Hetzner Cloud is a well-known Internet hosting company and data center operator from Gunzenhausen, Germany. Hetzner Cloud provides best-in-class performance with the help of Intel® Xeon® Gold processor, AMD EPYC second Generation, and speedy NVMe SSDs. Hetzner Cloud also offers services that are good to go in seconds with incredible performance.
AWX is a free, open-source web application that provides a user interface, task engine, and REST API for Ansible. The AWX allows users to manage Ansible inventories, playbooks and schedule jobs to run using the web interface. AWX is beneficial for wider environments, but even smaller environments can benefit from using AWX.
Since AWX version 18.0.0, deploying it to a single host is no longer supported, and users should use Kubernetes instead. However, in some cases (significantly smaller setups), if users want to run AWX without the overhead Kubernetes provides, follow the below steps.
Requirements
The AWX installation requires the following minimum requirements:
- 4 GB RAM
- 2 CPU cores
- 20 GB storage
A Hetzner Cloud server of type CX21 easily fits the above requirements with additional storage. Any other, bigger Hetzner Cloud server (or even bare metal) would also work, but we’re choosing a CX21 server type for this tutorial.
Step 1: Setting up the Server
It is expected to have a fresh installation of Ubuntu 20.04 on the server.
Step 1.1: Configure the Firewall
First, we want to configure some basic Firewall rules for our server. When using a cloud server, users can use the integrated Firewall feature. While configuring the Firewall, users should configure the following inbound Firewall rules:
Source | Protocol | Port | Comment |
Any | ICMP | – | Ping |
Any | TCP | 22 | SSH |
Any | TCP | 80 | HTTP |
Any | TCP | 443 | HTTPS |
Sep 1.2: Install Required Packages
Log in to the server as root user and execute the following commands:
# Update host OS, just in case... apt update && apt upgrade -y # Install packages required to install docker apt install -y \ apt-transport-https \ ca-certificates \ curl \ gnupg \ lsb-release # Grab and install the Docker Archive GPG key curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg # Add apt repository echo \ "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list # Update package cache apt update # Install docker and docker-compose apt install -y docker-ce docker-ce-cli containerd.io docker-compose # Install other required packages apt install -y git ansible make nginx certbot python3-certbot-nginx
Step 2: Install AWX
To install AWS, follow the below steps:
Step 2.1: Create AWX User
- First, log in to the server as root users.
- To create a user that will be used to manage AWX by executing the following commands:
# Create user useradd -s /bin/bash -md /opt/awx awx # Allow user awx to use docker gpasswd -a awx docker
Step 2.2: Checkout AWX Repository
- To install AWX, we first need to clone the Git repository. The Git repository contains some useful scripts that make running it locally relatively a bit easier.
- First, switch the user to the newly created AWX user by executing the following command:
#Switch user su - awx
- At the time of writing, the latest AWX version was 19.2.2. Users can find the latest AWX version details on their releases page. Replace 19.2.2 with the latest version number when executing the below command.
# Clone AWX Git Repository git clone -b 19.2.2 https://github.com/ansible/awx.git
- Additionally, we will be cloning the awx-logos repository to replace the placeholder images with the official AWX logos by executing the following command.
# Clone AWX Log Repository git clone https://github.com/ansible/awx-logos.git
Step 2.3: Configure AWX
After cloning the latest version of AWX, it’s time to configure AWX. First, create a new branch to simply merge the changes with later versions of AWX by executing the following commands:
cd awx git switch -c my_awx
Next, copy the respective assets from the awx-logos repository into AWX by executing the following command:
cp /opt/awx/awx-logos/awx/ui/client/assets/favicon.ico \ /opt/awx/awx-logos/awx/ui/client/assets/logo-header.svg \ /opt/awx/awx-logos/awx/ui/client/assets/logo-login.svg \ awx/ui_next/public/static/media/
After executing the above command, start editing the configuration files. The user should set the hostname they are running as AWX and disable the Debug mode as a baseline. In the below command, replace the awx.example.com value with the hostname used for AWX:
# Set hostname echo "CSRF_TRUSTED_ORIGINS = ['awx.example.com']" >> tools/docker-compose/ansible/roles/sources/files/local_settings.py echo "ALLOWED_HOSTS = ['awx.example.com']" >> tools/docker-compose/ansible/roles/sources/files/local_settings.py # Disable debug mode echo "DEBUG = False" >> tools/docker-compose/ansible/roles/sources/files/local_settings.py
Depending on the user setup, they might want to change additional options. For example, if users want to use an external PostgreSQL database, they can configure it in the tools/docker-compose/inventory directory. After that, commit the changes. To do so, configure the Git identity by executing the following commands:
git config --global user.email "user@example.com" git config --global user.name "User Name"
If the user does not want to run any codestyle checks, we can bypass those with AWX_IGNORE_BLACK=1, as shown below:
git add . AWX_IGNORE_BLACK=1 git commit -m "AWX config changes"
Step 2.4: Run AWX
First, render the docker-compose manifest for AWX by executing the following command:
make docker-auth awx/projects docker-compose-sources
By default, a source deployment of AWX comes without User Interface files. To build them, execute the following command. Note that this will take several minutes, depending on the server. Execute the following command to generate the User Interface files:
docker-compose -f tools/docker-compose/_sources/docker-compose.yml run --rm awx_1 make clean-ui ui-devel
Once the UI files have been built, start AWX with docker-compose:
docker-compose -f tools/docker-compose/_sources/docker-compose.yml up -d
Upon the first run, AWX will apply database migrations, which might take some time to complete. Users can check the progress with docker logs tools_awx_1.
Once AWX is ready, change the password for the admin user by executing the following command:
docker exec -ti tools_awx_1 awx-manage changepassword admin
Step 3: Configure Nginx
Depending on the user’s setup, change the default settings /etc/nginx/sites-available/default as per their requirements:
server { listen 80 default_server; listen [::]:80 default_server; server_name awx.example.com; location / { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_pass http://localhost:8013; } }
After changing the configuration, execute the following command to reload the Nginx service:
systemctl reload nginx
Next, run the following command and follow the instructions on-screen to set up a certbot for Let’s Encrypt certificates. Leave all the parameters as default except the set up a redirect parameter (Select Option 2).
certbot
Step 4: Settings in the AWX frontend
Once AWX is up and running, the user needs to change some additional settings in the frontend. For that, visit https://awx.example.com/#/settings/miscellaneous_system/details and set the following options:
- Adjust Base URL of the service
- Add “HTTP_X_FORWARDED_FOR” to Remote Host Headers
Conclusion
This tutorial presents the steps to set up and configure AWX on Ubuntu 20.04 server without using Kubernetes in Hetzner Cloud. Hope this tutorial was helpful, and do reach out to us if you have any query or suggestions.