Provision AWX on Kubernetes
Install AWX using the AWX Operator on Kubernetes
A Complete Guide on install AWX on Kubernetes using the AWX Operator
After spending a good amount of time googling around, I managed to deploy a working instance of AWX, the upstream project for Ansible Automation Platform. In this guide I have summarized the steps you need to follow to in order to succesfully deploy and working AWX instance.
For this guide you will need to have a working Kubernetes cluster with suffient resources (Single node k8s will do just fine). You will also need a working PostgreSQL, in the case you want to use an external DB like me.
Overview
Before diving into the details, here’s a brief overview the related repos:
- AWX: AWX Repository
- Operator: AWX Operator Repository
- Operator Helm Chart: AWX Operator Helm Chart Repository
Prerequisites
- Working K8s instance
- Working PostgreSQL instance (Optional)
- kubectl installed
- Helm installed
- Sufficient cluster recourses
Install AWX Operator
First we need to install the AWX Operator on K8s. For me, by far the easiest way to install and keep the operator updated is via the helm chart. If you want an installation method with some chest hair you may refer to this guide.
Use Helm install the following chart.
1
helm install awx-operator awx-operator/awx-operator -n awx --create-namespace -f values.yaml
The values.yaml below will tell the operator to not provision an internal PostgreSQL. For using an internal DB or add further customization please refer to this repo
yalues.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
AWX:
# enable use of awx-deploy template
enabled: false
name: awx
spec:
admin_user: admin
# configurations for external postgres instance
postgres:
enabled: false
host: Unset
port: 5678
dbName: Unset
username: admin
# for secret management, pass in the password independently of this file
# at the command line, use --set AWX.postgres.password
password: Unset
sslmode: prefer
type: unmanaged
rbac:
create: true
operator-controller: {}
operator-controller-containers: {}
Deploy AWX
Deploying AWX is rather simple. First create the following files.
03-awx.yaml
1
2
3
4
5
6
7
8
9
10
11
apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
name: awx
namespace: awx
spec:
service_type: ClusterIP
hostname: awx.domain.com
postgres_configuration_secret: awx-postgres-credentials # This is needed since we are using and external DB
admin_user: admin
admin_password_secret: awx-admin-credentials
01-awx-admin-credentials.yaml
1
2
3
4
5
6
7
8
9
10
11
12
apiVersion: v1
kind: Secret
metadata:
name: awx-admin-credentials
annotations: {}
labels: {}
namespace: awx
data:
# As I am writing this guide it was not clear if the deployment expects `admin_password` or `password` variable
admin_password: <BASE64 PASSWORD>
password: <BASE64 PASSWORD>
type: Opaque
02-awx-postgres-credentials.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
apiVersion: v1
kind: Secret
metadata:
name: awx-postgres-credentials
namespace: awx
annotations: {}
labels: {}
data:
host: <BASE64 encoded ip or fqdn>
port: <BASE64 encoded port>
database: <BASE64 encoded database name>
username: <BASE64 encoded database username>
password: <BASE64 encoded database password>
type: Opaque
Since I prefer running my services behind an Ingress (in my case traefik), I also created an ingress deployment. You may use it as a template for your own ingress deployment.
06-ingress.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: awx-ingress
annotations: {}
labels: {}
namespace: awx
spec:
ingressClassName: traefik
rules:
- host: awx.domain.com
http:
paths:
- backend:
service:
port:
number: 80
name: awx-service
path: /
pathType: Prefix
Now that we have all our files we can deploy them using kubectl
1
2
cd /folder/where/files/are
kubectl apply -f .
Wait a few minutes and you should have a working AWX instance using an external DB. Verify that all pods are running and navigate to the fqdn you configured on ingress to access the Web GUI.