Overview of Ansible Tower
Sprawling infrastructure and snowflake woes? Then Ansible is the solution you need!
Ansible is designed to be minimal in nature, consistent, secure and highly reliable! Ansible is a highly sought after skill in the marketplace with an extremely low learning curve for administrators, developers and IT managers.
The "Ansible Essentials: Simplicity in Automation Technical Overview" course introduces you to Ansible automation and configuration management, provisioning, deploying, and managing compute infrastructure across cloud, virtual, and physical environments.
By taking this course you'll learn just how easy it is to use Ansible to build consistent and repeatable infrastructure environments using Ansible playbooks.
In this lesson, I am going to take you through an overview of the features of Ansible Tower. So right now I am here in testing tower instance and I am actually on the dashboard screen which basically gives you an overview of everything that’s happening inside of your Tower environment. So in here I have got some pretty basic things going on, I have got 44 hosts, 6 inventories, a sync failure which is totally fine, I’ve got 6 projects and basically again this is just an overview of what’s happening in your system.
If you want to start getting things set up in Tower, then you would utilize some of the individual components. So at the top here, I’m first going to go in and check out my projects. So, like we have been doing today in our video demonstrations, I basically have been building upon the files that are inside of my lamp haproxy directory and that’s basically an Ansible project, and you know I am not storing that in source control so that would be a good equivalent of what a manual project would be in Tower.
So if I wanted to bring something like my lamp haproxy thing into Tower, I could create a new project, call it Manual project and then I can select Manual SCM Type, which fills in the project base path /var/lib/awx/projects and then I can choose a playbook directory from there, so in this case I have got myproject ready to go and then I can save that. So that would be an example of creating a manual project, like what I have been doing today.
Now additionally we have also been targeting three vagrant hosts, utilizing different tasks and modules and things like that, and if I go to my inventories, this is a good overview of different types of inventories that you can leverage inside of Tower.
So here I have a Static Inventory that you can click into, and that shows you a couple of different Static hosts that have been predefined in here. I also have Dynamic Inventory which if I click into my AWS inventory and I have an Ec2 group with 36 separate hosts in here, and that also prepopulates a bunch of different variables that I am pulling directly from AWS as you can see here, so pre-groups tags, types of vpcs, and so this I can continue and keep up-to-date with whatever instances I have launched on that site.
So, talked about projects and inventories. Now we have been running playbooks and the equivalent of that in Ansible Tower would be a job template, and so a job template is basically just a preconfigured playbook run. And so if I click on add here, I can create a job template, name it Lamp Haproxy for example, the job type would be run, because I want to run but I can also select check if I want to run this in check mode.
I could then target the inventory that I want to target, so I could do AWS Inventory. I could then select the project that I want to target, so I can do manual project. Then I can select a playbook, so site.yml playbook, for example, I can select a machine credential, so the authentication mechanism that I am using to connect to the host, so I can do vagrant. And then I can add in additional options, so do I want to limit to a certain host?
Do I want to run it with additional verbosity so I get more output when I run the job? Do I want to enable privilege escalation from the job template? Do I want to run with multiple forks or pass an extra var? And I can do that all from the job template. And so I can save this, and so now I have a fully populated job template that I could then run. And this is just an arbitrary example so I am not going to run the job template today, but I did want to show you how you would set one up.
Now the other thing that I wanted to mention with relation to Ansible Tower is, and I mentioned it way back in the slides, but Ansible Tower has a full RESTful API that’s fully browsable, so right now I’m in the main UI, and if I wanted to get to the API, I would just add /api/v1/ to the end of my URL here. Now go to that and so this gives me a list of all the various end points that I can then utilize.
So I was just in the job template screen, so I can just click on job templates, and then I can look at individual job templates by their IDs, so I have got 618 here, this is where I can actually go to launch jobs from the API itself, which is really handy, and I can get information about each of the individual templates.
Additionally, I can look at all of my past jobs on the job template. So I can go in and look at what happened in each of those individual jobs from the job template. So if you ever want to look through the REST API and you get stuck, there is a question mark help icon at the top that gives you an overview of each of the individual parameters, which is really great and really you can make your whole Tower structure completely automated by utilizing the API, so I definitely recommend at least checking it out and familiarizing yourself with the options available to you.
So, if I go out of the API and go back to the main dashboard screen, the one last thing that I did want to draw attention to is the role-based access control mechanisms that we have in place inside of Tower. So if I can click on the gear icon here, there is a couple of options, we have got Users and Teams, and if I click into Teams, I can actually create teams, so I have my team here called Team America and I can click into the team and I can grant permissions to the team, and so this is one of the things that really separates Ansible Tower from ansible the command line tool in the sense that we can build in a whole permissions structure inside of the UI and allow teams to only access certain job templates in certain credentials and inventory.
And so if I click on Granted Permissions, I actually haven’t granted any permissions to this team but I can go ahead and add that right now. So, really look into leveraging the RBAC system inside of Tower because it gives you a lot of granular control into how you want users and teams to access your projects and inventory. So that concludes our discussion on an overview of Ansible Tower, and that also concludes our overall introduction to Ansible and so I hope that this is an informative set of videos for you and I hope that you guys learned a lot, so thank you very much.
Jeremy is a Content Lead Architect and DevOps SME here at Cloud Academy where he specializes in developing DevOps technical training documentation.
He has a strong background in software engineering, and has been coding with various languages, frameworks, and systems for the past 25+ years. In recent times, Jeremy has been focused on DevOps, Cloud (AWS, GCP, Azure), Security, Kubernetes, and Machine Learning.
Jeremy holds professional certifications for AWS, GCP, Terraform, Kubernetes (CKA, CKAD, CKS).