Comments on How to install Ansible AWX with Docker on CentOS 7

This line: awx_alternate_dns_servers="4.2.2.1,4.2.2.1" in the "Edit the following parameters in inventory." section is wrong. The 2nd IP should be .2

Thank you for the hint. I've corrected that in the tutorial.

Nice article .

Why the requirement to disable the firewall? That's a non-starter for me.

+1 for the same doubt.

crazy-town.  Docker can't run with SELinux enabled.  SELinux is NOT a firewall.  If you want a firewall then manage IP tables on your box or work with an external device (even another server) to be the route to your host.  

First, in the turorial SELinux and FirewallD is deaktivated. I wouldn't recommend that in production.. 

Second, of course you can run SELinux with Docker.. at least on CentOS there is absolutely no problem with it, if you know what you do. 

After installation, it's necessary to wait until containers are updated.

docker logs -f awx_task

Hi,

It's want to user root user. What's wrong ?

#######

Identity added: /tmp/awx_15_oXU0eR/credential_2 (/tmp/awx_15_oXU0eR/credential_2) ansible 2.5.0 config file = /etc/ansible/ansible.cfg configured module search path = [u'/var/lib/awx/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible python version = 2.7.5 (default, Aug 4 2017, 00:39:18) [GCC 4.8.5 20150623 (Red Hat 4.8.5-16)] Using /etc/ansible/ansible.cfg as config file Parsed /tmp/awx_15_oXU0eR/tmptGLInl inventory source with script plugin META: ran handlers Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/ping.py <192.168.122.21> ESTABLISH SSH CONNECTION FOR USER: root <192.168.122.21> SSH: EXEC ssh -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=root -o ConnectTimeout=10 192.168.122.21 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"'' Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/ping.py <192.168.122.22> ESTABLISH SSH CONNECTION FOR USER: root <192.168.122.22> SSH: EXEC ssh -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=root -o ConnectTimeout=10 192.168.122.22 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"'' <192.168.122.21> (255, '', 'Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\\r\\n') client1 | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\\r\\n", "unreachable": true } client2 | UNREACHABLE! => { "changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\\r\\n", "unreachable": true }

 

It's Ok ,

It was ansible user 

Hi 

Thanks for the guide.  It broke at the awx install stage.  After some mucking around I discovered that if I reverted to an earlier ansible version it worked fine.  2.6.1 was installed - which I removed sudo yum remove ansible then installed 2.5.1 using pip sudo pip install 'ansible==2.5.1' .  After that all was well. Hopefully this might save someone a bit of time

Hello There,

 

I'm getting below an error while adding host awx.

 

Call to /api/v2/hosts/. GET returned: undefined A server error has occurred.

 

When i checked in rabbitmq container's logs file getting below an error.

 

=INFO REPORT==== 7-Aug-2018::07:55:36 ===closing AMQP connection (172.17.0.5:54772 -> 172.17.0.3:5672)=INFO REPORT==== 7-Aug-2018::07:55:39 ===accepting AMQP connection (172.17.0.6:37076 -> 172.17.0.3:5672)=ERROR REPORT==== 7-Aug-2018::07:55:39 ===Error on AMQP connection (172.17.0.6:37076 -> 172.17.0.3:5672, state: starting):AMQPLAIN login refused: user 'guest' - invalid credentials

Hi you;

I can not ping or ssh to host client when user ansible.

=======ERROR LOG==============TASK [Gathering Facts] *********************************************************fatal: [192.168.59.37]: UNREACHABLE! => {"changed": false, "msg": "Failed to con          nect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-          mic,password).\r\n", "unreachable": true}        to retry, use: --limit @/etc/ansible/site.retryPLAY RECAP *********************************************************************192.168.59.37              : ok=0    changed=0    unreachable=1    failed=0TASK [Gathering Facts] *********************************************************fatal: [192.168.59.37]: UNREACHABLE! => {"changed": false, "msg": "Failed to con          nect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-          mic,password).\r\n", "unreachable": true}        to retry, use: --limit @/etc/ansible/site.retryPLAY RECAP *********************************************************************192.168.59.37              : ok=0    changed=0    unreachable=1    failed=0=======================================================

Pls, help me. as soon as possible.

 

Thanks.

Hai Le

The install playbook fails with missing variables for awx_web & awx_task.

Hi Manjul

 

Were you able to find a solution for this ?

Hi!

How can I update it to the latest version?

Do we have to install the docker-ce with a particular filesystem. There is an error that surfaced during the "systemctl start docker" process. I had the docker application running before, I removed it and then installed docker-ce. I ran into a number of errors from this process.

It gives me an error message that states an aspect of the filesystem is not supported.

Todd

 

how to change the hostport for awx_web container

Got AWX installed OK on Centos 7 but could not get the basic ping connectivity test working, ssh failed

Issue caused by 'ansible' userid on client computers needs a file called ' ~/.ssh/config' with the contents:

Host *IdentityFile ~/.ssh/id_rsaAddKeysToAgent yes

 

Then run 'chmod 600 ~/.ssh/config' (should be owned by 'ansible' obviously)

Reference: https://github.com/ansible/ansible/issues/22745

Now the ping connectivity works

 

Formatting on the lines needed in the file called '~/.ssh/config' should be on 3 seperate lines ie:

 

Host *

 

IdentityFile ~/.ssh/id_rsa

 

AddKeysToAgent yes

 

 

Getting error while installing AWX via ansible command.

fatal: [localhost]: FAILED! => {"changed": false, "msg": "Cannot have both the docker-py and docker python modules (old and new version of Docker SDK for Python) installed together as they use the same namespace and cause a corrupt installation. Please uninstall both packages, and re-install only the docker-py or docker python module. It is recommended to install the docker module if no support for Python 2.6 is required. Please note that simply uninstalling one of the modules can leave the other module in a broken state."}

Installing collected packages: pip  Found existing installation: pip 8.1.2    Uninstalling pip-8.1.2:      Successfully uninstalled pip-8.1.2Successfully installed pip-19.1.1

Hi Admin,

 

After installing all the steps I am getting the below error. Please help me to take this forward.

 

[DEPRECATION WARNING]: The 'docker_service' module has been renamed to 'docker_compose'.. This feature will be removed in version2.12. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unable to load docker-compose. Try `pip install docker-compose`. Error: No module named compose"}

Hi Admin,

I am getting the following error. Kindly help in getting the below issue resolved.

"Error connecting: Error while fetching server API version: Timeout value connect was Timeout(connect=10, read=10, total=None), but it must be an int or float."

 

Hello Raghava, 

Even I am facing the same issue, were u able to fix it ?

Hi Team,

I see docker images as

postgres

memcached

ansible/awx_task

ansible/awx_web

hello_world

But when I run the docker ps command I see only below. i dont see that postgres, awx_task, awx_web are not running. Please help me in fixing this issue.

Hi Team,

I observe that Postgres is keep on trying to restart but it is not coming up. Please hel pme to fix this issue

 Hello,

 

I've got the error : 

TASK [local_docker : Start the containers] ***************************************************************************************************************************************************************************************************************************************************

task path: /root/awx/installer/roles/local_docker/tasks/compose.yml:25

fatal: [localhost]: FAILED! => {"changed": false, "errors": [], "module_stderr": "", "module_stdout": "", "msg": "Error starting project 500 Server Error: Internal Server Error (\"Get https://registry-1.docker.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)\")"}

 

We're using a proxy in my company. I set it for pip, yum, git... But it's not working in that case. I added it in the install.yml, but still the same. 

Where should I set the proxy ?

 

Thanks

*

fatal: [localhost]: FAILED! => {"changed": false, "errors": [], "module_stderr": "", "module_stdout": "", "msg": "Error starting project 500 Server Error: Internal Server Error (\"Get https://registry-1.docker.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)\")"}

I am getting the above error, not sure how to troubleshoot.  No i am not using proxy at all.

I found out.

Proxy must be added in /etc/sysconfig/docker :

HTTP_PROXY="http://user01:[email protected]:8080" HTTPS_PROXY="https://user01:[email protected]:8080"

In my environment, before launching ansible-playbook command ("ansible-playbook -i inventory install.yml -vv"), I needed to clean up some python modules for docker as follows:

# pip uninstall docker docker-py docker-compose

and then install just "docker-compose" again, otherwise ansible fails:

# pip install docker-compose

This worked for me with CentOS 7.7.

I got a hint from you. Thank you.

I needed to do like this : 

# pip uninstall docker

# pip uninstall docker-py

# pip uninstall docker-compose

# pip install docker==3.7.3 docker-compose

 

BTW, Task "local_docker : Start the containers" took a really long time for my environment.

Fresh install CentOS7 7.7.1908 fully updated.  ansible00 3.10 and docker-ce-19.03.5-3installed.

 

per instructions above noted deviation on the output options on inventory file:

(base) [root@ansible00 installer]# cat inventory |grep -v "#"

#########

localhost ansible_connection=local ansible_python_interpreter="/usr/bin/env python"

[all:vars]

dockerhub_base=ansible

awx_task_hostname=awx

awx_web_hostname=awxweb

postgres_data_dir="/var/lib/pgdocker"

host_port=80

host_port_ssl=443

docker_compose_dir="~/.awx/awxcompose"

pg_username=awx

pg_password=awxpass

pg_database=awx

pg_port=5432

rabbitmq_password=awxpass

rabbitmq_erlang_cookie=cookiemonster

admin_user=admin

admin_password=password

create_preload_data=True

secret_key=awxsecret

awx_official=true

equires cloning awx-logos repo as a sibling of this project.

awx_official=true

awx_official=true

awx_alternate_dns_servers="172.16.100.40,8.8.8.8"

project_data_dir=/var/lib/awx/projects

##

 

Nothing jumped out as bad but lack of section from example of the postgres database account info did have me scratch head a bit:

pg_username=awx pg_password=awxpass pg_database=awx pg_port=5432

 

Ran through install and get the following errors

(base) [root@ansible00 installer]# ansible-playbook -i inventory install.yml -vv

 

TASK [local_docker : Create Docker Compose Configuration] *******************************************************************************************************************************************************************************

task path: /opt/awx/installer/roles/local_docker/tasks/compose.yml:7

failed: [localhost] (item=environment.sh) => {"ansible_loop_var": "item", "changed": false, "checksum": "e369ef7b0186eef5f38dc16027878a3a6a0d9f0c", "item": "environment.sh", "msg": "Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!"}

failed: [localhost] (item=credentials.py) => {"ansible_loop_var": "item", "changed": false, "checksum": "9d8c48ec0e65f6cc2aa8d1e2720f826b0f65551a", "item": "credentials.py", "msg": "Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!"}

failed: [localhost] (item=docker-compose.yml) => {"ansible_loop_var": "item", "changed": false, "checksum": "992c9032bb1c9236819ab991bcab6beffcc0bdf2", "item": "docker-compose.yml", "msg": "Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!"}

failed: [localhost] (item=nginx.conf) => {"ansible_loop_var": "item", "changed": false, "checksum": "5706491c1c00d32dd0a1b96a88c12a842ccbf32c", "item": "nginx.conf", "msg": "Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!"}

 

PLAY RECAP ******************************************************************************************************************************************************************************************************************************

localhost                  : ok=9    changed=0    unreachable=0    failed=1    skipped=100  rescued=0    ignored=0

###

 

I followed down rat hole of package missing https://github.com/ansible/ansible/issues/34340  

(base) [root@ansible00 tasks]# rpm -qa |grep libselinux-python

libselinux-python-2.5-14.1.el7.x86_64

(base) [root@ansible00 installer]# getenforce

Permissive

 

 

Any suggestions as to what issue is with AWX on docker for CentOS related to a permissive SELinux set system with noted libselinux-python module?

 

Thanks,

 

If you meet this error : "Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!" in the docker compose creation task, you can test this tips:

check you can import selinux with python :

ansible --version           for check the version of python you use

python (supposed my version is python3)

import selinux

 

if you got an error on import, you can consider your module selinux are not successfully install, so to must resolve it, do :

pip3 install selinux , and replay the previously steps for check. If all is ok, you can replay the playbook

Hi,

I have successfully installed awx ansible tower.I am able to add ssh key. But hen i am trying to ping my localhost i am getting error :Failed to launch adhoc command. POST returned status: 500 A server error has occurred.

Project is getting created but it is throwing the same 500 error. I have follwed this document till the end and i need only localhost.

I'm getting install.yml file not found moreover insstall directory was not there under /root/awx, I have created and then added invetory file.

can you suggest where I can I find yuml file and how to resolve this issue.

 

Note: CentOS 7.7

 

 

[root@devansible installer]# ansible-playbook -i inventory install.yml -vvansible-playbook 2.9.27  config file = /etc/ansible/ansible.cfg  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']  ansible python module location = /usr/lib/python2.7/site-packages/ansible  executable location = /usr/bin/ansible-playbook  python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]Using /etc/ansible/ansible.cfg as config fileERROR! the playbook: install.yml could not be found