Nick Pratley

How To Deploy Ansible AWX on Ubuntu With MicroK8s

[et_pb_section admin_label=”section”] [et_pb_row admin_label=”row”] [et_pb_column type=”4_4″][et_pb_text admin_label=”Text”]

I recently broke our AWX installation, which meant provisioning workflows ground to a halt! We were hit by a bug running on Docker ( that meant all secret keys had been deleted, rendering the database useless. I could have restored from a VM backup, recovered the files and fixed the compose file — but what better time than now to deploy the latest version using the Ansible Operator on a Kubernetes stack!

I wanted to jot this down as I spent a day with the AWX documentation and struggled to get a working install

In this tutorial, we’ll walk through:

Installing MicroK8s on Ubuntu 20.04

What you’ll need:

Let us dive right in!

  1. Install MicroK8s
    sudo snap install microk8s --classic --channel=1.21
  2. Add your user to the microk8s group, and grant permission to the ~/.kube caching directory
    sudo usermod -a -G microk8s $USER && sudo chown -f -R $USER ~/.kube
  3. Verify the installation was successful
    microk8s status — wait-ready
    Continue when you see microk8s is running
  4. MicroK8s uses a namespaced kubectl command so let us add an alias to make future commands easy
    echo “alias kubectl=’microk8s.kubectl’” >> ~/.bash_aliases && source ~/.bash_aliases
  5. Let’s verify we can run kubectl commands and ensure node status is Ready
    kubectl get nodes

Enabling required MicroK8s Addons

Now that we have a working Kubernetes installation we can proceed with enabling the required add-on services for ingress routing, container storage, and DNS.

I have decided to use Traefik as we should be able to automate SSL certificates easily!

MicroK8s makes this all super simple!

  1. Enable Addons — This will take a few minutes,
    microk8s enable dns storage traefik
  2. Verify all pods are running, we will need the --all-namespaces flag here as these services don’t run in the default namespace
    kubectl get --all-namespaces pods
  3. Verify Storage is ready for use
    kubectl get storageclass

Did I say how simple this was? It’s also what caught me out for a day trying to get the stack working! (It’s *always* DNS)

Deploying the AWX Operator

The AWX Operator creates a CRD (Custom Resource Definition) that extends the Kubernetes API with an object that describes an AWX installation. The operator also deploys a pod that watches for these objects and performs the actual installation of AWX.

Deploying the operator
This will take a few seconds to complete

kubectl apply -f

Verifying the installation
After a few seconds, the installation should be ready for use. You’ll need the name of the operator pod for the next few steps, so let us get that handy!

$ kubectl get pods
awx-operator-f768499d-65bt7 1/1 Running 0 17h

Once the pod is running, we can move on to deploying AWX

Deploying AWX

In a second terminal, let us start watching the AWX operator logs to monitor the deployment.

kubectl logs -f awx-operator-f768499d-65bt7 remember to use the name from your pod!

We now need a YAML file that describes our AWX installation. You will need to pick a domain name for the AWX web interface and ensure DNS points to your server IP.

$ cat << EOF > awx.yaml
kind: AWX
name: awx
tower_ingress_type: Ingress

We can now deploy AWX!

$ kubectl apply -f awx.yml created

The AWX database migrations will take a few minutes to complete. After a few minutes, the pods should be downloaded, running and ready for use.

$ kubectl get pods
awx-operator-f768499d-65bt7 1/1 Running 0 17h
awx-postgres-0 1/1 Running 0 17h
awx-b5f6cf4d4-7jftg 4/4 Running 0 17h

Once all 6 pods are running, we should now be able to access AWX. We’ll need to get the admin password first

$ echo Username: Admin$'\n'Password: `kubectl  get secret awx-admin-password -o jsonpath='{.data.password}' | base64 --decode`
Username: Admin
Admin Password: jhnjhjhGThytyuijhgr56789oiuyf

Traefik listens on port 8080 by default, but you should now be able to access AWX using the credentials from above at your URL

Thanks for reading!

Now it is on to the next problem — repairing my playbooks to work on the newer version of AWX!

[/et_pb_text][/et_pb_column] [/et_pb_row] [/et_pb_section]

Comments 0
There are currently no comments.

Share This