Ansible Tower with TripleO

I was asked to look into integrating Ansible Tower with TripleO a while back. It actually wasn't that difficult to do, but I've finally gotten around to recording a demo video showing how. In this post I will also provide a brief overview of how I installed Ansible Tower.

First, the Ansible Tower and TripleO video. It should be noted that from the time I started working on this to the time I recorded the demo, it seems Tower released a new version that moved some things around. YMMV on whether your version of Tower exactly matches up with mine, but the basic steps should be the same.

I will also note that we've removed the hiera call in stackrc in recent versions of master TripleO (this is during the Queens cycle, for those reading later) so it should no longer be necessary to manually retrieve the password. This had the extra beneficial effect of making stackrc usable on any non-undercloud system, not just one running Ansible Tower.

Finally, a quick overview of how I set up this environment. First, I stood up an OpenStack Virtual Baremetal environment that included an undercloud, two overcloud nodes, and an extra node for Tower. The extra node functionality is a recent addition to OVB (note that that commit was missing a necessary file, this was fixed in a followup commit. I recommend just using latest master in any case though). I do not believe Ansible Tower could be installed directly on the undercloud due to Tower and the undercloud wanting to manage some of the same services.

I deployed TripleO as documented into the environment and then set up the Tower VM according to their install guide. It may be worth noting that I used CentOS for the TripleO deployment but RHEL for the Tower instance.

For reference, here were the major steps I took:

1. Subscribe the system to the necessary repos:
   # Register the node
sudo subscription-manager register
# Find the appropriate pool from the list
sudo subscription-manager list --available | less
# Attach to the pool. Note that this is a Red Hat employee pool, so if you don't work for Red Hat your pool will be different
sudo subscription-manager attach --pool 8a85f9833e1404a9013e3cddf99305e6
# Disable all repos to start clean. This avoids issues if your pool auto-enables some repos.
sudo subscription-manager repos --disable '*'
# Enable the necessary repos. As of this writing RHEL OSP 11 was the latest version, but those packages didn't work properly with the upstream Queens (which will be OSP 13) undercloud that I was using so I had to use upstream OpenStack packages. If you're using all RHEL OSP you should enable the appropriate repo here.
sudo subscription-manager repos --enable rhel-7-server-rpms --enable rhel-7-server-extras-rpms --enable rhel-7-server-rh-common-rpms #--enable rhel-7-server-openstack-11-rpms

2. Download and extract Ansible Tower
   wget https://releases.ansible.com/ansible-tower/setup/ansible-tower-setup-latest.tar.gz
tar zxvf ansible-tower-setup-latest.tar.gz
# This version will change over time
cd ansible-tower-setup-3.2.1

3. Edit the inventory to set passwords, as described in the Tower install docs
4. Run the install: sudo ./setup.sh
5. Set the Tower password: sudo tower-manage changepassword admin
6. On your first visit to the Tower web UI you will need to register it with the key you get from Ansible. I believe there are trial keys available if you're just looking to kick the tires.

In my OVB environment, I had to set an IP address on the provisioning interface for the Tower VM. I did this with sudo ifconfig eth1 9.1.1.111 netmask 255.255.255.0. As noted above, I also enabled the upstream OpenStack and TripleO repos per the TripleO docs.

That's the basics of using Ansible Tower with TripleO. I know I've only scratched the surface of what Tower can do, but these basic steps should enable the use of all Tower's features with TripleO deployments. As always, if you have any questions or comments please let me know.