CentOS Stream 8
Sponsored Link

Ansible : Install AWX
2022/02/18
 
Install Ansible AWX that is the community edition of Red Hat Ansible Tower.
To install Ansible AWX, it needs Kubernetes infrastructure.
It's OK with not full Kubernetes cluster but MicroK8s, K3s or Minikube and so on.
Understandably, RedHat OpenShift or OKD that is the community edition of OpenShift are also ready.
[1]
On this example, use Minikube for AWX.
So install Minikube like here.
[2] Install other required packages.
[root@dlp ~]#
dnf -y install git make
[3] Start Minikube as a common user.
[cent@dlp ~]$
minikube start --vm-driver=kvm2 --cpus=4 --memory=8g --addons=ingress

* minikube v1.25.1 on Centos 8 (kvm/amd64)
* Using the kvm2 driver based on user configuration
* Starting control plane node minikube in cluster minikube
* Creating kvm2 VM (CPUs=4, Memory=8192MB, Disk=20000MB) ...| [ 1997.625111] tun: Universal TUN/TAP device driver, 1.6

.....
.....

* Verifying ingress addon...
* Enabled addons: storage-provisioner, default-storageclass, ingress
* Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default

[cent@dlp ~]$
minikube status

minikube
type: Control Plane
host: Running
kubelet: Running
apiserver: Running
kubeconfig: Configured

[cent@dlp ~]$
kubectl get pods -A

NAMESPACE       NAME                                        READY   STATUS      RESTARTS       AGE
ingress-nginx   ingress-nginx-admission-create-mc7vn        0/1     Completed   0              2m37s
ingress-nginx   ingress-nginx-admission-patch-wz6fn         0/1     Completed   1              2m37s
ingress-nginx   ingress-nginx-controller-6d5f55986b-qjr55   1/1     Running     0              2m37s
kube-system     coredns-64897985d-g7cg6                     1/1     Running     0              2m37s
kube-system     etcd-minikube                               1/1     Running     0              2m49s
kube-system     kube-apiserver-minikube                     1/1     Running     0              2m49s
kube-system     kube-controller-manager-minikube            1/1     Running     0              2m52s
kube-system     kube-proxy-xts47                            1/1     Running     0              2m37s
kube-system     kube-scheduler-minikube                     1/1     Running     0              2m49s
kube-system     storage-provisioner                         1/1     Running     1 (2m7s ago)   2m45s
[4] Deploy Ansible AWX.
# get AWX Operator first

[cent@dlp ~]$
git clone https://github.com/ansible/awx-operator.git

Cloning into 'awx-operator'...
remote: Enumerating objects: 6201, done.
remote: Counting objects: 100% (210/210), done.
remote: Compressing objects: 100% (155/155), done.
remote: Total 6201 (delta 103), reused 111 (delta 47), pack-reused 5991
Receiving objects: 100% (6201/6201), 1.51 MiB | 3.00 MiB/s, done.
Resolving deltas: 100% (3541/3541), done.

[cent@dlp ~]$
cd awx-operator
# specify a version of AWX Operator
# make sure versions : https://github.com/ansible/awx-operator/releases

[cent@dlp awx-operator]$
git checkout 0.17.0

Note: switching to '0.17.0'.

You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by switching back to a branch.

If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -c with the switch command. Example:

  git switch -c <new-branch-name>

Or undo this operation with:

  git switch -

Turn off this advice by setting config variable advice.detachedHead to false

HEAD is now at c02e059 Merge pull request #797 from kdelee/sky-is-the-limit

# set any namespace you like for AWX and deply Operator

[cent@dlp awx-operator]$
export NAMESPACE=ansible-awx

[cent@dlp awx-operator]$
make deploy

namespace/ansible-awx created
customresourcedefinition.apiextensions.k8s.io/awxbackups.awx.ansible.com created
customresourcedefinition.apiextensions.k8s.io/awxrestores.awx.ansible.com created
customresourcedefinition.apiextensions.k8s.io/awxs.awx.ansible.com created
serviceaccount/awx-operator-controller-manager created
role.rbac.authorization.k8s.io/awx-operator-awx-manager-role created
role.rbac.authorization.k8s.io/awx-operator-leader-election-role created
clusterrole.rbac.authorization.k8s.io/awx-operator-metrics-reader created
clusterrole.rbac.authorization.k8s.io/awx-operator-proxy-role created
rolebinding.rbac.authorization.k8s.io/awx-operator-awx-manager-rolebinding created
rolebinding.rbac.authorization.k8s.io/awx-operator-leader-election-rolebinding created
clusterrolebinding.rbac.authorization.k8s.io/awx-operator-proxy-rolebinding created
configmap/awx-operator-awx-manager-config created
service/awx-operator-controller-manager-metrics-service created
deployment.apps/awx-operator-controller-manager created

[cent@dlp awx-operator]$
kubectl get pods -n $NAMESPACE

NAME                                              READY   STATUS    RESTARTS   AGE
awx-operator-controller-manager-98cb6f594-qtnr4   1/2     Running   0          37s

[cent@dlp awx-operator]$
cp awx-demo.yml ansible-awx.yml

[cent@dlp awx-operator]$
vi ansible-awx.yml
# change to any service name you like

---
apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
  name: ansible-awx
spec:
  service_type: nodeport

# set namespace for AWX you set to kubectl context and deploy AWX

[cent@dlp awx-operator]$
kubectl config set-context --current --namespace=$NAMESPACE

Context "minikube" modified.
[cent@dlp awx-operator]$
kubectl apply -f ansible-awx.yml

awx.awx.ansible.com/ansible-awx created
# possible to see installation progress on the logs

[cent@dlp awx-operator]$
kubectl logs -f deployments/awx-operator-controller-manager -c awx-manager


.....
.....

--------------------------- Ansible Task StdOut -------------------------------

 TASK [Remove ownerReferences reference] ********************************
ok: [localhost] => (item=None) => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false}

-------------------------------------------------------------------------------
{"level":"info","ts":1645149964.5859654,"logger":"runner","msg":"Ansible-runner exited successfully","job":"8202184199238243830","name":"ansible-awx","namespace":"ansible-awx"}

----- Ansible Task Status Event StdOut (awx.ansible.com/v1beta1, Kind=AWX, ansible-awx/ansible-awx) -----


PLAY RECAP *********************************************************************
localhost                  : ok=63   changed=0    unreachable=0    failed=0    skipped=45   rescued=0    ignored=0

# that's OK if finished with [failed=0]


[cent@dlp ~]$
kubectl get pods -l "app.kubernetes.io/managed-by=awx-operator"

NAME                           READY   STATUS    RESTARTS   AGE
ansible-awx-7c4c95dfb7-82qmf   4/4     Running   0          9m32s
ansible-awx-postgres-0         1/1     Running   0          10m

[cent@dlp ~]$
kubectl get service -l "app.kubernetes.io/managed-by=awx-operator"

NAME                   TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)        AGE
ansible-awx-postgres   ClusterIP   None           <none>        5432/TCP       10m
ansible-awx-service    NodePort    10.103.43.44   <none>        80:32657/TCP   9m53s

# display service URL

[cent@dlp ~]$
minikube service ansible-awx-service --url -n ansible-awx

http://192.168.39.201:32657
# confirm password for admin account

[cent@dlp ~]$
kubectl get secret ansible-awx-admin-password -o jsonpath="{.data.password}" | base64 --decode; echo

4SZtBUv4DTd4DZ2Qjj6AOIUr9OnrY9h3
# if you access from outside of Kubernetes cluster, it needs to set port forwarding
# [10445] ⇒ the port that Minikube installed host listens ⇒ specify any free port you like
# [80] ⇒ the port AWX container listens

[cent@dlp ~]$
kubectl port-forward service/ansible-awx-service --address 0.0.0.0 10445:80

Forwarding from 0.0.0.0:10445 -> 8052
# if using port forwarding and Firewalld is running, allow port with root privilege

[root@dlp ~]#
firewall-cmd --add-port=10445/tcp

[root@dlp ~]#
firewall-cmd --runtime-to-permanent

[5] Access to Ansible AWX with Web browser.
If you access from Minikube installed localhost, specify the service URL confirmed above.
If you set port forwarding, access to the URL [http://(Minikube installed hostname ot IP address):(forwarding port)] on any computer in your local network.
After successfully accessed, AWX login form is shown.
It's possbile to login with user [admin] and its password is the one you confirmed above.
[6] If successfully logined, Ansible AWX Dashbioard is displayed. That's OK to install AWX.
Matched Content