Install Oracle Linux Automation Manager on Oracle Linux

Introduction

Oracle Linux Automation Manager is a task engine and web-based graphical user interface (GUI) for scheduling and running Oracle Linux Automation Engine playbooks against inventories of remote hosts. This suite of tools allows administrators to easily manage their IT infrastructure and complete repetitive tasks in a known and predictable manner, avoiding common manual-based administration issues.

The Oracle Linux Automation Engine is a tool for managing and running administration tasks using code-based infrastructure as Code (IaC) YAML definition files called playbooks. These playbooks include instructional tasks such as deploying software, configuring systems, and orchestrating upgrades and updates.

Objectives

In this tutorial, you’ll learn how to:

• Enable the Oracle Linux DNF repository
• Set the firewall rules
• Download, install, and configure a single-host Oracle Linux Automation Manager

Prerequisites

• A system with Oracle Linux installed.

Deploy Oracle Linux

Note: If running in your own tenancy, read the linux-virt-labs GitHub project README.md and complete the prerequisites before deploying the lab environment.

1. Open a terminal on the Luna Desktop.

2. Clone the linux-virt-labs GitHub project.

   git clone https://github.com/oracle-devrel/linux-virt-labs.git
   

3. Change into the working directory.

   cd linux-virt-labs/olam
   

4. Install the required collections.

   ansible-galaxy collection install -r requirements.yml
   

5. Update the Oracle Linux instance configuration.

   cat << EOF | tee instances.yml > /dev/null
   compute_instances:
     1:
       instance_name: "olam-node"
       type: "control"
   EOF
   

6. Deploy the lab environment.

   ansible-playbook create_instance.yml -e ansible_python_interpreter="/usr/bin/python3.6" -e instances.yml
   

   The free lab environment requires the extra variable ansible_python_interpreter because it installs the RPM package for the Oracle Cloud Infrastructure SDK for Python. The location for this package’s installation is under the python3.6 modules.

   The default deployment shape uses the AMD CPU and Oracle Linux 8. To use an Intel CPU or Oracle Linux 9, add -e instance_shape="VM.Standard3.Flex" or -e os_version="9" to the deployment command.

   Important: Wait for the playbook to run successfully and reach the pause task. The Oracle Linux Automation Manager installation is complete at this stage of the playbook, and the instances are ready. Take note of the previous play, which prints the public and private IP addresses of the nodes it deploys.

Enable the Oracle Linux DNF Repository and Set the Firewall Rules

Enable the required yum repositories and firewall rules before you install Oracle Linux Automation Manager.

1. Open a terminal and connect via ssh to the olam-node node.

   ssh oracle@<ip_address_of_instance>
   

2. Install the Oracle Linux Automation Manager repository.

   sudo dnf -y install oraclelinux-automation-manager-release-el8   
   

   This command enables the ol8_automation2.2 repository as a default for installing Oracle Linux Automation Manager packages.

3. Add the HTTP/HTTPS services to the firewall rules.

   sudo firewall-cmd --add-service=https --permanent
   sudo firewall-cmd --reload
   

Install a Local PostgreSQL Database

1. Enable the module stream.

   sudo dnf module reset postgresql
   sudo dnf -y module enable postgresql:13
   

2. Install the database.

   sudo dnf -y install postgresql-server
   

3. Initialize the database.

   sudo postgresql-setup --initdb
   

4. Switch the password storage mechanism to scram-sha-256.

   sudo sed -i "s/#password_encryption.*/password_encryption = scram-sha-256/" /var/lib/pgsql/data/postgresql.conf
   

5. Enable and start the database.

   sudo systemctl enable --now postgresql
   

6. Create the database user accounts.

   Important: For this free lab environment, use a password of password at the prompt. This password is not secure, and we only use this password for demonstration purposes in this environment.

   sudo su - postgres -c "createuser -S -P awx"
   

7. Create the database.

   sudo su - postgres -c "createdb -O awx awx"
   

8. Update host-based authentication file.

   echo "host  all  all 0.0.0.0/0 scram-sha-256" | sudo tee -a /var/lib/pgsql/data/pg_hba.conf > /dev/null
   

9. Update the database listener’s IP address.

   sudo sed -i "/^#port = 5432/i listen_addresses = '"$(hostname -i)"'" /var/lib/pgsql/data/postgresql.conf
   

10. Update the database memory requirements.

    These calculations leverage the system’s total memory in megabytes and replace the default values in the PostgreSQL configuration file.

    export TOTAL_MEMORY="$(free --mega | awk 'FNR == 2 {print $2}')"
    sudo sed -i 's/max_connections = 100/max_connections = 1024/g' /var/lib/pgsql/data/postgresql.conf
    sudo sed -i "/^shared_buffers =/c\shared_buffers = $( echo "($TOTAL_MEMORY*0.3)/1" | bc )" /var/lib/pgsql/data/postgresql.conf
    sudo sed -i "/^#work_mem =/c\work_mem = $( echo "($TOTAL_MEMORY*0.3)/1" | bc )" /var/lib/pgsql/data/postgresql.conf
    sudo sed -i "/^#maintenance_work_mem =/c\maintenance_work_mem = $( echo "($TOTAL_MEMORY*0.4)/1" | bc )" /var/lib/pgsql/data/postgresql.conf
    

11. Restart the database.

    sudo systemctl restart postgresql
    

Install and Configure Oracle Linux Automation Manager

1. Install the Oracle Linux Automation Manager package and any dependencies.

   sudo dnf -y install ol-automation-manager
   

2. Update the Redis configuration file.

   sudo sed -i '/^# unixsocketperm/a unixsocket /var/run/redis/redis.sock\nunixsocketperm 775' /etc/redis.conf
   

3. Add the CLUSTER_HOST_ID to a custom settings file.

   cat << EOF | sudo tee -a /etc/tower/conf.d/olam.py > /dev/null
   CLUSTER_HOST_ID = '$(hostname -i)'
   EOF
   

   Note: Using $(hostname -i) does not work for systems with IPv6 enabled due to spaces existing in the output. Use the system’s hostname instead, which is possible using $(hostname -f), or some other string without spaces.

4. Update permissions on the custom settings file.

   sudo chown awx.awx /etc/tower/conf.d/olam.py
   sudo chmod 0640 /etc/tower/conf.d/olam.py
   

5. Add database settings to a custom configuration file.

   cat << EOF | sudo tee /etc/tower/conf.d/db.py > /dev/null
   DATABASES = {
       'default': {
           'ATOMIC_REQUESTS': True,
           'ENGINE': 'awx.main.db.profiled_pg',
           'NAME': 'awx',
           'USER': 'awx',
           'PASSWORD': 'password',
           'HOST': '$(hostname -i)',
           'PORT': '5432',
       }
   }
   EOF
   

6. Update permissions on the database custom configuration file.

   sudo chown awx.awx /etc/tower/conf.d/db.py
   sudo chmod 0640 /etc/tower/conf.d/db.py
   

7. Pull the Oracle Linux Automation Manager container image.

   sudo su -l awx -s /bin/bash
   podman system migrate
   podman pull container-registry.oracle.com/oracle_linux_automation_manager/olam-ee:2.2
   

8. Create the Oracle Linux Automation Manager schema and admin user account.

   awx-manage migrate
   awx-manage createsuperuser --username admin --email admin@example.com
   

   Note: In the previous example, admin@example.com is an example email address of the admin user.

9. Enter and confirm the password for the admin user.

10. Exit the awx user shell.

    exit
    

11. Generate an SSL certificate for NGINX.

    sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
    -keyout /etc/tower/tower.key -out /etc/tower/tower.crt
    

    Enter the requested information or just hit the ENTER key.

12. Replace the default NGINX configuration.

    cat << EOF | sudo tee /etc/nginx/nginx.conf > /dev/null
    user nginx;
    worker_processes auto;
    error_log /var/log/nginx/error.log;
    pid /run/nginx.pid;
    
    # Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
    include /usr/share/nginx/modules/*.conf;
    
    events {
        worker_connections 1024;
    }
    
    http {
        log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for"';
    
        access_log  /var/log/nginx/access.log  main;
    
        sendfile            on;
        tcp_nopush          on;
        tcp_nodelay         on;
        keepalive_timeout   65;
        types_hash_max_size 2048;
    
        include             /etc/nginx/mime.types;
        default_type        application/octet-stream;
    
        # Load modular configuration files from the /etc/nginx/conf.d directory.
        # See http://nginx.org/en/docs/ngx_core_module.html#include
        # for more information.
        include /etc/nginx/conf.d/*.conf;
    }
    EOF
    

13. Update the Receptor configuration file.

    cat << EOF | sudo tee /etc/receptor/receptor.conf > /dev/null
    ---
    - node:
        id: $(hostname -i)
    
    - log-level: debug
    
    - tcp-listener:
        port: 27199
    
    - control-service:
        service: control
        filename: /var/run/receptor/receptor.sock
    
    - work-command:
        worktype: local
        command: /var/lib/ol-automation-manager/venv/awx/bin/ansible-runner
        params: worker
        allowruntimeparams: true
        verifysignature: false
    EOF
    

14. Provision an instance and register execution environments.

    sudo su -l awx -s /bin/bash
    awx-manage provision_instance --hostname=$(hostname -i) --node_type=hybrid
    awx-manage register_default_execution_environments
    awx-manage register_queue --queuename=default --hostnames=$(hostname -i)
    awx-manage register_queue --queuename=controlplane --hostnames=$(hostname -i)
    awx-manage create_preload_data
    exit
    

15. Start the service.

    sudo systemctl enable --now ol-automation-manager.service
    

16. Disconnect from the server.

    exit
    

Verify the Install

1. Using the same terminal window, configure an SSH tunnel.

   ssh -L 8444:localhost:443 oracle@<ip_address_of_instance>
   

   Note: In the previous example, <ip_address_of_instance> is the hostname or IP address of the system running Oracle Linux Automation Manager. If you use the hostname, the host must be resolvable.

2. Open a web browser and enter the URL.

   https://localhost:8444
   

   Note: Approve the security warning based on the browser used. For Chrome, click the Advanced button and then the Proceed to localhost (unsafe) link.

3. Login to Oracle Linux Automation Manager with the USERNAME admin and the password created during setup.

Next Steps

With Oracle Linux Automation Manager installed, you can start exploring the web user interface and the various product features to help automate your infrastructure. Check out our additional training on the Oracle Linux Training Station to expand your knowledge and get ideas.

Related Links

Oracle Linux Automation Manager Documentation
Oracle Linux Automation Manager Training
Oracle Linux Training Station

More Learning Resources

Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.

For product documentation, visit Oracle Help Center.