External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-19 05:31:22 -03:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #294 from matburt/official_awx_image_install

Browse Source 
Add support for installing AWX from official images
This commit is contained in:
Matthew Jones 2017-09-26 20:47:14 -04:00 committed by GitHub
commit e1804400ec
7 changed files with 238 additions and 181 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
INSTALL.md
View File

@ -10,6 +10,7 @@ This document provides a guide for installing AWX.
- [Prerequisites](#prerequisites)
- [AWX Tunables](#awx-tunables)
- [Choose a deployment platform](#choose-a-deployment-platform)
- [Official vs Building Images](#official-vs-building-images)
- [OpenShift](#openshift)
- [Prerequisites](#prerequisites)
- [Deploying to Minishift](#deploying-to-minishift)
@ -66,6 +67,27 @@ The [installer](./installer) directory contains an [inventory](./installer/inven
In the sections below, you'll find deployment details and instructions for each platform. To deploy to Docker, view the [Docker section](#docker), and for OpenShift, view the [OpenShift section](#openshift).
### Official vs Building Images
When installing AWX you have the option of building your own images or using the images provided on DockerHub (see [awx_web](https://hub.docker.com/r/ansible/awx_web/) and [awx_task](https://hub.docker.com/r/ansible/awx_task/))
This is controlled by the following variables in the `inventory` file
```
dockerhub_base=ansible
dockerhub_version=latest
```
If these variables are present then all deployments will use these hosted images. If the variables are not present then the images will be built during the install.
*dockerhub_base*
> The base location on DockerHub where the images are hosted (by default this pulls container images named `ansible/awx_web:tag` and `ansible/awx_task:tag`)
*dockerhub_version*
> Multiple versions are provided. `latest` always pulls the most recent. You may also select version numbers at different granularities: 1, 1.0, 1.0.1, 1.0.0.123
## OpenShift
### Prerequisites
@ -111,15 +133,15 @@ Before starting the build process, review the [inventory](./installer/inventory)
*docker_registry*
> IP address and port, or URL, for accessing a registry that the OpenShift cluster can access. Defaults to *172.30.1.1:5000*, the internal registry delivered with Minishift.
> IP address and port, or URL, for accessing a registry that the OpenShift cluster can access. Defaults to *172.30.1.1:5000*, the internal registry delivered with Minishift. This is not needed if you are using official hosted images.
n
*docker_registry_repository*
> Namespace to use when pushing and pulling images to and from the registry. Generally this will match the project name. It defaults to *awx*.
> Namespace to use when pushing and pulling images to and from the registry. Generally this will match the project name. It defaults to *awx*. This is not needed if you are using official hosted images.
*docker_registry_username*
> Username of the user that will push images to the registry. Will generally match the *openshift_user* value. Defaults to *developer*.
> Username of the user that will push images to the registry. Will generally match the *openshift_user* value. Defaults to *developer*. This is not needed if you are using official hosted images.
#### PostgreSQL
@ -135,7 +157,7 @@ To start the build, you will pass two *extra* variables on the command line. The
If you're using the OpenShift internal registry, then you'll pass an access token for the *docker_registry_password* value, rather than a password. The `oc whoami -t` command will generate the required token, as long as you're logged into the cluster via `oc cluster login`.
To start the build and deployment, run the following:
To start the build and deployment, run the following (docker_registry_password is optional if using official images):
```bash
# Start the build and deployment
@ -266,6 +288,8 @@ awx-server
In the above example, image build tasks will be delegated to `localhost`, which is typically where the clone of the AWX project exists. Built images will be archived, copied to remote host, and imported into the remote Docker image cache. Tasks to start the AWX containers will then execute on the remote host.
If you choose to use the official images then the remote host will be the one to pull those images.
**Note**
> You may also want to set additional variables to control how Ansible connects to the host. For more information about this, view [Behavioral Inventory Parameters](http://docs.ansible.com/ansible/latest/intro_inventory.html#id12).
@ -304,6 +328,10 @@ If you wish to tag and push built images to a Docker registry, set the following
> Username of the user that will push images to the registry. Defaults to *developer*.
**Note**
> These settings are ignored if using official images
#### Proxy settings
@ -337,7 +365,7 @@ $ cd installer
$ ansible-playbook -i inventory install.yml
```
If you're pushing built images to a repository, then use the `-e` option to pass the registry password as follows, replacing *password* with the password of the username assigned to `docker_registry_username`:
If you're pushing built images to a repository, then use the `-e` option to pass the registry password as follows, replacing *password* with the password of the username assigned to `docker_registry_username` (note that you will also need to remove `dockerhub_base` and `dockerhub_version` from the inventory file):
```bash
# Set the working directory to installer

10
installer/check_vars/tasks/check_openshift.yml
View File

@ -24,26 +24,30 @@
- awx_node_port is defined and awx_node_port != ''
msg: "Set the value of 'awx_node_port' in the inventory file."
- name: docker_registry should be defined
- name: docker_registry should be defined if not using dockerhub
assert:
that:
- docker_registry is defined and docker_registry != ''
msg: "Set the value of 'docker_registry' in the inventory file."
when: dockerhub_base is not defined
- name: docker_registry_repository should be defined
- name: docker_registry_repository should be defined if not using dockerhub
assert:
that:
- docker_registry_repository is defined and docker_registry_repository != ''
msg: "Set the value of 'docker_registry_repository' in the inventory file."
when: dockerhub_base is not defined
- name: docker_registry_username should be defined
- name: docker_registry_username should be defined if not using dockerhub
assert:
that:
- docker_registry_username is defined and docker_registry_username != ''
msg: "Set the value of 'docker_registry_username' in the inventory file."
when: dockerhub_base is not defined
- name: docker_registry_password should be defined
assert:
that:
- docker_registry_password is defined and docker_registry_password != ''
msg: "Set the value of 'docker_registry_password' in the inventory file."
when: dockerhub_base is not defined

10
installer/image_build/tasks/main.yml
View File

@ -16,14 +16,14 @@
delegate_to: localhost
register: logosdir
failed_when: logosdir.stat.isdir is not defined or not logosdir.stat.isdir
when: awx_official
when: awx_official|default(false)|bool
- name: Copy logos for inclusion in sdist
copy:
src: "../../awx-logos/awx/ui/client/assets"
dest: "../awx/ui/client/"
delegate_to: localhost
when: awx_official
when: awx_official|default(false)|bool
- name: Set sdist file name
set_fact:
@ -59,7 +59,7 @@
tag: "{{ awx_version }}"
force: true
delegate_to: localhost
when: use_container_for_build|bool
when: use_container_for_build|default(true)|bool
- name: Build AWX distribution using container
docker_container:
@ -74,14 +74,14 @@
volumes:
- ../:/awx:Z
delegate_to: localhost
when: use_container_for_build|bool
when: use_container_for_build|default(true)|bool
- name: Build AWX distribution locally
shell: make sdist
args:
chdir: ..
delegate_to: localhost
when: not use_container_for_build|bool
when: not use_container_for_build|default(true)|bool
- name: Set docker build base path
set_fact:

2
installer/install.yml
View File

@ -4,7 +4,7 @@
gather_facts: false
roles:
- { role: check_vars }
- { role: image_build }
- { role: image_build, when: "dockerhub_base is not defined" }
- { role: openshift, when: "openshift_host is defined" }
- { role: local_docker, when: "openshift_host is not defined" }

55
installer/inventory
View File

@ -2,26 +2,22 @@ localhost ansible_connection=local ansible_python_interpreter="/usr/bin/env pyth
[all:vars]
# Remove these lines if you want to run a local image build
# Otherwise the setup playbook will install the official Ansible images. Versions may
# be selected based on: latest, 1, 1.0, 1.0.0, 1.0.0.123
# by default the base will be used to search for ansible/awx_web and ansible/awx_task
dockerhub_base=ansible
dockerhub_version=latest
# This will create or update a default admin (superuser) account in AWX, if not provided
# then these default values are used
# default_admin_user=admin
# default_admin_password=password
# Use a local distribution build container image for building the AWX package
# This is helpful if you don't want to bother installing the build-time dependencies as
# it is taken care of already.
# NOTE: IMPORTANT: If you are running a mininshift install, using this container might not work
# if you are using certain drivers like KVM where the source tree can't be mapped
# into the build container.
# Thus this setting must be set to False which will trigger a local build. To view the
# typical dependencies that you might need to install see:
# installer/image_build/files/Dockerfile.sdist
use_container_for_build=true
# Build AWX with official logos
# Requires cloning awx-logos repo into the project root.
# Review the trademark guidelines at https://github.com/ansible/awx-logos/blob/master/TRADEMARKS.md
awx_official=false
# AWX Secret key
# It's *very* important that this stay the same between upgrades or you will lose the ability to decrypt
# your credentials
awx_secret_key=awxsecret
# Openshift Install
# Will need to set -e openshift_password=developer -e docker_registry_password=$(oc whoami -t)
@ -34,25 +30,38 @@ awx_official=false
postgres_data_dir=/tmp/pgdocker
host_port=80
# Required for Openshift (unless you use an external registry), Optional for Standalone Docker install
# Define if you want the image pushed to a registry. The container definition
# will also use these images
# Required for Openshift when building the image on your own
# Optional for Openshift if using Dockerhub or another prebuilt registry
# Required for Standalone Docker Install if building the image on your own
# Optional for Standalone Docker Install if using Dockerhub or another prebuilt registry
# Define if you want the image pushed to a registry. The container definition will also use these images
# docker_registry=172.30.1.1:5000
# docker_registry_repository=awx
# docker_registry_username=developer
# Set pg_hostname if you have an external postgres server, otherwise
# a new ephemeral postgres service will be created
# a new postgres service will be created
# pg_hostname=postgresql
pg_username=awx
pg_password=awxpass
pg_database=awx
pg_port=5432
# AWX Secret key
# It's *very* important that this stay the same between upgrades or you will use the ability to decrypt
# your credentials
awx_secret_key=awxsecret
# Use a local distribution build container image for building the AWX package
# This is helpful if you don't want to bother installing the build-time dependencies as
# it is taken care of already.
# NOTE: IMPORTANT: If you are running a mininshift install, using this container might not work
# if you are using certain drivers like KVM where the source tree can't be mapped
# into the build container.
# Thus this setting must be set to False which will trigger a local build. To view the
# typical dependencies that you might need to install see:
# installer/image_build/files/Dockerfile.sdist
# use_container_for_build=true
# Build AWX with official logos
# Requires cloning awx-logos repo into the project root.
# Review the trademark guidelines at https://github.com/ansible/awx-logos/blob/master/TRADEMARKS.md
# awx_official=false
# Proxy
#http_proxy=http://proxy:3128

193
installer/local_docker/tasks/main.yml
View File

@ -1,99 +1,106 @@
---
- name: Export Docker web image if it isnt local and there isnt a registry defined
docker_image:
name: "{{ awx_web_image }}"
tag: "{{ awx_version }}"
archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_web_image }}_{{ awx_version }}.tar"
when: inventory_hostname != "localhost" and docker_registry is not defined
delegate_to: localhost
- name: Manage AWX Container Images
block:
- name: Export Docker web image if it isnt local and there isnt a registry defined
docker_image:
name: "{{ awx_web_image }}"
tag: "{{ awx_version }}"
archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_web_image }}_{{ awx_version }}.tar"
when: inventory_hostname != "localhost" and docker_registry is not defined
delegate_to: localhost
- name: Export Docker task image if it isnt local and there isnt a registry defined
docker_image:
name: "{{ awx_task_image }}"
tag: "{{ awx_version }}"
archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_task_image }}_{{ awx_version }}.tar"
when: inventory_hostname != "localhost" and docker_registry is not defined
delegate_to: localhost
- name: Export Docker task image if it isnt local and there isnt a registry defined
docker_image:
name: "{{ awx_task_image }}"
tag: "{{ awx_version }}"
archive_path: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_task_image }}_{{ awx_version }}.tar"
when: inventory_hostname != "localhost" and docker_registry is not defined
delegate_to: localhost
- name: Authenticate with Docker registry if registry password given
docker_login:
registry: "{{ docker_registry }}"
username: "{{ docker_registry_username }}"
password: "{{ docker_registry_password }}"
reauthorize: yes
when: docker_registry is defined and docker_registry_password is defined
delegate_to: localhost
- name: Authenticate with Docker registry if registry password given
docker_login:
registry: "{{ docker_registry }}"
username: "{{ docker_registry_username }}"
password: "{{ docker_registry_password }}"
reauthorize: yes
when: docker_registry is defined and docker_registry_password is defined
delegate_to: localhost
- name: Set docker base path
- name: Set docker base path
set_fact:
docker_deploy_base_path: "{{ awx_base_path|default('/tmp') }}/docker_deploy"
when: ansible_connection != "local" and docker_registry is not defined
- name: Ensure directory exists
file:
path: "{{ docker_deploy_base_path }}"
state: directory
when: ansible_connection != "local" and docker_registry is not defined
- name: Copy web image to docker execution
copy:
src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_web_image }}_{{ awx_version }}.tar"
dest: "{{ docker_deploy_base_path }}/{{ awx_web_image }}_{{ awx_version }}.tar"
when: ansible_connection != "local" and docker_registry is not defined
- name: Copy task image to docker execution
copy:
src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_task_image }}_{{ awx_version }}.tar"
dest: "{{ docker_deploy_base_path }}"
when: ansible_connection != "local" and docker_registry is not defined
- name: Load web image
docker_image:
name: "{{ awx_web_image }}"
tag: "{{ awx_version }}"
load_path: "{{ docker_deploy_base_path }}/{{ awx_web_image }}_{{ awx_version }}.tar"
timeout: 300
when: ansible_connection != "local" and docker_registry is not defined
- name: Load task image
docker_image:
name: "{{ awx_task_image }}"
tag: "{{ awx_version }}"
load_path: "{{ docker_deploy_base_path }}/{{ awx_task_image }}_{{ awx_version }}.tar"
timeout: 300
when: ansible_connection != "local" and docker_registry is not defined
- name: Tag and push web image to registry
docker_image:
name: "{{ awx_web_image }}"
repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}"
tag: "{{ awx_version }}"
push: yes
when: docker_registry is defined
delegate_to: localhost
- name: Tag and push task image to registry
docker_image:
name: "{{ awx_task_image }}"
repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}"
tag: "{{ awx_version }}"
push: yes
when: docker_registry is defined
delegate_to: localhost
- name: Set full image path for Registry
set_fact:
awx_web_docker_actual_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}"
awx_task_docker_actual_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}"
when: docker_registry is defined
- name: Set full image path for local install
set_fact:
awx_web_docker_actual_image: "{{ awx_web_image }}:{{ awx_version }}"
awx_task_docker_actual_image: "{{ awx_task_image }}:{{ awx_version }}"
when: docker_registry is not defined
when: dockerhub_base is not defined
- name: Set DockerHub Image Paths
set_fact:
docker_deploy_base_path: "{{ awx_base_path|default('/tmp') }}/docker_deploy"
when: ansible_connection != "local" and docker_registry is not defined
- name: Ensure directory exists
file:
path: "{{ docker_deploy_base_path }}"
state: directory
when: ansible_connection != "local" and docker_registry is not defined
- name: Copy web image to docker execution
copy:
src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_web_image }}_{{ awx_version }}.tar"
dest: "{{ docker_deploy_base_path }}/{{ awx_web_image }}_{{ awx_version }}.tar"
when: ansible_connection != "local" and docker_registry is not defined
- name: Copy task image to docker execution
copy:
src: "{{ awx_local_base_config_path|default('/tmp') }}/{{ awx_task_image }}_{{ awx_version }}.tar"
dest: "{{ docker_deploy_base_path }}"
when: ansible_connection != "local" and docker_registry is not defined
- name: Load web image
docker_image:
name: "{{ awx_web_image }}"
tag: "{{ awx_version }}"
load_path: "{{ docker_deploy_base_path }}/{{ awx_web_image }}_{{ awx_version }}.tar"
timeout: 300
when: ansible_connection != "local" and docker_registry is not defined
- name: Load task image
docker_image:
name: "{{ awx_task_image }}"
tag: "{{ awx_version }}"
load_path: "{{ docker_deploy_base_path }}/{{ awx_task_image }}_{{ awx_version }}.tar"
timeout: 300
when: ansible_connection != "local" and docker_registry is not defined
- name: Tag and push web image to registry
docker_image:
name: "{{ awx_web_image }}"
repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}"
tag: "{{ awx_version }}"
push: yes
when: docker_registry is defined
delegate_to: localhost
- name: Tag and push task image to registry
docker_image:
name: "{{ awx_task_image }}"
repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}"
tag: "{{ awx_version }}"
push: yes
when: docker_registry is defined
delegate_to: localhost
- name: Set full image path for Registry
set_fact:
awx_web_docker_actual_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}"
awx_task_docker_actual_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}"
when: docker_registry is defined
- name: Set full image path for local install
set_fact:
awx_web_docker_actual_image: "{{ awx_web_image }}"
awx_task_docker_actual_image: "{{ awx_task_image }}"
when: docker_registry is not defined
## Docker-compose instead?
awx_web_docker_actual_image: "{{ dockerhub_base }}/awx_web:{{ dockerhub_version }}"
awx_task_docker_actual_image: "{{ dockerhub_base }}/awx_task:{{ dockerhub_version }}"
when: dockerhub_base is defined
- name: Activate postgres container
docker_container:
@ -173,7 +180,7 @@
name: awx_web
state: started
restart_policy: unless-stopped
image: "{{ awx_web_docker_actual_image }}:{{ awx_version }}"
image: "{{ awx_web_docker_actual_image }}"
user: root
ports:
- "{{ host_port }}:8052"
@ -201,7 +208,7 @@
name: awx_task
state: started
restart_policy: unless-stopped
image: "{{ awx_task_docker_actual_image }}:{{ awx_version }}"
image: "{{ awx_task_docker_actual_image }}"
links: "{{ awx_task_container_links|list }}"
user: root
hostname: awx

109
installer/openshift/tasks/main.yml
View File

@ -21,50 +21,69 @@
- name: Mark Openshift User as Admin
shell: "oc adm policy add-role-to-user admin {{ openshift_user }} -n {{ awx_openshift_project }}"
- name: Get docker registry password from oc if needed
- name: Manage AWX Container Images
block:
- name: Set docker registry password
shell: oc whoami -t
register: docker_registry_password_shell
- name: Set docker registry password
- name: Get docker registry password from oc if needed
block:
- name: Set docker registry password
shell: oc whoami -t
register: docker_registry_password_shell
- name: Set docker registry password
set_fact:
docker_registry_password: "{{ docker_registry_password_shell.stdout }}"
when: docker_registry_password is not defined
- name: Authenticate with Docker registry
docker_login:
registry: "{{ docker_registry }}"
username: "{{ docker_registry_username }}"
password: "{{ docker_registry_password }}"
reauthorize: yes
when: docker_registry is defined and docker_registry_password is defined
delegate_to: localhost
- name: Wait for Openshift
pause:
seconds: 30
- name: Tag and push web image to registry
docker_image:
name: "{{ awx_web_image }}"
repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}"
tag: "{{ awx_version }}"
push: yes
when: docker_registry is defined
delegate_to: localhost
- name: Wait for openshift
pause:
seconds: 10
- name: Tag and push task image to registry
docker_image:
name: "{{ awx_task_image }}"
repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}"
tag: "{{ awx_version }}"
push: yes
when: docker_registry is defined
delegate_to: localhost
- name: Set full web image path
set_fact:
docker_registry_password: "{{ docker_registry_password_shell.stdout }}"
when: docker_registry_password is not defined
awx_web_openshift_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}:{{ awx_version }}"
when: awx_web_openshift_image is not defined
- name: Authenticate with Docker registry
docker_login:
registry: "{{ docker_registry }}"
username: "{{ docker_registry_username }}"
password: "{{ docker_registry_password }}"
reauthorize: yes
when: docker_registry is defined and docker_registry_password is defined
delegate_to: localhost
- name: Set full task image path
set_fact:
awx_task_openshift_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}:{{ awx_version }}"
when: awx_task_openshift_image is not defined
when: dockerhub_base is not defined
- name: Wait for Openshift
pause:
seconds: 30
- name: Tag and push web image to registry
docker_image:
name: "{{ awx_web_image }}"
repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}"
tag: "{{ awx_version }}"
push: yes
when: docker_registry is defined
delegate_to: localhost
- name: Wait for openshift
pause:
seconds: 10
- name: Tag and push task image to registry
docker_image:
name: "{{ awx_task_image }}"
repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}"
tag: "{{ awx_version }}"
push: yes
when: docker_registry is defined
delegate_to: localhost
- name: Set DockerHub Image Paths
set_fact:
awx_web_openshift_image: "{{ dockerhub_base }}/awx_web:{{ dockerhub_version }}"
awx_task_openshift_image: "{{ dockerhub_base }}/awx_task:{{ dockerhub_version }}"
when: dockerhub_base is defined
- name: Deploy and Activate Postgres
shell: "oc new-app --template=postgresql-persistent -e MEMORY_LIMIT={{ pg_memory_limit|default('512') }}Mi -e NAMESPACE=openshift -e DATABASE_SERVICE_NAME=postgresql -e POSTGRESQL_USER={{ pg_username }} -e POSTGRESQL_PASSWORD={{ pg_password }} -e POSTGRESQL_DATABASE={{ pg_database }} -e VOLUME_CAPACITY={{ pg_volume_capacity|default('5')}}Gi -e POSTGRESQL_VERSION=9.5 -n {{ awx_openshift_project }}"
@ -76,16 +95,6 @@
seconds: 15
when: openshift_pg_activate|changed
- name: Set full web image path
set_fact:
awx_web_openshift_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_web_image }}:{{ awx_version }}"
when: awx_web_openshift_image is not defined
- name: Set full task image path
set_fact:
awx_task_openshift_image: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ awx_task_image }}:{{ awx_version }}"
when: awx_task_openshift_image is not defined
- name: Set openshift base path
set_fact:
openshift_base_path: "{{ awx_local_base_config_path|default('/tmp') }}/awx-config"