Ansible Tower (Red Hat® Ansible® Tower) is web based GUI tool with which you can managing your infrastructure centrally and control most aspects of infrastructure that we otherwise would manage via Ansible command line (CLI Ansible core) or with any other configuration tool similar to Puppet,Chef etc.
So it give you a easy way to manage job,project,template,inventory,audit and much more from Tower Dashboard.
Main feature that make Ansible Tower :
- Clean dashboard
- Manage inventory dynamically
- Real time Job status
- Job scheduling
- Integrate internal notification
- Role base access control (RABAC)
- Tower multi node cluster as per need of workload
- Audit job and Tower resource
- Adhok remote command access (built in module)
- Store credential safely for different tool
- REST API to take it further
- Self- service UI
Tower is actively been supported and new product release come from time to time a per release cycle , It ideal for mission critical production environment which can never wait for community based tool for support like Ansible AWX.
Ansible Tower have below prerequisites:
- Support OS (64-bit): RHEL6/7/8 (Preferred OS), CentOS 6/7/8
- Ansible Installed
- 2 GB RAM
- Root access and internet
Ansible Tower steps for instillation on RHEL server
# Configure EPEL repository
yum install -y epel-release
# OS package
yum install wget curl tree vim ansible -y
# Download latest Ansible Tower tar bundle and extract
wget -P /opt https://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-latest.tar.gz
cd /opt; tar xvf ansible-tower-setup-latest.tar.gz
mv ansible-tower-setup* ansible-tower
cd ansible-tower/
In inventory file for a single standalone tower setup (non-cluster), just update “admin_password”, “pg_password”. That’s all you need to do.
vim /opt/ansible-tower/inventory
[tower]
localhost ansible_connection=local[database]
[all:vars]
admin_password=’Admin_psswd’pg_host=’’
pg_port=’’pg_database=’awx’
pg_username=’awx’
pg_password=’DB_passwd’
pg_sslmode=’prefer’ # set to ‘verify-full’ for client-side enforced SSL# Isolated Tower nodes automatically generate an RSA key for authentication;
# To disable this behavior, set this value to false
# isolated_key_generation=true …
sudo ./setup.sh
Once setup finish you will be able to access Tower on IP address on server, https://IPAddress/
Note: Default user name to login will be admin (admin_password) and password will be value set in inventory file for admin_password.
Now you have to enter license detail before you can use Tower, there are two ways to enter license detail:
- Browse license file (that you have acquired from RedHat)
- Login with your RedHat account (for a free trail license)
Since we are evaluating we will go with second option.(You must have a RedHat account, free Redhat account will do)
What do i get with Ansible Tower evaluation license?
- 30 days of a valid enterprise license
- 100 host you can manage with this free license
You may check service status that should be running now:
- supervisorctl status
- ansible-tower-service status
You will see multiple service in running, namely:
- ansible-tower.service — Ansible Tower service
- redis.service — Redis persistent key-value database service
- nginx.service — Nginx HTTP and reverse proxy server service
- memcached.service — Memcached caching daemon service
- supervisord.service — Process Monitoring and Control Daemon service
Once you find above service running fine, you tower setup is all done.
Ansible Tower have well written REST API, which make automation more easy and interesting to play with.