Chapter 5. Disconnected installation
If you are not connected to the internet or do not have access to online repositories, you can install Red Hat Ansible Automation Platform without an active internet connection.
5.1. Prerequisites
Before installing Ansible Automation Platform on a disconnected network, you must meet the following prerequisites:
A subscription manifest that you can upload to the platform.
For more information, see Obtaining a manifest file.
- The Ansible Automation Platform setup bundle at Customer Portal is downloaded.
- The DNS records for the automation controller and private automation hub servers are created.
5.2. Ansible Automation Platform installation on disconnected RHEL
You can install Ansible Automation Platform without an internet connection by using the installer-managed database located on the automation controller. The setup bundle is recommended for disconnected installation because it includes additional components that make installing Ansible Automation Platform easier in a disconnected environment. These include the Ansible Automation Platform Red Hat package managers (RPMs) and the default execution environment (EE) images.
Additional Resources
For a comprehensive list of pre-defined variables used in Ansible installation inventory files, see Ansible variables.
5.2.1. System requirements for disconnected installation
Ensure that your system has all the hardware requirements before performing a disconnected installation of Ansible Automation Platform. You can find these in system requirements.
5.2.2. RPM Source
RPM dependencies for Ansible Automation Platform that come from the BaseOS and AppStream repositories are not included in the setup bundle. To add these dependencies, you must first obtain access to BaseOS and AppStream repositories. Use Satellite to sync repositories and add dependencies. If you prefer an alternative tool, you can choose between the following options:
- Reposync
- The RHEL Binary DVD
The RHEL Binary DVD method requires the DVD for supported versions of RHEL. See Red Hat Enterprise Linux Life Cycle for information on which versions of RHEL are currently supported.
Additional resources
5.3. Synchronizing RPM repositories using reposync
To perform a reposync you need a RHEL host that has access to the internet. After the repositories are synced, you can move the repositories to the disconnected network hosted from a web server.
When downloading RPM, ensure you use the applicable distro.
Procedure
Attach the BaseOS and AppStream required repositories:
# subscription-manager repos \ --enable rhel-9-for-x86_64-baseos-rpms \ --enable rhel-9-for-x86_64-appstream-rpms
Perform the reposync:
# dnf install yum-utils # reposync -m --download-metadata --gpgcheck \ -p /path/to/download
Use reposync with
--download-metadata
and without--newest-only
. See RHEL 8 Reposync.-
If you are not using
--newest-only,
the repos downloaded may take an extended amount of time to sync due to the large number of GB. -
If you are using
--newest-only,
the repos downloaded may take an extended amount of time to sync due to the large number of GB.
-
If you are not using
After the reposync is completed, your repositories are ready to use with a web server.
- Move the repositories to your disconnected network.
5.4. Creating a new web server to host repositories
If you do not have an existing web server to host your repositories, you can create one with your synced repositories.
Procedure
Install prerequisites:
$ sudo dnf install httpd
Configure httpd to serve the repo directory:
/etc/httpd/conf.d/repository.conf DocumentRoot '/path/to/repos' <LocationMatch "^/+$"> Options -Indexes ErrorDocument 403 /.noindex.html </LocationMatch> <Directory '/path/to/repos'> Options All Indexes FollowSymLinks AllowOverride None Require all granted </Directory>
Ensure that the directory is readable by an apache user:
$ sudo chown -R apache /path/to/repos
Configure SELinux:
$ sudo semanage fcontext -a -t httpd_sys_content_t "/path/to/repos(/.*)?" $ sudo restorecon -ir /path/to/repos
Enable httpd:
$ sudo systemctl enable --now httpd.service
Open firewall:
$ sudo firewall-cmd --zone=public --add-service=http –add-service=https --permanent $ sudo firewall-cmd --reload
On automation services, add a repo file at /etc/yum.repos.d/local.repo, and add the optional repos if needed:
[Local-BaseOS] name=Local BaseOS baseurl=http://<webserver_fqdn>/rhel-8-for-x86_64-baseos-rpms enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release [Local-AppStream] name=Local AppStream baseurl=http://<webserver_fqdn>/rhel-8-for-x86_64-appstream-rpms enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
5.5. Accessing RPM repositories from a locally mounted DVD
If you plan to access the repositories from the RHEL binary DVD, you must first set up a local repository.
Procedure
Mount DVD or ISO:
DVD
# mkdir /media/rheldvd && mount /dev/sr0 /media/rheldvd
ISO
# mkdir /media/rheldvd && mount -o loop rhrhel-8.6-x86_64-dvd.iso /media/rheldvd
Create yum repo file at
/etc/yum.repos.d/dvd.repo
[dvd-BaseOS] name=DVD for RHEL - BaseOS baseurl=file:///media/rheldvd/BaseOS enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release [dvd-AppStream] name=DVD for RHEL - AppStream baseurl=file:///media/rheldvd/AppStream enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Import the gpg key:
# rpm --import /media/rheldvd/RPM-GPG-KEY-redhat-release
If the key is not imported you will see an error similar to
# Curl error (6): Couldn't resolve host name for https://www.redhat.com/security/data/fd431d51.txt [Could not resolve host: www.redhat.com]
Additional Resources
For further detail on setting up a repository see Need to set up yum repository for locally-mounted DVD on Red Hat Enterprise Linux 8.
5.6. Downloading and installing the Ansible Automation Platform setup bundle
Choose the setup bundle to download Ansible Automation Platform for disconnected installations. This bundle includes the RPM content for Ansible Automation Platform and the default execution environment images that will be uploaded to your private automation hub during the installation process.
Procedure
- Download the Ansible Automation Platform setup bundle package by navigating to the Red Hat Ansible Automation Platform download page and clicking for the Ansible Automation Platform 2.5 Setup Bundle.
On control node, untar the bundle:
$ tar xvf \ ansible-automation-platform-setup-bundle-2.5-1.tar.gz $ cd ansible-automation-platform-setup-bundle-2.5-1
- Edit the inventory file to include variables based on your host names and desired password values.
See section 3.2 Inventory file examples base on installation scenarios for a list of examples that best fits your scenario.
5.7. Completing post installation tasks
After you have completed the installation of Ansible Automation Platform, ensure that automation hub and automation controller deploy properly.
Before your first login, you must add your subscription information to the platform. To obtain your subscription information in uploadable form, see Obtaining a manifest file in Access management and authentication.
Once you have obtained your subscription manifest, see Getting started with Ansible Automation Platform for instructions on how to upload your subscription information.
Now that you have successfully installed Ansible Automation Platform, to begin using its features, see the following guides for your next steps: