How to Backup Ansible AWX? Ansible Tower comes along with “setup.sh“ to backup the database. If you are using the AWX (Ansible Tower’s upstream project), you could leverage tower-cli to take the object backups in the JSON format. You could also try this for Ansible Tower if the number of hosts are less than 100. In this article, we will walk through how to backup the AWX and restore it. If you do not have the towe-cli module, install it using pip module.
Here are some of the screenshots which took before deleting those objects.
tower cli configuration:
[root@ansible-server ~]# tower-cli config # User options (set with `tower-cli config`; stored in ~/.tower_cli.cfg). host: http://192.168.3.151:80 username: admin password: password verify_ssl: False # Defaults. format: human certificate: verbose: False description_on: False oauth_token: use_token: False color: True [root@ansible-server ~]#
Backup Ansibe AWX / Tower Configuration:
1. Execute the following command to take the complete AWX objects backup in flat file. You could see that backup created in JSON format.
[root@ansible-server ~]# tower-cli receive --all > 27032018.json
[root@ansible-server ~]# more 27032018.json
[
{
"asset_type": "organization",
"name": "Default",
"asset_relation": {
"roles": [
{
"name": "Credential Admin",
"team": [],
"user": []
},
{
"name": "Read",
"team": [],
"user": []
},
{
"name": "Member",
"team": [],
"user": []
},
We have successfully backup the Ansible AWX / Tower objects in to file.
How to Check the Backup integrity? Can we delete the objects and try to restore?
Here are the snapshots after deleting objects on AWX/Tower.
Restore from the backup:
1. Restore the config using tower-cli send command.
[root@ansible-server ~]# tower-cli send 27032018.json
USER [rajkumar] *****************************************************************************************************
Asset up to date
USER [raffic] ******************************************************************************************************
Asset up to date
USER [lingesh] **************************************************************************************
Asset up to date
USER [admin] ****************************************************************************************
Asset up to date
ORGANIZATION [Default] ***************************************************************************************************
Asset up to date
All roles are up to date
ORGANIZATION [UnixArena] ***************************************************************************************************
Created organization UnixArena
Added user rajkumar to Member role
Added user lingesh to Member role
Added user raffic to Member role
Added user lingesh to Admin role
TEAM [Database] ***********************************************************************************
Created team Database
TEAM [Unix] **************************************************************************************
Created team Unix
TEAM [Wintel] ************************************************************************************
Created team Wintel
CREDENTIAL [Demo Credential] *************************************************************************************************
Asset up to date
All roles are up to date
CREDENTIAL [UA-Linuxhost1] ************************************************************************************************
[WARNING]: Setting password for UA-Linuxhost1 to 'password'
Created credential UA-Linuxhost1
Added user admin to Admin role
PROJECT [Demo Project] *********************************************************************************************
Asset up to date
All roles are up to date
All schedules are up to date
PROJECT [UnixArena_Project] *******************************************************************************************
Asset up to date
All roles are up to date
All schedules are up to date
INVENTORY [Demo Inventory] *******************************************************************************************
Asset up to date
All inventory host are up to date
All inventory inventory_source are up to date
All inventory groups are up to date
All roles are up to date
INVENTORY [Linux_UA_Hosts] *******************************************************************************************
Created inventory Linux_UA_Hosts
Unable to create inventory_source named (Linux_UA_Hosts - 7) : The Tower server claims it was sent a bad request.
POST http://192.168.3.151:80/api/v2/inventory_sources/
Params: None
Data: {"name": " (Linux_UA_Hosts - 7)", "source": "file", "inventory": 3, "source_path": "/var/lib/awx/hosts_add"}
Response: {"detail":["Cannot set source_path if not SCM type."]}
Schedules are up to date
All inventory groups are up to date
All roles are up to date
JOB TEMPLATE [Check Filesystem usage on hosts] *********************************************************************************************
Created job_template Check Filesystem usage on hosts
Added user raffic to Execute role
Added team Unix to Admin role
Added schedule Test
Updating survey
All labels are up to date
All extra creds are up to date
JOB TEMPLATE [Demo Job Template] ********************************************************************************************
Asset up to date
All roles are up to date
All schedules are up to date
Survey up to date
All labels are up to date
All extra creds are up to date
JOB TEMPLATE [Grant Root access to Normal user] *******************************************************************************************
Created job_template Grant Root access to Normal user
All roles are up to date
All schedules are up to date
Survey up to date
All labels are up to date
All extra creds are up to date
JOB TEMPLATE [Servers ping test] ******************************************************************************************
Created job_template Servers ping test
All roles are up to date
All schedules are up to date
Survey up to date
All labels are up to date
All extra creds are up to date
WORKFLOW [Test workflow] **************************************************************************
Checking on workflow_nodes
Created workflow Test workflow
All roles are up to date
All schedules are up to date
Survey up to date
All labels are up to date
Building new workflow nodes
Building workflow node relations
PLAY RECAP ******************************************************************
ok=45 changed=21 warnings=1 failed=1
[root@ansible-server ~]#
We have successfully restored the complete AWX/tower objects. You could log in to AWX/Tower portal and check the object status.
You could face the issue with credentials its likely due to encrypted nature. You might need to update the password again after tower-cli restore.
Hope this article is informative to you. Share it! Comment it!! Be Sociable!!!
ManojJ says
Awesome Article, it’s really helpful.
kris says
getting permission denied error
tower-cli receive –all > 05042022.json
-bash: 05042022.json: Permission denied
Vibin says
Is there a way to restore a specific component, say inventories or a specific inventory only ?
Regards,
Vibin
dada says
One of the best tutorials on the web really easy to understand and no useless info included
Thanks for the work
Lingeswaran R says
Thank you.
A Random Linux Enthusiast says
Amazing article!
I was trying to restore the database from a previous version and it was becoming impossible to do it, but this saved my life, thank you!
Rodrigo Aravena says
Hi, i have the next error when i tried to restore via tower-cli:
Traceback (most recent call last):
File “/bin/tower-cli”, line 9, in
load_entry_point(‘ansible-tower-cli==3.3.7’, ‘console_scripts’, ‘tower-cli’)()
File “/usr/lib64/python2.7/site-packages/click/core.py”, line 764, in __call__
return self.main(*args, **kwargs)
File “/usr/lib64/python2.7/site-packages/click/core.py”, line 717, in main
rv = self.invoke(ctx)
File “/usr/lib/python2.7/site-packages/tower_cli/cli/base.py”, line 129, in invoke
return super(TowerCLI, self).invoke(ctx)
File “/usr/lib64/python2.7/site-packages/click/core.py”, line 1137, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File “/usr/lib64/python2.7/site-packages/click/core.py”, line 956, in invoke
return ctx.invoke(self.callback, **ctx.params)
File “/usr/lib64/python2.7/site-packages/click/core.py”, line 555, in invoke
return callback(*args, **kwargs)
File “/usr/lib/python2.7/site-packages/tower_cli/conf.py”, line 373, in method_with_context_managed
method(*args, **kwargs)
File “/usr/lib/python2.7/site-packages/tower_cli/cli/misc.py”, line 370, in send
sender.send(source, prevent, exclude, secret_management)
File “/usr/lib/python2.7/site-packages/tower_cli/cli/transfer/send.py”, line 218, in send
existing_object = resource.create(**an_asset)
File “/usr/lib/python2.7/site-packages/tower_cli/resources/project.py”, line 127, in create
**kwargs
File “/usr/lib/python2.7/site-packages/tower_cli/models/base.py”, line 427, in write
answer = OrderedDict(((‘changed’, True), (‘id’, r.json()[‘id’])))
KeyError: ‘id’
Have the same problem if delete a credential, Any Iidea? Regards.
AWX 8.0.0
Version towe-cli 3.3.7
owain winterbone says
I had a similar issue and warning with restoring a user. On upgrading pip (to 20.1- used to install tower-cli) and trying a re-install of the same tower-cli version (3.3.9) I got a error about a dependency on wheel – the previous pip version (20.0.2) installed tower-cli with no errors. I installed Python3-wheel.noarch (there is also a version for Python 2) and then re-installed tower-cli 3.3.9 with no errors and tower-cli restores are working ok.
Centos = 7.7
Ansible = 2.9.6
Python3 = 3.6.8
AWX = 9.3.0
tower-cli = 3.3.9
rbo says
Incredible Article very clear and helpful.
Thanks