How to Backup Ansible AWX? Ansible Tower comes along with “setup.sh“ to backup the database. If you are using the AWX (Ansible Tower’s upstream project), you could leverage tower-cli to take the object backups in the JSON format. You could also try this for Ansible Tower if the number of hosts are less than 100. In this article, we will walk through how to backup the AWX and restore it. If you do not have the towe-cli module, install it using pip module.
Here are some of the screenshots which took before deleting those objects.
tower cli configuration:
[root@ansible-server ~]# tower-cli config # User options (set with `tower-cli config`; stored in ~/.tower_cli.cfg). host: http://192.168.3.151:80 username: admin password: password verify_ssl: False # Defaults. format: human certificate: verbose: False description_on: False oauth_token: use_token: False color: True [root@ansible-server ~]#
Backup Ansibe AWX / Tower Configuration:
1. Execute the following command to take the complete AWX objects backup in flat file. You could see that backup created in JSON format.
[root@ansible-server ~]# tower-cli receive --all > 27032018.json [root@ansible-server ~]# more 27032018.json [ { "asset_type": "organization", "name": "Default", "asset_relation": { "roles": [ { "name": "Credential Admin", "team": [], "user": [] }, { "name": "Read", "team": [], "user": [] }, { "name": "Member", "team": [], "user": [] },
We have successfully backup the Ansible AWX / Tower objects in to file.
How to Check the Backup integrity? Can we delete the objects and try to restore?
Here are the snapshots after deleting objects on AWX/Tower.
Restore from the backup:
1. Restore the config using tower-cli send command.
[root@ansible-server ~]# tower-cli send 27032018.json USER [rajkumar] ***************************************************************************************************** Asset up to date USER [raffic] ****************************************************************************************************** Asset up to date USER [lingesh] ************************************************************************************** Asset up to date USER [admin] **************************************************************************************** Asset up to date ORGANIZATION [Default] *************************************************************************************************** Asset up to date All roles are up to date ORGANIZATION [UnixArena] *************************************************************************************************** Created organization UnixArena Added user rajkumar to Member role Added user lingesh to Member role Added user raffic to Member role Added user lingesh to Admin role TEAM [Database] *********************************************************************************** Created team Database TEAM [Unix] ************************************************************************************** Created team Unix TEAM [Wintel] ************************************************************************************ Created team Wintel CREDENTIAL [Demo Credential] ************************************************************************************************* Asset up to date All roles are up to date CREDENTIAL [UA-Linuxhost1] ************************************************************************************************ [WARNING]: Setting password for UA-Linuxhost1 to 'password' Created credential UA-Linuxhost1 Added user admin to Admin role PROJECT [Demo Project] ********************************************************************************************* Asset up to date All roles are up to date All schedules are up to date PROJECT [UnixArena_Project] ******************************************************************************************* Asset up to date All roles are up to date All schedules are up to date INVENTORY [Demo Inventory] ******************************************************************************************* Asset up to date All inventory host are up to date All inventory inventory_source are up to date All inventory groups are up to date All roles are up to date INVENTORY [Linux_UA_Hosts] ******************************************************************************************* Created inventory Linux_UA_Hosts Unable to create inventory_source named (Linux_UA_Hosts - 7) : The Tower server claims it was sent a bad request. POST http://192.168.3.151:80/api/v2/inventory_sources/ Params: None Data: {"name": " (Linux_UA_Hosts - 7)", "source": "file", "inventory": 3, "source_path": "/var/lib/awx/hosts_add"} Response: {"detail":["Cannot set source_path if not SCM type."]} Schedules are up to date All inventory groups are up to date All roles are up to date JOB TEMPLATE [Check Filesystem usage on hosts] ********************************************************************************************* Created job_template Check Filesystem usage on hosts Added user raffic to Execute role Added team Unix to Admin role Added schedule Test Updating survey All labels are up to date All extra creds are up to date JOB TEMPLATE [Demo Job Template] ******************************************************************************************** Asset up to date All roles are up to date All schedules are up to date Survey up to date All labels are up to date All extra creds are up to date JOB TEMPLATE [Grant Root access to Normal user] ******************************************************************************************* Created job_template Grant Root access to Normal user All roles are up to date All schedules are up to date Survey up to date All labels are up to date All extra creds are up to date JOB TEMPLATE [Servers ping test] ****************************************************************************************** Created job_template Servers ping test All roles are up to date All schedules are up to date Survey up to date All labels are up to date All extra creds are up to date WORKFLOW [Test workflow] ************************************************************************** Checking on workflow_nodes Created workflow Test workflow All roles are up to date All schedules are up to date Survey up to date All labels are up to date Building new workflow nodes Building workflow node relations PLAY RECAP ****************************************************************** ok=45 changed=21 warnings=1 failed=1 [root@ansible-server ~]#
We have successfully restored the complete AWX/tower objects. You could log in to AWX/Tower portal and check the object status.
You could face the issue with credentials its likely due to encrypted nature. You might need to update the password again after tower-cli restore.
Hope this article is informative to you. Share it! Comment it!! Be Sociable!!!
ManojJ says
Awesome Article, it’s really helpful.
kris says
getting permission denied error
tower-cli receive –all > 05042022.json
-bash: 05042022.json: Permission denied
Vibin says
Is there a way to restore a specific component, say inventories or a specific inventory only ?
Regards,
Vibin
dada says
One of the best tutorials on the web really easy to understand and no useless info included
Thanks for the work
Lingeswaran R says
Thank you.
A Random Linux Enthusiast says
Amazing article!
I was trying to restore the database from a previous version and it was becoming impossible to do it, but this saved my life, thank you!
Rodrigo Aravena says
Hi, i have the next error when i tried to restore via tower-cli:
Traceback (most recent call last):
File “/bin/tower-cli”, line 9, in
load_entry_point(‘ansible-tower-cli==3.3.7’, ‘console_scripts’, ‘tower-cli’)()
File “/usr/lib64/python2.7/site-packages/click/core.py”, line 764, in __call__
return self.main(*args, **kwargs)
File “/usr/lib64/python2.7/site-packages/click/core.py”, line 717, in main
rv = self.invoke(ctx)
File “/usr/lib/python2.7/site-packages/tower_cli/cli/base.py”, line 129, in invoke
return super(TowerCLI, self).invoke(ctx)
File “/usr/lib64/python2.7/site-packages/click/core.py”, line 1137, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File “/usr/lib64/python2.7/site-packages/click/core.py”, line 956, in invoke
return ctx.invoke(self.callback, **ctx.params)
File “/usr/lib64/python2.7/site-packages/click/core.py”, line 555, in invoke
return callback(*args, **kwargs)
File “/usr/lib/python2.7/site-packages/tower_cli/conf.py”, line 373, in method_with_context_managed
method(*args, **kwargs)
File “/usr/lib/python2.7/site-packages/tower_cli/cli/misc.py”, line 370, in send
sender.send(source, prevent, exclude, secret_management)
File “/usr/lib/python2.7/site-packages/tower_cli/cli/transfer/send.py”, line 218, in send
existing_object = resource.create(**an_asset)
File “/usr/lib/python2.7/site-packages/tower_cli/resources/project.py”, line 127, in create
**kwargs
File “/usr/lib/python2.7/site-packages/tower_cli/models/base.py”, line 427, in write
answer = OrderedDict(((‘changed’, True), (‘id’, r.json()[‘id’])))
KeyError: ‘id’
Have the same problem if delete a credential, Any Iidea? Regards.
AWX 8.0.0
Version towe-cli 3.3.7
owain winterbone says
I had a similar issue and warning with restoring a user. On upgrading pip (to 20.1- used to install tower-cli) and trying a re-install of the same tower-cli version (3.3.9) I got a error about a dependency on wheel – the previous pip version (20.0.2) installed tower-cli with no errors. I installed Python3-wheel.noarch (there is also a version for Python 2) and then re-installed tower-cli 3.3.9 with no errors and tower-cli restores are working ok.
Centos = 7.7
Ansible = 2.9.6
Python3 = 3.6.8
AWX = 9.3.0
tower-cli = 3.3.9
rbo says
Incredible Article very clear and helpful.
Thanks