部署Ansible Tower | Jack Wang Blog

Ansible Tower (以前叫’AWX’)是能够帮助任何IT团队更容易使用Ansible的解决方案。该方案基于web
Tower允许对用户进行权限控制，即使某用户不能传送某SSH凭证，你也可以通过Tower来对该用户共享该凭证。我们可以通过图形化界面来管理Inventory，也可以对各种各样的云资源做同步。Tower可以记录所有job的日志，也可以与LDAP集成，并且拥有强大的可浏览的REST API。Tower也提供了命令行工具，可以与Jenkins轻松集成。Provisioning回调对自动伸缩拓扑图提供了强大的支持

Tower的免费版本最多支持10个节点，并且Ansible公司会提供强大的支持。可以用Ansible playbook来安装Tower，ansible的版本为1.7x或更高版本
安装要求：内存>=2GB,/var >=10GB。否则会安装失败

官网地址：https://www.ansible.com/tower
下载地址(下载免费控制10个机器的授权)：https://www.ansible.com/license
ansible-tower各个版本下载地址
目前最新版为3.1.0要求：RHEL 7, CentOS 7, or Ubuntu 14.04 LTS or 16.04 LTS, and requires Ansible Core 2.1.X or later.
我这里系统是Centos 6.6，所以只能用Tower-3.0.3及以前的版本

安装前检查：

python版本为2.6
保持网络畅通
内存预留充足，内存>=2GB,/var >=10GB
安装用户为root

环境：Centos 6.6
　　　ansible 2.2.1.0

安装Tower
Ansible tower包含一个简单的基于文本的配置向导来配置安装你的tower，安装Tower需要使用到postgresql数据库

#配置yum源
注意:除了光盘源外还需要extra(CentOS-Base.repo)
#CentOS-Base.repo源
[root@Ansible ~]# cd /etc/yum.repos.d/
[root@Ansible yum.repos.d]# cat CentOS-Base.repo 
[base]
name=CentOS-$releasever - Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
#released updates 
[updates]
name=CentOS-$releasever - Updates
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/contrib/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
[root@Ansible yum.repos.d]#

#Ansible-Tower的yum源
[root@Ansible yum.repos.d]# cat Ansible-Tower.repo 
[Ansible-Tower]
name=Ansible Tower Repository - $releasever $basearch
baseurl=http://releases.ansible.com/ansible-tower/rpm/epel-6-$basearch
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ansible-release
[root@Ansible yum.repos.d]#

[root@Ansible yum.repos.d]# cat yum.repo 
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/6/$basearch/
gpgcheck=0
enabled=1
  
[webtatic]
name=Webtatic Repository EL6 - $basearch
baseurl=http://repo.webtatic.com/yum/el6/$basearch/
#mirrorlist=http://mirror.webtatic.com/yum/el6/$basearch/mirrorlist
failovermethod=priority
enabled=1
gpgcheck=0
[epel] 
name=Extra Packages for Enterprise Linux 6 - $basearch 
baseurl=http://mirrors.aliyun.com/epel/6/$basearch 
http://mirrors.aliyuncs.com/epel/6/$basearch 
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch 
failovermethod=priority 
enabled=1 
gpgcheck=0
[remi]
name=Les RPM de remi pour Enterprise Linux 6 - $basearch
#baseurl=http://rpms.famillecollet.com/enterprise/6/remi/$basearch/
mirrorlist=http://rpms.famillecollet.com/enterprise/6/remi/mirror
enabled=1
gpgcheck=0

#安装Tower
[root@Ansible ~]# wget https://releases.ansible.com/awx/setup/ansible-tower-setup-3.0.3.tar.gz
[root@Ansible ~]# tar -zxf ansible-tower-setup-3.0.3.tar.gz
[root@Ansible ~]# cd ansible-tower-setup-3.0.3
[root@Ansible ansible-tower-setup-3.0.3]# ./setup.sh

#安装到一半如果在这里报错，是因为连不上数据库，启动postgresql即可
TASK [awx_install : Migrate the Tower database schema (may take awhile when upgrading).] ***
#解决办法
[root@Ansible ~]# service postgresql-9.4 initdb
[root@Ansible ~]# service postgresql-9.4 start
[root@Ansible ~]# chkconfig postgresql on
#创建用户
[root@Ansible ~]# id postgres
uid=26(postgres) gid=26(postgres) groups=26(postgres)
[root@Ansible ~]# su - postgres
-bash-4.1$ psql
psql (9.4.11)
Type "help" for help.
postgres=# CREATE ROLE awx CREATEDB PASSWORD 'admin' LOGIN; 
CREATE ROLE
postgres=# \q
-bash-4.1$ exit
logout
[root@Ansible ~]# sed -i 's#peer#md5#g' /var/lib/pgsql/9.4/data/pg_hba.conf
[root@Ansible ~]# sed -i 's#ident#md5#g' /var/lib/pgsql/9.4/data/pg_hba.conf
[root@Ansible ~]# service postgresql-9.4 restart
Stopping postgresql-9.4 service:                           [  OK  ]
Starting postgresql-9.4 service:                           [  OK  ]
[root@Ansible ~]#

测试awx用户连接，输入密码连接，并创建数据库
[root@Ansible ~]# psql -U awx -d postgres -h 127.0.0.1
Password for user awx: 
psql (9.4.11)
Type "help" for help.
postgres=> create database awx;
CREATE DATABASE
postgres=> \q
[root@Ansible ~]#

再次./setup.sh进行安装tower

#inventory配置
[root@Ansible ansible-tower-setup-3.0.3]# grep -v ^$ inventory
[primary]
localhost ansible_connection=local
[secondary]
[database]
[all:vars]
admin_password='admin'
redis_password='1234567'
pg_host='127.0.0.1'
pg_port='5432'
pg_database='awx'
pg_username='awx'
pg_password='admin'
[root@Ansible ansible-tower-setup-3.0.3]#
[root@Ansible ansible-tower-setup-3.0.3]# ./setup.sh
···
The setup process completed successfully.

访问http://ip/ 打开Ansible Tower Dashboard

安装成功

参考：http://www.jianshu.com/p/1c6aa6ceeca6

本文出自”Jack Wang Blog”：http://www.yfshare.vip/2017/03/07/部署Ansible-Tower/