GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → autops → Awx Migrate

autops / Awx Migrate

Licence: apache-2.0
Tool to migrate AWX to a new instance

Programming Languages

python
139335 projects - #7 most used programming language

Labels

ansiblesecretspasswords

Projects that are alternatives of or similar to Awx Migrate

Privy
An easy, fast lib to correctly password-protect your data
Stars: ✭ 230 (+158.43%)
Mutual labels:  secrets, passwords
Passcat
Passwords Recovery Tool
Stars: ✭ 164 (+84.27%)
Mutual labels:  secrets, passwords
Cryptr
Cryptr: a GUI for Hashicorp's Vault
Stars: ✭ 324 (+264.04%)
Mutual labels:  secrets, passwords
Whispers
Identify hardcoded secrets and dangerous behaviours
Stars: ✭ 66 (-25.84%)
Mutual labels:  secrets, passwords
ink
A Logger backend that logs JSON
Stars: ✭ 64 (-28.09%)
Mutual labels:  secrets, passwords
envy
Use envy to manage environment variables with your OS keychain
Stars: ✭ 23 (-74.16%)
Mutual labels:  secrets, passwords
Whaler
Program to reverse Docker images into Dockerfiles
Stars: ✭ 670 (+652.81%)
Mutual labels:  secrets, passwords
Secretserver
Secret Server PowerShell Module
Stars: ✭ 82 (-7.87%)
Mutual labels:  secrets
Secrets
secrets kept safe
Stars: ✭ 85 (-4.49%)
Mutual labels:  secrets
Packer Ubuntu 1404
DEPRECATED - Packer Example - Ubuntu 14.04 Vagrant Box using Ansible provisioner
Stars: ✭ 81 (-8.99%)
Mutual labels:  ansible
Pwned Passwords
🔐Go client library for checking values against compromised HIBP Pwned Passwords
Stars: ✭ 81 (-8.99%)
Mutual labels:  passwords
Jjg Ansible Windows
[DEPRECATED] Windows shell provisioning script to bootstrap Ansible from within a Vagrant VM.
Stars: ✭ 82 (-7.87%)
Mutual labels:  ansible
Dotfiles
My precious configs
Stars: ✭ 85 (-4.49%)
Mutual labels:  ansible
Kubernetes The Ansible Way
Bootstrap Kubernetes the Ansible way on Everything (here: Vagrant). Inspired by Kelsey Hightower´s kubernetes-the-hard-way, but refactored to Infrastructure-as-Code.
Stars: ✭ 82 (-7.87%)
Mutual labels:  ansible
Ubuntu1604 Cis
Ubuntu CIS Hardening Ansible Role
Stars: ✭ 88 (-1.12%)
Mutual labels:  ansible
Ansible Role Firewall
A role to manage iptables rules which doesn't suck.
Stars: ✭ 81 (-8.99%)
Mutual labels:  ansible
Learning Tools
A collection of tools and files for learning new technologies
Stars: ✭ 1,287 (+1346.07%)
Mutual labels:  ansible
Catesta
Catesta is a PowerShell module project generator. It uses templates to rapidly scaffold test and build integration for a variety of CI/CD platforms.
Stars: ✭ 88 (-1.12%)
Mutual labels:  secrets
Securelogin
This version won't be maintained!
Stars: ✭ 1,259 (+1314.61%)
Mutual labels:  passwords
Devbox Golang
A Vagrant box with Ansible provisioning for setting up a vim-based Go(lang) development environment
Stars: ✭ 84 (-5.62%)
Mutual labels:  ansible
View All Similar Projects ➔

Welcome to Autops awx-migrate

awx-migrate is a command line tool for Ansible AWX. It leverages the tower-cli command, makes a full backup of an AWX instance, and adds the secrets to the exported credentials, which tower-cli leaves empty.

It then dumps the whole export including credential secrets in json to stdout, which you can redirect to a file. It also takes all config settings from the database - including LDAP settings and adds or updates them in a new instance.

This tool allows you to fully migrate an AWX setup, and is a workaround for not being able to upgrade AWX. (See https://github.com/ansible/awx/blob/devel/DATA_MIGRATION.md)

For more information, on tower-cli look at http://tower-cli.readthedocs.io.

Things that are not migrated

  • logs
  • encrypted data in the conf_setting table (e.g. LDAP Bind password)

Requirements

Python

  • Python 2.7
  • tower_cli
  • psycopg2
  • cryptography

Configuration

AWX - separately configure how to connect to both the old and the new instance

  • The AWX secret_key, used to encrypt and decrypt secrets
  • credentials for an AWX admin user
  • connection information and credentials to directly access the postgresql DB

and this for both the source and destination AWX instance and its postgresql database

How-to

  • edit awx-migrate-wrapper and set the right AWX_SRC_* and AWX_DST_* environment variables as needed, the former being for the source instance, the latter for the destination instance
  • configure tower-cli config to connect to the source awx instance you want to migrate from
  • execute awx-migrate-wrapper and it will redirect stdout to awx-data.json, then split each asset_type in different files so you can restore them seperately and in the best possible way.
  • watch stderr for possible error messages
  • if you use LDAP or other config settings that require an encrypted secret, update it manually
  • configure tower-cli config to connect to the destination awx instance you want to migrate to
  • restore awx data with tower-cli send awx-data.json

Bugs

  • Tested migrating from AWX 1.0.7.2 to 2.0.1. Several objects where not restored due to missing users: there's bug in 1.0.x? where the export of users is broken/missing so that tower-cli cannot import them again. (see https://github.com/ansible/tower-cli/pull/586#issuecomment-432176155)
  • Currently this script assumes all credentials have a unique name, which however isn't enforced by AWX. If you have those, PR is welcome!
  • Encrypted secrets in the conf_settings table are not decrypted. Need info on how to decrypt/encrypt them

Warning

This script was written for and tested in a specific setup and particular environment, lot's of issues or bugs can still arise

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].