Install Ansible AWX 19 on Microk8s

Since the version 18.0, you have to install AWX on Kubernetes using an AWX Operator for Kubernetes.

In the AWX installation guide on GitHub, they show an example using Minikube.

Here, we will explain you how to run AWX on an Ubuntu server using Microk8s from Canonical .

Microk8s install and setup

As AWX is now delivered as a container, we start the installation with microk8s which will be our container manager on the server.

Install microk8s using snap and setup the user permissions.

sudo snap install microk8s --classic
sudo usermod -a -G microk8s $USER
sudo chown -f -R $USER ~/.kube
microk8s status --wait-ready

Activate the features that we will need later to have a working cluster.

microk8s enable storage host-access dns rbac
microk8s start
microk8s status --wait-ready

Create an alias so you can directly use the kubectl command and not have to use the long microk8s kubectl command.

sudo snap alias microk8s.kubectl kubectl

AWX deployment on Microk8s

After installing microk8s, the goal is to install AWX as a container.

Create the AWX Operator for Kubernetes and follow the deployment logs. Replace awx-operator-f768499d-fhb9bby the name of your operator.

microk8s kubectl apply -f
kubectl logs -f awx-operator-f768499d-fhb9b

Now we deploy AWX using the operator definition. In this case we will tell the operator to setup the tower_ingress_type as Ingress, with our custom URL in tower_hostname and an already created TLS secret for tower_ingress_tls_secret.

tee awxconfig.yaml<<EOF
kind: AWX
  annotations: nginx
  name: awx
  namespace: default
  tower_create_preload_data: true
  tower_image_pull_policy: IfNotPresent
  tower_ingress_tls_secret: awx-example-com-tls
  tower_ingress_type: Ingress
kubectl apply -f awxconfig.yaml

Get your default admin password

kubectl get secret awx-admin-password -o jsonpath='{.data.password}' | base64 --decode

MetalLB setup

We will need MetalLB to act as the loadbalancer provided by the public cloud providers. Here is the way to install MetalLB

kubectl apply -f
kubectl apply -f
kubectl create secret generic -n metallb-system memberlist --from-literal=secretkey="$(openssl rand -base64 128)"

tee metallbconfig.yaml<<EOF
apiVersion: v1
kind: ConfigMap
  namespace: metallb-system
  name: config
  config: |
    - name: default
      protocol: layer2
kubectl apply -f metallbconfig.yaml

Ingress setup

As we have already specify the operator to use the Ingress type to access the service, we now need to setup ingress on Microk8s. First we have try to use the Microk8s add-on ingress to achieve that, but without success.

So we turned to the use of the official Nginx Ingress. Here is the way to install it.

helm repo add nginx-stable
helm repo update
helm install ingress nginx-stable/nginx-ingress --namespace kube-system
kubectl -n kube-system get service

Edit the ingress awx-ingress created by the operator and add the annotations nginx to tell nginx-ingress to address this service.

kubectl edit ingress awx-ingress
annotations:………. nginx

Check that your ingress has an IP Address and a hostname

kubectl get ingress
NAME            CLASS      HOSTS             ADDRESS        PORTS     AGE
awx-ingress   <none>   80, 443   5m

Now you can browse to your URL, and use the default admin password to log into your fresh AWX install! image.png

Feel free to comment this article if you have questions.


Comments (5)

jan's photo

should I ignore the following errors?

kubectl apply -f awxconfig.yaml error: error validating "awxconfig.yaml": error validating data: [ValidationError(AWX.spec): unknown field "tower_create_preload_data" in com.ansible.awx.v1beta1.AWX.spec, ValidationError(AWX.spec): unknown field "tower_hostname" in com.ansible.awx.v1beta1.AWX.spec, ValidationError(AWX.spec): unknown field "tower_image_pull_policy" in com.ansible.awx.v1beta1.AWX.spec, ValidationError(AWX.spec): unknown field "tower_ingress_type" in com.ansible.awx.v1beta1.AWX.spec]; if you choose to ignore these errors, turn validation off with --validate=false

Show +2 replies
CISEL's photo

Pete Scudamore jan Hi!

Ok I understand now... The Operatorl URL is wrong...

Sorry Guys!!!

I have edited the post with the right URL but below you will find the URL for the Operator with version 0.9.0

The TAG version was missing in the URL

Pete Scudamore's photo


The updated awx operator path worked! I ran into another problem further down.

scud@erebor:~$ helm install ingress nginx-stable/nginx-ingress --namespace kube-system Error: Kubernetes cluster unreachable: Get "localhost:8080/version?timeout=32s": dial tcp connect: connection refused

Here is what my pod networking looks like after getting to this part of the install: kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES awx-operator-5595d6fc57-jfqvh 1/1 Running 0 10m erebor <none> <none> awx-postgres-0 1/1 Running 0 7m18s erebor <none> <none> awx-5b58db49c-j6gxc 4/4 Running 0 7m9s erebor <none> <none>

I was wondering if I was supposed to change any of the IP addressing in the MetalLB section. I am not sure how the 192.x addressing is relevant, and if it is related to this issue.

netstat -an |grep 8080 tcp 0 0 TIME_WAIT