martinberger.swiss

Database

Oracle Linux Automation Manager Setup

3 min read

Thsi blog post show you how to setup and configure Oracle Linux Automation Manager on Oracle Linux 9.

The Compute Instance

Verify the hostname. In this example, an Oracle Cloud Infrastructure Compute Instance is used with a public IP address.

opc@ocw-olam ~]$ hostname -f
ocw-olam.sndatabasepubli.vcncompute.oraclevcn.com

Get the public IP address.

[opc@ocw-olam ~]$ sudo oci-public-ip
No public ip addresses found from OCI, falling back to the stun servers.
The stun servers do not provide details on the vNIC and might find only the primary IP address.

Public IPs information (primary on top):
    IP Address   |
-----------------
 132.226.221.114 |

Section 1: OS Setup

Link to the documentation: https://docs.oracle.com/en/operating-systems/oracle-linux-automation-manager/2/install2.3/awx_preparing_hosts.html#network

Login as OS user opc and set firewall rules.

sudo firewall-cmd --add-port=27199/tcp --permanent
sudo firewall-cmd --add-service=http --permanent
sudo firewall-cmd --add-service=https --permanent
sudo firewall-cmd --reload

Verify UEK8 is used (Kernel 6.12):

[opc@ocw-olam ~]$ uname -a
Linux ocw-olam 6.12.0-102.36.5.2.el9uek.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Aug 13 23:57:36 PDT 2025 x86_64 x86_64 x86_64 GNU/Linux

Enable DNF repositories:

sudo dnf config-manager --enable ol9_baseos_latest
sudo dnf install oraclelinux-automation-manager-release-el9-2.3
sudo dnf config-manager --enable ol9_addons ol9_UEKR8 ol9_appstream

Section 2: Setup PostgreSQL Database

Enable module and install PG16:

sudo dnf module reset postgresql
sudo dnf module enable postgresql:16

sudo dnf install postgresql-server

sudo postgresql-setup --initdb

Change the password method:

sudo sed -i "s/#password_encryption.*/password_encryption = scram-sha-256/"  /var/lib/pgsql/data/postgresql.conf

Start PG service:

sudo systemctl enable --now postgresql

sudo systemctl status postgresql

Create user AWX:

sudo su - postgres -c "createuser -S -P awx"

Set password - example: awx

Edit network access to allow remote access to the database:

sudo vi /var/lib/pgsql/data/pg_hba.conf

host  all  all 0.0.0.0/0 scram-sha-256

Edit PG settings for listen address:

sudo vi /var/lib/pgsql/data/postgresql.conf

listen_addresses = 'ocw-olam.sndatabasepubli.vcncompute.oraclevcn.com'

Restart PG:

sudo systemctl restart postgresql

Section 3: Setup Oracle Linux Automation Manager

sudo dnf install ol-automation-manager

Change Redis settings:

sudo vi /etc/redis/redis.conf

unixsocket /var/run/redis/redis.sock 
unixsocketperm 775

Edit user settings for OLAM (superseeds settings.py):

sudo vi /etc/tower/conf.d/olam.py

CLUSTER_HOST_ID = "ocw-olam.sndatabasepubli.vcncompute.oraclevcn.com"
DATABASES = {
    'default': {
        'ATOMIC_REQUESTS': True,
        'ENGINE': 'awx.main.db.profiled_pg',
        'NAME': 'awx',
        'USER': 'awx',
        'PASSWORD': 'awx',
        'HOST': 'ocw-olam.sndatabasepubli.vcncompute.oraclevcn.com',
        'PORT': '5432',
    }
}

Change owner an permission for file olam.py.

sudo chown awx:awx /etc/tower/conf.d/olam.py
sudo chmod 0640 /etc/tower/conf.d/olam.py

Pull OLAM image from Oracle Container Registry and create OLAM user awx:

sudo su -l awx -s /bin/bash
podman system migrate
podman pull container-registry.oracle.com/oracle_linux_automation_manager/olam-ee:2.3-ol8
exit

sudo su -l awx -s /bin/bash
awx-manage migrate
awx-manage createsuperuser --username admin --email martin.berger.swiss@proton.me
exit

Create new NGINX certificate:

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/tower/tower.key -out /etc/tower/tower.crt

Remove unused settings:

sudo vi /etc/nginx/nginx.conf

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;
}

Section 3: Installing Oracle Linux Automation Manager on a Single-Host Deployment

Provision instance and set execution environment:

sudo su -l awx -s /bin/bash

awx-manage provision_instance --hostname=ocw-olam.sndatabasepubli.vcncompute.oraclevcn.com

awx-manage register_default_execution_environments

awx-manage register_queue --queuename=default --hostnames=ocw-olam.sndatabasepubli.vcncompute.oraclevcn.com

awx-manage register_queue --queuename=controlplane --hostnames=ocw-olam.sndatabasepubli.vcncompute.oraclevcn.com

Change Receptor settings:

sudo vi /etc/receptor/receptor.conf

Update the configuration file with these settings.

---
- node:
    id: 172.16.7.69
 
- log-level: debug
 
- tcp-listener:
    port: port_number
 
- control-service:
    service: control
    filename: /var/run/receptor/receptor.sock
 
- work-command:
    worktype: local
    command: /var/lib/ol-automation-manager/venv/awx/bin/ansible-runner
    params: worker
    allowruntimeparams: true
#    verifysignature: true

Section 4: Start Oracle Linux Automation Manager

Enable and start the service.

sudo systemctl enable --now ol-automation-manager.service

Verify web access by browser and public ip: https://your-public-ip.