In this post I’m going to over getting a local AWX instance going on CentOS 8.  AWX is the open source version of Ansible Tower and it is a web interface/API interface.  AWX allows you to use things like HashiCorp Vault for credentials (which I’ve covered).

Don't worry, this will be super easy, barely an inconvenience.

I’m going to be installing CentOS 8 on Vmware ESXi 6.7.  Your hypervisor shouldn’t matter however, you should be able to do this in any environment.

I’m creating a VM with 4 CPU and 8GB of RAM, 20GB of disk space.  I’m using the CentOS 8 install DVD for the source install.

In the Setup for CentOS, In the Software Selection part, I set it to Minimal Install

Next, I set a static IP in the Network and Host Name section

Next, I clicked configure and then the IPv4 Settings tab.  I’m going to set a static IP and I would recommend you do as well, If you do use DHCP, I’d make it a reservation.

Also set the host name to something like AWX.yourdomain

Once that is done, hit Begin Installation.

During the install set your root password and create your admin user.

Once the install is done, lets ssh in and login as your admin user.

First thing I’d do is a yum update to make sure everything is up to date.

sudo yum update -y

You also need to stop and disable the firewall or your containers will have trouble talking

sudo systemctl disable firewalld
sudo systemctl stop firewalld

These next steps are from the docker page for CentOS

Get Docker Engine - Community for CentOS
Instructions for installing Docker Engine - Community on CentOS
sudo yum remove docker \
                  docker-client \
                  docker-client-latest \
                  docker-common \
                  docker-latest \
                  docker-latest-logrotate \
                  docker-logrotate \
sudo yum install -y yum-utils \
  device-mapper-persistent-data \
sudo yum-config-manager \
    --add-repo \
sudo yum install docker-ce docker-ce-cli --nobest

Now let's enable and start docker

sudo systemctl enable docker
sudo systemctl start docker

Now let's create the docker group and your admin user so that you can run the docker commands

sudo groupadd docker
(may say docker group already exists, this is fine)
sudo usermod -aG docker $USER
(this adds the current user you are logged in as, which should be your admin)

Now log out of ssh and log back in to get your new group membership.  Then run docker version as your admin user and you should get something like this.

docker version
Client: Docker Engine - Community
 Version:           19.03.8
 API version:       1.39 (downgraded from 1.40)
 Go version:        go1.12.17
 Git commit:        afacb8b
 Built:             Wed Mar 11 01:27:04 2020
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
  Version:          18.09.1
  API version:      1.39 (minimum version 1.12)
  Go version:       go1.10.6
  Git commit:       4c52b90
  Built:            Wed Jan  9 19:06:30 2019
  OS/Arch:          linux/amd64
  Experimental:     false

Now we need to install a few utilities for AWX.

sudo yum install python3 python3-devel git -y

sudo pip3 install docker docker-compose ansible

Now we need to clone the AWX GitHub repo.  At the time of this writing AWX 9.3.0 is out, but it didn’t seem to work for me, 9.2.0 on the other hand worked fine, so we will be getting that version.

git clone -b '9.2.0'

Next, we need to update the inventory file to point to our python3 install

cd awx/installer/
vi inventory

Change the ansible_python_interpreter on the first line to look like this:
ansible_python_interpreter="/usr/bin/env python3"

We have to do this because python3 is the default in CentOS 8 and newer

There are some options you can change in here and I would at least recommend changing the passwords to something that isn’t the default.  Also, the secret_key should be changed.

There are 4 passwords you can set.  One is the PostgreSQL DB password.  The next is the rabbitmq password. The next is the admin password for the web interface.  The last isn't so much a password as it is a decrypt key for credentials.  These 3 values are named like this in the inventory file


You can quickly generate a new password for these by using the following command

openssl rand -hex 32

This will give you a random 32 character password, just make sure you don't lose them, especially the secret_key.

The admin_password should be set to something you'll remember as you'll use it to login after installations is complete.

Now it is time to install AWX.  Run the following command and wait for the success message.

ansible-playbook -i inventory install.yml

This part does take several minutes, it is downloading the docker images and starting them with all the configuration on your machine.  It is very much dependent on your internet connection and the speed of your system.

When it finishes you should get something similar to this.

PLAY RECAP **********************************************************************************************************************************************************************************************************************************
localhost                  : ok=16   changed=8    unreachable=0    failed=0    skipped=94   rescued=0    ignored=0

You can run the following command to see the running containers

docker container ls
CONTAINER ID        IMAGE                    COMMAND                  CREATED              STATUS              PORTS                  NAMES
85dbace2bbd5        ansible/awx_task:9.2.0   "/tini -- /bin/sh -c…"   50 seconds ago       Up 48 seconds       8052/tcp               awx_task
fc4b48cc170a        ansible/awx_web:9.2.0    "/tini -- /bin/sh -c…"   About a minute ago   Up 48 seconds>8052/tcp   awx_web
46c9146ab856        redis                    "docker-entrypoint.s…"   About a minute ago   Up 48 seconds       6379/tcp               awx_redis
7e7e7dbda34d        memcached:alpine         "docker-entrypoint.s…"   About a minute ago   Up 48 seconds       11211/tcp              awx_memcached
7eff4975e315        postgres:10              "docker-entrypoint.s…"   About a minute ago   Up 48 seconds       5432/tcp               awx_postgres

AWX should be up and running.  Go to your servers ip and you should get the AWX login

Now that you have AWX up, get to experimenting and automating all the things.  I plan on posting some playbooks and how I setup my templates.

If you’d like to get in touch with me with questions or comments about anything I talk about feel free to reach out to me. You can email me or send me a DM on twitter. blog [@] (remove [], trying to avoid spambots) Twitter: