AWX
https://github.com/geerlingguy/tower-operator/blob/master/README.md
https://hub.docker.com/r/ansible/awx
https://github.com/ansible/awx/blob/devel/INSTALL.md
https://github.com/ansible/awx-operator
https://www.linuxsysadmins.com/install-ansible-awx-on-kubernetes/
AWX on Microk8s
myawx.yml
--- apiVersion: awx.ansible.com/v1beta1 kind: AWX metadata: name: awx spec: tower_ingress_type: Ingress
Create cluster
for i in kub1 kube2 kube3; do lxc init ubuntu:20.04 $i --vm -c limits.cpu=4 -c limits.memory=8GB lxc config device override $i root size=32GB lxc start $i lxc exec $i -- snap install microk8s --classic lxc exec $i -- printf "alias kubectl='microk8s kubectl'\nalias k='microk8s kubectl'" >> /root/.bashrc joincmd=$(lxc exec kub1 -- microk8s add-node | sed -n '2p') lxc exec $i -- $joincmd done
Shared Cluster NFS Default Storage
for i in kub1 kube2 kube3; do lxc exec $i -- apt install nfs-client lxc exec $i -- mkdir /var/snap/microk8s/common/default-storage lxc exec $i -- echo "nas:/kub/default-storage /var/snap/microk8s/common/default-storage nfs" >> /etc/fstab lxc exec $i -- mount -a lxc exec $i -- microk8s stop && microk8s start
Single Microk8s Node
lxc init kub ubuntu:20.04 --vm -c limits.cpu=4 -c limits.memory=8GB lxc start kub lxc shell kub sudo snap install microk8s microk8s status microk8s enable dns storage ingress microk8s.kubectl apply -f https://raw.githubusercontent.com/ansible/awx-operator/devel/deploy/awx-operator.yaml microk8s.kubectl apply -f myawx.yml microk8s.kubectl get pods microk8s.kubectl describe pod awx-5ffbfd489c-9h89h microk8s.kubectl logs awx-5ffbfd489c-9h89h awx-web microk8s.kubectl logs awx-postgres-0 microk8s.kubectl get service awx-service microk8s.kubectl exec -it awx-5ffbfd489c-9h89h -c awx-web -- /bin/sh awx-manage createsuperuser
Rolling Restarts/Upgrades - https://kubernetes.io/docs/tutorials/kubernetes-basics/update/update-interactive/ - https://octopus.com/blog/ultimate-guide-to-rolling-deployments
kubectl rollout restart deployment
More
jawk.mkcert.sh
# kubectl create secret tls ${CERT_NAME} --key ${KEY_FILE} --cert ${CERT_FILE}
microk8s kubectl delete secret ${CERT_NAME} | true
microk8s kubectl create secret tls ${CERT_NAME} --key ${KEY_FILE} --cert ${CERT_FILE}
jawx.secret
--- apiVersion: v1 kind: Secret metadata: name: jawx-admin-password namespace: default stringData: password: foo
jawx.yml
--- apiVersion: awx.ansible.com/v1beta1 kind: AWX metadata: name: jawx spec: tower_ingress_type: Ingress tower_admin_password_secret: jawx-admin-password
Workaround for quirky bug? - https://www.reddit.com/r/ansible/comments/m5nd1r/ansible_awx_fresh_install_no_administrator/
kubectl exec -it jawx-5c7f8fccb5-yyyy -c jawx-web -- bin/bash awx-manage createsuperuser
minikube service jawx-service
chmod +x jawk.mkcert.sh && ./jawk.mkcert.sh alias k='microk8s kubectl' k apply -f https://raw.githubusercontent.com/ansible/awx-operator/devel/deploy/awx-operator.yaml k get secret jawx-admin-password -o=json | jq -r .data.password | base64 --decode k apply -f jawx.yml
If postgres-awx-postgres-0 Pending microk8s-hostpath 11m
microk8s.enable storage
Other
Install via docker
apt install ansible git cone https://github.com/ansible/awx cd awx make docker-compose
https://computingforgeeks.com/how-to-install-ansible-awx-on-ubuntu-linux/
https://github.com/ansible/awx-operator
Try
apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
name: awx
namespace: ndo
spec:
tower_admin_email: change@me.com
tower_admin_password: changeme
tower_admin_user: changeme
tower_broadcast_websocket_secret: changeme
tower_hostname: awx.dev03.ndo
tower_image: ansible/awx:17.0.1
tower_ingress_annotations: |-
nginx.ingress.kubernetes.io/proxy-body-size: '0'
nginx.ingress.kubernetes.io/proxy-read-timeout: '600'
nginx.ingress.kubernetes.io/proxy-send-timeout: '600'
cert-manager.io/cluster-issuer: "ca-issuer"
tower_ingress_tls_secret: awx-tls-secret
tower_ingress_type: Ingress
tower_postgres_storage_class: longhorn
LDAPS
sudo microk8s.kubectl cp ldap.py awx-6f7bd969db-w7j8j:/etc/tower/conf.d/ldap.py -c awx-web