Looking to streamline your IT operations and harness the full power of automation? This step-by-step guide shows you how to install Ansible AWX on Kubernetes cluster.
What is Ansible AWX?
Kubernetes, on the other hand, is a popular container orchestration platform that is widely used for deploying and managing containerized applications.
Prerequisites
- Kubernetes cluster
- Kubectl
- A regular user with sudo rights and cluster admin rights
- Internet connectivity
1) Install helm
In case you, helm is installed on your system then run beneath commands to install,
curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 chmod +x get_helm.sh ./get_helm.sh helm version
2) Install the AWX chart
The easiest way to install AWX on Kubernetes is by using the AWX Helm chart. So, to install AWX via chart, first add its repository using following helm command.
helm repo add awx-operator https://ansible-community.github.io/awx-operator-helm/
Note: If you had already added this repository before, then run beneath command to get latest version of packages.
helm repo update
To install ansible-awx-operator via chart, run
helm install ansible-awx-operator awx-operator/awx-operator -n awx --create-namespace
This will download the AWX chart and install it on your Kubernetes cluster in awx namespace.The installation process may take a few minutes, so be patient.
3) Verify AWX operator installation
After the successful installation, you can verify AWX operator status by running below command
kubectl get pods -n awx
You should see something like this:
4) Create StorageClass and PV(Persistent Volume)
AWX requires persistent volume for postgres pod. So, let’s first create a storage class for local volume
Note: In this post, I am using local file system as persistent volume.
vi awxstorage-class.yaml apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: local-storage namespace: awx provisioner: kubernetes.io/no-provisioner volumeBindingMode: WaitForFirstConsumer
Save and close the file and then run ,
kubectl create -f awxstorage-class.yaml kubectl get sc -n awx NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE local-storage kubernetes.io/no-provisioner Delete WaitForFirstConsumer false 92s
Next create persistent volume(pv) using following pv.yaml file,
vi awx-pv.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: postgres-pv
namespace: awx
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: local-storage
hostPath:
path: /mnt/storage
Save & exit the file.
Important Note : Make sure folder “/mnt/storage” exists on worker node, if it does not exist then create it using mkdir command on worker nodes.
Execute the beneath command to create postgres-pv in awx namespace.
kubectl create -f awx-pv.yaml
Once pv is created successfully, verify its status
kubectl get pv postgres-pv
5) Install Ansible AWX on Kubernetes
Now, we are all set to deploy AWX instance. Create an ansible-awx.yaml file with following content
vi ansible-awx.yaml --- apiVersion: awx.ansible.com/v1beta1 kind: AWX metadata: name: ansible-awx namespace: awx spec: service_type: nodeport postgres_storage_class: local-storage
save and close the file.
This yaml file sets up a basic AWX deployment with service type as nodeport.
Execute following kubectl command to deploy awx instance,
kubectl create -f ansible-awx.yaml
Wait for couple of minutes and monitor status of pods, operator and service in awx namespace. Once all the pods are up and running. Verify the status
kubectl get pods -n awx
Verify the service status as well using the following command.
kubectl get svc -n awx
Ansible AWX Service is exposed with NodePort, we will this port ‘30265’ while accessing the web interface.
6) Access AWX Web Interface
Before accessing the web interface, let’s extract the admin user password from the secret by running the following command.
kubectl get secrets -n awx | grep -i admin-password
kubectl get secret ansible-awx-admin-password -o jsonpath="{.data.password}" -n awx | base64 --decode ; echo
If everything looks good, you can now access the AWX web interface via IP address of control plane or worker node..
“Open your browser and navigating to http://<node-ip>:<node-port>/. In my case, the URL would be
http://192.168.1.35:30265
Log in with:
Username: admin
Password: the one you stored in the Kubernetes Secret
Click on Log In after entering the credentials.
That’s all, you have successfully installed Ansible AWX on Kubernetes. You can now use AWX to automate your IT infrastructure and make your life as a sysadmin easier.
Hi,
When I am trying to access AWX console it requires SSL certificate. How to bypass this?
I have been exploring ansible solutions to create all AWX-related config via ansible, like inventory, jobs, etc. Is there a way to do this via the helm chart, so I can configure this at startup? I have left-over ansible tasks that create all of this, but I was hoping there’s a more “kubernetes”-way to do this (i.e. config via helm chart specs)…
Hi,
Thank you for the excellent guide!
When I deploy AWX instance ansible-aws-task and ansible-aws-web getting failed and status is “CrashLoopBackoff”
ambi@kube-master:~/awx$ kubectl get pods -n awx
NAME READY STATUS RESTARTS AGE
ansible-awx-postgres-13-0 1/1 Running 0 2m39s
ansible-awx-task-8567b4d6d5-htrz8 0/4 Init:CrashLoopBackOff 4 (39s ago) 2m18s
ansible-awx-web-6766ddb5c8-8xk25 1/3 CrashLoopBackOff 2 (13s ago) 16s
awx-operator-controller-manager-6569d67f4c-nqtmh 2/2 Running 0 114m
ambi@kube-master:~/awx$
—————–
describe pod shows following logs
Events:
Type Reason Age From Message
—- —— —- —- ——-
Normal Scheduled 99s default-scheduler Successfully assigned awx/ansible-awx-task-8567b4d6d5-htrz8 to kube-worker
Normal Pulled 2s (x5 over 99s) kubelet Container image “quay.io/ansible/awx-ee:latest” already present on machine
Normal Created 2s (x5 over 99s) kubelet Created container init
Normal Started 1s (x5 over 99s) kubelet Started container init
Warning BackOff 1s (x9 over 97s) kubelet Back-off restarting failed container init in pod ansible-awx-task-8567b4d6d5-htrz8_awx(a0c528db-ec4a-4ced-9dca-9bd3004fa782)
==================
Cannot really find what’s going on in the logs
le-awx”,”namespace”:”awx”,”error”:”exit status 2″,”stacktrace”:”github.com/operator-framework/ansible-operator-plugins/internal/ansible/runner.(*runner).Run.func1\n\tansible-operator-plugins/internal/ansible/runner/runner.go:269″}
{“level”:”error”,”ts”:”2024-01-03T14:07:45Z”,”msg”:”Reconciler error”,”controller”:”awx-controller”,”object”:{“name”:”ansible-awx”,”namespace”:”awx”},”namespace”:”awx”,”name”:”ansible-awx”,”reconcileID”:”e9b8d090-4f0d-444c-91d0-4f3528f5e6e3″,”error”:”event runner on failed”,”stacktrace”:”sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.14.5/pkg/internal/controller/controller.go:329\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.14.5/pkg/internal/controller/controller.go:274\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.14.5/pkg/internal/controller/controller.go:235″}
=================
Could anyone please help me, Thank You!
I was able to go through all the steps but i mm getting an error on my ansible-awx-web pod. It gives a status of CrashLoopBackOff and when i look at the logs the error says psycopg.OperationalError: connection failed: password authentication failed for user “awx”
How can I fix my yaml to solve this error?
After running this step
$ kubectl create -f ansible-awx.yaml
i get errror when create container” Warning FailedMount 6s (x7 over 37s) kubelet MountVolume.NewMounter initialization failed for volume “postgres-pv” : path “/mnt/storage” does not exist”
How can I fix my yaml to solve this error?
Already mentioned in article ensure the /mnt/storage path is exist.