How to Install Ansible AWX on CentOS 8

AWX stands for "Ansible Web eXecutable" is a free and open-source project that allows you to manage and control your Ansible project easily. It provides a web-based user interface and task engine built on top of Ansible. It provides a powerful REST API and allows you to manage or sync inventory with other cloud sources, control access and integrate with LDAP.

In this tutorial, we will show you how to install Ansible AWX with Docker on CentOS 8.

Prerequisites

  • A server running CentOS 8 with minimum 4 GB RAM.
  • A root password is configured on your server.

Getting Started

Before starting, you will need to install the EPEL repository in your system. You can install it with the following command:

dnf install epel-release -y

Next, you will need to install some additional packages required to run AWX on your system. You can install all of them with the following command:

dnf install git gcc gcc-c++ ansible nodejs gettext device-mapper-persistent-data lvm2 bzip2 python3-pip -y

Once all the packages are installed, you can proceed to the next step.

Install Docker and Docker Compose

Next, you will need to install Docker to run AWX inside Docker container. By default, the latest version of Docker is not available in the CentOS 8 default repository. So you will need to add Docker repository in your system. You can add the Docker repository with the following command:

dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo

Once added, install the latest stable version of Docker with the following command:

dnf install docker-ce-3:18.09.1-3.el7 -y

Once the Docker has been installed, check the installed version of Docker with the following command:

docker --version

You should get the following output:

Docker version 19.03.7, build 7141c199a2

Next, start the Docker service and enable it to start after system reboot with the following command:

systemctl start docker
systemctl enable docker

You can verify the status of Docker service with the following command:

systemctl status docker

You should get the following output:

? docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
   Active: active (running) since Wed 2020-03-11 02:36:04 EDT; 23min ago
     Docs: https://docs.docker.com
 Main PID: 5882 (dockerd)
    Tasks: 101
   Memory: 2.6G
   CGroup: /system.slice/docker.service
           ??5882 /usr/bin/dockerd -H fd://
           ??5899 containerd --config /var/run/docker/containerd/containerd.toml --log-level info
           ??8815 containerd-shim -namespace moby -workdir /var/lib/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/4b91575d64b1b>
           ??8847 containerd-shim -namespace moby -workdir /var/lib/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/0f36c9784f748>
           ??8894 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 80 -container-ip 172.18.0.5 -container-port 8052
           ??8899 containerd-shim -namespace moby -workdir /var/lib/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/47300ec1c26ff>
           ??8923 containerd-shim -namespace moby -workdir /var/lib/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/9827b9831fa5b>
           ??9631 containerd-shim -namespace moby -workdir /var/lib/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/166b153faa275>

Next, install the Docker compose using the following command:

pip3 install docker-compose

Once installed, verify the Docker compose version using the following command:

docker-compose --version

You should see the following output:

docker-compose version 1.25.4, build unknown

Finally, run the following command to set python command to use python 3:

alternatives --set python /usr/bin/python3

Install Ansible AWX

First, download the latest version of Ansible AWX from the Git Hub repository using the following command:

git clone https://github.com/ansible/awx.git

Next, generate a secret key for encryption of the inventory file with the following command:

openssl rand -base64 30

You should get the following output:

R+kbcDEUS8DlAftAbfWafVqLZ0lUy+Paqo4fEtgp

Note: Remember the above secretes, you will need to paste it in the inventory file.

Next, change the directory to awx/installer/ and edit the inventory file:

cd awx/installer/
nano inventory

Change the following lines:

[all:vars]
dockerhub_base=ansible
awx_task_hostname=awx
awx_web_hostname=awxweb
postgres_data_dir="/var/lib/pgdocker"
host_port=80
host_port_ssl=443
docker_compose_dir="~/.awx/awxcompose"
pg_username=awx
pg_password=awxpass
pg_database=awx
pg_port=5432
pg_admin_password=password
rabbitmq_password=awxpass
rabbitmq_erlang_cookie=cookiemonster
admin_user=admin
admin_password=password
create_preload_data=True
secret_key=R+kbcDEUS8DlAftAbfWafVqLZ0lUy+Paqo4fEtgp
awx_official=true
awx_alternate_dns_servers="8.8.8.8,8.8.4.4"
project_data_dir=/var/lib/awx/projects

Save and close the file when you are finished. Then, create a directory for Postgres:

mkdir /var/lib/pgdocker

Finally, run the following command to install AWX:

ansible-playbook -i inventory install.yml

Once the installation has been completed successfully, you should get the following output:

skipping: [localhost]

TASK [local_docker : Load web image] **********************************************************************************************************
skipping: [localhost]

TASK [local_docker : Load task image] *********************************************************************************************************
skipping: [localhost]

TASK [local_docker : Set full image path for local install] ***********************************************************************************
skipping: [localhost]

TASK [local_docker : Set DockerHub Image Paths] ***********************************************************************************************
ok: [localhost]

TASK [local_docker : Create ~/.awx/awxcompose directory] **************************************************************************************
changed: [localhost]

TASK [local_docker : Create Docker Compose Configuration] *************************************************************************************
changed: [localhost] => (item=environment.sh)
changed: [localhost] => (item=credentials.py)
changed: [localhost] => (item=docker-compose.yml)
changed: [localhost] => (item=nginx.conf)

TASK [local_docker : Render SECRET_KEY file] **************************************************************************************************
changed: [localhost]

TASK [local_docker : Start the containers] ****************************************************************************************************
changed: [localhost]

TASK [local_docker : Update CA trust in awx_web container] ************************************************************************************
changed: [localhost]

TASK [local_docker : Update CA trust in awx_task container] ***********************************************************************************
changed: [localhost]

PLAY RECAP ************************************************************************************************************************************
localhost                  : ok=14   changed=6    unreachable=0    failed=0    skipped=95   rescued=0    ignored=0   

The above command will create and start all the required Docker containers for AWX. You can verify the running containers with the following command:

docker ps

You should see the following output:

CONTAINER ID        IMAGE                        COMMAND                  CREATED              STATUS              PORTS                                                 NAMES
4b91575d64b1        ansible/awx_task:9.2.0       "/tini -- /bin/sh -c…"   About a minute ago   Up About a minute   8052/tcp                                              awx_task
9827b9831fa5        ansible/awx_web:9.2.0        "/tini -- /bin/sh -c…"   About a minute ago   Up About a minute   0.0.0.0:80->8052/tcp                                  awx_web
47300ec1c26f        postgres:10                  "docker-entrypoint.s…"   About a minute ago   Up About a minute   5432/tcp                                              awx_postgres
166b153faa27        ansible/awx_rabbitmq:3.7.4   "docker-entrypoint.s…"   About a minute ago   Up 58 seconds       4369/tcp, 5671-5672/tcp, 15671-15672/tcp, 25672/tcp   awx_rabbitmq
0f36c9784f74        memcached:alpine             "docker-entrypoint.s…"   About a minute ago   Up About a minute   11211/tcp                                             awx_memcached

Configure SELinux and Firewall

By default, SELinux is enabled in CentOS 8. It is recommended to disable it to work AWX in the Docker environment. You can disable it by editing the following file:

nano /etc/sysconfig/selinux

Find the following line:

SELINUX=enforcing

And, replace it with the following line:

SELINUX=disabled

Save and close the file when you are finished. Then, restart your system to implement the changes. Next, you will need to allow http and https service through firewalld. You can allow them with the following command:

firewall-cmd --zone=public --add-masquerade --permanent
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https

Next, restart the firewalld service to apply the changes:

firewall-cmd --reload

Access AWX Web Interface

Now, open your web browser and type the URL http://your-server-ip. You will be redirected to the AWX login page:

Ansible AWX Login

Provide your admin username and password which you have defined in the inventory file and click on the SIGN IN button. You should see the AWX default dashboard in the following page:

Ansible AWX Interface

Conclusion

Congratulations! you have successfully installed AWX with Docker on CentOS 8. You can now manage and control your Ansible project easily using the AWX web interface.

Share this page:

Suggested articles

14 Comment(s)

Add comment

Comments

By: marian at: 2020-03-21 18:57:21

the below entry is the hashed value for admin passwd or the db passwd ?

secret_key=R+kbcDEUS8DlAftAbfWafVqLZ0lUy+Paqo4fEtgp

By: MrWhiteSays at: 2020-03-27 08:08:05

This hashed value is a secret key generated with openssl to encrypt inventory file...not a password.

By: Christian at: 2020-03-28 18:06:42

missing:dnf install dnf-plugins-coreotherwise this will not work:

dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo

By: Aruna Kumar Badatya at: 2020-04-07 07:15:50

ansible-playbook -i inventory install.yml On above setup Getting below error ERROR! the playbook: install.yml could not be found

By: Zeke at: 2020-04-14 16:06:14

I installed the minimal Centos 8 installation and attempted to follow this guide. I'm getting an error related to the requests module for python 2.6, however, I only have python 3.6 installed and for some reason is attempting to use Python 2.6 libraries.

 

TASK [local_docker : Start the containers] *********************************************************************

fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to import the required Python library (Docker SDK for Python: docker (Python >= 2.7) or docker-py (Python 2.6)) on awx8.thepalace.local's Python /bin/python. Please read module documentation and install in the appropriate location. If the required library is installed, but Ansible is using the wrong Python interpreter, please consult the documentation on ansible_python_interpreter, for example via `pip install docker` or `pip install docker-py` (Python 2.6). The error was: No module named 'requests'"}

By: Ravi at: 2020-04-29 01:29:32

How can I reset the loin admin user password after installation ?

By: Koteswaran at: 2020-05-16 13:06:45

Bro, 

Really great work.. Helped me to configure the new server in just couple of hours..

Much appreciate for the great blog..

By: Jari at: 2020-05-18 15:31:15

I had to do pg_sslmode=disable in the inventory file for this to work. Also it didn't ansible/awx_rabbitmq, but it did install something calle radis.

By: Stephen at: 2020-05-27 12:10:21

Hi

Got as far as this cmd "ansible-playbook -i inventory install.yml"

gave me this error?

Error response from daemon: client version 1.40 is too new. Maximum supported API version is 1.39

 

By: [email protected] at: 2020-08-20 10:57:09

When i do pip3 install docker-compose , I always get failure and i am behind proxy . Is there any other way i can install docker compose offline

By: Chester at: 2020-08-26 14:19:03

Getting this error which stops my installation from completing:

The full traceback is:

  File "/tmp/ansible_docker_compose_payload_i4gqwi29/ansible_docker_compose_payload.zip/ansible/modules/cloud/docker/docker_compose.py", line 791, in cmd_up

  File "/usr/lib/python3.6/site-packages/compose/project.py", line 452, in up

    svc.ensure_image_exists(do_build=do_build)

  File "/usr/lib/python3.6/site-packages/compose/service.py", line 318, in ensure_image_exists

    self.pull()

  File "/usr/lib/python3.6/site-packages/compose/service.py", line 1074, in pull

    output = self.client.pull(repo, tag=tag, stream=True)

  File "/usr/lib/python3.6/site-packages/docker/api/image.py", line 393, in pull

    self._raise_for_status(response)

  File "/usr/lib/python3.6/site-packages/docker/api/client.py", line 224, in _raise_for_status

    raise create_api_error_from_http_exception(e)

  File "/usr/lib/python3.6/site-packages/docker/errors.py", line 31, in create_api_error_from_http_exception

    raise cls(e, response=response, explanation=explanation)

fatal: [localhost]: FAILED! => {

    "changed": false,

    "errors": [],

    "invocation": {

        "module_args": {

            "api_version": "auto",

            "build": false,

            "ca_cert": null,

            "client_cert": null,

            "client_key": null,

            "debug": false,

            "definition": null,

            "dependencies": true,

            "docker_host": "unix://var/run/docker.sock",

            "files": null,

            "hostname_check": false,

            "nocache": false,

            "project_name": null,

            "project_src": "/root/.awx/awxcompose",

            "pull": false,

            "recreate": "smart",

            "remove_images": null,

            "remove_orphans": false,

            "remove_volumes": false,

            "restarted": true,

            "scale": null,

            "services": null,

            "ssl_version": null,

            "state": "present",

            "stopped": false,

            "timeout": 10,

            "tls": false,

            "tls_hostname": "localhost",

            "validate_certs": false

        }

    },

    "module_stderr": "",

    "module_stdout": "",

    "msg": "Error starting project 500 Server Error: Internal Server Error (\"b'Get https://registry-1.docker.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)'\")"

}

 

By: bill dossett at: 2020-08-26 17:03:01

This has worked well for me on the past 3 awx installs - however installing awx14.1 I had to reboot before I could get to the UI, and then the UI says it is upgrading...  I think I may have had to reboot with awx13 as well.  I checked and all 4 docker containers were running, but just would not respond.  Thinking about it, I disabled firewall on my box when your instructions say to configure it - on a private network behind firewall so not really interested in double firewalling on these test boxes - that may have caused the need for reboot.

By: svein at: 2020-08-31 12:04:26

Hi after i have "disabled selinux", i did a reboot of the system, and i can´t ssh into the server again? Anything that i´m missing?

By: barry at: 2020-09-26 02:03:53

hi process did not work for my fith attempt  to day ion 3 types of servers with 5 diferent  sets of instructions     

 

getting   

 

[[email protected] ~]# dnf install docker-ce-3:18.09.1-3.el7 -y

Docker CE Stable - x86_64                                                                                                                                                                                     14 kB/s | 3.8 kB     00:00

No match for argument: docker-ce-3:18.09.1-3.el7

Error: Unable to find a match

under ews server  - thoughts ?