Menu

Virtual Geek

Tales from real IT system administrators world and non-production environment

How to install Ansible AWX on Ubuntu using Kubernetes K8S

This is step by step in the detailed installation guide of Ansible AWX operator (Automation controller Tower). On this channel earlier I had written 2 articles on how to install Ansible AWX operator but they are no longer valid as the installation instruction has been changed. For any new changes you can check the article. https://github.com/ansible/awx-operator

Before starting you need Kubernetes cluster to be setup. You can find below simple one node Kubernetes cluster installation guide for development. I have two ways first is using K3s and another is Minikube. For this instructions I am using K3s installation method to configure my Kubernetes cluster as I find it very easy and almost one liner.

Install and Setup your own Kubernetes Cluster with K3s
How to Install Minikube on Ubuntu - Step by Step

I have installed K3s cluster on my Ubuntu server. Update and upgrade Ubuntu system before starting configuration of Ansible AWX. Install necessary curl and vim application packages on the server, they will be required later.

Check this for K3s error:  Rancher k3s.yaml permission denied when using kubectl - Kubernetes

root@AnsibleAWX:~#
root@AnsibleAWX:~# apt-get update
Hit:1 http://us.archive.ubuntu.com/ubuntu focal InRelease
Hit:2 http://us.archive.ubuntu.com/ubuntu focal-updates InRelease
Hit:3 http://us.archive.ubuntu.com/ubuntu focal-backports InRelease
Hit:4 http://security.ubuntu.com/ubuntu focal-security InRelease
Reading package lists... Done
root@AnsibleAWX:~#
root@AnsibleAWX:~# apt-get upgrade -y
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
The following packages have been kept back:
  fwupd gir1.2-javascriptcoregtk-4.0 gir1.2-webkit2-4.0 gnome-shell-extension-desktop-icons gvfs gvfs-backends gvfs-bin gvfs-common gvfs-daemons gvfs-fuse gvfs-libs
  libegl-mesa0 libfwupd2 libfwupdplugin1 libgbm1 libgl1-mesa-dri libglapi-mesa libglx-mesa0 libjavascriptcoregtk-4.0-18 libsmbclient libwbclient0 libwebkit2gtk-4.0-37
  libxatracker2 linux-generic-hwe-20.04 linux-headers-generic-hwe-20.04 linux-image-generic-hwe-20.04 mesa-vulkan-drivers samba-libs ubuntu-advantage-tools
0 upgraded, 0 newly installed, 0 to remove and 29 not upgraded.
root@AnsibleAWX:~#
root@AnsibleAWX:~# apt-get install curl vim
Reading package lists... Done
Building dependency tree
Reading state information... Done
curl is already the newest version (7.68.0-1ubuntu2.14).
vim is already the newest version (2:8.1.2269-1ubuntu5.9).
0 upgraded, 0 newly installed, 0 to remove and 29 not upgraded.
root@AnsibleAWX:~#

Next install git application one of the prerequisites, if this package is missing you will end up with an error Can not execute kustomize build issue installing Ansible AWX Operator while installation.

ubuntu@AnsibleAWX:~$
ubuntu@AnsibleAWX:~$ sudo apt-get install git
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
  git-man liberror-perl
Suggested packages:
  git-daemon-run | git-daemon-sysvinit git-doc git-el git-email git-gui gitk gitweb git-cvs git-mediawiki git-svn
The following NEW packages will be installed:
  git git-man liberror-perl
0 upgraded, 3 newly installed, 0 to remove and 29 not upgraded.
Need to get 5,443 kB of archives.
After this operation, 38.5 MB of additional disk space will be used.
Do you want to continue? [Y/n] Y
Get:1 http://us.archive.ubuntu.com/ubuntu focal/main amd64 liberror-perl all 0.17029-1 [26.5 kB]
Get:2 http://us.archive.ubuntu.com/ubuntu focal-updates/main amd64 git-man all 1:2.25.1-1ubuntu3.6 [887 kB]
Get:3 http://us.archive.ubuntu.com/ubuntu focal-updates/main amd64 git amd64 1:2.25.1-1ubuntu3.6 [4,529 kB]
Fetched 5,443 kB in 1s (7,310 kB/s)
Selecting previously unselected package liberror-perl.
(Reading database ... 185929 files and directories currently installed.)
Preparing to unpack .../liberror-perl_0.17029-1_all.deb ...
Unpacking liberror-perl (0.17029-1) ...
Selecting previously unselected package git-man.
Preparing to unpack .../git-man_1%3a2.25.1-1ubuntu3.6_all.deb ...
Unpacking git-man (1:2.25.1-1ubuntu3.6) ...
Selecting previously unselected package git.
Preparing to unpack .../git_1%3a2.25.1-1ubuntu3.6_amd64.deb ...
Unpacking git (1:2.25.1-1ubuntu3.6) ...
Setting up liberror-perl (0.17029-1) ...
Setting up git-man (1:2.25.1-1ubuntu3.6) ...
Setting up git (1:2.25.1-1ubuntu3.6) ...
Processing triggers for man-db (2.9.1-1) ...
ubuntu@AnsibleAWX:~$

For this part you will need to install an application package named kustomize, which is downloaded from https://kubectl.docs.kubernetes.io/installation/kustomize/. Kustomize is a command-line configuration manager for Kubernetes objects. it lets you do declarative changes to your configurations without affecting or modifying a template.

Download kustomize application using shell curl command and move it to /usr/local/bin folder with correct execution permissions.

ubuntu@AnsibleAWX:~$
ubuntu@AnsibleAWX:~$ curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh"  | bash
{Version:kustomize/v4.5.7 GitCommit:56d82a8378dfc8dc3b3b1085e5a6e67b82966bd7 BuildDate:2022-08-02T16:35:54Z GoOs:linux GoArch:amd64}
kustomize installed to /home/ubuntu/kustomize
ubuntu@AnsibleAWX:~$
ubuntu@AnsibleAWX:~$ chmod 755 kustomize
ubuntu@AnsibleAWX:~$
ubuntu@AnsibleAWX:~$ sudo mv kustomize /usr/local/bin
ubuntu@AnsibleAWX:~$
ubuntu@AnsibleAWX:~$ which kustomize
/usr/local/bin/kustomize
ubuntu@AnsibleAWX:~$

Next grab a latest tag version number for Ansible AWX Operator from https://github.com/ansible/awx-operator/releases

ansible awx operator automation controller azure kubernetes vnet k8s ansible tower pull request github tags configuration fork containerization kustomization resource api.jpg

Required packages are installed, following create a new file kustomization.yaml and add below light red/yellow highlighted content in the file. Replace latest tag number to 1.1.1 in the file as shown below.

Kustomization.yaml kustomization github awx-operator configuration ansible awx quay.io kubenertes k3s k8s container docker ansible yaml tower automation platform controller azure.jpg

ubuntu@AnsibleAWX:~$
ubuntu@AnsibleAWX:~$ vim kustomization.yaml
ubuntu@AnsibleAWX:~$
ubuntu@AnsibleAWX:~$ cat kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
  # Find the latest tag here: https://github.com/ansible/awx-operator/releases
  - github.com/ansible/awx-operator/config/default?ref=1.1.1

# Set the image tags to match the git version from above
images:
  - name: quay.io/ansible/awx-operator
    newTag: 1.1.1

# Specify a custom namespace in which to install AWX
namespace: awx
ubuntu@AnsibleAWX:~$

Deploy Kubernetes CRDs and resources using kustomize tool with the help of kubectl tool. In the console I see required custom resource definitions, service account, cluster role, cluster role bindings, configmap, services, and deployments are created successfully. Verify Pods with containers are up and ready running.

ubuntu@AnsibleAWX:~$
ubuntu@AnsibleAWX:~$ kustomize build . | kubectl apply -f -
namespace/awx created
customresourcedefinition.apiextensions.k8s.io/awxbackups.awx.ansible.com created
customresourcedefinition.apiextensions.k8s.io/awxrestores.awx.ansible.com created
customresourcedefinition.apiextensions.k8s.io/awxs.awx.ansible.com created
serviceaccount/awx-operator-controller-manager created
role.rbac.authorization.k8s.io/awx-operator-awx-manager-role created
role.rbac.authorization.k8s.io/awx-operator-leader-election-role created
clusterrole.rbac.authorization.k8s.io/awx-operator-metrics-reader created
clusterrole.rbac.authorization.k8s.io/awx-operator-proxy-role created
rolebinding.rbac.authorization.k8s.io/awx-operator-awx-manager-rolebinding created
rolebinding.rbac.authorization.k8s.io/awx-operator-leader-election-rolebinding created
clusterrolebinding.rbac.authorization.k8s.io/awx-operator-proxy-rolebinding created
configmap/awx-operator-awx-manager-config created
service/awx-operator-controller-manager-metrics-service created
deployment.apps/awx-operator-controller-manager created
ubuntu@AnsibleAWX:~$
ubuntu@AnsibleAWX:~$ kubectl get all --namespace=awx
NAME                                                   READY   STATUS    RESTARTS   AGE
pod/awx-operator-controller-manager-65897dbf99-86tqr   2/2     Running   0          4m2s

NAME                                                      TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)    AGE
service/awx-operator-controller-manager-metrics-service   ClusterIP   10.43.4.105   <none>        8443/TCP   4m2s

NAME                                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/awx-operator-controller-manager   1/1     1            1           4m2s

NAME                                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/awx-operator-controller-manager-65897dbf99   1         1         1       4m2s
ubuntu@AnsibleAWX:~$

Create a new file awx-demo.yaml and add below nodeport service resource manifest yaml content. I have chosen 30080 port number to communicate with the outside world. Modify kustomization.yaml file and add - awx-demo.yaml under resources. Deploy it with a combination of kustomize and kubectl tools. K8s Deployment is configured and a new nodeport service is added.

vim awx-demo service metadata spec nodeport kubernetes k8s kustomization resource github ansible awx operator config awx.ansible.com awx controller manager deployment.jpg

ubuntu@AnsibleAWX:~$
ubuntu@AnsibleAWX:~$ vim awx-demo.yaml
ubuntu@AnsibleAWX:~$
ubuntu@AnsibleAWX:~$ cat awx-demo.yaml
---
apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
  name: awx-demo
spec:
  service_type: nodeport
  # default nodeport_port is 30080
  nodeport_port: 30080
ubuntu@AnsibleAWX:~$
ubuntu@AnsibleAWX:~$ vim kustomization.yaml
ubuntu@AnsibleAWX:~$
ubuntu@AnsibleAWX:~$ cat kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
  # Find the latest tag here: https://github.com/ansible/awx-operator/releases
  - github.com/ansible/awx-operator/config/default?ref=1.1.1
  # Add this extra line:
  - awx-demo.yaml

# Set the image tags to match the git version from above
images:
  - name: quay.io/ansible/awx-operator
    newTag: 1.1.1

# Specify a custom namespace in which to install AWX
namespace: awx
ubuntu@AnsibleAWX:~$
ubuntu@AnsibleAWX:~$ kustomize build . | kubectl apply -f -
namespace/awx unchanged
customresourcedefinition.apiextensions.k8s.io/awxbackups.awx.ansible.com unchanged
customresourcedefinition.apiextensions.k8s.io/awxrestores.awx.ansible.com unchanged
customresourcedefinition.apiextensions.k8s.io/awxs.awx.ansible.com unchanged
serviceaccount/awx-operator-controller-manager unchanged
role.rbac.authorization.k8s.io/awx-operator-awx-manager-role configured
role.rbac.authorization.k8s.io/awx-operator-leader-election-role unchanged
clusterrole.rbac.authorization.k8s.io/awx-operator-metrics-reader unchanged
clusterrole.rbac.authorization.k8s.io/awx-operator-proxy-role unchanged
rolebinding.rbac.authorization.k8s.io/awx-operator-awx-manager-rolebinding unchanged
rolebinding.rbac.authorization.k8s.io/awx-operator-leader-election-rolebinding unchanged
clusterrolebinding.rbac.authorization.k8s.io/awx-operator-proxy-rolebinding unchanged
configmap/awx-operator-awx-manager-config unchanged
service/awx-operator-controller-manager-metrics-service unchanged
deployment.apps/awx-operator-controller-manager configured
awx.awx.ansible.com/awx-demo created
ubuntu@AnsibleAWX:~$

Verify the status of new resources again under namespace awx. All Pods are ready. Check the service awx-demo-service nodeport port number 30080, which I will use to access the AWX url. To know the admin user password of AWX use jsonpath query to get it from Kubernetes secret.

kubernetes kubectl get all awx demo service postgress k8s demo cluster nodeport load balancer ansible awx tower operator automation controller manager secret awx-demo-admin-password external-ip clusterip internal.jpg

ubuntu@AnsibleAWX:~$
ubuntu@AnsibleAWX:~$ kubectl get all -n awx
NAME                                                   READY   STATUS    RESTARTS   AGE
pod/awx-operator-controller-manager-65897dbf99-9tmc7   2/2     Running   0          10m
pod/awx-demo-postgres-13-0                             1/1     Running   0          4m59s
pod/awx-demo-d9b84d689-b9prn                           4/4     Running   0          4m1s

NAME                                                      TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
service/awx-operator-controller-manager-metrics-service   ClusterIP   10.43.231.216           8443/TCP       10m
service/awx-demo-postgres-13                              ClusterIP   None                    5432/TCP       4m59s
service/awx-demo-service                                  NodePort    10.43.21.198            80:30080/TCP   4m4s

NAME                                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/awx-operator-controller-manager   1/1     1            1           10m
deployment.apps/awx-demo                          1/1     1            1           4m1s

NAME                                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/awx-operator-controller-manager-65897dbf99   1         1         1       10m
replicaset.apps/awx-demo-d9b84d689                           1         1         1       4m1s

NAME                                    READY   AGE
statefulset.apps/awx-demo-postgres-13   1/1     4m59s
ubuntu@AnsibleAWX:~$
ubuntu@AnsibleAWX:~$ kubectl get service awx-demo-service -n awx
NAME               TYPE       CLUSTER-IP     EXTERNAL-IP   PORT(S)        AGE
awx-demo-service   NodePort   10.43.21.198           80:30080/TCP   16m
ubuntu@AnsibleAWX:~$
ubuntu@AnsibleAWX:~$ kubectl get secret awx-demo-admin-password -o jsonpath="{.data.password}" -n awx | base64 --decode ; echo
ld1pOAaKKD8ruarR7Od9o1ZmTE1A505o
ubuntu@AnsibleAWX:~$

Use the Ubuntu server's IP or FQDN where Ansible AWX pods are deployed on the Kubernetes cluster. Use port number 30080 to access AWX server. Provide username as admin and password. After successful login you will land up on the dashboard portal.

Chrome vmware ansible awx tower username password admin dashboard kubernetes container k8s k3s k3d jobs template credentials project inventories hosts organizations users teams types.jpg

UseFul Articles
Find and use Azure Marketplace VM images with Azure PowerShell
How to install and configure Ansible on Ubuntu
Get Started: Configure Ansible for Azure Cloud Infrastructure
Install the Microsoft Azure CLI on Ubuntu Linux
Redhat ansible logo azure vmware vsphere awx tower controller yml yaml configuration automation.pngDeploy create Virtual Network vNET in Azure cloud using Ansible
Quickstart How to authenticate Ansible with Microsoft Azure
Ansible authenticate to Microsoft Azure using credential profiles Part 1
Ansible authenticate to Microsoft Azure using credential profiles Part 2
Ansible authenticate to Microsoft Azure using credential inside yaml file
How to install kubernetes master control-plane on ubuntu Part 1
How to install kubernetes worker node on ubuntu Part 2
Configure Nginx Load Balancer for the Kubernetes API Server - Part 1
Install and configure Kubernetes cluster master nodes using kubeadm - Part 2
Install and configure Kubernetes cluster worker nodes using kubeadm - Part 3

Go Back

Comment

Blog Search

Page Views

8960685

Follow me on Blogarama