====== Installation AWX Debian ======
{{tag>devop ansible AWX installation}}
Nous allons installer AWX sur un serveur Debian, sans container. La version fonctionnelle sous Debian est la 15.01, donc une version assez ancienne.
===== Installation paquets =====
Nous installons les paquets nécessaires
sudo aptitude install postgresql nginx apt-transport-https gnupg2
===== Dépôt AWX =====
Nous importons la clé du dépôt
wget -qO - https://people.debian.org/~kapouer/apt/kapouer.asc | sudo apt-key add -
Nous ajoutons le dépôt AWX
echo "deb https://people.debian.org/~kapouer/apt/awx/ buster contrib" | sudo tee -a etc/apt/sources.list.d/awx.list
À titre d’information, les dépendances d’AWX
apt depends awx
awx
Dépend: libc6 (>= 2.28)
Dépend: libcap2 (>= 1:2.10)
Dépend: libgcc1 (>= 1:3.0)
Dépend: libldap-2.4-2 (>= 2.4.11)
Dépend: libpcre3
Dépend: libpq5 (>= 10~~)
Dépend: libpython3.7 (>= 3.7.0)
Dépend: libssl1.1 (>= 1.1.0)
Dépend: libstdc++6 (>= 4.1.1)
Dépend: libxml2 (>= 2.7.4)
Dépend: libxmlsec1 (>= 1.2.27)
Dépend: libxmlsec1-openssl (>= 1.2.27)
Dépend: libxslt1.1 (>= 1.1.25)
Dépend: libyaml-0-2
Dépend: zlib1g (>= 1:1.2.0)
Dépend: adduser
Dépend: git
Dépend: swig
Dépend: pwgen
Dépend: python
Dépend: redis
Dépend: sudo
sudo-ldap
Nous installons AWX
sudo aptitude update && sudo aptitude install awx
===== Création base de données =====
Nous créons l'utilisateur et la base de données Postgresql
sudo -u postgres createuser -S awx
sudo -u postgres createdb -O awx awx
Nous copions et adaptons les fichiers de base de données et d'ID cluster
sudo cp -v /etc/awx/conf.d/database.py.sample /etc/awx/conf.d/database.py
sudo cp -v /etc/awx/conf.d/cluster_id.py.sample /etc/awx/conf.d/cluster_id.py
Nous créons les schémas de la base de données
sudo -u awx awx-manage migrate
Si vous avez ce message d'erreur
ModuleNotFoundError: No module named 'distutils.dir_util'
Il faut installer python3-distutils
sudo aptitude install python3-distutils
L'opération de peuplement de la base a cette forme
Operations to perform:
Apply all migrations: auth, conf, contenttypes, main, oauth2_provider, sessions, sites, social_django, sso, taggit
Running migrations:
Applying contenttypes.0001_initial... OK
Applying contenttypes.0002_remove_content_type_name... OK
Applying taggit.0001_initial... OK
Applying taggit.0002_auto_20150616_2121... OK
Applying auth.0001_initial... OK
Applying main.0001_initial... OK
Applying main.0002_squashed_v300_release... OK
Applying main.0003_squashed_v300_v303_updates... OK
Applying main.0004_squashed_v310_release... OK
Applying conf.0001_initial... OK
Applying conf.0002_v310_copy_tower_settings... OK
Applying main.0005_squashed_v310_v313_updates... OK
Applying main.0006_v320_release... OK
Applying main.0007_v320_data_migrations... OK
Applying main.0008_v320_drop_v1_credential_fields... OK
Applying main.0009_v322_add_setting_field_for_activity_stream... OK
Applying main.0010_v322_add_ovirt4_tower_inventory... OK
Applying main.0011_v322_encrypt_survey_passwords... OK
Applying main.0012_v322_update_cred_types... OK
Applying main.0013_v330_multi_credential... OK
Applying auth.0002_alter_permission_name_max_length... OK
Applying auth.0003_alter_user_email_max_length... OK
Applying auth.0004_alter_user_username_opts... OK
Applying auth.0005_alter_user_last_login_null... OK
Applying auth.0006_require_contenttypes_0002... OK
Applying auth.0007_alter_validators_add_error_messages... OK
Applying auth.0008_alter_user_username_max_length... OK
Applying auth.0009_alter_user_last_name_max_length... OK
Applying auth.0010_alter_group_name_max_length... OK
Applying auth.0011_update_proxy_permissions... OK
Applying conf.0003_v310_JSONField_changes... OK
Applying conf.0004_v320_reencrypt... OK
Applying conf.0005_v330_rename_two_session_settings... OK
Applying conf.0006_v331_ldap_group_type... OK
Applying conf.0007_v380_rename_more_settings... OK
Applying sessions.0001_initial... OK
Applying main.0014_v330_saved_launchtime_configs... OK
Applying main.0015_v330_blank_start_args... OK
Applying main.0016_v330_non_blank_workflow... OK
Applying main.0017_v330_move_deprecated_stdout... OK
Applying main.0018_v330_add_additional_stdout_events... OK
Applying main.0019_v330_custom_virtualenv... OK
Applying main.0020_v330_instancegroup_policies... OK
Applying main.0021_v330_declare_new_rbac_roles... OK
Applying main.0022_v330_create_new_rbac_roles... OK
Applying main.0023_v330_inventory_multicred... OK
Applying main.0024_v330_create_user_session_membership... OK
Applying main.0025_v330_add_oauth_activity_stream_registrar... OK
Applying oauth2_provider.0001_initial... OK
Applying main.0026_v330_delete_authtoken... OK
Applying main.0027_v330_emitted_events... OK
Applying main.0028_v330_add_tower_verify... OK
Applying main.0030_v330_modify_application... OK
Applying main.0031_v330_encrypt_oauth2_secret... OK
Applying main.0032_v330_polymorphic_delete... OK
Applying main.0033_v330_oauth_help_text... OK
Applying main.0034_v330_delete_user_role... OK
Applying main.0035_v330_more_oauth2_help_text... OK
Applying main.0036_v330_credtype_remove_become_methods... OK
Applying main.0037_v330_remove_legacy_fact_cleanup... OK
Applying main.0038_v330_add_deleted_activitystream_actor... OK
Applying main.0039_v330_custom_venv_help_text... OK
Applying main.0040_v330_unifiedjob_controller_node... OK
Applying main.0041_v330_update_oauth_refreshtoken... OK
Applying main.0042_v330_org_member_role_deparent... OK
Applying main.0043_v330_oauth2accesstoken_modified... OK
Applying main.0044_v330_add_inventory_update_inventory... OK
Applying main.0045_v330_instance_managed_by_policy... OK
Applying main.0046_v330_remove_client_credentials_grant... OK
Applying main.0047_v330_activitystream_instance... OK
Applying main.0048_v330_django_created_modified_by_model_name... OK
Applying main.0049_v330_validate_instance_capacity_adjustment... OK
Applying main.0050_v340_drop_celery_tables... OK
Applying main.0051_v340_job_slicing... OK
Applying main.0052_v340_remove_project_scm_delete_on_next_update... OK
Applying main.0053_v340_workflow_inventory... OK
Applying main.0054_v340_workflow_convergence... OK
Applying main.0055_v340_add_grafana_notification... OK
Applying main.0056_v350_custom_venv_history... OK
Applying main.0057_v350_remove_become_method_type... OK
Applying main.0058_v350_remove_limit_limit... OK
Applying main.0059_v350_remove_adhoc_limit... OK
Applying main.0060_v350_update_schedule_uniqueness_constraint... OK
Applying main.0061_v350_track_native_credentialtype_source... OK
Applying main.0062_v350_new_playbook_stats... OK
Applying main.0063_v350_org_host_limits... OK
Applying main.0064_v350_analytics_state... OK
Applying main.0065_v350_index_job_status... OK
Applying main.0066_v350_inventorysource_custom_virtualenv... OK
Applying main.0067_v350_credential_plugins... OK
Applying main.0068_v350_index_event_created... OK
Applying main.0069_v350_generate_unique_install_uuid... OK
Applying main.0070_v350_gce_instance_id... OK
Applying main.0071_v350_remove_system_tracking... OK
Applying main.0072_v350_deprecate_fields... OK
Applying main.0073_v360_create_instance_group_m2m... OK
Applying main.0074_v360_migrate_instance_group_relations... OK
Applying main.0075_v360_remove_old_instance_group_relations... OK
Applying main.0076_v360_add_new_instance_group_relations... OK
Applying main.0077_v360_add_default_orderings... OK
Applying main.0078_v360_clear_sessions_tokens_jt... OK
Applying main.0079_v360_rm_implicit_oauth2_apps... OK
Applying main.0080_v360_replace_job_origin... OK
Applying main.0081_v360_notify_on_start... OK
Applying main.0082_v360_webhook_http_method... OK
Applying main.0083_v360_job_branch_override... OK
Applying main.0084_v360_token_description... OK
Applying main.0085_v360_add_notificationtemplate_messages... OK
Applying main.0086_v360_workflow_approval... OK
Applying main.0087_v360_update_credential_injector_help_text... OK
Applying main.0088_v360_dashboard_optimizations... OK
Applying main.0089_v360_new_job_event_types... OK
Applying main.0090_v360_WFJT_prompts... OK
Applying main.0091_v360_approval_node_notifications... OK
Applying main.0092_v360_webhook_mixin... OK
Applying main.0093_v360_personal_access_tokens... OK
Applying main.0094_v360_webhook_mixin2... OK
Applying main.0095_v360_increase_instance_version_length... OK
Applying main.0096_v360_container_groups... OK
Applying main.0097_v360_workflowapproval_approved_or_denied_by... OK
Applying main.0098_v360_rename_cyberark_aim_credential_type... OK
Applying main.0099_v361_license_cleanup... OK
Applying main.0100_v370_projectupdate_job_tags... OK
Applying main.0101_v370_generate_new_uuids_for_iso_nodes... OK
Applying main.0102_v370_unifiedjob_canceled... OK
Applying main.0103_v370_remove_computed_fields... OK
Applying main.0104_v370_cleanup_old_scan_jts... OK
Applying main.0105_v370_remove_jobevent_parent_and_hosts... OK
Applying main.0106_v370_remove_inventory_groups_with_active_failures... OK
Applying main.0107_v370_workflow_convergence_api_toggle... OK
Applying main.0108_v370_unifiedjob_dependencies_processed... OK
Applying main.0109_v370_job_template_organization_field... OK
Applying main.0110_v370_instance_ip_address... OK
Applying main.0111_v370_delete_channelgroup... OK
Applying main.0112_v370_workflow_node_identifier... OK
Applying main.0113_v370_event_bigint... OK
Applying main.0114_v370_remove_deprecated_manual_inventory_sources... OK
Applying main.0115_v370_schedule_set_null... OK
Applying main.0116_v400_remove_hipchat_notifications... OK
Applying main.0117_v400_remove_cloudforms_inventory... OK
Applying main.0118_add_remote_archive_scm_type... OK
Applying main.0119_inventory_plugins... OK
Applying main.0120_galaxy_credentials... OK
Applying main.0121_delete_toweranalyticsstate... OK
Applying oauth2_provider.0002_08_updates... OK
Applying oauth2_provider.0003_auto_20160316_1503... OK
Applying oauth2_provider.0004_auto_20160525_1623... OK
Applying oauth2_provider.0005_auto_20170514_1141... OK
Applying oauth2_provider.0006_auto_20171214_2232... OK
Applying sites.0001_initial... OK
Applying sites.0002_alter_domain_unique... OK
Applying social_django.0001_initial... OK
Applying social_django.0002_add_related_name... OK
Applying social_django.0003_alter_email_max_length... OK
Applying social_django.0004_auto_20160423_0400... OK
Applying social_django.0005_auto_20160727_2333... OK
Applying social_django.0006_partial... OK
Applying social_django.0007_code_timestamp... OK
Applying social_django.0008_partial_timestamp... OK
Applying sso.0001_initial... OK
Applying sso.0002_expand_provider_options... OK
Applying taggit.0003_taggeditem_add_unique_index... OK
Nous créons le super utilisateur
sudo -u awx awx-manage createsuperuser
Nous répondons aux questions
Username (leave blank to use 'awx'):
Email address: name@domain.tld
Password:
Password (again):
Superuser created successfully.
Nous provisionnons l'instance
sudo -u awx awx-manage provision_instance --hostname=myhost
sudo -u awx awx-manage register_queue --queuename=tower --hostnames=myhost
===== Configuration du proxy Web =====
Nous copions l'exemple
sudo cp -v /usr/share/doc/awx/nginx-awx.conf /etc/nginx/sites-available/
Nous adaptons la configuration.
Nous créons un lien symbolique dans sites-enable
cd /etc/nginx/sites-enabled/
sudo ln -s /etc/nginx/sites-available/nginx-awx.conf
Nous redémarrons nginx et les services AWX
sudo systemctl restart nginx.service
sudo systemctl restart awx-cbreceiver.service
sudo systemctl restart awx-daphne.service
sudo systemctl restart awx-dispatcher.service awx-web.service
===== Liens =====
* [[https://salsa.debian.org/kapouer/awx|Dépôt GIT sur Salsa]]
* [[https://salsa.debian.org/kapouer/awx/-/blob/master/debian/INSTALL.md|Install.md]]
* [[https://people.debian.org/~kapouer/apt/awx/|APT repo AWX]]