IAG 2023.3 and 2023.2 RHEL 8 install

The following is a step-by-step guide for installing Itential Automation Gateway (IAG) on RHEL 8.

If you’re installing IAG on a different platform, you need to install or compile Python 3.9.
After installing Python 3.9, follow the steps starting with Set up directory and virtual environment.

Refer to the IAG system requirements for information on the software repository and registry credentials available for each IAG installation method.

Python packages for integration

2023.2.7 and later

2023.2.0–2023.2.6

Starting with 2023.2.7, IAG automatically installs the necessary Python packages for the following integrations:

GRPC
HashiCorp Vault
LDAP
Netconf
Netmiko
Nornir
Ansible

No additional steps are required.

Root access

This method requires root access on the server where you’re installing IAG.

$ sudo su

Install system packages

$ dnf -y install python39 python39-devel make gcc-c++

Set up directory and virtual environment

$ mkdir /opt/automation-gateway
$ cd /opt/automation-gateway
$ python3.9 -m venv .venv

Activate the virtual environment for your current session.

$ source /opt/automation-gateway/.venv/bin/activate

All following commands must be run in the virtual environment.

Include the virtual environment in default shell

This step is optional but recommended. It activates the virtual environment for every shell you open.

$ echo source /opt/automation-gateway/.venv/bin/activate > /etc/profile.d/venv.sh

Install Itential Automation Gateway

Work with your Itential account manager to obtain the whl file and place it in /tmp on the IAG server.

Replace <version> with the version of IAG you’re installing. For example: pip install /tmp/automation_gateway-3.198.19+2022.1.8-py3-none-any.whl

$ pip install /tmp/automation_gateway-<version>-py3-none-any.whl

Install Ansible

$ pip install ansible==2.10.7

Install Terraform (optional)

$ yum install -y yum-utils
$ yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo
$ yum -y install terraform

If the above commands don’t work on your platform, download Terraform directly: Install Terraform.

Configure the service

The following configurations can be adjusted for your environment. By default, IAG runs using gunicorn. You can add a front-end HTTP server such as NGINX or HAProxy in front of this service configuration. Configurations for NGINX and HAProxy are outside the scope of this documentation.

Create user

Create a user to run automation-gateway with gunicorn.

$ useradd itential

Set up folders

$ mkdir /var/lib/automation-gateway
$ mkdir /etc/automation-gateway
$ chown itential /var/lib/automation-gateway

Configure Itential Automation Gateway

Copy the configuration file included in the release and modify it for your environment.

$ cp \
>   /opt/automation-gateway/.venv/lib64/python3.9/site-packages/automation_gateway/properties.yml \
>   /etc/automation-gateway/properties.yml

Open the following file in a text editor and update any settings that differ from the defaults for your environment.

$ /etc/automation-gateway/properties.yml

Configure systemd

Create the following file in a text editor.

$ /etc/systemd/system/automation-gateway.service

Add the following default configuration.

1 [Unit]
2 Description=Itential Automation Gateway
3 After=network.target
4 
5 [Service]
6 User=itential
7 Restart=always
8 Type=simple
9 ExecStart=/opt/automation-gateway/.venv/bin/automation-gateway --properties-file=/etc/automation-gateway/properties.yml
10 WorkingDirectory=/tmp
11 Environment=MAX_EVENT_RES=15000000
12 Environment=PATH=/opt/automation-gateway/.venv/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
13 
14 [Install]
15 WantedBy=multi-user.target

Enable automation-gateway on boot and start the service.

$ systemctl enable automation-gateway
$ systemctl daemon-reload
$ systemctl start automation-gateway

Check service status

$ systemctl status automation-gateway

Open IAG in a browser

Replace server with the hostname of the server where you installed IAG.


URL	`http://server:8083/`
Default username	`admin@itential`
Default password	`admin`

Install additional content

Install custom content, playbooks, and scripts to use with IAG.

$ # Create the custom content directories to match your configuration (below is default)
$ mkdir -p /usr/share/automation-gateway/ansible/inventory \
>          /usr/share/automation-gateway/ansible/modules \
>          /usr/share/automation-gateway/ansible/roles \
>          /usr/share/automation-gateway/ansible/collections \
>          /usr/share/automation-gateway/ansible/playbooks \
>          /usr/share/automation-gateway/nornir/modules \
>          /usr/share/automation-gateway/scripts \
>          /usr/share/automation-gateway/terraform
$ 
$ chown -R itential /usr/share/automation-gateway/

Folders and files

By default, IAG uses the following folders and files.

|
├── /etc/automation-gateway/
│   └── properties.yaml                       # Main configuration
|                                             (most settings are configured in UI after initial startup)
├── /opt/automation-gateway/
|   └── .venv/                                # Python virtual environment
|       └── lib/python3.9/site-packages/
|           └── automation_gateway/           # Where automation gateway source is installed
|
├── /var/lib/automation-gateway/
|   ├── automation-gateway.db                 # Main SQLite database
|   ├── automation-gateway_audit.db           # Audit logs
|   ├── automation-gateway_exec_history.db    # Exec history logs
|   └── automation-gateway.log                # Server logs
|
└── /usr/share/automation-gateway/
    ├── ansible/                               # Custom Ansible content
    ├── nornir/                                # Custom Nornir content
    ├── scripts/                               # Custom scripts content
    └── terraform/                             # Custom Terraform content