Now you can install Access Manager (Administration Console, Identity Server and Access Gateway) with only three commands
This project uses Vagrant to instantiate three VMs (running centos 7 by default). It the uses Ansible to provision (configure and check) the VMs with different roles in order to install a demo environment with Microfocus Access Manager 4.5.
A role in Ansible parlance is a set of tasks that are executed in the remote machines. For this project, these are the VMs created by Vagrant.
In this scenario, the roles are defined in the ansible/main.yml file and are executed from top to bottom.
The tasks executed by the roles themselves can be found under ansible/roles/<role-name>/tasks/main.yml and as they are written in YAML they should be easy to read and undestand. Or so the theory goes.
Broadly speaking, to install the IDP there are four roles involved:
- Check prerequisites
- idp.checkPrerequisites
- Run Installer
- idp.install
- Reboot
- system.reboot
- Check Status
- check.WebUp
- This repo
- Ansible
- Vagrant
- Virtualbox
- Microfocus Access Manager Installers are not provided, they should be placed into the
ansible/installerfolder. The filenames should be replaced in thevariables.ymlfile
A number of settings can be modified such as the DNS name of the VMs, the static IP address or the username/passwords.
They all can be set in the variables.yml file and are sourced from every other script in this proyect.
The emulated HW seen by the VMs can be modified in the Vagrantfile file.
Note that ansible is not dependant on vagrant, which means that the ansible roles could be executed on physical or cloud servers with minimal configuration.
Simply run at the root of the repo:
vagrant up ac # create Access Console VM and provision
vagrant up idp # create Identity Server VM and provision
vagrant up ag # create Access Gateway VM and provision
# you could start all three servers at the same time with:
# vagrant up
# but I prefer doing it one server at the timeAnd the machines will be brought up. Since it has to download the whole OS and the execute the installers, this process can take up several minutes depending on your bandwidth.
To suspend/power off/reboot a machine:
# power off all the machines
vagrant halt
# suspend all the machines
vagrant supend
# resume all the machines
vagrant resume
# reboot all the machines
vagrant reload
# run the provisioning (ansible roles)
vagrant provisionYou can also separate the process in two stages. This can be useful to have more control on what’s happening or to debug an issue:
- Bring the VMs up with vagrant:
vagrant up --no-provision - Provision them with ansible
# provision Access Console ansible-playbook -i ansible/hosts.yml -l ac ansible/main.yml # provision Identity Server ansible-playbook -i ansible/hosts.yml -l idp ansible/main.yml # provision Access Gateway ansible-playbook -i ansible/hosts.yml -l ag ansible/main.yml
In the directory ansible/aux there are playbooks that can be executed againts running hosts, whether virtual, physical or in the cloud.
If the hosts are being provisioned by Vagrant use the host file .vagrant/provisioners/ansible/inventory/vagrant_ansible_inventory
If the hosts are elsewhere, use the host file ansible/hosts.yml. Modify it according to your setup.
Check if the web consoles can be reached:
# if using vagrant
ansible-playbook -i .vagrant/provisioners/ansible/inventory/vagrant_ansible_inventory ansible/main.yml ansible/aux/check_webConsoleIsUp.yml
# if not using vagrant
ansible-playbook -i ansible/hosts.yml ansible/aux/check_webConsoleIsUp.ymlNAM can be a little finicky when it comes to time sincronization.
# if not using vagrant
ansible-playbook -i ansible/hosts.yml ansible/aux/ntp_check.yml
# if not using
ansible-playbook -i ansible/hosts.yml --tags "health-check"