Forked from dmccuk/AWX-operator_setup_on_K3s+https.md
Created
August 30, 2021 17:30
-
-
Save afahitech/153e2b04cb9137a17dc452ab3573fc80 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This is a walk through of this github repo: https://github.com/kurokobo/awx-on-k3s | |
Thanks to @kurokobo for making these steps. Check his github on the link above. | |
If this video helped you get the AWX-operator working, please give the video a like and subscribe to my channel. | |
I appreciate it! | |
Links: | |
Rancher: https://rancher.com/docs/k3s/latest/en/ | |
YouTube Video: https://youtu.be/xVOnBDvpbK0 | |
## Here I add the missing sections so less expereinces people can achieve installing and setting up AWX on K3s with HTTPS. | |
### My setup: | |
* Instance Type: t3a.xlarge | |
* Centos 8 - AMI: ami-0e1b0ca392c9f2523 | |
* Region: eu-west-2 | |
* My user has root privilege via sudo | |
* For some reason, the CentOS iage started with no space in / | |
* Now login and grow XFS for / on your server | |
```` | |
sudo yum -y install cloud-utils-growpart gdisk | |
lsblk | |
sudo growpart /dev/nvme0n1 2 | |
sudo xfs_growfs / | |
exit #(back to the ec2-user) | |
```` | |
### KUBECTL install | |
curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl | |
chmod +x ./kubectl | |
sudo mv ./kubectl /usr/local/bin/kubectl | |
kubectl version --client | |
### INSTALL K3s | |
sudo systemctl disable firewalld --now | |
curl -sfL https://get.k3s.io | sh -s - --write-kubeconfig-mode 644 | |
k3s kubectl cluster-info | |
k3s kubectl config view | |
### Install awx-operator | |
k3s kubectl apply -f https://raw.githubusercontent.com/ansible/awx-operator/0.13.0/deploy/awx-operator.yaml | |
git clone https://github.com/kurokobo/awx-on-k3s.git | |
cd awx-on-k3s/ | |
AWX_HOST="ec2-18-130-175-220.eu-west-2.compute.amazonaws.com" | |
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -out ./base/tls.crt -keyout ./base/tls.key -subj "/CN=${AWX_HOST}/O=${AWX_HOST}" -addext "subjectAltName = DNS:${AWX_HOST}" | |
vi base/awx.yaml | |
```` | |
admin_user: admin | |
admin_password_secret: awx-admin-password | |
ingress_type: ingress | |
ingress_tls_secret: awx-secret-tls | |
hostname: ec2-3-8-114-43.eu-west-2.compute.amazonaws.com <--- your name | |
```` | |
modify password if required: | |
vi base/kustomization.yaml | |
```` | |
- name: awx-postgres-configuration | |
type: Opaque | |
literals: | |
- host=awx-postgres | |
- port=5432 | |
- database=awx | |
- username=awx | |
- password=Ansible123! <--- HERE | |
- type=managed | |
- name: awx-admin-password | |
type: Opaque | |
literals: | |
- password=Ansible123! <--- AND HERE | |
```` | |
sudo mkdir -p /data/postgres | |
sudo mkdir -p /data/projects | |
sudo chown 1000:0 /data/projects | |
k3s kubectl apply -k base | |
```` | |
$ k3s kubectl apply -k base | |
namespace/awx created | |
secret/awx-admin-password created | |
secret/awx-postgres-configuration created | |
secret/awx-secret-tls created | |
persistentvolume/awx-postgres-volume created | |
persistentvolume/awx-projects-volume created | |
persistentvolumeclaim/awx-projects-claim created | |
awx.awx.ansible.com/awx created | |
```` | |
k3s kubectl logs -f deployment/awx-operator | |
(process takes maybe 5-7 minutes) | |
* Depending on your setup, you may need to open the FW for https/443. | |
Once it's complete, you should see this: | |
```` | |
--------------------------- Ansible Task Status Event StdOut ----------------- | |
PLAY RECAP ********************************************************************* | |
localhost : ok=54 changed=0 unreachable=0 failed=0 skipped=37 rescued=0 ignored=0 | |
```` | |
### Check everything is up. | |
k3s kubectl -n awx get awx,all,ingress,secrets | |
```` | |
NAME AGE | |
awx.awx.ansible.com/awx 13m | |
NAME READY STATUS RESTARTS AGE | |
pod/awx-postgres-0 1/1 Running 0 12m | |
pod/awx-59ff55b5b-shhb5 4/4 Running 0 12m | |
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE | |
service/awx-postgres ClusterIP None <none> 5432/TCP 12m | |
service/awx-service ClusterIP 10.43.83.81 <none> 80/TCP 12m | |
NAME READY UP-TO-DATE AVAILABLE AGE | |
deployment.apps/awx 1/1 1 1 12m | |
NAME DESIRED CURRENT READY AGE | |
replicaset.apps/awx-59ff55b5b 1 1 1 12m | |
NAME READY AGE | |
statefulset.apps/awx-postgres 1/1 12m | |
NAME CLASS HOSTS ADDRESS PORTS AGE | |
ingress.networking.k8s.io/awx-ingress <none> ec2-3-8-114-43.eu-west-2.compute.amazonaws.com 172.31.31.20 80, 443 12m | |
NAME TYPE DATA AGE | |
secret/awx-admin-password Opaque 1 13m | |
secret/default-token-vkgx4 kubernetes.io/service-account-token 3 13m | |
secret/awx-postgres-configuration Opaque 6 13m | |
secret/awx-secret-tls kubernetes.io/tls 2 13m | |
secret/awx-app-credentials Opaque 3 12m | |
secret/awx-token-h55dk kubernetes.io/service-account-token 3 12m | |
secret/awx-secret-key Opaque 1 12m | |
secret/awx-broadcast-websocket Opaque 1 12m | |
```` | |
### Now login to AWX | |
https://ec2-18-130-175-220.eu-west-2.compute.amazonaws.com | |
Default user: admin | |
password: Ansible123! | |
Enjoy! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment