【Ansible AWX】安装

总结

    • Ansible AWX をインストールする。

 

    面倒臭いため全ての操作を root ユーザで行っています。良くないことはわかっています。ごめんなさい。

采购用于验证的主机

在AWS上,创建一个实例(主机名为awx),位于默认VPC的默认子网中。

引入 Ansible AWX

请依照公式的安装指南进行安装。
https://github.com/ansible/awx/blob/devel/INSTALL.md

安装Docker

似乎需要Docker和docker-py。

我首先想要安装docker-ce…

[root@awx ~]# yum search docker-ce
読み込んだプラグイン:extras_suggestions, langpacks, priorities, update-
                   : motd
警告: 一致するものが見つかりません: docker-ce
No matches found

似乎缺少yum软件仓库。

参考Docker官方文档在yum仓库中进行添加。

[root@awx ~]# yum-config-manager \
> --add-repo https://download.docker.com/linux/centos/docker-ce.repo
読み込んだプラグイン:extras_suggestions, langpacks, priorities, update-
                   : motd
adding repo from: https://download.docker.com/linux/centos/docker-ce.repo
grabbing file https://download.docker.com/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo
[root@awx ~]#

经过再次执行 yum search 命令确认,似乎已成功添加。

[root@awx ~]# yum search docker-ce
読み込んだプラグイン:extras_suggestions, langpacks, priorities, update-
                   : motd
==================== N/S matched: docker-ce ====================
docker-ce.x86_64 : The open-source application container engine
docker-ce-selinux.noarch : SELinux Policies for the open-source
                         : application container engine

  Name and summary matches only, use "search all" for everything.
[root@awx ~]# 

终于安装完成。

[root@awx ~]# yum install docker-ce

确保也安装了docker-py。

由于没有安装pip,所以在安装docker-py之前先安装pip。

[root@awx ~]# easy_install pip
[root@awx ~]# pip install docker-py

安装Ansible

顺便说一下,在这个时间点上安装 Ansible(用于安装 Ansible AWX)。

[root@awx ~]# pip install ansible

安装 Ansible AWX

在一个类似的目录中,使用 git clone 命令克隆官方仓库。

[root@awx local]# git clone https://github.com/ansible/awx.git

运行Docker,开始安装Ansible AWX。

[root@awx local]# cd /usr/local/awx/installer
[root@awx installer]# ansible-playbook --inventory inventory install.yml 

...
(省略)
...

TASK [local_docker : Activate AWX Web Container] *********************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Error creating container: unhashable type: 'list'"}
    to retry, use: --limit @/usr/local/awx/installer/install.retry

PLAY RECAP ***********************************************************************************************************************
localhost                  : ok=10   changed=0    unreachable=0    failed=1  

真的吗?

unhashable type: 'list'

据说,这是由于在Python字典的键中传递了一个数组导致的。

查看失败的任务。

- name: Activate AWX Web Container
  docker_container:
    name: awx_web
    state: started
    restart_policy: unless-stopped
    image: "{{ awx_web_docker_actual_image }}"
    volumes:
      - "{{ project_data_dir + ':/var/lib/awx/projects:rw' if project_data_dir is defined else [] }}"
      - "{{ ca_trust_dir + ':/etc/pki/ca-trust/source/anchors:ro' if ca_trust_dir is defined else [] }}"
    user: root
    ports:
      - "{{ host_port }}:8052"
    links: "{{ awx_web_container_links|list }}"
    hostname: "{{ awx_web_hostname }}"
    dns_search_domains: "{{ awx_container_search_domains.split(',') if awx_container_search_domains is defined else omit }}"
    dns_servers: "{{ awx_alternate_dns_servers.split(',') if awx_alternate_dns_servers is defined else omit }}"
    env:
      http_proxy: "{{ http_proxy | default('') }}"
      https_proxy: "{{ https_proxy | default('') }}"
      no_proxy: "{{ no_proxy | default('') }}"
      SECRET_KEY: "{{ secret_key }}"
      DATABASE_NAME: "{{ pg_database }}"
      DATABASE_USER: "{{ pg_username }}"
      DATABASE_PASSWORD: "{{ pg_password }}"
      DATABASE_PORT: "{{ pg_port }}"
      DATABASE_HOST: "{{ pg_hostname_actual }}"
      RABBITMQ_USER: "{{ rabbitmq_default_username }}"
      RABBITMQ_PASSWORD: "{{ rabbitmq_default_password }}"
      RABBITMQ_HOST: "rabbitmq"
      RABBITMQ_PORT: "{{ rabbitmq_port }}"
      RABBITMQ_VHOST: "{{ rabbitmq_default_vhost }}"
      MEMCACHED_HOST: "memcached"
      MEMCACHED_PORT: "11211"
      AWX_ADMIN_USER: "{{ default_admin_user|default('admin') }}"
      AWX_ADMIN_PASSWORD: "{{ default_admin_password|default('password') }}"
  register: awx_web_container

目前 docker_container 模块似乎出现了故障。

 volumes:
       - "{{ project_data_dir + ':/var/lib/awx/projects:rw' if project_data_dir is defined else [] }}"
       - "{{ ca_trust_dir + ':/etc/pki/ca-trust/source/anchors:ro' if ca_trust_dir is defined else [] }}"

这个部分非常可疑。

据说如果变量已定义,则返回字符串;如果未定义,则返回空数组。哦…

加上 -vvv 参数再次执行试试。

...
(省略)
...
TASK [local_docker : Activate AWX Web Container] *********************************************************************************
task path: /usr/local/awx/installer/roles/local_docker/tasks/standalone.yml:79
<localhost> ESTABLISH LOCAL CONNECTION FOR USER: root
<localhost> EXEC /bin/sh -c 'echo ~root && sleep 0'
<localhost> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1539493799.13-47679237691830 `" && echo ansible-tmp-1539493799.13-47679237691830="` echo /root/.ansible/tmp/ansible-tmp-1539493799.13-47679237691830 `" ) && sleep 0'
Using module file /usr/lib/python2.7/site-packages/ansible/modules/cloud/docker/docker_container.py
<localhost> PUT /root/.ansible/tmp/ansible-local-4387s0rrtI/tmpo9Accv TO /root/.ansible/tmp/ansible-tmp-1539493799.13-47679237691830/AnsiballZ_docker_container.py
<localhost> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1539493799.13-47679237691830/ /root/.ansible/tmp/ansible-tmp-1539493799.13-47679237691830/AnsiballZ_docker_container.py && sleep 0'
<localhost> EXEC /bin/sh -c '/usr/bin/env python /root/.ansible/tmp/ansible-tmp-1539493799.13-47679237691830/AnsiballZ_docker_container.py && sleep 0'
<localhost> EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-tmp-1539493799.13-47679237691830/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
Traceback (most recent call last):
  File "/root/.ansible/tmp/ansible-tmp-1539493799.13-47679237691830/AnsiballZ_docker_container.py", line 113, in <module>
    _ansiballz_main()
  File "/root/.ansible/tmp/ansible-tmp-1539493799.13-47679237691830/AnsiballZ_docker_container.py", line 105, in _ansiballz_main
    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
  File "/root/.ansible/tmp/ansible-tmp-1539493799.13-47679237691830/AnsiballZ_docker_container.py", line 48, in invoke_module
    imp.load_module('__main__', mod, module, MOD_DESC)
  File "/tmp/ansible_docker_container_payload_YPzsaG/__main__.py", line 2177, in <module>
  File "/tmp/ansible_docker_container_payload_YPzsaG/__main__.py", line 2172, in main
  File "/tmp/ansible_docker_container_payload_YPzsaG/__main__.py", line 1772, in __init__
  File "/tmp/ansible_docker_container_payload_YPzsaG/__main__.py", line 1801, in present
  File "/tmp/ansible_docker_container_payload_YPzsaG/__main__.py", line 1245, in has_different_configuration
  File "/tmp/ansible_docker_container_payload_YPzsaG/__main__.py", line 1672, in _get_expected_volumes
TypeError: unhashable type: 'list'

fatal: [localhost]: FAILED! => {
    "changed": false, 
    "module_stderr": "Traceback (most recent call last):\n  File \"/root/.ansible/tmp/ansible-tmp-1539493799.13-47679237691830/AnsiballZ_docker_container.py\", line 113, in <module>\n    _ansiballz_main()\n  File \"/root/.ansible/tmp/ansible-tmp-1539493799.13-47679237691830/AnsiballZ_docker_container.py\", line 105, in _ansiballz_main\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n  File \"/root/.ansible/tmp/ansible-tmp-1539493799.13-47679237691830/AnsiballZ_docker_container.py\", line 48, in invoke_module\n    imp.load_module('__main__', mod, module, MOD_DESC)\n  File \"/tmp/ansible_docker_container_payload_YPzsaG/__main__.py\", line 2177, in <module>\n  File \"/tmp/ansible_docker_container_payload_YPzsaG/__main__.py\", line 2172, in main\n  File \"/tmp/ansible_docker_container_payload_YPzsaG/__main__.py\", line 1772, in __init__\n  File \"/tmp/ansible_docker_container_payload_YPzsaG/__main__.py\", line 1801, in present\n  File \"/tmp/ansible_docker_container_payload_YPzsaG/__main__.py\", line 1245, in has_different_configuration\n  File \"/tmp/ansible_docker_container_payload_YPzsaG/__main__.py\", line 1672, in _get_expected_volumes\nTypeError: unhashable type: 'list'\n", 
    "module_stdout": "", 
    "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", 
    "rc": 1
}

我在源代码中搜索了 _get_expected_volumes ,很可能是这个地方出了问题。

似乎需要取消注释关于 /path/to/awx/installer/inventory 的变量定义。

# AWX project data folder. If you need access to the location where AWX stores the projects
# it manages from the docker host, you can set this to turn it into a volume for the container.

## ★ここをアンコメント★
project_data_dir=/var/lib/awx/projects
## ★ここをアンコメント★

# CA Trust directory. If you need to provide custom CA certificates, supplying
# this variable causes this directory on the host to be bind mounted over
# /etc/pki/ca-trust in the awx_task and awx_web containers.
# NOTE: only obeyed in local_docker install

## ★ここをアンコメント★
ca_trust_dir=/etc/pki/ca-trust
## ★ここをアンコメント★

再次执行ansible-playbook,这次成功了。

尝试访问 http://xx.xx.xx.xx(其中 xx.xx.xx.xx 是全球 IP)时…

awx.png

暂时来说,安装已经完成。