Centralize and control your IT infrastructure with a powerful web-based automation platform
In this HashiQube DevOps Lab, you'll get hands-on experience with Ansible AWX Tower - a web-based user interface, REST API, and task engine built on top of Ansible. AWX Tower provides a robust platform for:
- Managing credentials, inventories, projects, and playbooks
- Configuring AWX Tower using the CLI
- Triggering Ansible runs programmatically
AWX is the upstream open-source project for Red Hat Ansible Automation Platform, giving you enterprise-grade automation capabilities including:
- Visual dashboard for infrastructure management
- Role-based access control
- Job scheduling
- Integrated notifications
- Graphical inventory management
- REST API and CLI for integration with existing tools and processes
bash docker/docker.sh
bash minikube/minikube.sh
bash ansible-tower/ansible-tower.shvagrant up --provision-with basetools,docker,docsify,minikube,ansible-towerdocker compose exec hashiqube /bin/bash
bash bashiqube/basetools.sh
bash docker/docker.sh
bash docsify/docsify.sh
bash minikube/minikube.sh
bash ansible-tower/ansible-tower.shAfter provisioning, you can access AWX Ansible Tower at:
- URL: http://localhost:8043
- Username:
admin - Password: Displayed at the end of the provisioning operation
AWX Ansible Tower Dashboard
The login password is displayed at the end of the provisioning process
The following components were automatically configured during provisioning, but this guide will show you how to create them manually as well.
Projects in AWX Tower represent a collection of Ansible playbooks. You can connect to source control management (SCM) systems like Git.
Creating a new project in AWX Tower
# Command used during auto-provisioning:
sudo --preserve-env=PATH -u vagrant /home/vagrant/.local/bin/awx projects create \
--organization 'Default' \
--scm_update_on_launch true \
--scm_url https://github.com/star3am/ansible-role-example-role \
--scm_type git \
--name ansible-role-example-role \
--description ansible-role-example-role \
--wait $AWX_COMMONCredentials allow AWX Tower to authenticate with the systems you're managing.
Creating machine credentials in AWX Tower
# Command used during auto-provisioning:
sudo --preserve-env=PATH -u vagrant /home/vagrant/.local/bin/awx credentials create \
--credential_type 'Machine' \
--organization 'Default' \
--name 'ansible' \
--inputs '{"username": "vagrant", "password": "vagrant"}' \
$AWX_COMMONInventories define the hosts and groups that AWX Tower will manage.
Creating a new inventory in AWX Tower
# Command used during auto-provisioning:
sudo --preserve-env=PATH -u vagrant /home/vagrant/.local/bin/awx inventory create \
--name 'Demo Inventory' \
--description 'Demo Inventory' \
--organization 'Default' \
--wait $AWX_COMMONJob templates combine projects, inventories, and credentials to create runnable automation tasks.
Creating a job template in AWX Tower
Additional job template settings for triggering capabilities
# Command used during auto-provisioning:
sudo --preserve-env=PATH -u vagrant /home/vagrant/.local/bin/awx job_templates create \
--name ansible-role-example-role \
--description ansible-role-example-role \
--job_type run \
--inventory 'Demo Inventory' \
--project 'ansible-role-example-role' \
--become_enabled true \
--ask_limit_on_launch true \
--ask_tags_on_launch true \
--playbook site.yml \
--ask_variables_on_launch true \
--wait $AWX_COMMONOne powerful feature of AWX Tower is the ability to trigger jobs via API callbacks:
# SSH into Hashiqube
vagrant ssh
# Trigger an Ansible run via API callback
curl -s -i -X POST -H Content-Type:application/json \
--data '{"host_config_key": "UL3H6uRtDozHA13trZudrUwUPBw4rSo7rRvi"}' \
https://10.9.99.10:8043/api/v2/job_templates/9/callback/ -v -k
Jobs view showing successful job execution
Detailed job execution information
When working with Windows hosts, additional configuration is required:
Creating a job template for Windows hosts
Extra variables needed for Windows automation
# Required extra variables for Windows hosts
ansible_shell_type: cmd
ansible_connection: sshTo trigger a Windows job via PowerShell:
powershell.exe -Command "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;[System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true };Invoke-WebRequest -UseBasicParsing -Uri https://10.9.99.10:8043/api/v2/job_templates/10/callback/ -Method POST -Body @{host_config_key='UL3H6uRtDozHA13trZudrUwUPBw4rSo7rRvi'}"
Windows job execution details
AWX CLI provides a powerful way to interact with AWX Tower from the command line, making it ideal for integration with CI/CD pipelines:
# Install the CLI tools
pip3 install awxkit # For AWX
pip3 install ansible-tower-cli # For Ansible Tower
# Example: Launch a job template and monitor its status
awx --conf.host https://10.9.99.10:8043 -f human job_templates launch 9 \
--monitor --filter status --conf.insecure \
--conf.username admin --conf.password passwordYou can easily integrate AWX Tower with Terraform for infrastructure automation:
locals {
timestamp = timestamp()
}
resource "null_resource" "awx_cli" {
triggers = {
timestamp = local.timestamp
}
provisioner "remote-exec" {
inline = [
"/home/vagrant/.local/bin/awx --conf.host https://10.9.99.10:8043 -f human job_templates launch 9 --monitor --filter status --conf.insecure --conf.username admin --conf.password password",
]
connection {
type = "ssh"
user = "vagrant"
password = "vagrant"
host = "10.9.99.10"
}
}
provisioner "local-exec" {
command = "/usr/local/bin/awx --conf.host https://10.9.99.10:8043 -f human job_templates launch 9 --monitor --filter status --conf.insecure --conf.username admin --conf.password password"
}
}