RHEL8 Full Install (IAG 2023.3 & IAG 2023.2)
  • 07 Aug 2024
  • Dark
    Light
  • PDF

RHEL8 Full Install (IAG 2023.3 & IAG 2023.2)

  • Dark
    Light
  • PDF

Article summary

The following is a step-by-step guide for installing IAG on RHEL 8.

  • If you are installing Automation Gateway on a different platform you will need to install/compile Python 3.9.

  • After installing Python 3.9 follow the steps starting with Setup Directory and Virtual Environment.

  • If you encounter any problems during the install or have questions, please contact the Product Support Team.

Refer to the General Prerequisites for information on the Software Repository and Registry Credentials that can be used with the various IAG installation methods.

Python Packages for Integration

Python Packages included for version 2023.2.7+

Starting with 2023.2.7, the below steps are no longer necessary as IAG will automatically install the necessary Python packages for:

• GRPC
• Hashicorp Vault
• LDAP
• Netconf
• Netmiko
• Nornir
• Ansible


For the 2023.2.0 - 2023.2.6 releases, IAG will no longer install Python packages for the following optional integrations:

• GRPC
• Hashicorp Vault
• LDAP
• Netconf
• Netmiko
• Nornir

This should not impact upgrades as the required packages should already be installed.

For new installs of IAG, if one of the above optional integrations is enabled and a user has not installed the proper package, the server will not start and will present the user with an error message for the packages required. Enabling the integrations will require the user to install the packages within the Virtual Environment that IAG is running in.

GRPC

python3 -m pip install pygnmi==0.8.9 grpcio==1.53.0

HashiCorp Vault

python3 -m pip install hvac==1.0.2

LDAP

python3 -m pip install ldap3==2.9.1 flask-ldap3-login==0.9.18

Netconf

python3 -m pip install ncclient==0.6.10

Netmiko

python3 -m pip install netmiko==4.1.2

Nornir

python3 -m pip install nornir==3.3.0 nornir-netmiko==0.2.0 nornir-utils==0.2.0

Uninstalled Options Error

If an attempt is made to enable an option that has not been installed, an error message will be shown.

In the example below (Figure 1), an attempt to enable Nornir has been made. However, it has not been installed and a warning is displayed prompting the user to verify it is installed, followed by restarting the server environment.

Figure 1: Nornir Not Installed Warning
01_Error_2023_2

Root Access

This method assumes you have root access on the server in which IAG will be installed on.

sudo su

Install System Packages

Run the following to install system packages.

dnf -y install python39 python39-devel make gcc-c++

Set Up Directory and Virtual Environment

Run the following to set up the directory and virtual environment.

mkdir /opt/automation-gateway
cd /opt/automation-gateway
python3.9 -m venv .venv

Run this command to activate the virtual environment for your current session.

source /opt/automation-gateway/.venv/bin/activate

Make sure you are in the virtual environment for all following commands.

Include the Virtual Environment in Default Shell

This command is optional but recommended and will allow every shell you open to have the virtual environment.

echo source /opt/automation-gateway/.venv/bin/activate > /etc/profile.d/venv.sh

Install Automation Gateway

Work with your Itential Account Manager to obtain the whl file. Place this file in /tmp on the IAG server.

You will need to change <version> to be the version of IAG you are installing. For example: pip install /tmp/automation_gateway-3.198.19+2022.1.8-py3-none-any.whl

pip install /tmp/automation_gateway-<version>-py3-none-any.whl

Install Ansible

Run the following to install Ansible.

pip install ansible==2.10.7

Install Terraform (Optional)

If the following does not work on your platform you can download Terraform directly using this link: Install Terraform Directly.

yum install -y yum-utils
yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo
yum -y install terraform

Service Configuration

The following configurations can be changed to reflect your environment. By default Itential runs Automation Gateway using gunicorn. You may want to add an additional front-end HTTP server (e.g., NGINX, HAProxy) in front of this service configuration. Settings that use NGINX or HAProxy are outside the scope of this documentation.

Create User

Create a user that will run automation-gateway using gunicorn.

useradd itential

Set Up Folders

Set up your folders for the database, logs, and other files.

mkdir /var/lib/automation-gateway
mkdir /etc/automation-gateway
chown itential /var/lib/automation-gateway

Automation Gateway Configuration

Copy the configuration included in the release and modify it for your needs.

cp \
  /opt/automation-gateway/.venv/lib64/python3.9/site-packages/automation_gateway/properties.yml \
  /etc/automation-gateway/properties.yml

Modify the following file with a preferred text editor to make any changes that are relevant to your environment and differ from the default.

/etc/automation-gateway/properties.yml

Systemd Configuration

To configure systemd for automation-gateway, create the following file with a preferred text editor.

/etc/systemd/system/automation-gateway.service

Use the following default configuration for systemd.

[Unit]
Description=Itential Automation Gateway
After=network.target

[Service]
User=itential
Restart=always
Type=simple
ExecStart=/opt/automation-gateway/.venv/bin/automation-gateway --properties-file=/etc/automation-gateway/properties.yml
WorkingDirectory=/tmp
Environment=MAX_EVENT_RES=15000000
Environment=PATH=/opt/automation-gateway/.venv/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

[Install]
WantedBy=multi-user.target

Enable automation-gateway on boot and start the service.

systemctl enable automation-gateway
systemctl daemon-reload
systemctl start automation-gateway

Check the Status of the Service

Verify the service has started correctly.

systemctl status automation-gateway

Open Automation Gateway in a Web Browser

Server is the name of the host you installed IAG on.

http://server:8083/
Default username: admin@itential
Default password: admin

Install Additional Content

You can now install additional custom content, playbooks, and scripts to use with IAG.

# Create the custom content directories to match your configuration (below is default)
mkdir -p /usr/share/automation-gateway/ansible/inventory \
         /usr/share/automation-gateway/ansible/modules \
         /usr/share/automation-gateway/ansible/roles \
         /usr/share/automation-gateway/ansible/collections \
         /usr/share/automation-gateway/ansible/playbooks \
         /usr/share/automation-gateway/nornir/modules \
         /usr/share/automation-gateway/scripts \
         /usr/share/automation-gateway/terraform

chown -R itential /usr/share/automation-gateway/

Folders and Files

By default IAG uses the following folders and files.

|
├── /etc/automation-gateway/
│   └── properties.yaml                       # Main configuration
|                                             (most settings are configured in UI after initial startup)
├── /opt/automation-gateway/
|   └── .venv/                                # Python virtual environment
|       └── lib/python3.9/site-packages/
|           └── automation_gateway/           # Where automation gateway source is installed
|
├── /var/lib/automation-gateway/
|   ├── automation-gateway.db                 # Main SQLite database
|   ├── automation-gateway_audit.db           # Audit logs
|   ├── automation-gateway_exec_history.db    # Exec history logs
|   └── automation-gateway.log                # Server logs
|
└── /usr/share/automation-gateway/
    ├── ansible/                               # Custom ansible content
    ├── nornir/                                # Custom nornir content
    ├── scripts/                               # Custom scripts content
    └── terraform/                             # Custom terraform content

Next Steps

Once you have successfully started Automation Gateway, you will want to ensure the properties.yml file and integrations are working as expected. See the Operations section for details on utilizing Automation Gateway.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.