UpdateGenerator.exe

Select the version(s) of Windows to download updates for.

UpdateGenerator.png

This example will only download updates for Windows 10 and Windows Server 2016. 

After a few moments the UpdateGenerator will begin to run.

UpdateGenoerator-running.png

This process may take a very long time depending on the number of versions selected and if Office was included.

When the process is complete, a prompt will appear to review the logs.

UpdateGenerator-Complete.png

Drivers

Sign in to the Windows Build Server and go to the source\Builder\Drivers folder.