install Ansible AWX 19 minikube on Ubuntu (AWS)

AWS Ubuntu (c5.xlarge) 에 AWX 19를 설치하는 방법을 공유한다

인프라 준비

• Ubuntu 20.04 깡통 Ec2 생성

• Security 그룹 생성

• Target Group 생성 + Ec2 추가

• NLB 생성 + Target Group 추가

• Route53 도메인 생성 + NLB 연결

• 도메인 준비(필요시): sre-awx.mysite.io

1. Ubuntu 업데이트

sudo apt update && sudo apt -y upgrade

2. k3s kubernetes 설치

curl -sfL https://get.k3s.io | sh -
sudo systemctl status k3s
sudo chmod 644 /etc/rancher/k3s/k3s.yaml

3. AWX Operator 배포 on Kubernetes

3.1 git 설치

sudo apt update
sudo apt install git build-essential

3.2 Clone operator deployment code

git clone https://github.com/ansible/awx-operator.git

3.3 Create namespace where operator will be deployed : awx

export NAMESPACE=awx
kubectl create ns ${NAMESPACE}

3.4 Set current context to value set in NAMESPACE variable

 kubectl config set-context --current --namespace=$NAMESPACE 

3.5 awx-operator directory로 이동

cd awx-operator

3.6 AWX Operator 릴리스의 최신 버전을 RELEASE_TAG 변수로 저장한 다음 git을 사용하여 branch 에 checkout

sudo apt install curl jq
RELEASE_TAG=`curl -s https://api.github.com/repos/ansible/awx-operator/releases/latest | grep tag_name | cut -d '"' -f 4`
echo $RELEASE_TAG
git checkout $RELEASE_TAG

3.7 AWX Operator를 클러스터에 배포

export NAMESPACE=awx
make deploy

3.7.1 pod 확인

kubectl get pods

4. Operator를 사용하여 Ubuntu 20.04에 Ansible AWX 설치

4.1 PVC 생성

cat <<EOF | kubectl create -f -
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: static-data-pvc
  namespace: awx
spec:
  accessModes:
    - ReadWriteOnce
  storageClassName: local-path
  resources:
    requests:
      storage: 5Gi
EOF

PVC는 그것을 사용하는 포드가 생성될 때까지 바인딩되지 않는다.

4.2 AWX deployment file 생성

vi awx-deploy.yml

---
apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
  name: awx
spec:
  service_type: nodeport
  projects_persistence: true
  projects_storage_access_mode: ReadWriteOnce
  web_extra_volume_mounts: |
    - name: static-data
      mountPath: /var/lib/projects
  extra_volumes: |
    - name: static-data
      persistentVolumeClaim:
        claimName: static-data-pvc

4.2.1 deploy 적용

$ kubectl apply -f awx-deploy.yml

4.2.2 operator pod 로그에서 설치 프로세스를 추적할 수 있다.

kubectl logs -f deployments/awx-operator-controller-manager -c awx-manager

Ec2 type이 작을 때에 cpu, memory 조건이 맞지 않아 Ready 상태가 지연 될 때도 있으니 확인 바람

kubectl describe pod [pod이름]

4.2.3 Data Persistence

kubectl get pvc

 sudo ls /var/lib/rancher/k3s/storage/

4.2.4 Checking AWX Container’s logs

 kubectl -n awx  logs deploy/awx
 error: a container name must be specified for pod awx-75698588d6-r7bxl, choose one of: [redis awx-web awx-task awx-ee]
 
kubectl -n awx  logs deploy/awx -c redis
kubectl -n awx  logs deploy/awx -c awx-web
kubectl -n awx  logs deploy/awx -c awx-task
kubectl -n awx  logs deploy/awx -c awx-ee

4.2.5 AWX Container에 접근하기

kubectl exec -it deploy/awx  -c  awx-task -- /bin/bash
kubectl exec -it deploy/awx  -c  awx-web -- /bin/bash
kubectl exec -it deploy/awx  -c  awx-ee -- /bin/bash
kubectl exec -it deploy/awx  -c  redis -- /bin/bash

5. Ansible AWX Dashboard 접속

사용 가능한 모든 서비스를 나열하고 awx-service Nodeport를 확인

kubectl get svc -l "app.kubernetes.io/managed-by=awx-operator"

NAME           TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)        AGE
awx-postgres   ClusterIP   None           <none>        5432/TCP       59m
awx-service    NodePort    10.4.0.9   <none>        80:30080/TCP   58m

login 정보

Login Username: admin
password:

kubectl get secret awx-admin-password -o jsonpath="{.data.password}" | base64 --decode

# or

kubectl get secret awx-admin-password -o go-template='{{range $k,$v := .data}}{{printf "%s: " $k}}{{if not $v}}{{$v}}{{else}}{{$v | base64decode}}{{end}}{{"\n"}}{{end}}'

Kubernetes 노드 리소스를 검토하여 AWX를 실행하기에 충분한지 확인합니다.

kubectl top nodes --use-protocol-buffers