ansible tower（awx） Centos7搭建与使用总结（docker部署）

一、项目背景

由于最近入职新公司，公司中实现运维自动化的架构中主要用到ansible，但是ansible脚本主要部署于服务器指令行中不太直观。经搜查资料，得知ansible tower（之前叫做awx）是将ansible的指令界面化，简明直观，简单易用，故搭建了一个ansible tower环境，与大家分享学习。

二、搭建步骤

1.部署服务器之间免密。大家都知道，ansible实现批量时也会通过ssh远程模块去执行命令，因此服务器之间部署免密较为方便。此处，我测试环境有两台服务器（主机名wushengtest-agent1，wushengtest-agent2）实现，使用root（或其他用户）执行ssh-keygen生成秘钥对，将id_rsa.pub文件输出到本地和远程机器中的~/.ssh/authorized_keys文件中，因第一次实现免密会要求输入一个yes或no之后才能实现，故公钥部署好之后手动进行一次远程登录。

host文件，定义主机名（此处也可跳过）

authorized_keys文件（实现免密）

2.防火墙设置。此处可以选择关闭防火墙，或者设置特定的防火墙规则。

（1）关闭防火墙。

iptables -F #清空防火墙规则
iptables -X
iptables -Z
iptables-save #保存防火墙规则
systemctl stop firewalld && systemctl disable firewalld #关闭并开机不自启动firewalld

（2）设置特定防火墙规则。

systemctl enable firewalld
systemctl start firewalld
firewall-cmd --add-service=http --permanent;firewall-cmd --add-service=https --permanent
systemctl restart firewalld

3.下载epel-release源。

yum install -y epel

4.下载软件包。

yum install -y yum-utils device-mapper-persistent-data lvm2 ansible git python-devel python-pip python-docker-py vim-enhanced

5.下载docker-ce源。也可直接使用我提供的docker-ce.repo文件。

（1）下载docker-ce源。

yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

（2）使用现成的docker-ce.repo。将一下代码粘贴复制到/etc/yum.repo.d/docker-ce.repo即可。

[docker-ce-stable]
name=Docker CE Stable - $basearch
baseurl=https://download.docker.com/linux/centos/7/$basearch/stable
enabled=1
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-stable-debuginfo]
name=Docker CE Stable - Debuginfo $basearch
baseurl=https://download.docker.com/linux/centos/7/debug-$basearch/stable
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-stable-source]
name=Docker CE Stable - Sources
baseurl=https://download.docker.com/linux/centos/7/source/stable
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-edge]
name=Docker CE Edge - $basearch
baseurl=https://download.docker.com/linux/centos/7/$basearch/edge
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-edge-debuginfo]
name=Docker CE Edge - Debuginfo $basearch
baseurl=https://download.docker.com/linux/centos/7/debug-$basearch/edge
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-edge-source]
name=Docker CE Edge - Sources
baseurl=https://download.docker.com/linux/centos/7/source/edge
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-test]
name=Docker CE Test - $basearch
baseurl=https://download.docker.com/linux/centos/7/$basearch/test
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-test-debuginfo]
name=Docker CE Test - Debuginfo $basearch
baseurl=https://download.docker.com/linux/centos/7/debug-$basearch/test
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-test-source]
name=Docker CE Test - Sources
baseurl=https://download.docker.com/linux/centos/7/source/test
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-nightly]
name=Docker CE Nightly - $basearch
baseurl=https://download.docker.com/linux/centos/7/$basearch/nightly
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-nightly-debuginfo]
name=Docker CE Nightly - Debuginfo $basearch
baseurl=https://download.docker.com/linux/centos/7/debug-$basearch/nightly
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

[docker-ce-nightly-source]
name=Docker CE Nightly - Sources
baseurl=https://download.docker.com/linux/centos/7/source/nightly
enabled=0
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg

6.下载并开启docker服务。

yum install docker-ce -y #下载docker
systemctl start docker && systemctl enable docker #开启并开机自启docker

7.下载awx代码。

git clone https://github.com/ansible/awx.git
cd awx
git clone https://github.com/ansible/awx-logos.git

8.配置inventory。

cd installer/ #当前目录/root/awx/installer
[root@wushengtest-agent1 awx]# vim inventory
postgres_data_dir=/var/lib/pgdocker
awx_official=true
awx_alternate_dns_servers="4.2.2.1,4.2.2.2"
project_data_dir=/var/lib/awx/projects

9.inventory配置文件。

[root@wushengtest-agent1 installer]# cat inventory | grep -v "#"
localhost ansible_connection=local ansible_python_interpreter="/usr/bin/env python"

[all:vars]

dockerhub_base=ansible
dockerhub_version=latest
rabbitmq_version=3.6.14

awx_secret_key=awxsecret

postgres_data_dir=/var/lib/pgdocker
host_port=80

docker_compose_dir=/var/lib/awx

pg_username=awx
pg_password=awxpass
pg_database=awx
pg_port=5432

awx_official=true

awx_alternate_dns_servers="4.2.2.1,4.2.2.2"
project_data_dir=/var/lib/awx/projects

10.docker编译awx。

ansible-playbook -i inventory install.yml -vv

11.执行结果大致如下。

[root@awx installer]# docker container ls
CONTAINER ID        IMAGE                     COMMAND                  CREATED             STATUS              PORTS                                NAMES
318c7c95dcbb        ansible/awx_task:latest   "/tini -- /bin/sh -c."   12 minutes ago      Up 12 minutes       8052/tcp                             awx_task
642c2f272e31        ansible/awx_web:latest    "/tini -- /bin/sh -c."   12 minutes ago      Up 12 minutes       0.0.0.0:80->8052/tcp                 awx_web
641b42ab536f        memcached:alpine          "docker-entrypoint.s."   18 minutes ago      Up 18 minutes       11211/tcp                            memcached
b333012d90ac        rabbitmq:3                "docker-entrypoint.s."   19 minutes ago      Up 19 minutes       4369/tcp, 5671-5672/tcp, 25672/tcp   rabbitmq
ada52935513a        postgres:9.6              "docker-entrypoint.s."   19 minutes ago      Up 19 minutes       5432/tcp                             postgres

12.通过浏览器输入ip即可进行访问。

13.免密配置与创建项目等与非docker部署awx基本一致，详情可以查看。https://blog.csdn.net/qq_33633013/article/details/82108104