Workshops Home RHEL Network Security Windows Config as Code Open an Issue

Intro

In this section you will configure your private automation hub using the code provided that is missing some critical values/information that you will have to fill in yourself, based on the requirements and looking at readme’s for the roles.

Step 1

This lab uses ansible-navigator and has been tested against v3.4.1. It should be pre-installed on your machine.

Further documentation for those who are interested to learn more see:

Step 2

Create a file group_vars/all/ah_repositories.yml you will need to add infra.ah_configuration and infra.controller_configuration to the current list of community repositories and their remote counterpart.

---
ah_collection_remotes:
  - name: community-infra
    url: https://galaxy.ansible.com/
    requirements:
      - name: infra.ee_utilities
      - name: infra.aap_utilities
      - name: containers.podman
      - name: awx.awx
      - name: community.general

ah_collection_repositories:
  - name: community-infra-repo
    description: "description of community-infra repository"
    pulp_labels:
      pipeline: "approved"
    distribution:
      state: present
    remote: community-infra

ah_configuration_collection_repository_sync_async_delay: 5
ah_configuration_collection_repository_sync_async_retries: 150
...

Further documentation for those who are interested to learn more see:

Step 3

Create a file group_vars/all/ah_users.yml make sure this user has their password set to "{{ ah_token_password }}".

---
ah_token_username: "ah_token_user"
ah_users:
  - username: "{{ ah_token_username }}"
    groups:
      - "admin"
    append: true
    state: "present"
    is_superuser: true
...

Further documentation for those who are interested to learn more see:

Step 4

Create a file group_vars/all/ah_groups.yml and add ah_groups list with one (1) item in it with the name of admin and state is present. Do not set permisions. If you need more information follow the documentation link below.

Further documentation for those who are interested to learn more see:

Step 5

Create a playbook playbooks/hub_config.yml add in the collection_remote role name in the first task and the user role name in the last task.

---
- name: Configure private automation hub after installation
  hosts: all
  gather_facts: false
  connection: local
  vars_files:
    - "../vault.yml"
  tasks:
    - name: Include collection remote role
      ansible.builtin.include_role:
        name: infra.ah_configuration. # Insert Role Name here

    - name: Include collection repository role
      ansible.builtin.include_role:
        name: infra.ah_configuration.collection_repository

    - name: Include collection repository role
      ansible.builtin.include_role:
        name: infra.ah_configuration.collection_repository_sync

    - name: Include group role
      ansible.builtin.include_role:
        name: infra.ah_configuration.group

    - name: Include user role
      ansible.builtin.include_role:
        name: infra.ah_configuration. # Insert Role Name here
...

Step 6

The next step is to run the playbook, for demonstration purposes we are going to show how to get the Execution Environment(EE) that was built in the previous step and run the playbook.

If you wish to skip this step and use the CLI instead of navigator, see the alternate instructions in the next section.

Login to the automation hub using the podman login command. This will ask for a user:pass. After authenticating pull the config_as_code image.

Use the username: ‘admin’ and the password for your account in the workshop.

Replace rh#### with the correct shortname for the workshop.

podman login --tls-verify=false hub-student#.rh####.example.opentlc.com
podman pull --tls-verify=false hub-student#.rh####.example.opentlc.com/config_as_code:latest

Ansible navigator takes the following commands. The options used are

CLI Option Use
eei execution environment to use.
i inventory to use.
pa pull arguments to use, in this case ignore tls.
m which mode to use, defaults to interactive.

Use these options to run the playbook in the execution environment.

ansible-navigator run playbooks/hub_config.yml --eei hub-student#.rh####.example.opentlc.com/config_as_code -i inventory.yml -l automationhub --pa='--tls-verify=false' -m stdout

Step 6 (Alternate)

If someone was wrong with your execution environment, or want to run this in the CLI instead of Navigator, use the following commands.

ansible-galaxy collection install infra.ah_configuration:2.0.3
ansible-playbook -i inventory.yml -l automationhub playbooks/hub_config.yml

previous task next task