From the previous 2 parts we have set up Satellite and created our Ansible Playbooks, now we want to put it all together on Tower by creating the Job Templates and Workflows to make this happen.
In Part one we went over the setup of Satellite and Katello-cvmanager to perform the publish and promote in Satellite.
Now we want to create the playbooks that Ansible Tower with use in order to patch the servers and then setup the next lifecycle environment.
You want to create these playbooks, You can skip this section and grab them from my github repo HERE but as always understand what is being done before you just run them.
When it comes to Satellite the flow to patch our life cycle environments feels like a very manual process, after our sync plan completes, I need to publish a new version and then promote this through my environments ( Dev, QA, Prod etc ) What I want is this to be fairly hands off and have it done in the background automatically for me. And so let’s go over the steps needed to achieve this. Continue reading
I have come up many times where people request to be able to create AD DNS A Records or CNames for Linux Servers that are not going to be joined to the domain, I will go through how we can use Ansible Tower to do this for us. This is very similar to the AD Computer object however we also need to get the IP address as an extra variable for an A Record.
I often get asked to setup CloudForms to create AD Computer objects, this will show how to do this with Ansible Tower, the interesting issue we face is CloudForms by default sends the vm name as the limit field but for this we want to run the playbook on a set host and pass the vm name as a variable.
Due to the nature of Ansible when we work with Windows we no longer use SSH but instead WinRM. The default nature of Ansible is to use SSH, and to resolve this we need to specify the group of Windows servers to use WinRM instead of SSH.
Simple enough but we will need to automate this entire process. Continue reading
CloudForms now allows us to bring in Automate domains via Git, this is very useful as it gets around having to download a zip and then upload it, and we now have the ability to refresh them within CloudForms or change branches i.e lock it to the exact version of CloudForms we are using. Continue reading
This is a small guide to go through how to integrate Tower into CloudForms 4.5 as there are some issues with it out of the box.
Fix Missing Ansible Tower Job Launcher
Having CloudForms/ManageIQ provision servers is great but we want to be able to see the creation include any standards or applications at the end state. Typically in the past we added into the template a script to run when it starts up, this can include Puppet or Chef Agents that will talk back to the Master and ask what is needed to complete the build based off its hostname of custom facts on the instance. But not everyone has an existing configuration management framework already in place. Now with Ansible this is simple to achieve.
( This has been tested with PHPIPAM version 1.2 on ManageIQ Dharma and Cloudforms 4.1 with the gem httparty 1.13 and ManageIQ Eureka and Cloudforms 4.2 with the gem httparty 1.14.) Continue reading