Satellite 6.3 Feature Overview: Ansible Tower Integration and Documentation

Updated -

Satellite 6.3 introduces documented best practices for integration with Red Hat Satellite and Ansible Tower.

Satellite 6.3 introduces documented best practices for integration with Red Hat Satellite and Ansible Tower.

These documented best practices are located in the Satellite 6.3 Managing Hosts Guide. Chapter 7, Integrating Red Hat Satellite and Ansible Tower is the primary section that covers this feature. The content from this feature overview draws heavily from Chapter 7.

There are two primary use cases we've focused on with Satellite 6.3 and Ansible Tower.

  1. Use Satellite Server as a dynamic inventory source for Ansible Tower
  2. Use the provisioning callback function to run playbooks on your Satellite hosts from either the host or from Ansible Tower.

Prerequisites

Satellite Server and Ansible Tower communicate using credentials and callbacks. You must have a user on your Satellite Server with the integration role that includes the necessary permission filters.

For more information on managing users, roles, and permission filters, see Managing Users and Roles and Creating and Managing Roles in the Satellite 6.3 Administering Red Hat Satellite Guide.

In the Red Hat Satellite Web UI, create an integration role, specify these permission filters and assign the role to a user:

Permission Filters.

Resource Permissions Access Description
Host view_hosts To view Satellite Server hosts.
Host Group view_hostgroups To view Satellite Server host groups.
Fact value view_facts To view Satellite Server Facts.

Adding Satellite Server to Ansible Tower as a Dynamic Inventory Item

To add Satellite Server to Ansible Tower as a dynamic inventory item, you must create a credential for the Satellite Server user on Ansible Tower, add an appropriate user to the credential, and configure an inventory source.

To Add Satellite Server to Ansible Tower as a Dynamic Inventory Item:

  1. In the Ansible Tower Web UI, create a credential for your Satellite, specifying your Satellite credentials. For more information on creating credentials, see Add a New Credential and Red Hat Satellite 6 Credentials in the Ansible Tower User Guide.

Satellite Credentials

Credential Type Red Hat Satellite 6
Satellite 6 URL: https://satellite.example.com
Username: The username of the Satellite user with the integration role.
Password: The password of the Satellite user.
  1. Add an Ansible Tower user to the new credential. For more information on adding a user to a credential, see Getting Started with Credentials in the Ansible Tower User Guide.
  2. Add Satellite Server as a new inventory source, specifying these inventory source options. For more information on adding inventories, see Add a new inventory in the Ansible Tower User Guide.

Inventory Source Options

Source. Red Hat Satellite 6
Credential: The credential you created for Satellite Server.
Overwrite: Selected
Upgrade on Launch: Selected
Cache Timeout: 90

You can now use Satellite as a dynamic inventory item in Ansible Tower. For more information on managing inventories, see Inventories in the Ansible Tower User Guide.

Configuring Provisioning Callback for a Host

You can configure Provisioning Callback for an Ansible Tower template. You can then call a specific URL on the Ansible Tower server, pass variables to it, and trigger a playbook run on the calling system.

You can also use this feature to trigger playbook runs on newly deployed hosts. For more information on provisioning callbacks, see Provisioning Callbacks in the Ansible Tower User Guide.

Prerequisites

  • Red Hat Satellite 6.3 and Ansible Tower must be integrated before configuring Provisioning Callback for a host.
  • In the Ansible Tower Web UI, you must enable provisioning callbacks, generate the HOST CONFIG KEY, and have the template_ID of your job template. For more information, see Job Templates in the Ansible Tower User Guide.

To Configure Provisioning Callback for a Host:

The Satellite Kickstart Default and Satellite Kickstart Default Finish templates include three snippets that you must define parameters for:

    ansible_provisioning_callback
    ansible_tower_callback_script
    ansible_tower_callback_service
  • For a single host:

    1. In the Red Hat Satellite Web UI, navigate to Hosts > All hosts.
    2. On the Hosts page, select the host to be edited from the Hosts list.
    3. In the Host Group window, click the Parameters tab.
    4. In the Host parameters window, click + Add Parameter.
    5. In the Name field, enter ansible_tower_provisioning.
    6. In the Value field, enter true.
    7. Repeat this process to create each of the following parameters, then click Submit when you have created all the necessary parameters:

    Host Parameters

    Name Value Description
    ansible_tower_provisioning true Enables Provisioning Callback.
    ansible_tower_fqdn tower.example.net The fully qualified domain name (FQDN) of your Ansible Tower.
    ansible_job_template_id template_ID The ID of your provisioning template found in the URL of the template: /templates/job_template/5.
    ansible_host_config_key config_KEY The HOST CONFIG KEY generated by your job template in Ansible Tower.
  • For a host group:

    1. In the Red Hat Satellite Web UI, navigate to Configure > Host groups.
    2. On the Host Groups page, select the host group to be edited from the Host Group list.
    3. In the Host Group window, click the Parameters tab.
    4. In the Host group parameters window, click + Add Parameter.
    5. In the Name field, enter ansible_tower_provisioning.
    6. In the Value field, enter true.
    7. Repeat this process to create each of the following parameters then click Submit when you have created all the necessary parameters:

      Host Group Parameters

Name Value Description
ansible_tower_provisioning true Enables Provisioning Callback.
ansible_tower_fqdn tower.example.net The fully qualified domain name (FQDN) of your Ansible Tower.
ansible_job_template_id template_ID The ID of your provisioning template found in the URL of the template: /templates/job_template/5.
ansible_host_config_key config_KEY The HOST CONFIG KEY generated by your job template in Ansible Tower.

You now have Provisioning Callback configured at a host or host group level.

You can use the PROVISIONING CALLBACK URL in combination with the HOST CONFIG KEY from a host to call Ansible Tower to trigger the playbook run specified in the template against the host.

You can also configure the host when provisioning from Satellite Server, where the playbook run from Ansible Tower configures the host following Kickstart deployment.

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.