I have two awx installations.
One AWX is the backup of main installation.

I have used tower-cli to do the export/import of the objetcts of the AWX.

EXPORT

tower-cli receive --all> date +%m.%d.%y_%H.%M.%S_assets_awx.json

IMPORT

tower-cli send xxxxx.json

But this procedure doesn´t import

• Logs/history
• Credential passwords
• LDAP/AWX config

I find a project awx-migrate that makes a full backup of an AWX instance, and adds the secrets to the exported credentials, which tower-cli leaves empty.

https://github.com/autops/awx-migrate

I tried to install but when I execute the command awx-migrate-wrapper fails.

[root@ awx-migrate]# ./awx-migrate-wrapper
Traceback (most recent call last):
File “./awx-migrate”, line 16, in
from cryptography.fernet import Fernet, InvalidToken
ImportError: No module named cryptography.fernet

Has someone successfully used awx-migrate?

Hi Alberto,

I’m the author of the awx-migrate script.

The problem you encounter is due to not having the ndeed (Python) dependencies installed, which are documented in Pipfile:

• cryptography

• ansible-tower-cli

• psycopg2-binary

You can install them with the pipenv utility, or manually with pip, as you prefer.

HTH,

Serge

I have installed the dependencies OK.

[root@V99SRH-003024 backup]# pip list|grep crypto
cryptography 2.4.2
[root@V99SRH-003024 backup]# pip list|grep psycopg2-binary
psycopg2-binary 2.7.6.1

My inventory installation is:

[root@xxx installer]# cat inventory |grep -v “#”
localhost ansible_connection=local ansible_python_interpreter=“/usr/bin/env python”
[all:vars]

dockerhub_base=ansible

dockerhub_version=latest
postgres_data_dir=/srv/pgdocker

host_port=80
use_docker_compose=True

docker_compose_dir=/var/lib/awx
docker_remove_local_images=True

pg_username=awx

pg_password=awxpass
pg_database=awx
pg_port=5432
default_admin_user=admin

default_admin_password=admin32awx
secret_key=awxsecret

project_data_dir=/var/lib/awx/projects

I have a awx installation with dockers.

docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9c36aaabc14a ansible/awx_task:latest “/tini – /bin/sh …” 3 months ago Up 6 weeks 8052/tcp awx_task_1
a6881a17b80f ansible/awx_web:latest “/tini – /bin/sh …” 3 months ago Up 6 weeks 0.0.0.0:80->8052/tcp awx_web_1
e224fd865187 postgres:9.6 “docker-entrypoint…” 3 months ago Up 6 weeks 5432/tcp awx_postgres_1
4e9d3980e4b2 ansible/awx_rabbitmq:3.7.4 “docker-entrypoint…” 3 months ago Up 6 weeks 4369/tcp, 5671-5672/tcp, 15671-15672/tcp, 25672/tcp awx_rabbitmq_1
c2a41c882e0c memcached:alpine “docker-entrypoint…” 3 months ago Up 6 weeks 11211/tcp awx_memcached_1

When I edit edit awx-migrate-wrapper and set the right AWX_SRC_* and AWX_DST_*, I have a doubt.
What do I put in export AWX_SRC_DBHOST?

If I put localhost, it fails. What is the value of AWX_SRC_DBHOST in a AWX with dockers?

`
[root@V99SRH-003024 awx-migrate]# ./awx-migrate-wrapper
I am unable to connect to source database:

could not connect to server: Connection refused
Is the server running on host “localhost” (127.0.0.1) and accepting
TCP/IP connections on port 5432?

[root@V99SRH-003024 awx-migrate]#
`

I have a awx installation with dockers.

docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9c36aaabc14a ansible/awx_task:latest “/tini – /bin/sh …” 3 months ago Up 6 weeks 8052/tcp awx_task_1
a6881a17b80f ansible/awx_web:latest “/tini – /bin/sh …” 3 months ago Up 6 weeks 0.0.0.0:80->8052/tcp awx_web_1
e224fd865187 postgres:9.6 “docker-entrypoint…” 3 months ago Up 6 weeks 5432/tcp awx_postgres_1
4e9d3980e4b2 ansible/awx_rabbitmq:3.7.4 “docker-entrypoint…” 3 months ago Up 6 weeks 4369/tcp, 5671-5672/tcp, 15671-15672/tcp, 25672/tcp awx_rabbitmq_1
c2a41c882e0c memcached:alpine “docker-entrypoint…” 3 months ago Up 6 weeks 11211/tcp awx_memcached_1

When I edit edit awx-migrate-wrapper and set the right AWX_SRC_* and AWX_DST_*, I have a doubt.
What do I put in export AWX_SRC_DBHOST?

SRC is the source database, the old instance
DST is the new one
so the script would migrate configs and ldap settings FROM the old db TO the new db.
I see you only have one postgresql running?

If I put localhost, it fails. What is the value of AWX_SRC_DBHOST in a AWX with dockers?

That depends on how you make the docker port available on your host machine, or where-ever you run this script from.
That is more a docker specific issue though.

Have a look at the docker run --publish option.

Serge

I have the standard installation of AWX.

The host where are running the dockers has this ports listened and I want to execute awx-migrate-wrapper in this server.

[root@docker awx-migrate]# netstat -nap|grep -i listen|grep -vi listening
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1564/master
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 54596/docker-proxy-
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 79846/sshd
tcp 0 0 0.0.0.0:4118 0.0.0.0:* LISTEN 1394/ds_agent

Postgres BD is running in one docker in the port 5432.

e224fd865187 postgres:9.6 “docker-entrypoint…” 3 months ago Up 6 weeks 5432/tcp awx_postgres_1

I have to publish the docker port 5432 to the host?
How do I configure that?

I try a fast solution, but I think that isn´t the most optimal.

I have created a new docker with socat to make accesible make the docker port available.

docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e13e5dcfdbdb alpine/socat “socat tcp-listen:…” 3 days ago Up 3 days 0.0.0.0:5432->5432/tcp modest_fermi

Awx-migrate works ok.

./awx-migrate-wrapper

Wrong encryption key for config field AUTH_LDAP_BIND_PASSWORD, you will need to update this manually.

AWX settings where migarted, except passwords. Update those manually: E.g.:

tower-cli setting set AUTH_LDAP_BIND_PASSWORD ‘53cr37’

To restore, run:

tower-cli send awx-data.json

Or, restore only specific objects, or in paritcular order with one of:

tower-cli send awx-data-user.json

tower-cli send awx-data-organization.json

tower-cli send awx-data-team.json

tower-cli send awx-data-credential_type.json

tower-cli send awx-data-credential.json

tower-cli send awx-data-notification_template.json

tower-cli send awx-data-inventory_script.json

tower-cli send awx-data-project.json

tower-cli send awx-data-inventory.json

tower-cli send awx-data-job_template.json

tower-cli send awx-data-workflow.j

Also filtering content of dynamic inventories (with sources) into _filtered.json files.