About
This example shows how to deploy basic EVPN/VXLAN Fabric based on Arista Validated Design roles using Ansible Tower/AWX. This repository will be used as project on AWX and we will describe how to configure Tower for the following topics:
- Create a project
- Create inventory
- Install collections
- Install python requirements
Disclaimer
This guide was originally published in our Arista AVD ecosystem and is based on field experience and it is not considered as an official AWX/Tower design guide. All the resources used in this post are available in the following repository.
It is not a post about how to use Arista Validated Design collection, but how to configure Ansible AWX to use it.
Before starting
If you want to see how to build your inventory and all related variables, it is recommended to read following documentation:
This guide describe how to install and configure AWX to run Arista AVD ansible collection using official approach as per AWX repository and requires to have a Kubernetes cluster available to install awx operator.
Requirements
To play with this repository, you need:
- A kubernetes cluster set up and ready to use. AWX Operator repository uses minikube, but any flavor can be used.
- A docker engine or podman to build Ansible Execution Engine.
AWX Installation
Deploy AWX Operator
If you do not have installed AWX operator yet, you can install it with the following commands:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
# Clone repository
$ git clone https://github.com/ansible/awx-operator.git
# Create namespace in kubernetes
$ kubectl create namespace awx-avd-demo
namespace/awx-avd-demo created
kubectl config set-context --current --namespace=awx-avd-demo
Context "minikube" modified
# Deploy operator
$ cd awx-operator
$ export NAMESPACE=awx-avd-demo
$ make deploy
Full step by step is available on AWX Operator repository
Deploy an AWX instance
All the following steps will be executed in this repository as it provides both ansible content and AWX deployment manifest
AWX manifest
1
2
3
4
5
6
7
8
# manifests/awx-instance.yml
---
apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
name: awx-for-avd-demo
spec:
service_type: nodeport
AWX deployment
To deploy AWX, just run the following command:
1
2
3
4
5
6
7
8
9
10
11
12
13
# Check operator is active
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
awx-operator-controller-manager-6d959bd7dd-nwjz8 2/2 Running 0 6m54s
# Deploy AWX
$ kubectl apply -f manifests/awx-instance.yml
# Monitor deployment (it can take time to appear)
$ kubectl get pods -l "app.kubernetes.io/managed-by=awx-operator"
NAME READY STATUS RESTARTS AGE
awx-demo-postgres-0 1/1 Running 0 24s
awx-demo-6f58cd7b8d-6dpwr 4/4 Running 0 6s
Once container are UP and running, you should monitor logs to check provisioning completion:
1
2
3
4
$ kubectl logs -f deployments/awx-operator-controller-manager -c awx-manager
...
PLAY RECAP *********************************************************************
localhost : ok=62 changed=0 unreachable=0 failed=0 skipped=45 rescued=0 ignored=0
Get access information
AWX instance is available via a node port. So you can use following command:
1
2
3
4
5
6
7
8
9
# For minikube
minikube service awx-demo-service --url -n $NAMESPACE
# For other flavors
$ kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
awx-operator-controller-manager-metrics-service ClusterIP 10.152.183.37 <none> 8443/TCP 14m
awx-demo-postgres ClusterIP None <none> 5432/TCP 6m35s
awx-demo-service NodePort 10.152.183.71 <none> 80:31025/TCP 6m19s
In this example, instance is listening on port
31025
AWX Credentials are admin
and password generated by Kubernetes
1
2
kubectl get secret awx-demo-admin-password -o jsonpath="{.data.password}" | base64 --decode
O2WBkBTW7CKWUZLqm263PklCL5m7K0GU
Configure AWX
Create Ansible Execution Environment
Ansible has recently introduced Execution Environment which is basically a container to execute your playbooks. The main interest is you don’t have to build a virtual environment in AWX.
To build such container, you need docker or podman as well as ansible-builder
.
1
pip install ansible-builder
And then you have to define your builder file:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
---
version: 1
build_arg_defaults:
EE_BASE_IMAGE: 'quay.io/ansible/ansible-runner:stable-2.12-devel'
dependencies:
galaxy: requirements.yml
python: requirements.txt
additional_build_steps:
prepend: |
RUN pip install --upgrade pip setuptools
RUN yum install -y \
make \
wget \
curl \
less \
git \
zsh \
vim \
sshpass
Note that collection definition is part of requirements.yml. So a new image should be build each time you want to upgrade to a new avd or cvp collection.
To build image, nothing complex:
1
ansible-builder -f exeution-environment.yml -t <your-docker-image:tag>
Ansible version for runner can be found in ansible-runner registry
Also upload image to a registry.
1
docker push <your-docker-image:tag>
You can read more in this post.
Install Ansible Execution Environment
After your image has been uploaded on a public or private registry, you can define this Execution Environment in AWX (Administration / Execution Environments)
If your image is on a private registry, you have to create credentials for your registry
Configure a Project
Now we will use this repository as source for both playbooks and inventory. Go to Resources / Projects and select Add
This project will be used for 2 things:
- Get our inventory and all attached variables.
- Get our playbooks to run in AWX.
Configure project with:
- SCM Type: Git
- SCM Branch: master
- Ansible Environment: /your/path/to/venv
- SCM URL: https://github.com/arista-netdevops-community/avd-with-ansible-tower-awx.git
Don’t forget the following elements:
- Set correct Execution Environment from the list.
- Select correct branch
- Configure optional credentials if required
Create inventory
We can now create inventory in AWX in Resources / Inventories and select Add Inventory
Click Save and and then on Sources
And then, complete information:
Create Template (aka Playbook)
Template is in charge of the glue between inventory, execution environment and playbook to run.
Go to Resources / Templates and select Add Job Template
In this section, feel free to use your tags based on your need. Here playbook will execute only build and not deploy and will skip documentation.
What’s next ?
Now everything is set and you should be able to run your playbook or build your own workflow !
Resources
- Play with Ansible Execution Environment
- Ansible Arista Validated Design repository.
- Ansible Arista CloudVision Collection repository.
- AWX Operator repository
- Minikube
- Ansible builder