Install Oracle Linux Automation Manager on Oracle Linux
Introduction
Oracle Linux Automation Manager is a task engine and web-based graphical user interface (GUI) for scheduling and running Oracle Linux Automation Engine playbooks against inventories of remote hosts. This suite of tools allows administrators to easily manage their IT infrastructure and complete repetitive tasks in a known and predictable manner, avoiding common manual-based administration issues.
The Oracle Linux Automation Engine is a tool for managing and running administration tasks using code-based infrastructure as Code (IaC) YAML definition files called playbooks. These playbooks include instructional tasks such as deploying software, configuring systems, and orchestrating upgrades and updates.
Objectives
In this tutorial, you'll learn how to:
- Enable the Oracle Linux DNF repository
- Set the firewall rules
- Download, install, and configure a single-host Oracle Linux Automation Manager
Prerequisites
- A system with Oracle Linux installed.
Deploy Oracle Linux
Note: If running in your own tenancy, read the linux-virt-labs GitHub project README.md and complete the prerequisites before deploying the lab environment.
Open a terminal on the Luna Desktop.
Clone the
linux-virt-labsGitHub project.git clone https://github.com/oracle-devrel/linux-virt-labs.gitChange into the working directory.
cd linux-virt-labs/olamInstall the required collections.
ansible-galaxy collection install -r requirements.ymlUpdate the Oracle Linux instance configuration.
cat << EOF | tee instances.yml > /dev/null compute_instances: 1: instance_name: "olam-node" type: "control" EOFDeploy the lab environment.
ansible-playbook create_instance.yml -e ansible_python_interpreter="/usr/bin/python3.6" -e instances.ymlThe free lab environment requires the extra variable
ansible_python_interpreterbecause it installs the RPM package for the Oracle Cloud Infrastructure SDK for Python. The location for this package's installation is under the python3.6 modules.The default deployment shape uses the AMD CPU and Oracle Linux 8. To use an Intel CPU or Oracle Linux 9, add
-e instance_shape="VM.Standard3.Flex"or-e os_version="9"to the deployment command.Important: Wait for the playbook to run successfully and reach the pause task. The Oracle Linux Automation Manager installation is complete at this stage of the playbook, and the instances are ready. Take note of the previous play, which prints the public and private IP addresses of the nodes it deploys.
Enable the Oracle Linux DNF Repository and Set the Firewall Rules
Enable the required yum repositories and firewall rules before you install Oracle Linux Automation Manager.
Open a terminal and connect via ssh to the olam-node node.
ssh oracle@<ip_address_of_instance>Install the Oracle Linux Automation Manager repository.
sudo dnf -y install oraclelinux-automation-manager-release-el8This command enables the ol8_automation2.2 repository as a default for installing Oracle Linux Automation Manager packages.
Add the HTTP/HTTPS services to the firewall rules.
sudo firewall-cmd --add-service=https --permanent sudo firewall-cmd --reload
Install a Local PostgreSQL Database
Enable the module stream.
sudo dnf module reset postgresql sudo dnf -y module enable postgresql:13Install the database.
sudo dnf -y install postgresql-serverInitialize the database.
sudo postgresql-setup --initdbSwitch the password storage mechanism to scram-sha-256.
sudo sed -i "s/#password_encryption.*/password_encryption = scram-sha-256/" /var/lib/pgsql/data/postgresql.confEnable and start the database.
sudo systemctl enable --now postgresqlCreate the database user accounts.
Important: For this free lab environment, use a password of
passwordat the prompt. This password is not secure, and we only use this password for demonstration purposes in this environment.sudo su - postgres -c "createuser -S -P awx"Create the database.
sudo su - postgres -c "createdb -O awx awx"Update host-based authentication file.
echo "host all all 0.0.0.0/0 scram-sha-256" | sudo tee -a /var/lib/pgsql/data/pg_hba.conf > /dev/nullUpdate the database listener's IP address.
sudo sed -i "/^#port = 5432/i listen_addresses = '"$(hostname -i)"'" /var/lib/pgsql/data/postgresql.confUpdate the database memory requirements.
These calculations leverage the system's total memory in megabytes and replace the default values in the PostgreSQL configuration file.
export TOTAL_MEMORY="$(free --mega | awk 'FNR == 2 {print $2}')" sudo sed -i 's/max_connections = 100/max_connections = 1024/g' /var/lib/pgsql/data/postgresql.conf sudo sed -i "/^shared_buffers =/c\shared_buffers = $( echo "($TOTAL_MEMORY*0.3)/1" | bc )" /var/lib/pgsql/data/postgresql.conf sudo sed -i "/^#work_mem =/c\work_mem = $( echo "($TOTAL_MEMORY*0.3)/1" | bc )" /var/lib/pgsql/data/postgresql.conf sudo sed -i "/^#maintenance_work_mem =/c\maintenance_work_mem = $( echo "($TOTAL_MEMORY*0.4)/1" | bc )" /var/lib/pgsql/data/postgresql.confRestart the database.
sudo systemctl restart postgresql
Install and Configure Oracle Linux Automation Manager
Install the Oracle Linux Automation Manager package and any dependencies.
sudo dnf -y install ol-automation-managerUpdate the Redis configuration file.
sudo sed -i '/^# unixsocketperm/a unixsocket /var/run/redis/redis.sock\nunixsocketperm 775' /etc/redis.confAdd the CLUSTER_HOST_ID to a custom settings file.
cat << EOF | sudo tee -a /etc/tower/conf.d/olam.py > /dev/null CLUSTER_HOST_ID = '$(hostname -i)' EOFNote: Using
$(hostname -i)does not work for systems with IPv6 enabled due to spaces existing in the output. Use the system's hostname instead, which is possible using$(hostname -f), or some other string without spaces.Update permissions on the custom settings file.
sudo chown awx.awx /etc/tower/conf.d/olam.py sudo chmod 0640 /etc/tower/conf.d/olam.pyAdd database settings to a custom configuration file.
cat << EOF | sudo tee /etc/tower/conf.d/db.py > /dev/null DATABASES = { 'default': { 'ATOMIC_REQUESTS': True, 'ENGINE': 'awx.main.db.profiled_pg', 'NAME': 'awx', 'USER': 'awx', 'PASSWORD': 'password', 'HOST': '$(hostname -i)', 'PORT': '5432', } } EOFUpdate permissions on the database custom configuration file.
sudo chown awx.awx /etc/tower/conf.d/db.py sudo chmod 0640 /etc/tower/conf.d/db.pyPull the Oracle Linux Automation Manager container image.
sudo su -l awx -s /bin/bash podman system migrate podman pull container-registry.oracle.com/oracle_linux_automation_manager/olam-ee:2.2Create the Oracle Linux Automation Manager schema and admin user account.
awx-manage migrate awx-manage createsuperuser --username admin --email admin@example.comNote: In the previous example,
admin@example.comis an example email address of the admin user.Enter and confirm the password for the admin user.
Exit the awx user shell.
exitGenerate an SSL certificate for NGINX.
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \ -keyout /etc/tower/tower.key -out /etc/tower/tower.crtEnter the requested information or just hit the
ENTERkey.Replace the default NGINX configuration.
cat << EOF | sudo tee /etc/nginx/nginx.conf > /dev/null user nginx; worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; # Load dynamic modules. See /usr/share/doc/nginx/README.dynamic. include /usr/share/nginx/modules/*.conf; events { worker_connections 1024; } http { log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; include /etc/nginx/mime.types; default_type application/octet-stream; # Load modular configuration files from the /etc/nginx/conf.d directory. # See http://nginx.org/en/docs/ngx_core_module.html#include # for more information. include /etc/nginx/conf.d/*.conf; } EOFUpdate the Receptor configuration file.
cat << EOF | sudo tee /etc/receptor/receptor.conf > /dev/null --- - node: id: $(hostname -i) - log-level: debug - tcp-listener: port: 27199 - control-service: service: control filename: /var/run/receptor/receptor.sock - work-command: worktype: local command: /var/lib/ol-automation-manager/venv/awx/bin/ansible-runner params: worker allowruntimeparams: true verifysignature: false EOFProvision an instance and register execution environments.
sudo su -l awx -s /bin/bash awx-manage provision_instance --hostname=$(hostname -i) --node_type=hybrid awx-manage register_default_execution_environments awx-manage register_queue --queuename=default --hostnames=$(hostname -i) awx-manage register_queue --queuename=controlplane --hostnames=$(hostname -i) awx-manage create_preload_data exitStart the service.
sudo systemctl enable --now ol-automation-manager.serviceDisconnect from the server.
exit
Verify the Install
Using the same terminal window, configure an SSH tunnel.
ssh -L 8444:localhost:443 oracle@<ip_address_of_instance>Note: In the previous example,
<ip_address_of_instance>is the hostname or IP address of the system running Oracle Linux Automation Manager. If you use the hostname, the host must be resolvable.Open a web browser and enter the URL.
https://localhost:8444Note: Approve the security warning based on the browser used. For Chrome, click the
Advancedbutton and then theProceed to localhost (unsafe)link.Login to Oracle Linux Automation Manager with the USERNAME
adminand the password created during setup.
Next Steps
With Oracle Linux Automation Manager installed, you can start exploring the web user interface and the various product features to help automate your infrastructure. Check out our additional training on the Oracle Linux Training Station to expand your knowledge and get ideas.
Related Links
Oracle Linux Automation Manager Documentation
Oracle Linux Automation Manager Training
Oracle Linux Training Station