Embedded Ansible using AWX


The original implementation of Embedded Ansible required a tower license, which was less than ideal.

Ansible Tower was recently open-sourced as AWX. AWX is deployed as a group of containers using either Docker or OpenShift which is significantly different from how tower was configured.

This lead to an effort to re-work the way we handle running the “Embedded Ansible service” in ManageIQ to make it more pluggable. The PR which accomplishes this is https://github.com/ManageIQ/manageiq/pull/16168

This change paved the way for https://github.com/ManageIQ/manageiq/pull/16205 which was just recently merged.

Using Embedded Ansible in ManageIQ

After this change, users of ManageIQ should be able to enable the Embedded Ansible role without any of the steps described in [HowTo] Setup Embedded Ansible

Additionally, developers running the application locally can utilize the docker daemon running on their development machines to run Embedded Ansible as well.

Personally, I tested this change in the appliance as well as on Fedora using the local docker daemon (YYMV using a mac as docker doesn’t actually run locally, so I’m not sure if we can access the docker API the same way).

Things to look out for

These are some tips about things that can happen when running Embedded Ansible using docker. They are mostly only applicable to development (non-appliance) environments, but may be useful for trouble shooting in either case.

  1. If your database is running on the same host as the docker daemon, we do our best to figure out how to talk to that database from inside the AWX containers. If this doesn’t seem to work, it may be best to set a resolvable hostname or IP in database.yml.
  2. We create a database called awx for use by the Embedded Ansible containers. We do not remove that database when you reset the one configured for use with ManageIQ. This means that the authentication information for the awx database (which is stored in the ManageIQ database) is lost, and Embedded Ansible will not work until the awx database and role are removed:
  1. If you use rake evm:kill to stop your server, the AWX containers will not be brought down. You will have to find their container ids using docker ps and kill them manually with docker kill.
  2. The images for AWX are pulled from docker hub. You will need internet access to get them. If you want a particular image tag (it’s probably best not to change the image name), you can set that in Advanced Settings. We use latest for all the images by default.