Chapter 6. Installing Ansible Automation Platform 2.1

The installation of Ansible Automation Platform 2.1 takes advantage of automation controller and automation mesh to provide a simple, secure and flexible method of handling your automation workloads.

Automation controller provides the control plane for automation through its UI, Restful API, RBAC workflows and CI/CD integrations.

Automation mesh is an overlay network that provides the ability to ease the distribution of work across a large and dispersed collection of workers through nodes that establish peer-to-peer connections with each other using existing networks.

With automation mesh in place, you can:

  • Dynamically scale cluster capacity without downtime
  • Decouple the execution and control plane
  • Re-route execution to a different path when outages may exist automatically

The following steps provide a step-by-step on deploying a clustered Ansible Automation Platform 2.1 using automation mesh.

Note

The following installation is done on Ansible Site 1 of this reference environment Ansible Automation Platform cluster. After completion, ensure to follow the same steps for Ansible Site 2.

On controlplane-1.site1.example.com, as the ansible user, perform the following:

  1. Download Ansible Automation Platform 2.1 Setup tar ansible-automation-platform-setup-2.1.0-1.tar.gz
  2. Untar the ansible-automation-platform-setup-2.1.0-1.tar.gz

    $ tar zxvf ansible-automation-platform-setup-2.1.0-1.tar.gz
  3. Change directory into ansible-automation-platform-setup-2.1.0-1.tar.gz

    cd ansible-automation-platform-setup-2.1.0-1/
  4. Backup the existing inventory file

    $ cp inventory inventory.bkup
  5. Install the ansible-core package

    $ sudo dnf install ansible-core --assumeyes
  6. Modify the inventory to include with the appropriate information about your environment. Below is an example of this reference environment.

    [automationcontroller]
    controlplane-1.site1.example.com ansible_connection=local
    controlplane-2.site1.example.com
    controlplane-3.site1.example.com
    
    [automationcontroller:vars]
    node_type=control 1
    peers=execution_nodes 2
    
    [execution_nodes]
    executionnode-1.site1.example.com peers=executionnode-2.site1.example.com 3
    executionnode-2.site1.example.com
    
    [database]
    controldatabase.site1.example.com 4
    
    [all:vars]
    #Handled by Ansible Vault
    admin_password='' 5
    
    pg_host='controldatabase.site1.example.com' 6
    pg_port='5432' 7
    
    pg_database='awx'
    pg_username='awx'
    
    #Handled by Ansible Vault
    pg_password='' 8
    
    pg_sslmode='prefer'
    
    registry_url=’registry.redhat.io’ 9
    registry_username='myusername' 10
    
    #Handled by Ansible Vault
    registry_password='' 11
    1
    control nodes run project and inventory updates and system jobs, but not execution jobs. Execution capabilities are disabled on these nodes.
    2
    Peer relationships define node-to-node connections. Setting peer relationship between control plane nodes and execution nodes.
    3
    Setting peer relationships between the execution nodes.
    4
    Set the node that will install the PostgreSQL database for the controller installation.
    5
    Set the password for admin user to access the UI upon install completion.
    6
    Set the PostgreSQL host (database node).
    7
    Set the PostgreSQL port to use for the database node.
    8
    Set the password for the PostgreSQL database.
    9
    Execution Environment images are downloaded and included in your installation. Proper credentials required to download the images.
    10
    User credential for access to registry_url.
    11
    Password credential for access to registry_url.
  7. Create a file labeled credentials.yml that will store the encrypted credentials.

    $ cat credentials.yml
    admin_password: my_long_admin_pw
    pg_password: my_long_pg_pw
    registry_password: my_long_registry_pw
  8. Encrypt the credentials.yml file using ansible-vault.

    $ ansible-vault encrypt credentials.yml
    New Vault password:
    Confirm New Vault password:
    Encryption successful
    Warning

    Store your encrypted vault password in a safe place.

  9. Verify the credentials.yml file is encrypted

    $ cat credentials.yml
    $ANSIBLE_VAULT;1.1;AES256
    36383639653562386534316333333961383336306465336465613831353435313530376464616539
    3765393063303065323466663330646232363065316666310a373062303133376339633831303033
    34313534383962613632303761636632623932653062343839613639653635643365616233313365
    3636616639313864300a353239373433313339613465326339313035633565353464356538653631
    63346434383534643237663862353361366632613634333231316334363939396461326561643336
    3430633534303935646264633034383966336232303365383763
  10. Run the setup.sh for installation of Ansible Automation Platform 2.1 and pass the credentials.yml, as well as, the --ask-vault-pass option

    $ ANSIBLE_BECOME_METHOD='sudo' ANSIBLE_BECOME=True ANSIBLE_HOST_KEY_CHECKING=False ./setup.sh -e @credentials.yml -- --ask-vault-pass
    Note

    The following ANSIBLE*_ variables are set to ensure a successful install.

    Note

    For more information regarding the different values that can be set within your inventory file, visit: Setting up the inventory file

  11. Login to the Ansible Automation Platform dashboard, e.g. controlplane-cluster.site1.example.com
  12. Activate your Ansible Automation Platform subscription via Subscription manifest or username/password.

    import manifest
    Note

    The steps to generate your subscription manifest can be found Appendix D, Generate a subscription manifest