Install Oracle Linux Automation Manager on Oracle Linux

Introduction

The following lab provides instructions for installing Oracle Linux Automation Manager on Oracle Linux.

Objectives

In this lab, you'll learn how to:

• Enable the Oracle Linux DNF repository
• Set the firewall rules
• Download, install, and configure Oracle Linux Automation Manager

Prerequisites

• A system with Oracle Linux installed.

Enable the Oracle Linux DNF Repository and Set the Firewall Rules

Note: When using the free lab environment, see Oracle Linux Lab Basics for connection and other usage instructions.

Enable the required yum repositories and firewall rules before you install Oracle Linux Automation Manager.

1. Open a terminal and connect via ssh to the ol-automation-server node.

   ssh oracle@<ip_address_of_ol-automation-server_node>

2. Enable the latest Oracle Linux BaseOS repository.

   sudo dnf config-manager --enable ol8_baseos_latest
   

3. Install the Oracle Linux Automation Manager repository.

   sudo dnf -y install oraclelinux-automation-manager-release-el8
   

4. Enable the required repositories for installation.

   sudo dnf config-manager --enable ol8_automation2 ol8_addons ol8_UEKR7 ol8_appstream
   

5. Add the HTTP/HTTPS services to the firewall rules.

   sudo firewall-cmd --add-service=https --permanent
   sudo firewall-cmd --reload
   

Install a Local Postgresql Database

1. Enable the module stream.

   sudo dnf module reset postgresql
   sudo dnf -y module enable postgresql:13
   

2. Install the database.

   sudo dnf -y install postgresql-server
   

3. Initialize the database.

   sudo postgresql-setup --initdb
   

4. Switch the password storage mechanism to scram-sha-256.

   sudo sed -i "s/#password_encryption.*/password_encryption = scram-sha-256/" /var/lib/pgsql/data/postgresql.conf
   

5. Enable and start the database.

   sudo systemctl enable --now postgresql
   

6. Create the database user accounts.

   Important: For this free lab environment, use a password of password at the prompt. This password is not secure and is only used for demonstraton purposes in this environment.

   sudo su - postgres -c "createuser -S -P awx"
   

7. Create the database.

   sudo su - postgres -c "createdb -O awx awx"
   

8. Update host-based authentication file.

   echo "host  all  all 0.0.0.0/0 scram-sha-256" | sudo tee -a /var/lib/pgsql/data/pg_hba.conf > /dev/null
   

9. Update the database listener IP address.

   sudo sed -i "/^#port = 5432/i listen_addresses = '"$(hostname -i)"'" /var/lib/pgsql/data/postgresql.conf
   

10. Restart the database.

    sudo systemctl restart postgresql
    

Install and Configure Oracle Linux Automation Manager

1. Install the Oracle Linux Automation Manager package and any dependencies.

   sudo dnf -y install ol-automation-manager
   

2. Update the Redis configuration file.

   sudo sed -i '/^# unixsocketperm/a unixsocket /var/run/redis/redis.sock\nunixsocketperm 775' /etc/redis.conf
   

3. Add the CLUSTER_HOST_ID to a custom settings file.

   cat << EOF | sudo tee -a /etc/tower/conf.d/olam.py > /dev/null
   CLUSTER_HOST_ID = '$(hostname -i)'
   EOF
   

   Note: Using $(hostname -i) does not work for systems with IPv6 enabled due to spaces existing in the output. Use the system's hostname instead, which is possible using $(hostname -f), or some other string without spaces.

4. Fix permissions on the custom settings file.

   sudo chown awx.awx /etc/tower/conf.d/olam.py
   sudo chmod 0640 /etc/tower/conf.d/olam.py
   

5. Add database settings to a custom configuration file.

   cat << EOF | sudo tee /etc/tower/conf.d/db.py > /dev/null
   DATABASES = {
       'default': {
           'ATOMIC_REQUESTS': True,
           'ENGINE': 'awx.main.db.profiled_pg',
           'NAME': 'awx',
           'USER': 'awx',
           'PASSWORD': 'password',
           'HOST': '$(hostname -i)',
           'PORT': '5432',
       }
   }
   EOF
   

6. Fix permissions on the database custom configuration file.

   sudo chown awx.awx /etc/tower/conf.d/db.py
   sudo chmod 0640 /etc/tower/conf.d/db.py
   

7. Pull the Oracle Linux Automation Manager container image.

   sudo su -l awx -s /bin/bash
   podman system migrate
   podman pull container-registry.oracle.com/oracle_linux_automation_manager/olam-ee:latest
   

8. Create the Oracle Linux Automation Manager schema and admin user account.

   awx-manage migrate
   awx-manage createsuperuser --username admin --email admin@example.com
   

   Note: In the previous example, admin@example.com is an example email address of the admin user.

9. Enter and confirm the password for the admin user.

10. Exit the awx user shell.

    exit
    

11. Generate a SSL certificate for NGINX.

    sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
    -keyout /etc/tower/tower.key -out /etc/tower/tower.crt
    

    Enter the requested information or just hit the ENTER key.

12. Replace the default NGINX configuration.

    cat << EOF | sudo tee /etc/nginx/nginx.conf > /dev/null
    user nginx;
    worker_processes auto;
    error_log /var/log/nginx/error.log;
    pid /run/nginx.pid;
    
    # Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
    include /usr/share/nginx/modules/*.conf;
    
    events {
        worker_connections 1024;
    }
    
    http {
        log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for"';
    
        access_log  /var/log/nginx/access.log  main;
    
        sendfile            on;
        tcp_nopush          on;
        tcp_nodelay         on;
        keepalive_timeout   65;
        types_hash_max_size 2048;
    
        include             /etc/nginx/mime.types;
        default_type        application/octet-stream;
    
        # Load modular configuration files from the /etc/nginx/conf.d directory.
        # See http://nginx.org/en/docs/ngx_core_module.html#include
        # for more information.
        include /etc/nginx/conf.d/*.conf;
    }
    EOF
    

13. Update the Receptor configuration file.

    cat << EOF | sudo tee /etc/receptor/receptor.conf > /dev/null
    ---
    - node:
        id: $(hostname -i)
    
    - log-level: debug
    
    - tcp-listener:
        port: 27199
    
    - control-service:
        service: control
        filename: /var/run/receptor/receptor.sock
    
    - work-command:
        worktype: local
        command: /var/lib/ol-automation-manager/venv/awx/bin/ansible-runner
        params: worker
        allowruntimeparams: true
        verifysignature: false
    EOF
    

14. Provision an instance and register execution environments.

    sudo su -l awx -s /bin/bash
    awx-manage provision_instance --hostname=$(hostname -i) --node_type=hybrid
    awx-manage register_default_execution_environments
    awx-manage register_queue --queuename=default --hostnames=$(hostname -i)
    awx-manage register_queue --queuename=controlplane --hostnames=$(hostname -i)
    awx-manage create_preload_data
    exit
    

15. Start the service.

    sudo systemctl enable --now ol-automation-manager.service
    

16. Disconnect from the server.

    exit

Verify the Install

1. Using the same terminal window, configure an SSH tunnel.

   ssh -L 8444:localhost:443 oracle@<hostname or ip address>

   Note: In the previous example, <hostname or ip address> is the hostname or IP address of the system running Oracle Linux Automation Manager . If hostname is used, the host must be resolvable.

2. Open a web browser and enter the URL.

   https://localhost:8444

   Note: Approve the security warning based on the browser used. For Chrome, click the Advanced button and then the Proceed to localhost (unsafe) link.

3. Login to Oracle Linux Automation Manager with the USERNAME admin and the password created during setup.

For More Information

Oracle Linux Automation Manager Documentation
Oracle Linux Automation Manager Training
Oracle Linux Training Station