Awx

1
Scott van Kalken
svk@redhat.com
http://github.com/codecowboydotio
AWX
...what it is and why you should be excited about it.

2
AWX is a web based user
interface, REST API, and
task engine built on top of
Ansible.

4
https://www.ansible.com/products/awx-project/faq
AWX is a community based project sponsored by Red Hat.

5
Playbooks
Ansible
AWX
Source
Code
Repository
Node
Node
Node
master
feature
branch
Development
branch
ssh
ssh
ssh
AWX let’s you pull playbooks from a source
code repository and run them against nodes
using a nice neat GUI or API.
A
P
I

6
Real time playbook output, push button deployment,
authentication, projects/jobs/workfows, security, notifcations,
logging, scheduling
FEATURES

8
Multiple authentication methods are available.
AWX Username / Password, Azure AD, Github, Google OAuth2,
LDAP, RADIUS, SAML, TACACS+
AUTHENTICATION

9
Playbooks are executed in a CHROOT environment as the AWX
user. Cannot access other data.
Full RBAC security model for every item within AWX. This means
you can tie yourself in knots if you’re not careful.
SECURITY

10
SECURITY
Organization
Team
Notifcations Users Permissions
Inventories Templates Projects
Workfows Admins
Top level construct allows
for multi tenant topologies
Teams are an optional construct to
allow groups within an organization
to collaborate
Each of the items at this level can be
assigned to a team or an organization
When assigned, a role specifc to the
item can be chosen (i.e. execute only
or view only)

11
SECURITY
Organization
Team
Workfows Admins
Team
Workfows Admins

13
Comparable to Ansible inventory fles.
Can have multiple inventories.
Dynamic sync with AWS, GCE, Azure, Rackspace etc.
Write your own custom inventory scripts (just in case you have
AS/400)
INVENTORIES

16
TEMPLATES / JOBS
Collection of playbooks (usually in SCM).
Template is the defnition of a playbook (i.e. which playbook to
use, credentials to use, variables etc)
A Job is the output of a template run. Job output is saved so that
you can review it later.
A Workfow is a way to string together multiple playbooks.

19
JOB HISTORY
Job history is saved – both success
and failure.
All of the attributes used to run the
job are available.

20
Logging
Detailed task logging is
available.

21
Notifcations
You can have notifcations at
the end of jobs to:
Slack
Irc
Hipchat
Email
Rocketchat
Pagerduty
Twilio
Mattermost
etc...

22
Credentials
Credentials can be
different types.
All the major ones are
supported.
Machine, network, AWS,
Azure, GCE etc…
Custom credentials are
also supported (for your
AS/400)

23
Credentials
Credentials can be
different types.
All the major ones are
supported.
Machine, network, AWS,
Azure, GCE etc…
Custom credentials are
also supported (for your
AS/400)

24
REST API
You can do this:
curl -H 'Content-type: application/json'
-d '{"extra_vars":{"target_hosts":"all"}}'
-u admin:password
http://172.17.0.5:8052
….but why?

25
TOWER-CLI
[root@awx ~]# tower-cli job launch --job-template 9
Resource changed.
== ============ =========================== =======
id job_template created status elapsed
== ============ =========================== =======
20 9 2018-04-11T01:44:28.235200Z pending 0.0
== ============ =========================== =======
[root@awx ~]# more .tower_cli.cfg
[general]
host = http://172.17.0.5:8052
username = admin
password = password
verify_ssl = false

26
HOW TO INSTALL
AWX by default installs in to the following platforms:
Docker
Kubernetes
OpenShift
You can run a separate postgres database….. or use the default in built one.
The default install is in containers

27
HOW TO INSTALL
awx_task
awx_web
memcached rabbitmq
postgres
CONTAINERS
EVERYWHERE

28
Thats’s all folks!
http://github.com/ansible/awx
http://github.com/codecowboydotio/ansible
http://github.com/codecowboydotio/devops-day

Awx

More Related Content

What's hot

Similar to Awx

More from Scott van Kalken

Recently uploaded

Awx