はじめに
Ansible Automation Platform (AAP) 2.5 コンテナ版 を RHEL9.4 ppc64le に導入した記録です。
ご参考:コンテナー・トポロジー
環境
・HW: IBM Power10 S1022
仮想マシン:
OS: RHEL 9.4 ppc64le
(システム要件 CPU 4, Memory 16 GBですが、PU Desired 0.5, VP Max 1, Memory 32 GB で設定)
・Ansible Automation Platform 2.5.9 (コンテナは同一ノード構成)
(* 2025/4/5 に別環境で再確認した内容に修正しています)
モジュール解凍
Ansible Automation Platform の ppc64le 版をダウンロードして対象マシンに配置し解凍します。
# ls
ansible-automation-platform-containerized-setup-bundle-2.5-9-ppc64le.tar.gz
# tar xfvz ansible-automation-platform-containerized-setup-bundle-2.5-9-ppc64le.tar.gz
ansible-automation-platform-containerized-setup-bundle-2.5-9-ppc64le/
ansible-automation-platform-containerized-setup-bundle-2.5-9-ppc64le/collections/
~ かなり長いです。省略 ~
ansible-automation-platform-containerized-setup-bundle-2.5-9-ppc64le/bundle/images/redis-6.tar.gz
ansible-automation-platform-containerized-setup-bundle-2.5-9-ppc64le/bundle/images/pcp.tar.gz
#
展開ディレクトリに移動
# ls
ansible-automation-platform-containerized-setup-bundle-2.5-9-ppc64le
ansible-automation-platform-containerized-setup-bundle-2.5-9-ppc64le.tar.gz
確認
# cd ansible-automation-platform-containerized-setup-bundle-2.5-9-ppc64le
# ls -l
合計 48
-rw-r--r-- 1 root root 35491 1月 29 08:44 README.md
-rw-r--r-- 1 root root 97 1月 29 08:44 ansible.cfg
drwxr-xr-x 4 root root 39 1月 29 08:44 bundle
drwxr-xr-x 3 root root 33 1月 29 08:44 collections
-rw-r--r-- 1 root root 3473 1月 29 08:44 inventory
-rw-r--r-- 1 root root 3414 1月 29 08:44 inventory-growth
ホストの準備
サブスクリプション・マネージャーを登録するように記載がありますが、オフラインのため ベースメディアの iso ファイルから dnf リポジトリを設定します。
- マウント先ディレクトリ作成と iso のマウント
# mkdir -p /media/rhel94/
# mount -t iso9660 -o loop /work/iso/rhel-9.4-ppc64le-dvd.iso /media/rhel94/
- /etc/dnf/dnf.conf の設定
# cat /etc/dnf/dnf.conf
[RHEL_BaseOS]
name=RHEL94_BaseOS
baseurl=file:///media/rhel94/BaseOS/
enabled=1
gpgcheck=1
gpgkey=file:///media/rhel94/RPM-GPG-KEY-redhat-release
[RHEL_AppStream]
name=RHEL94_AppStream
baseurl=file:///media/rhel94/AppStream/
enabled=1
gpgcheck=1
gpgkey=file:///media/rhel94/RPM-GPG-KEY-redhat-release
前提モジュールの導入
- ansible-core を導入します。
# dnf -y install ansible-core ログ(折りたたんでいます、押すと展開します)
# dnf -y install ansible-core
Updating Subscription Management repositories.
Red Hat Enterprise Linux 9 for Power, little endian - BaseOS (RPMs) 51 MB/s | 28 MB 00:00
Red Hat Enterprise Linux 9 for Power, little endian - AppStream (RPMs) 77 MB/s | 43 MB 00:00
Package ansible-core-1:2.14.14-1.el9.ppc64le is already installed.
Dependencies resolved.
======================================================================================================================================================================================
Package Architecture Version Repository Size
======================================================================================================================================================================================
Upgrading:
ansible-core ppc64le 1:2.14.17-1.el9 rhel-9-for-ppc64le-appstream-rpms 2.6 M
Transaction Summary
======================================================================================================================================================================================
Upgrade 1 Package
Total download size: 2.6 M
Downloading Packages:
ansible-core-2.14.17-1.el9.ppc64le.rpm 26 MB/s | 2.6 MB 00:00
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 26 MB/s | 2.6 MB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Upgrading : ansible-core-1:2.14.17-1.el9.ppc64le 1/2
Cleanup : ansible-core-1:2.14.14-1.el9.ppc64le 2/2
Running scriptlet: ansible-core-1:2.14.14-1.el9.ppc64le 2/2
Verifying : ansible-core-1:2.14.17-1.el9.ppc64le 1/2
Verifying : ansible-core-1:2.14.14-1.el9.ppc64le 2/2
Installed products updated.
Upgraded:
ansible-core-1:2.14.17-1.el9.ppc64le
Complete!
- wget、git-core、rsync、vim を導入します。
# dnf install -y wget git-core rsync vim (折りたたんでいます、押すと展開します。)
# dnf install -y wget git-core rsync vim
Updating Subscription Management repositories.
Last metadata expiration check: 0:01:01 ago on Sun Feb 9 03:21:25 2025.
Package git-core-2.43.5-1.el9_4.ppc64le is already installed.
Package rsync-3.2.3-19.el9.ppc64le is already installed.
Dependencies resolved.
======================================================================================================================================================================================
Package Architecture Version Repository Size
======================================================================================================================================================================================
Installing:
vim-enhanced ppc64le 2:8.2.2637-21.el9 rhel-9-for-ppc64le-appstream-rpms 1.9 M
wget ppc64le 1.21.1-8.el9_4 rhel-9-for-ppc64le-appstream-rpms 814 k
Upgrading:
git-core ppc64le 2.43.5-2.el9_5 rhel-9-for-ppc64le-appstream-rpms 4.8 M
rsync ppc64le 3.2.3-20.el9_5.1 rhel-9-for-ppc64le-baseos-rpms 427 k
Installing dependencies:
gpm-libs ppc64le 1.20.7-29.el9 rhel-9-for-ppc64le-appstream-rpms 24 k
vim-common ppc64le 2:8.2.2637-21.el9 rhel-9-for-ppc64le-appstream-rpms 7.0 M
vim-filesystem noarch 2:8.2.2637-21.el9 rhel-9-for-ppc64le-baseos-rpms 17 k
Transaction Summary
======================================================================================================================================================================================
Install 5 Packages
Upgrade 2 Packages
Total download size: 15 M
Downloading Packages:
(1/7): vim-filesystem-8.2.2637-21.el9.noarch.rpm 172 kB/s | 17 kB 00:00
(2/7): vim-common-8.2.2637-21.el9.ppc64le.rpm 37 MB/s | 7.0 MB 00:00
(3/7): wget-1.21.1-8.el9_4.ppc64le.rpm 7.6 MB/s | 814 kB 00:00
(4/7): gpm-libs-1.20.7-29.el9.ppc64le.rpm 77 kB/s | 24 kB 00:00
(5/7): rsync-3.2.3-20.el9_5.1.ppc64le.rpm 2.5 MB/s | 427 kB 00:00
(6/7): git-core-2.43.5-2.el9_5.ppc64le.rpm 40 MB/s | 4.8 MB 00:00
(7/7): vim-enhanced-8.2.2637-21.el9.ppc64le.rpm 6.9 MB/s | 1.9 MB 00:00
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 32 MB/s | 15 MB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : gpm-libs-1.20.7-29.el9.ppc64le 1/9
Installing : vim-filesystem-2:8.2.2637-21.el9.noarch 2/9
Installing : vim-common-2:8.2.2637-21.el9.ppc64le 3/9
Installing : vim-enhanced-2:8.2.2637-21.el9.ppc64le 4/9
Upgrading : git-core-2.43.5-2.el9_5.ppc64le 5/9
Upgrading : rsync-3.2.3-20.el9_5.1.ppc64le 6/9
Installing : wget-1.21.1-8.el9_4.ppc64le 7/9
Cleanup : git-core-2.43.5-1.el9_4.ppc64le 8/9
Cleanup : rsync-3.2.3-19.el9.ppc64le 9/9
Running scriptlet: rsync-3.2.3-19.el9.ppc64le 9/9
Verifying : vim-filesystem-2:8.2.2637-21.el9.noarch 1/9
Verifying : gpm-libs-1.20.7-29.el9.ppc64le 2/9
Verifying : vim-common-2:8.2.2637-21.el9.ppc64le 3/9
Verifying : wget-1.21.1-8.el9_4.ppc64le 4/9
Verifying : vim-enhanced-2:8.2.2637-21.el9.ppc64le 5/9
Verifying : rsync-3.2.3-20.el9_5.1.ppc64le 6/9
Verifying : rsync-3.2.3-19.el9.ppc64le 7/9
Verifying : git-core-2.43.5-2.el9_5.ppc64le 8/9
Verifying : git-core-2.43.5-1.el9_4.ppc64le 9/9
Installed products updated.
Upgraded:
git-core-2.43.5-2.el9_5.ppc64le rsync-3.2.3-20.el9_5.1.ppc64le
Installed:
gpm-libs-1.20.7-29.el9.ppc64le vim-common-2:8.2.2637-21.el9.ppc64le vim-enhanced-2:8.2.2637-21.el9.ppc64le vim-filesystem-2:8.2.2637-21.el9.noarch wget-1.21.1-8.el9_4.ppc64le
Complete!
ansible 用ユーザーの作成と設定
root 以外で実行する必要があるため実行用ユーザーを作成します。
sudo または Ansible でサポートされているその他の権限昇格 (sudo を推奨) を持つ、Red Hat Enterprise Linux ホストの非 root ユーザー。このユーザーは、コンテナー化された Ansible Automation Platform のインストールを実行します
- ansible というユーザーを作成
# useradd -m ansible -s /bin/bash
- wheel グループの追加
# usermod -aG wheel ansible
# id ansible
uid=1002(ansible) gid=1002(ansible) groups=1002(ansible),10(wheel)
パスワードなしで sudo できるように設定します。
# visudo
%wheel ALL=(ALL) NOPASSWD: ALL #< コメントアウトを外す。
ansible ユーザーでログインし直しました。
パスワードなしで sudo が実行できるかどうかを確認します。
$ whoami
ansible
$ sudo whoami
root
パスワードなしで whoami の結果が root で返ってきました。
インベントリー確認
$ ls -l
合計 52
-rw-r--r-- 1 root root 35491 1月 29 08:44 README.md
-rw-r--r-- 1 root root 97 1月 29 08:44 ansible.cfg
drwxr-xr-x 4 root root 39 1月 29 08:44 bundle
drwxr-xr-x 3 root root 33 1月 29 08:44 collections
-rw-r--r-- 1 root root 3473 1月 29 08:44 inventory
-rw-r--r-- 1 root root 3414 1月 29 08:44 inventory-growth
-rw-r--r-- 1 root root 660 2月 15 10:01 inventory_test #<=作成したインベントリ
インベントリの内容
automationgateway、automationcontroller、database、automationhub 、automationedaはすべて1ノードの構成とします。
# This section is for your AAP Gateway host(s)
# -----------------------------------------------------
[automationgateway]
xxx.xx.xxx.xx
# This section is for your AAP Controller host(s)
# -----------------------------------------------------
[automationcontroller]
xxx.xx.xxx.xx
# This section is for your AAP Automation Hub host(s)
# -----------------------------------------------------
[automationhub]
xxx.xx.xxx.xx
# This section is for your AAP EDA Controller host(s)
# -----------------------------------------------------
[automationeda]
xxx.xx.xxx.xx
# This section is for the AAP database
# -----------------------------------------------------
[database]
xxx.xx.xxx.xx
[all:vars]
# Ansible
ansible_connection=local
# Common variables
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-general-inventory-variables
# -----------------------------------------------------
postgresql_admin_username=postgres
postgresql_admin_password=xxxxxxxx
bundle_install=true
# The bundle directory must include /bundle in the path
bundle_dir='{{ lookup("ansible.builtin.env", "PWD") }}/bundle'
registry_username=test
registry_password=test
redis_mode=standalone
# AAP Gateway
# -----------------------------------------------------
gateway_admin_password=xxxxxxxx
gateway_pg_host=xxx.xx.xxx.xx
gateway_pg_password=xxxxxxxx
# AAP Controller
# -----------------------------------------------------
controller_admin_password=xxxxxxxx
controller_pg_host=xxx.xx.xxx.xx
controller_pg_password=xxxxxxxx
# AAP Automation Hub
# -----------------------------------------------------
hub_admin_password=xxxxxxxx
hub_pg_host=xxx.xx.xxx.xx
hub_pg_password=xxxxxxxx
hub_seed_collections=false
# AAP EDA Controller
# -----------------------------------------------------
eda_admin_password=xxxxxxxx
eda_pg_host=xxx.xx.xxx.xx
eda_pg_password=xxxxxxxx
AAP インストール
ansible ユーザーで実行します。
上で作成したインベントリを使用して "ansible-playbook -i inventory_test ansible.containerized_installer.install" で導入実行します。
$ ansible-playbook -i inventory_test ansible.containerized_installer.install
[WARNING]: log file at /work/ansible-automation-platform-containerized-setup-bundle-2.5-9-ppc64le/aap_install.log is not writeable and we cannot create it, aborting
[WARNING]: running playbook inside collection ansible.containerized_installer
PLAY [Preflight checks] ********************************************************************************************************************************
TASK [Gather facts] ************************************************************************************************************************************
ok: [localhost]
TASK [ansible.containerized_installer.common : Test for ostree-based OS] *******************************************************************************
ok: [localhost]
~ 長いため省略 ~
TASK [Delete the ansible base shared secret] ***********************************************************************************************************
ok: [xxx.xx.xxx.xx]
PLAY RECAP *********************************************************************************************************************************************
xxx.xx.xxx.xx : ok=412 changed=147 unreachable=0 failed=0 skipped=188 rescued=0 ignored=0
localhost : ok=23 changed=0 unreachable=0 failed=0 skipped=26 rescued=0 ignored=0
所要時間は 40 分弱でした。
- コンテナの稼働を確認します。
22 の Pod が稼働しています。
$ podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6538410b5b93 registry.redhat.io/rhel8/postgresql-15:latest run-postgresql About an hour ago Up About an hour 5432/tcp postgresql
4350f5f2f9ee registry.redhat.io/rhel8/redis-6:latest run-redis About an hour ago Up About an hour 6379/tcp redis-unix
e173ac618c11 registry.redhat.io/rhel8/redis-6:latest run-redis About an hour ago Up About an hour 6379/tcp redis-tcp
68f79aa348c9 registry.redhat.io/ansible-automation-platform-25/gateway-proxy-rhel8:latest /usr/bin/envoy --... About an hour ago Up About an hour automation-gateway-proxy
a361eb1c2637 registry.redhat.io/ansible-automation-platform-25/gateway-rhel8:latest /usr/bin/supervis... About an hour ago Up About an hour automation-gateway
d7d58e59ef31 registry.redhat.io/ansible-automation-platform-25/receptor-rhel8:latest /usr/bin/receptor... About an hour ago Up About an hour receptor
733aeac67f75 registry.redhat.io/ansible-automation-platform-25/controller-rhel8:latest /usr/bin/launch_a... About an hour ago Up 58 minutes 8052/tcp automation-controller-rsyslog
3361577e2f42 registry.redhat.io/ansible-automation-platform-25/controller-rhel8:latest /usr/bin/launch_a... About an hour ago Up 58 minutes 8052/tcp automation-controller-task
361b1e71d019 registry.redhat.io/ansible-automation-platform-25/controller-rhel8:latest /usr/bin/launch_a... About an hour ago Up 58 minutes 8052/tcp automation-controller-web
418d155c82a5 registry.redhat.io/ansible-automation-platform-25/eda-controller-rhel8:latest gunicorn --bind 1... 57 minutes ago Up 52 minutes automation-eda-api
77fbfe2b19c4 registry.redhat.io/ansible-automation-platform-25/eda-controller-rhel8:latest daphne --bind 127... 54 minutes ago Up 52 minutes automation-eda-daphne
a2a47b5bf7cb registry.redhat.io/ansible-automation-platform-25/eda-controller-ui-rhel8:latest /bin/sh -c nginx ... 54 minutes ago Up 52 minutes 8080/tcp, 8443/tcp automation-eda-web
070824ffe07c registry.redhat.io/ansible-automation-platform-25/eda-controller-rhel8:latest aap-eda-manage rq... 53 minutes ago Up 52 minutes automation-eda-worker-1
5ccee3b354f1 registry.redhat.io/ansible-automation-platform-25/eda-controller-rhel8:latest aap-eda-manage rq... 53 minutes ago Up 52 minutes automation-eda-worker-2
f4669117de43 registry.redhat.io/ansible-automation-platform-25/eda-controller-rhel8:latest aap-eda-manage rq... 53 minutes ago Up 52 minutes automation-eda-activation-worker-1
c408541073ce registry.redhat.io/ansible-automation-platform-25/eda-controller-rhel8:latest aap-eda-manage rq... 53 minutes ago Up 52 minutes automation-eda-activation-worker-2
b9e489d01a99 registry.redhat.io/ansible-automation-platform-25/eda-controller-rhel8:latest aap-eda-manage sc... 53 minutes ago Up 52 minutes automation-eda-scheduler
997f7c41f00f registry.redhat.io/ansible-automation-platform-25/hub-rhel8:latest pulpcore-api --na... 51 minutes ago Up 45 minutes automation-hub-api
713bcc7a254b registry.redhat.io/ansible-automation-platform-25/hub-rhel8:latest pulpcore-content ... 48 minutes ago Up 45 minutes automation-hub-content
e04ebd3be88b registry.redhat.io/ansible-automation-platform-25/hub-web-rhel8:latest /bin/sh -c nginx ... 48 minutes ago Up 45 minutes 8080/tcp, 8443/tcp automation-hub-web
87edc2103e7e registry.redhat.io/ansible-automation-platform-25/hub-rhel8:latest pulpcore-worker 46 minutes ago Up 45 minutes automation-hub-worker-1
a60cb6390ea4 registry.redhat.io/ansible-automation-platform-25/hub-rhel8:latest pulpcore-worker 46 minutes ago Up 45 minutes automation-hub-worker-2
GUI ログイン
admin ユーザー、インベントリーで指定したパスワードでログインします。
サブスクリプション割り当てのページが表示されました。
オフラインのため、マニフェストを作成してサブスクリプション割り当てています。
- Red Hat Customer Portal でサブスクリプション割り当てを作成し、マニフェストをエクスポート
- エクスポートしたマニフェストをアップロード
次へ
- レビュー -> Finish
RedHat Ansible Automation Platform 画面に辿り着きました!
VM 再起動時の発生事象
何もケアせずVMを落とした時に、一時ディレクトリが残っていることに起因して Podman が起動しなくなりました。
$ podman ps -a
Error: current system boot ID differs from cached boot ID; an unhandled reboot has occurred. Please delete directories "/tmp/storage-run-1001/containers" and "/tmp/storage-run-1001/libpod/tmp" and re-run Podman
systemd-tmpfilesを使用して起動時に自動的にディレクトリをクリーンアップする設定を追加したところ解決しました。
/etc/tmpfiles.d/podman.conf に以下を記載。
R! /tmp/storage-run-*/containers/
R! /tmp/storage-run-*/libpod/tmp/
おわりに
・ppc64le 版ですが特に問題なく導入できました。
インストール後の設定は以下で確認しています。
以上です。