Voir :
pip3 install awxkit export AWXKIT_API_BASE_PATH=/api/controller/ awx --help
Connexion
export TOWER_HOST=https://aap.acme.local export TOWER_USERNAME=jean export TOWER_VERIFY_SSL=false read -s TOWER_PASSWORD #awx login --conf.host "$TOWER_HOST" --conf.username "$TOWER_USERNAME" --conf.password "$TOWER_PASSWORD" -k awx login awx ping | jq
Export
# awx --conf.host $TOWER_HOST --conf.token "TOKEN" export --projects "PLOP" > projects_PLOP.json # awx --conf.host $TOWER_HOST --conf.token "TOKEN" export --inventory "PLOP" > inventory_PLOP.json awx export --job_templates 42 awx export --job_template "plop" > tpl_plop.json awx export --credentials "IOPS_GIT" > credentials_IOPS_GIT.json # Exemple avec : http://localhost:3000/#/inventories/inventory/4/sources/15/details awx export --inventory 4 # Il ne faut pas le numero de l'inventaire, mais celui de la source awx export --inventory_source 15 awx -f yaml export > all.yaml
Vérif
for fic in tpl_*.json* ; do awx export --job_templates "$(cat $fic |jq -r '.job_templates[0].name')" > $fic.verif ; done
Import
export TOWER_HOST=https://aap.acme.local awx login awx import -v < tpl_388.json 2>err.log awx import < credentials_IOPS_GIT.json awx import < tpl_388.json
Autres commandes
awx jobs list --controller_node "old-aap.acme.local" -f human --filter id,name,started,completed --all awx job_templates get 176 awx job list -f human awx jobs list --all -f human --filter 'id,name,status' awx job stdout 6
Alternatives à Ansible Tower / APP :
Voir aussi
tower-job.sh
#!/bin/bash # tower-job # https://gist.github.com/philcryer/fdce90d0b06517a49ff2fdba41b579df # Variables tower_template_id=574 # Directions # # install tower-cli # sudo pip install tower-cli # # put this file in a root of your project # {{ project_root }}/tower-job # # create a file ~/.tower-cli.cfg with contents: # # [general] # host = fqdn.yourhost.com # username = your-username # password = ssssshhhhhhhh # # add variables from your tower survey to a vars file. we'll use group_vars/tower-job.yml # --- # survey_env: "DEV" # survey_version: "2.0" # survey_mychart_customer: "bob" # # define your job template ID # in variables above # job_template_id=574 # # make this file executable # chmod 755 tower-job # # then run it # ./tower-job set -e if [ ! -d 'group_vars' ]; then echo "No group_vars found, run this out of root of project"; exit 1 fi tower-cli job launch --job-template=$tower_template_id --extra-vars="@group_vars/tower-job.yml" | tee tower-job.pid job_id=$(cat tower-job.pid | tail -n2 | head -n1 | awk '{print $1}') rm tower-job.pid while [ $(tower-cli job list --status=running | grep $job_id | wc -l) -lt '1' ]; do echo -n "-"; sleep 5; done; tower-cli job monitor $job_id exit 0
https://www.insentra.com.au/protecting-the-automation-engine-backup-for-ansible-awx-project/
Voir aussi :
API Tower
pip install ansible-tower-cli https://docs.ansible.com/ansible-tower/3.3.6/html/administration/tipsandtricks.html https://docs.ansible.com/ansible-tower/latest/html/administration/tipsandtricks.html
tower-cli job launch --job-template=4 -v
AWX CLI https://docs.ansible.com/ansible-tower/latest/html/towercli/usage.html
tower-cli job launch --job-template=666 --extra-vars=“version=15601 githubuser=tomfotherby”
https://mitmproxy.org/#mitmproxy
https://sourceforge.net/projects/paros/
Ansible Tower API Guide
Authentification Controle d'acces (Authorization) Imputabilité (Accoutability) Tracabilité (Traceability) Disponibilité (Availability) Confidentialité (Confidentiality)
Habilitation : Vidéo - Infuser du métier dans les autorisations avec ReBAC (Geoffroy BRAUN et Pauline JAMIN)
RBAC :
Voir :
Execute Role
https://www.unixarena.com/2019/03/ansible-tower-awx-configuring-role-based-access-rbac.html/
How Can I Map Organizations and Teams with LDAP in Ansible Tower?
Ansible Tower Teams Teams provide a means to implement role-based access control schemes and delegate responsibilities across organizations.
tower-cli workflow_job list -W 2389 --status running