{"id":27204154,"url":"https://github.com/tonyreveal/aap_preflight","last_synced_at":"2025-08-19T09:09:12.514Z","repository":{"id":244984934,"uuid":"816875404","full_name":"tonyreveal/aap_preflight","owner":"tonyreveal","description":null,"archived":false,"fork":false,"pushed_at":"2024-10-02T00:58:16.000Z","size":55,"stargazers_count":2,"open_issues_count":4,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-09T22:57:40.596Z","etag":null,"topics":["aap","ansible","ansible-automation-platform","ansible-controller","ansible-tower","automation-controller","automatoin"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tonyreveal.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-06-18T15:05:54.000Z","updated_at":"2025-04-09T20:29:40.000Z","dependencies_parsed_at":"2024-06-24T15:17:56.306Z","dependency_job_id":"80498e9d-513d-49e4-afe3-1a8e67ba28fa","html_url":"https://github.com/tonyreveal/aap_preflight","commit_stats":null,"previous_names":["tonyreveal/aap_preflight"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/tonyreveal/aap_preflight","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tonyreveal%2Faap_preflight","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tonyreveal%2Faap_preflight/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tonyreveal%2Faap_preflight/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tonyreveal%2Faap_preflight/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tonyreveal","download_url":"https://codeload.github.com/tonyreveal/aap_preflight/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tonyreveal%2Faap_preflight/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":271128562,"owners_count":24703876,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-19T02:00:09.176Z","response_time":63,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aap","ansible","ansible-automation-platform","ansible-controller","ansible-tower","automation-controller","automatoin"],"created_at":"2025-04-09T22:57:39.829Z","updated_at":"2025-08-19T09:09:12.481Z","avatar_url":"https://github.com/tonyreveal.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# aap_preflight\n\nThe playbooks included in this repository are intended to help validate all AAP port connectivity, \ndatabase credentials (when applicable), etc before attempting to install.  Also included is a playbook to do a post-install validation of a cluster to ensure services are all running, required users were created successfully and correctly, umask is 0022 for the AWX user, etc\n\nThe pre-install playbook does not cover every possible scenario.  But it does validate that all nodes in the inventory have appropriate connectivity and that any credentials specified for a non-AAP installer managed database are good.\n\nSee list of [pre-install checks](#pre-install-checks-performed) below.\n\nSee list of [post-install checks](#post-install-checks-performed) below.\n\n\n## Playbook(s):\n\n| Playbook Name| Description |\n|---|---|\n| `preinstall_checks.yml` | Uses the AAP install inventory to perform pre-installation validation tasks. |\n| `postinstall_tasks.yml` | Uses the AAP install inventory to perform post-installation tasks. |\n| `assess_deployment.yml` | Uses the AAP inventory to assess an existing AAP deployment. |\n\n\n## Other Recommendations:\n\nIf you are deploying a large AAP cluster with instance groups and hop nodes in your inventory, I suggest you run `./setup.sh -- --tag generate_dot_file` before you perform the install.  This will generate a file called `mesh-topology.dot`.  You can then copy the contents of the dot file into [GraphViz Online]('https://dreampuf.github.io/GraphvizOnline') to view the topology and make sure it looks correct.\n\n\n\n### Usage:\n\nThe inventory used must be your AAP install inventory file\n\n`ansible-playbook preinstall_checks.yml -i inventory`\n\n\n### Pre-install checks performed:\n\n- Installs nmap-ncat (for port connectivity tests)\n- Installs python-psutil (for getting ruby / chef PIDs to make sure chef-client is stopped)\n- Installs python3.9-psycopg2 (required for database tests)\n- Disables appstream repo on all hosts in inventory\n- Enables baseos repo on all hosts in inventory\n- Check if Chef-Client is installed\n- Check if Chef-Client service is running\n- Stops and Disables chef-client on all hosts in inventory if installed and running\n- AAP install database validation\n  - Check all pg_* vars for controller database\n  - Check all automationhub_pg_* vars for automation hub\n  - Check all automationedacontroller_pg_* vars for eda controller\n- Non-AAP install managed database tests\n  - Controller:\n    - Port connectivity test using nc\n    - Database credential test (attempt to login)\n  - Automation Hub:\n    - Port connectivity test using nc\n    - Database credential test (attempt to login)\n    - Install hstore extension\n  - EDA Controller:\n    - Port connectivity test using nc\n    - Database credential test (attempt to login)\n- Check if Automation Hub is clustered\n  - Check all all nodes have /var/lib/pulp mounted\n  - Verify `automationhub_main_url` is set\n\n\n### Post-install checks performed:\n\n- Re-enables repositories on all hosts in inventory\n- Ensures AAP repository is disabled (required for patching)\n- Re-enables chef-client if installed as a service\n  - I really don't like the idea of managing AAP with Chef\n- Checks that all appropriate groups are created on controllers, execution, and hop nodes\n- Checks that all appropriate users are created and members of the correct groups on controllers, execution, and hop nodes\n- Check Hop node receptor port connectivity to Controller.\n  - Checks if receptor is installed.\n  - Checks if receptor service is running.\n  - If receptor is installed and running then this block should successfully report a connection, provided ACLs and firewall ports are set correctly.\n  - Returns \"no route to host\" if port is not open but that could include situations where firewalld port on the controller node isn't enabled or if Receptor isn't already installed.\n- Check Execution node receptor port connectivity to Controller if not behind a hop node.\n  - Checks if receptor is installed.\n  - Checks if receptor service is running.\n  - If receptor is installed and running then this block should successfully report a connection, provided ACLs and firewall ports are set correctly.\n  - Returns \"no route to host\" if port is not open but that could include situations where firewalld port on the controller node isn't enabled or if Receptor isn't already installed.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftonyreveal%2Faap_preflight","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftonyreveal%2Faap_preflight","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftonyreveal%2Faap_preflight/lists"}