Consider setup and usage of Ansible AWX #616
Description
We currently run ansible playbooks from multiple repositories, clusters and manual/locally.
- aenode CI deployments (multiple networks)
- aenode manual deployments
- aenode "local" (run on node machine during boot)
- aenode scheduled database snapshots (AWS ECS)
- various maintenance playbooks (manage nodes, peer keys, etc.)
All of the above need access to secrets (currently in Hashi Vault) and remote inventory.
The new tool should allow to homogenize the configuration, access control and much easier playbook runs in general.
- CI deployments
- Could run on Github webhooks? The downside being not failing the build.
- Sync API calls to the tower
- deployments: same as manual runs, see below
- "local" machine runs should be actually run from the remote tower, but it somehow should trigger (webhook/API?)
- scheduled jobs should be easy in AWX
- manual runs should be very easy in AWX
The AWX should have access to AWS (dynamic inventory), SSH (run) and Hash Vault