一、ansible-tower简介

1）公司中实现运维自动化的架构中主要用到ansible，ansible脚本在部署服务器指令行中显得不太直观。Ansible-Tower（之前叫做awx）是将ansible的指令界面化，简明直观，简单易用。

2）Ansibke-tower其实就是一个图形化的任务调度，复杂服务部署，IT自动化的一个管理平台，属于发布配置管理系统，支持Api及界面操作，Django编写。

3）Ansible-tower可以通过界面从github拉取最新playbook实施服务部署，提高生产效率。当然它也提供一个RESET API和命令行的CLI以供python脚本调用

官方网站：https://www.ansible.com/products/tower

Ansible权威指南：http://www.ansible.com.cn/docs/tower.html

官方中文文档：https://docs.ansible.com/ansible-tower/3.8.4/html_zh/

官方安装文档：http://docs.ansible.com/ansible-tower/latest/html/quickinstall/index.html

官方源下载地址：http://releases.ansible.com/ansible-tower/setup-bundle/

二、ansible-tower安装及配置

[root@tower ~]# cd /opt/
[root@tower opt]# wget https://releases.ansible.com/ansible-tower/setup-bundle/ansible-tower-setup-bundle-3.8.3-2.tar.gz
[root@tower opt]# tar xf ansible-tower-setup-bundle-3.8.3-2.tar.gz
[root@tower opt]# cd ansible-tower-setup-bundle-3.8.3-2/
[root@tower ansible-tower-setup-bundle-3.8.3-2]# ls
backup.yml  bundle  group_vars  install.yml  inventory  licenses  README.md  rekey.yml  restore.yml  roles  setup.sh
[root@tower ansible-tower-setup-bundle-3.8.3-2]# vim inventory
[tower]
localhost ansible_connection=local
 
[database]
 
[all:vars]
admin_password='tower'   #tower登录密码
 
pg_host=''
pg_port=''
 
pg_database='awx'
pg_username='awx'
pg_password='tower'     # 必填项
pg_sslmode='prefer'  # set to 'verify-full' for client-side enforced SSL
 
rabbitmq_username=tower
rabbitmq_password='tower'    # 必填项
rabbitmq_cookie=cookiemonster
 
# Isolated Tower nodes automatically generate an RSA key for authentication;
# To disable this behavior, set this value to false
# isolated_key_generation=true
 
 
# SSL-related variables
 
# If set, this will install a custom CA certificate to the system trust store.
# custom_ca_cert=/path/to/ca.crt
 
# Certificate and key to install in nginx for the web UI and API
# web_server_ssl_cert=/path/to/tower.cert
# web_server_ssl_key=/path/to/tower.key
 
# Use SSL for RabbitMQ inter-node communication.  Because RabbitMQ never
# communicates outside the cluster, a private CA and certificates will be
# created, and do not need to be supplied.
# rabbitmq_use_ssl=False
 
# Server-side SSL settings for PostgreSQL (when we are installing it).
# postgres_use_ssl=False
# postgres_ssl_cert=/path/to/pgsql.crt
# postgres_ssl_key=/path/to/pgsql.key
 
#开始安装
#数据及各服务自动安装，可能需要rync,需要手动安装。
[root@tower ansible-tower-setup-bundle-3.8.6-2]# ./setup.sh

访问https://10.0.0.203/#/login

三、ansible-tower激活

步骤简述：

安装Ansible Tower，以setup.sh执行成功且完毕为开始
修改licensing.py文件
运行”ansible-tower-service restart”重启服务
Enjoy it

btw：不需要去官网申请Trial License

1. 安装

没什么好说的，setup.sh执行完了且不报错即可。说人话就是页面可以正常打开，没有任何报错。

2. 修改licensing.py文件

该文件位于：

1	/var/lib/awx/venv/awx/lib/python3.6/site-packages/awx/main/utils/licensing.py

该文件内的方法是负责License验证的核心，将其用你熟悉的编辑器打开

找到validate方法，该方法就负责License的验证，在我这其位于该文件的409行。行数可能随着版本的升级或修改不一定准确，以方法名为主。

该方法原文如下：

def validate(self):
    # Return license attributes with additional validation info.
    attrs = copy.deepcopy(self._attrs)
    type = attrs.get('license_type', 'none')

    if (type == 'UNLICENSED' or False):
        attrs.update(dict(valid_key=False, compliant=False))
        return attrs
    attrs['valid_key'] = True
    if Host:
        current_instances = Host.objects.active_count()
    else:
        current_instances = 0
    available_instances = int(attrs.get('instance_count', None) or 0)
    attrs['current_instances'] = current_instances
    attrs['available_instances'] = available_instances
    free_instances = (available_instances - current_instances)
    attrs['free_instances'] = max(0, free_instances)

    license_date = int(attrs.get('license_date', 0) or 0)
    current_date = int(time.time())
    time_remaining = license_date - current_date
    attrs['time_remaining'] = time_remaining
    if attrs.setdefault('trial', False):
        attrs['grace_period_remaining'] = time_remaining
    else:
        attrs['grace_period_remaining'] = (license_date + 2592000) - current_date
    attrs['compliant'] = bool(time_remaining > 0 and free_instances >= 0)
    attrs['date_warning'] = bool(time_remaining < self.SUBSCRIPTION_TIMEOUT)
    attrs['date_expired'] = bool(time_remaining <= 0)
    return attrs

将其改成这个样子即可：

def validate(self):
    # Return license attributes with additional validation info.
    attrs = copy.deepcopy(self._attrs)

    attrs['license_type'] = 'enterprise' # 设置License类型为企业版
    attrs['instance_count'] = MAX_INSTANCES # 设置Host数量为MAX_INSTANCES，即9999999。扛不住就改成自己需要的数。
    attrs['license_date'] = '2567433600' # 设置License过期日期为”2051-05-12 00:00:00“，Unix时间戳，有需要自己改
    attrs['subscription_name'] = 'mxd' # 你猜	

    type = attrs.get('license_type', 'none')

    # 注释掉下面的判断
    #if (type == 'UNLICENSED' or False):
        #attrs.update(dict(valid_key=False, compliant=False))
        #return attrs
    attrs['valid_key'] = True # 直接将 valid_key 设为 true
    if Host:
        current_instances = Host.objects.active_count()
    else:
        current_instances = 0
    available_instances = int(attrs.get('instance_count', None) or 0)
    attrs['current_instances'] = current_instances
    attrs['available_instances'] = available_instances
    free_instances = (available_instances - current_instances)
    attrs['free_instances'] = max(0, free_instances)

    license_date = int(attrs.get('license_date', 0) or 0)
    current_date = int(time.time())
    time_remaining = license_date - current_date
    attrs['time_remaining'] = time_remaining
    if attrs.setdefault('trial', False):
        attrs['grace_period_remaining'] = time_remaining
    else:
        attrs['grace_period_remaining'] = (license_date + 2592000) - current_date
    attrs['compliant'] = bool(time_remaining > 0 and free_instances >= 0)
    attrs['date_warning'] = bool(time_remaining < self.SUBSCRIPTION_TIMEOUT)
    attrs['date_expired'] = bool(time_remaining <= 0)
    return attrs