Ansible Tower Provisioning Callbacks

One of Tower’s big selling points is the RESTful API. This allows systems to request certain templates to run against themselves from Tower. I leverage this on workstations with a systemd service and timer. Each workstation waits a predetermined time after boot and then does an API call to Tower. Tower then runs the workstation provision template against the system that requested it.

To enable callbacks, just check “Allow Provisioning Callbacks.” Tower then gives you the key and URL.

tower-callback

Tower has some pre-built scripts for a callback, or you can just use curl.

curl --data "host_config_key=d13a7b6e08e84c7d8f412b9754400a00"https://tower.example.com/api/v1/job_templates/26/callback/ -k

This has many benefits beyond just physical host provisioning. This allows systems to “check in” without using Ansible pull. And if the callback came from a host that isn’t in your inventory, it will fail in Tower. This adds some security so not just any random system can do a callback.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s