Configuration Management Options

Yes, we have came to the decision to use FreeIPA for identity management. It will likely be used for internal infrastructure DNS, but not external DNS (it doesn’t support views).


Roger that.

Good point.


I mentioned on another thread, I’ve been doing Puppet for a decade in a very large scale environment… And I think we should do Ansible. :slight_smile: Seems like there’s no opposition to Ansible, though…


As an Ansible expert working for everyone’s favorite chromatic head wear company, I’m all about being here to support Ansible!


It’s worth pointing out I’ve had success with running AWX on Podman on Centos8, if we’re wanting to keep it self hosted (as Centos8/RockyToBe doesn’t support docker as standard) -

Having AWX in a container may be useful for us. We will keep note of this for when we get the infra setup.


Looks great. But “Role is tested on Fedora server.” Is this role usable with CentOS 8 as is?

A coworker recently setup AWX with Docker on CentOS 8. It was painful.

As I said - yes I got it up and working relatively easily on a Centos 8.2 install.

1 Like

Hi folks. I work on the AWX/Tower team. I’m excited to see y’all are considering using it. I just came here to share this announcement regarding upcoming changes to the project’s architecture and deployment model:


Thank you for letting us know Shane!

I’m personally not a huge of Ansible because with proper time and coding it can’t really do anything you could not do already with SSH commands and bash scripting. Even less now that Red Hat belongs to IBM. It is very likely IBM will start to cut down on open source projects in the future.


I’m currently using awx in an rpm based setup for production. Multiple instances in groups, and ha (replication) postgresql backend. Not quite as simple as containers, but quite scalable. I’ve got the setup notes somewhere and can post up if needed.

Is this setup all in CentOS 7 or 8? I know there was a project with some RPM focus, but he never produced EL8 RPM’s.

My production one is 7 for app and 8 for db. I’ll see tonight if/how much works fully on 8.

I would like to see that. :slight_smile: I have had to fall back on the container install for AWX previously.

I would stick to Ansible, it is a Red Hat product and for those that teach RHEL courses can serve two purposes, show a free alternative to RHEL and show ansible. Any chance I got when teaching to show a community based project versus a paid product I would even if that was RHEL itself. I always pushed CentOS for learning and use if RHEL wasn’t mandated for some reason.

1 Like

You can’t really cut down on truly open source projects especially if they have rather large communities, I think this project (Rocky) is a testament to that. As long as the source is available and there’s an active community to support and use it, it will keep moving. I think the threat isn’t these companies “cutting back” but getting more involved in trying to push a project to go the way that benefits them, instead of the community at large. If IBM steps away from open source communities I don’t think there will be substantial harm if anything in some cases it would be better.


Hi! my 2 cents here. Ansible could be used for a configuration management and infrastructure provisioning , looks like it’s already decided. There are still some areas which could be covered by other tools. Say, people would want to run transition utilities that would change from CentOS to Rocky Linux. I’d suggest tooling repository as a solution for that. Feedback is welcome …

For deployments into AWS then Terraform + Packer + CI/CD are very powerful tools. Ansible is great for configuration management of servers, but for cloud resources Terraform gets my vote.

1 Like

This is actually already something we’ve got in the pipeline for Rocky’s release (or at least the repos going live). I believe there’s another forum topic for the transition tooling? But I’m not so sure that comes under the CM umbrella.

1 Like