Skip to content

Ansible / Automation / DevOps / Kubernetes

Install Ansible AWX on Kubernetes

Avatar photo

https://www.linkedin.com/in/gineesh/ https://twitter.com/GiniGangadharan

Ansible AWX is the upstream project for the Ansible automation controller (Part of Red Hat Ansible Automation Platform). It offers a web-based user interface, REST API, and a task engine built on top of Ansible. AWX is designed to be a frequently released, fast-moving project where all new development occurs.

Installing Ansible AWX is straightforward with the latest versions. However, if you are attempting to install a version earlier than 18, you will need to follow the Docker-based installation method. For newer versions, Ansible AWX is installed using the AWX Operator on top of a Kubernetes or OpenShift cluster.

Important Note:

Warning/Disclaimer: Ansible AWX is a community-supported project and does not carry the same level of support or long-term stability as Red Hat Ansible Automation Platform.

Comparison with Automation Controller:

Ansible Automation Platform, which includes the Automation Controller (formerly Ansible Tower), is produced by selecting certain releases of AWX, hardening them for long-term support, and making them available to customers as a hosted service. The Automation Platform is fully supported by Red Hat, providing enterprise-grade support and stability. This model of development is tested and trusted by Red Hat, following a similar approach as seen with Fedora and Red Hat Enterprise Linux®. For a detailed comparison, you can refer to the official comparison here.

Setup a Kubernetes Cluster

You can use any existing or new cluster or even spin up a minikube cluster on your laptop/workstation for testing purposes.

Please note down the memory and CPU requirements as Ansible AWX pods need some minimum resources to run.

$ minikube start \
  --driver=kvm2 \
  --nodes 1 \
  --cni calico \
  --cpus=4 \
  --memory=8g \
  --kubernetes-version=v1.31.0 \
  --container-runtime=containerd \
  --addons=ingress

Enable Addons as needed

# Check addons
$ minikube addons list
$ minikube addons enable metrics-server
$ minikube dashboard

Deploy AWX Operator

Access your cluster and deploy Ansible AWX operator; replace TAG with the version from Release Page

$ git clone [email protected]:ansible/awx-operator.git
$ cd awx-operator

# Find available tags/versions
$ git tag

# Switch to the required version tag
$ git checkout tags/2.19.1

Now, deploy the Ansible AWX Operator

$ make deploy
namespace/awx created
customresourcedefinition.apiextensions.k8s.io/awxbackups.awx.ansible.com unchanged
customresourcedefinition.apiextensions.k8s.io/awxmeshingresses.awx.ansible.com unchanged
customresourcedefinition.apiextensions.k8s.io/awxrestores.awx.ansible.com unchanged
customresourcedefinition.apiextensions.k8s.io/awxs.awx.ansible.com unchanged
serviceaccount/awx-operator-controller-manager created
role.rbac.authorization.k8s.io/awx-operator-awx-manager-role created
role.rbac.authorization.k8s.io/awx-operator-leader-election-role created
clusterrole.rbac.authorization.k8s.io/awx-operator-metrics-reader unchanged
clusterrole.rbac.authorization.k8s.io/awx-operator-proxy-role unchanged
rolebinding.rbac.authorization.k8s.io/awx-operator-awx-manager-rolebinding created
rolebinding.rbac.authorization.k8s.io/awx-operator-leader-election-rolebinding created
clusterrolebinding.rbac.authorization.k8s.io/awx-operator-proxy-rolebinding unchanged
configmap/awx-operator-awx-manager-config created
service/awx-operator-controller-manager-metrics-service created
deployment.apps/awx-operator-controller-manager created

After a few seconds, you will see the Ansible AWX pod is up and running.

$ kubectl get pod -n awx
NAME                                               READY   STATUS    RESTARTS   AGE
awx-operator-controller-manager-687b856498-mt67z   2/2     Running   0          45s

Create AWX Deployment

Now, we can create an instance for Ansible AWX; create a file awx-demo.yaml with the below content. (You can customize it with Ingress service or other details as needed)

---
apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
  name: awx-demo
spec:
  service_type: nodeport

If the service_type is not specified, the ClusterIP service will be used for your AWX Tower service.

Now create the resource.

$ kubectl apply -f awx-demo.yml 
awx.awx.ansible.com/awx-demo created

Refer to the Ansible AWX Operator documentation for advanced installation options.

Get the Admin Password for Ansible AWX

By default, the admin user is admin and the password is available in the <resourcename>-admin-password secret. You can also create your custom secret for the Admin password and use it for the Ansible AWX deployment.

$ kubectl get secret awx-demo-admin-password -o jsonpath="{.data.password}" | base64 --decode
lxQ8uWlE9Wevkgmy5Kx2AqFdY80v34gx

Also, read How to Change Admin Password in Ansible Automation Platform on Kubernetes or OpenShift.

Get the Path to Access Ansible AWX

You will find the NodePort IP address for service awx-demo-service as follows.

$ kubectl get svc
NAME                                              TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
awx-demo-postgres-15                              ClusterIP   None             <none>        5432/TCP       42m
awx-demo-service                                  NodePort    10.104.141.148   <none>        80:30363/TCP   42m
awx-operator-controller-manager-metrics-service   ClusterIP   10.96.254.191    <none>        8443/TCP       45m

Accessing Ansible AWX WEBUI – minikube and Nodeport

If you are using a minikube cluster, you can get the node IP and port as follows.

$ minikube service awx-demo-service --url -n awx
http://192.168.39.163:30363

Now you can access the Ansible AWX WEBUI at http://192.168.39.163:30363.

Enter the username admin and the retrieved password and Log In.

Accessing Ansible AWX WEBUI – kubectl port-forward

If you are using a standard Kubernetes cluster (not minikube), then you can use port-forward for temporary access as follows.

$ kubectl port-forward service/awx-demo-service 7080:80
Forwarding from 127.0.0.1:7080 -> 8052
Forwarding from [::1]:7080 -> 8052

Now you can access Ansible AWX WEBUI at localhost:7080.

Accessing Ansible AWX WEBUI – Ingress

If you have installed an Ingress Controller in your Kubernetes cluster, you can also use this method. (eg: minikube addons enable metrics-server).

Prepare the Ingress resource YAML.

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: awx-ingress
  namespace: awx
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
    - http:
        paths:
          - path: /awx
            pathType: Prefix
            backend:
              service:
                name: awx-demo-service
                port:
                  number: 80

Create the Ingress resource as follows.

$ kubectl apply -f awx-ingress.yaml 
ingress.networking.k8s.io/awx-ingress created

We will not be using any custom service here but the default Ingress controller service in the minikube cluster.

 $  minikube service list -n ingress-nginx
|---------------|------------------------------------|--------------|-----------------------------|
|   NAMESPACE   |                NAME                | TARGET PORT  |             URL             |
|---------------|------------------------------------|--------------|-----------------------------|
| ingress-nginx | ingress-nginx-controller           | http/80      | http://192.168.39.163:31931 |
|               |                                    | https/443    | http://192.168.39.163:32337 |
| ingress-nginx | ingress-nginx-controller-admission | No node port |                             |
|---------------|------------------------------------|--------------|-----------------------------|

Now, you can access the Ansible AWX WEBUI at http://192.168.39.163:31931/awx.

Access Ansible AWX on a remote Minikube or Kubernetes Cluster

If your Kubernetes/minikube Cluster is on a remote machine/VM (eg: Cloud Instance with Public IP) then you can access it using the above method (if NodePort is the same as remote IP) or you can use LoadBalancer methods.

In our case, we have deployed this in a Google Cloud instance without GUI and we need to enable port-forwarding as below.

$ kubectl port-forward service/awx-demo-service 7080:80

So the Ansible AWX service is available at minikube VM localhost:7080 now, but we dont have GUI there to access !!

So, we do a port-forwarding from our laptop/workstation via SSH Tunnel.

# On your Workstation/Laptop
# eg: ssh -L LOCAL_PORT:localhost:REMOTE_PORT User@REMOTE_IP
$ ssh -L 7080:localhost:7080 [email protected]

Now, open a browser on your laptop/workstation and goto localhost:7080; that’s it.

Enjoy Ansible AWX running on top of Kubernetes or minikube.

Disclaimer:

The views expressed and the content shared in all published articles on this website are solely those of the respective authors, and they do not necessarily reflect the views of the author’s employer or the techbeatly platform. We strive to ensure the accuracy and validity of the content published on our website. However, we cannot guarantee the absolute correctness or completeness of the information provided. It is the responsibility of the readers and users of this website to verify the accuracy and appropriateness of any information or opinions expressed within the articles. If you come across any content that you believe to be incorrect or invalid, please contact us immediately so that we can address the issue promptly.

Tags: · · · · · · ·

Latest posts

Avatar photo


https://www.linkedin.com/in/gineesh/ https://twitter.com/GiniGangadharan
Gineesh Madapparambath is the founder of techbeatly and he is the co-author of The Kubernetes Bible, Second Edition. and the author of 𝗔𝗻𝘀𝗶𝗯𝗹𝗲 𝗳𝗼𝗿 𝗥𝗲𝗮𝗹-𝗟𝗶𝗳𝗲 𝗔𝘂𝘁𝗼𝗺𝗮𝘁𝗶𝗼𝗻. He has worked as a Systems Engineer, Automation Specialist, and content author. His primary focus is on Ansible Automation, Containerisation (OpenShift & Kubernetes), and Infrastructure as Code (Terraform). (aka Gini Gangadharan - iamgini.com)

Comments

11 Responses

  1. Davide says:
    October 28, 2021 at 9:44 pm

    awx@vps-e49d5f4c:~$ kubectl get svc
    NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
    awx-demo-postgres ClusterIP None 5432/TCP 39m
    awx-demo-service NodePort 10.108.179.119 80:32739/TCP 39m
    awx-operator-metrics ClusterIP 10.109.103.45 8383/TCP,8686/TCP 40m
    kubernetes ClusterIP 10.96.0.1 443/TCP 42m
    awx@vps-e49d5f4c:~$ kubectl port-forward service/awx-demo-service 7080:80

    error: timed out waiting for the condition

    Reply
  2. Avatar photo Gineesh Madapparambath says:
    October 28, 2021 at 10:00 pm

    can you try any other service in that kubernetes cluster ?
    just to make sure the networking is good (maybe some simple nginx)

    Reply
  3. Daniel says:
    January 6, 2022 at 4:40 am

    I am looking for how to do this with AWS EKS, do you or anyone watching this space have instructions for that?

    Thank you.

    Reply
  4. Avatar photo Gineesh Madapparambath says:
    January 6, 2022 at 11:03 am

    If you can install AWX operator, then the any kubernetes cluster is enough to install Ansible AWX.

    The steps are same and you can start with “Deploy AWX Operator” step as the AWS EKS is already under your control (no need to worry about the minikube steps here)

    Reply
  5. Rio Raj says:
    October 28, 2022 at 7:24 pm

    Hi,
    How do we bulk upload hosts to awx inventory.

    awx-manage inventory_import –source=/ansible/inventory/ –inventory-name TESTINVENTORY

    The above command gives error in awx-prod-web pod

    error:- 1.006 WARNING This command is not able to run on kubernetes-based deployment. This action should be done using the API.

    Reply
  6. Chandru says:
    January 22, 2023 at 9:32 pm

    Hi @Gineesh Madapparambath,

    how to install awx-manage command in awx-operator environmment ??

    Thank you in Advance

    Regards,
    Chandru

    Reply
  7. Chandru says:
    January 22, 2023 at 10:11 pm

    Hi Gineesh Madapparambath

    How to install awx-manage command in ansible-operator environment ??

    Regards,
    Chandru

    Reply
  8. Siva says:
    December 21, 2023 at 2:39 am

    Hi @Gineesh Madapparambath,

    How to configure the external database for AWX?

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.