Guide to starting to use AWX, the upstream of Red Hat Ansible Tower, on top of OpenShift


This is the first post in a series that shows how to use the new release of the community version of Red Hat Ansible Tower. In this post, we will start with the installation of AWX on top of OpenShift. In the next post, I’ll show how to set a dynamic inventory to access the servers from AWS (EC2) and how to run a playbook to access our AWS EC2 inventory.

For many of you, Ansible needs an introduction, however, for those not already familiar, Ansible is a tool that allows you to have infrastructure as a code. In many ways, it is similar to Chef or Puppet.

The benefits of Ansible to adopt it are:

  1. It is human readable and very simple to understand.
  2. Code by convention: the structure of the projects follows a convention.
  3. To access the managed resources, you don’t need an agent. Access is done with SSH.
  4. A motivated and growing Ansible community brings you almost every kind of module you can imagine, accessible at Ansible-Galaxy.
  5. A host inventory handles and defines the infrastructure.

That last point is what makes Ansible Tower an Enterprise tool to enable Cloud Automation. Because cloud infrastructure is elastic, we need a host inventory that is dynamic. Ansible handles this with dynamic inventories in a very simple way. Moreover, plugins already exist to handle the big public cloud providers (AWS, GCP, Azure, OpenStack).

An Ansible project is composed of code that defines the Playbook, the roles, and the tasks. Ansible Tower brings the Enterprise Level to have a Cloud Automation tool.

Installation of AWX (upstream version of Ansible Tower)


  1. As our target deployment is OpenShift, we should already have OpenShift installed. For this example, I used a local installation with $oc cluster up. You can learn how to install oc cluster up here.
  2. We should have also installed Ansible – I have installed the version, but you can install a newer version. You can review the directions on how to install Ansible here.

Steps to Install AWX

Clone the code from AWX (at the time this post the version comes from devel branch). You can review the steps to install it at gist install awx on openshift.

mkdir Tower
cd Tower/
git clone 
cd awx 
cd installer/

You have to edit the inventory file to configure the installation to be on OpenShift.

-# openshift_host= 
-# awx_openshift_project=awx 
-# openshift_user=developer 
-# awx_node_port=30083 
+ openshift_host= 
+ awx_openshift_project=awx 
+ openshift_user=developer 
+ awx_node_port=30001 
+# valid host port range 30000-32767 
+ openshift_password=developer 
# Standalone Docker Install 
# Define if you want the image pushed to a registry. The container definition will also use these images 
-# docker_registry= 
-# docker_registry_repository=awx 
-# docker_registry_username=developer 
+ docker_registry= 
+ docker_registry_repository=awx 
+ docker_registry_username=developer 

Now, execute the installation with Ansible.

ansible-playbook -i inventory install.yml 

Last, add a mounting point to AWX-Celery.

#get the name of the AWX replica set
export RS_AWX = oc get rs|awk  'FNR>1 {print $1}'
oc scale --replicas=0 rs $RS_AWX

#add volume to the replicaset that will be mounted to awx-celery
oc patch rs $RS_AWX -p '{"spec":{"template":{"spec":{"volumes":[{"name":"awxprojectsdata","persistentVolumeClaim":{"claimName":"claim-awx"}}]}}}}'
#mount the volume to awx-celery
oc patch rs $RS_AWX -p '{"spec":{"template":{"spec":{"containers":[{"name":"awx-celery","volumeMounts":[{"mountPath":"/var/lib/awx/projects/","name":"awxprojectsdata"}]}]}}}}'

oc scale --replicas=1 rs $RS_AWX

After the launch of the Ansible playbook, if we go to OpenShift, we should be able to see the project.

Image of OpenShift List Projects including AWX
OpenShift projects list including AWX

The Ansible playbook installation creates a Postgress Database that will be in one Pod and will create the AWX pod that contains the Web tier, the engine, a cache and a queue. In another Pod it will be deployed the database:

  • AWX Web
  • AWX Celery
  • RabbitMq
  • Memcached
  • Postgress Database

The installation also creates the network service and a route to have access to the AWX Web console.

image of OpenShift AWX Deployment Configuration and networking details
OpenShift AWX Deployment Configuration and networking details

Now, we should be able to access AWX going to a browser by using the uri from the exposed route. In my case, this is the first screen of AWX should look something like this:

image of the first AWX first screen



Test the installation

After the upgrade process of AWX is finished, we can log in to AWX and start using it. At this point, we will be ready to launch the demo project and the demo job, however, we won’t be able to create and use other projects.

Next, use the username ‘admin’ and the password ‘password’ to log in and you will be able to access AWX.

image of AWX- Ansible Tower Dashboard
AWX – Ansible Tower Dashboard

To verify that is running, you can download the sample project and run the job based on the sample template.

Go to the Projects page and click the cloud download icon.

SCM update icon

Now, we can download the project from the git source.

At this point, you can run the job based on the template.

Just click the launch icon.

launch template icon

And here you have it the job is running.

And here we see we have a Successful state job.


In this post, we covered how to install AWX, the upstream version of Red Hat Ansible Tower, on OpenShift. We also covered how to test the installation. These are the first steps to start using AWX. In the next post, I’m will cover how to configure Ansible Tower and show the best practices to run Playbooks to automate the provisioning and deployment on AWS.

  • Christopher Evich

    Cool! Got it working on Fedora26. Found a few issues though:

    “export RS_AWX = oc get rs|awk ‘FNR>1 {print }’“
    should be
    “export RS_AWX=$(oc get rs|awk ‘FNR>1 {print })’“

    and I got an error from the awx install playbook relating to the self-signed cert. Worked around it by changing in the inventory:

    “openshift_user=developer –insecure-skip-tls-verify“

    A hack to be sure, but after looking at the role, couldn’t see another way to do this (perhaps in some oc command configuration somewhere?)

    Thanks for the tutorial!

    • Erick Brito

      Thanks Christopher for your feedback, I’ll update with the “export RS_AWX=$(oc get rs|awk ‘FNR>1 {print })’“.
      As a side note, the POC I run is on macOs Sierra.

  • Matthew Jones

    I think it might be easier and clearer to follow the official docs when it comes to installing AWX on Openshift:

    It’s also worth pointing out that building and mapping a volume for the awx-celery container in the way described by this blog post is not recommended and is somewhat incorrect. The container itself knows how to manage project directories and the AWX team strongly recommends they be managed in source control.

    • Erick Brito

      Thanks Matthew for the feedback. This post is the first of a serie of post. The intention is to show how to use Ansible Tower to automate the provisioning os AWS EC2 instances…
      I used the official documentation to get the POC I’m creating.
      I’m using the mount point to be able to clone a git repository int AWX. If we don’t add this step, it is not possible to clone repositories.

  • Swapnil Kulkarni

    Hi Christopher,

    I tried deployment of AWX on Minishift, but I am not able to run the demo job template as you mentioned. It fails with error as described in the [1]. This seems to be pretty much specific to OpenShift/Minishift. Is there any workaround you have used to avoid this?