- Local password manager with Bitwarden unified - Mon, Feb 6 2023
- Prepare AD synchronization with Azure Active Directory using IdFix - Tue, Jan 31 2023
- Manage Windows security and optimization features with Microsoft’s free PC Manager - Mon, Jan 23 2023
Ansible is a great automation tool for configuration management, allowing an automated means of implementing changes across a server environment. This includes the ability to automate both Windows and Linux server configurations. In general, you can run Ansible freely by downloading the module and running configurations and playbooks from the command line. However, this may not scale well in many environments, such as those with multiple admins, a GUI interface, REST API access, and centralized management.
Red Hat Ansible Tower is Red Hat’s commercial Ansible offering that fills the needs listed above; however, you may not be aware of the AWX Project from Red Hat. It provides an open-source version of Ansible Tower that may suit the needs of Tower functionality in many environments. Let’s take a look at Ansible Tower vs Ansible AWX for Automation and see which one you should choose.
What is Ansible Tower?
Ansible Tower may be the more familiar option for Ansible users as it is the commercial GUI Ansible tool that provides the officially supported GUI interface, API access, role-based access, scheduling, notifications, and other nice features that allow businesses to manage environments easily with Ansible. Once an organization is operating Red Hat Ansible at a particular scale, it can become difficult to manage its Ansible automation environment when using the simple Ansible command-line tools.
Red Hat Ansible Tower is the solution to this problem as it provides the more ‘enterprise’ features to the solution by allowing a more scaled approach for multiple automation users/access and providing the integrations that most expect from an automation platform.
When looking at Scaling, Tower provides the following:
- Management of multiple environments spanning geographically diverse environments that are accessible by Tower users.
- You can create segmentation between users and resources for the purposes of security and role-based access control. This allows assigning permissions to users and only allowing them access to the resources they have permission to access through Ansible Tower.
- Centralization of resources through Tower allows enterprise teams to share resources, such as playbooks and workflows.
Ansible Tower is a commercial ‘pay for’ product that comes in two versions – Standard and Premium. Looking at the two versions, the prices range as follows:
- Standard - $13,000/year, up to 100 nodes, 8x5 support
- Premium - $17,500/year, up to 100 nodes, 24x7 support
- Check out the pricing page at https://www.ansible.com/products/tower/pricing
If you want to test out Ansible Tower in a POC environment or simply use it in a small lab, Red Hat does offer a free 10-node license that allows you to use full enterprise features for up to 10 nodes with Tower. You apply for this license when requesting the license key. It is noted as a self-support (10 managed nodes) license.
Ansible Tower requirements
Supported Operating Systems:
- Red Hat Enterprise Linux 6 64-bit
- Red Hat Enterprise Linux 7 64-bit
- CentOS 6 64-bit
- CentOS 7 64-bit
- Ubuntu 12.04 LTS 64-bit
- Ubuntu 14.04 LTS 64-bit
Prerequisites:
- The latest stable release of Ansible
- 2 GB RAM minimum (4+ GB RAM recommended)
- 2 GB RAM (minimum and recommended for Vagrant trial installations)
- 4 GB RAM is recommended per 100 forks
- 20 GB hard disk
64-bit support required (kernel and runtime)
Ansible Tower feature list:
- A graphical user interface dashboard
- Role-based access control
- Job scheduling
- Graphical inventory management
- Multi-playbook workflow
- RESTful APIs
- External logging integrations
- Real-time job status updates
- Red Hat Technical Support team
- Red Hat Customer Portal access
What is Ansible AWX?
Ansible AWX is the open-sourced project that was the foundation on which Ansible Tower was created. With this being said, Ansible AWX is a development branch of code that only undergoes minimal testing and quality engineering testing. There are other drawbacks to enterprise adoption, including the lack of signed images for using it in the enterprise, support being offered, and a complex or lack of real versioning being present with upgrades.
Ansible is planning on continuing to mature the product lifecycle of Ansible AWX so that it is in tighter lock-step with Ansible Tower releases. However, Ansible AWX is a powerful open-source, freely available project for testing or using Ansible AWX in a lab, development, or other POC environment.
Perhaps the greatest benefit of AWX over Tower is that you have all of the enterprise features for an unlimited number of nodes. You are not limited by the free ’10-node’ limit for Ansible Tower. Basically, one of the major differences you will see between AWX and Tower is a different logo for the products. They look extremely similar.
Ansible AWX prerequisites
- Ansible Requires Version 2.4+
- Docker
- A recent version
- Docker Python module
- This is incompatible with docker-py. If you have previously installed docker-py, please uninstall it.
- We use this module instead of docker-py because it is what the docker-compose Python module requires.
- GNU Make
- Git Requires Version 1.8.4+
- Node 10.x LTS version
- NPM 6.x LTS
What are the System Requirements for AWX?
- At least 4GB of memory
- At least 2 CPU cores
- At least 20GB of space
- Running Docker, Openshift, or Kubernetes
- If you choose to use an external PostgreSQL database, please note that the minimum version is 9.6+
Ansible Tower vs Ansible AWX - Pros and cons
When looking at the two different products from Red Hat to provide GUI access to Ansible tooling and automation, which product would you choose? Well, each product has its strengths. Let’s take a look at a quick high-level look at the pros and cons of each solution and why you would choose each for comparison.
Ansible Tower
Ansible Tower is the full-blown commercial product that is supported by Red Hat and offers what you would expect from a ‘pay for’ product providing tooling or other automation services, including support.
Pros
- Fully supported
- Release cycles
- Fully tested for quality and engineering issues before release
- Provides a 10-node free license with full enterprise features
- Install/upgrades are well-documented and supported
Cons:
- It is expensive ($13000/17500 per year/100 node
- You may need more than 10 nodes for a dev/POC environment
- May be overkill for what you are trying to do
Ansible AWX
Ansible AWX is the open-source GUI Ansible automation tool from Red Hat that allows you to be able to have basically all of the features and functionality from Ansible Tower in a freely available format. In fact, it is noted from Red Hat that Tower is based on AWX. Let’s look at the pros and cons of Ansible AWX.
Pros
- Full enterprise features and functionality of Tower
- This is a free download
- Not limited to 10 nodes
- Great for POC/dev/lab environments
Cons
- Not supported
- Multiple releases in a single day are possible
- Not yet in lock-step with Ansible Tower releases
- Not a good choice for production environments
Do you choose Ansible Tower or Ansible AWX?
Since both Ansible Tower and AWX provide GUI management, API access, role-based security permissions, and the ability to scale across a large Ansible-driven automation solution, which do you choose? This decision basically comes down to stability and support. Most likely, in an enterprise production environment, stability and support are extremely important.
Ansible Tower is the supported enterprise automation platform that provides a stable, fully-tested, and supported release for both greenfield installations and upgrading. For production environments, Tower is definitely the product to choose.
However, Ansible Tower may be overkill for POC, DEV/TEST, or lab environments where you need all of the enterprise features that are found in Ansible Tower and need to manage more than 10 nodes (the limitation for the free Ansible Tower platform). Ansible AWX is free to download and is a great tool for use in non-production development or lab environments.
Subscribe to 4sysops newsletter!
Wrapping up
When looking at Ansible Tower vs Ansible AWX for Automation, it comes down to stability and support and where your needs may be. While you can use Ansible AWX for production, you will be running without the support and stability that comes with a well-tested software release. Ansible Tower is the fully tested GUI platform for providing centralized management, RBAC, and API access for production environments.
Hi Brandon,
First of all, Thank you for the article. My company is going to use the above software. I want to learn anisble. Where should I start from.
Thank you
Hi Brandon – thanks for the article. It's always good to have commercial vs. open source offerings compared, especially when they comingle.
There are some issues with the basic premise around AWX, however. AWX is the upstream project of Ansible Tower, much like OKD is the upstream project of OpenShift. Both are fairly well tested and production ready, contrary to your statements. As far as not being in lock-step with Tower, again, it's because Tower comes in behind AWX.
Features are generally incorporated first in to AWX before Tower, but the biggest limitation is the support. Tower can be fully supported with a Red Hat subscription (as noted) and AWX is community supported only.
It seems to me that while the article itself was well meaning, some of the important information about the projects is misleading, which is unfortunate. Perhaps a bit more research would be beneficial along with a revision to the initial publication.
Stefan,
I am also a big fan of Ansible AWX and have used it in many environments. Please note the thoughts comparing the differences between Ansible Tower and AWX presented in the article highlight what is published by Redhat themselves: https://www.redhat.com/en/resources/awx-and-ansible-tower-datasheet notably minimal testing and a lack of support for AWX, both of which will be considerations for organizations looking to deploy either platform.
Stefan,
AWX actually has a lesser feature set than Tower, even with it being upstream. For instance, there is no native clustering nor is there the option for isolated nodes (yet). It looks like Tower has had these for years, so it looks like they are purposely holding back features. I realize things like clustering are different because AWX is containerized, but there isn't really a standard installation method available from what I can see.
Isolated nodes feature missing
https://github.com/ansible/awx/issues/2320
Clustering missing
https://www.reddit.com/r/ansible/comments/akrnyk/ansible_awx_clustering/
Hi Brandon – thanks for the article.
Does both Ansible Tower and AWX have the same API ?