Update Docker & Kubernetes/Servers/AWX/AWX Operator/Ansible AWX Operator.md

Docker & Kubernetes/Servers/AWX/AWX Operator/Ansible AWX Operator.md

@@ -290,8 +290,62 @@ Then we apply them with the following command:
 kubectl apply -f custom_dns_records.yml
 ```
 
-### Create an AWX Container / Instance Group
-At this point, we need to make a custom pod for the AWX Execution Environments that will use this Custom DNS file.  Reference information was found [here](https://github.com/kurokobo/awx-on-k3s/blob/main/tips/use-kerberos.md#create-container-group).
+### Create an AWX Instance Group
+At this point, we need to make a custom pod for the AWX Execution Environments that will use both a Keytab file and custom DNS servers defined by configmap files created below.  Reference information was found [here](https://github.com/kurokobo/awx-on-k3s/blob/main/tips/use-kerberos.md#create-container-group).
+
+Create the following files in their respective locations so we can mount them into the Execution Environment's 
+
+=== "/awx/krb5.conf"
+    Add the following file to the `/awx` folder on the AWX Operator server you deployed earlier when setting up the Kubernetes Cluster and deploying AWX Operator into it.
+
+    ```
+    [libdefaults]
+        default_realm = BUNNY-LAB.IO
+        dns_lookup_realm = false
+        dns_lookup_kdc = false
+
+    [realms]
+        BUNNY-LAB.IO = {
+            kdc = 192.168.3.25
+            kdc = 192.168.3.26
+            admin_server = 192.168.3.25
+        }
+
+    [domain_realm]
+        192.168.3.25 = BUNNY-LAB.IO
+        192.168.3.26 = BUNNY-LAB.IO
+        .bunny-lab.io = BUNNY-LAB.IO
+        bunny-lab.io = BUNNY-LAB.IO
+    ```
+    **Convert Keytab File into ConfigMap**:
+    Run the following command to apply the Kerberos Keytab file as a configmap into the Kubernetes cluster that we will later use AWX to make a custom Execution Environment with. 
+    ```
+    kubectl -n awx create configmap awx-kerberos-config --from-file=/awx/krb5.conf
+    ```
+
+=== "/awx/custom_dns_records.yml"
+    **Create Custom DNS Host Records for Domain Controllers**:
+    !!! note
+        This section is not strictly needed if the server has a good DNS server outside of it that can resolve the DNS of the domain controllers / devices.
+    
+    You will need to be sure that AWX is able to resolve the FQDNs of the domain controllers for Kerberos authentication to function within the execution environment and instance group. We will do this by adding another config file in the /awx directory and applying it to the deployment. 
+    
+    ```
+    apiVersion: v1
+    kind: ConfigMap
+    metadata:
+      name: custom-dns
+      namespace: awx
+    data:
+      custom-hosts: |
+        192.168.3.25 LAB-DC-01.bunny-lab.io LAB-DC-01
+        192.168.3.26 LAB-DC-02.bunny-lab.io LAB-DC-02
+        192.168.3.22 VIRT-NODE-01.bunny-lab.io VIRT-NODE-01
+    ```
+    Then we apply them with the following command: 
+    ```
+    kubectl apply -f custom_dns_records.yml
+    ```
 
 - Create Container Group with custom pod spec that mounts `krb5.conf` to allow Kerberos authentication to be used in this new Execution Environment (EE).
 - Open AWX UI and click on "**Instance Groups**" under the "**Administration**" section, then press "**Add > Add container group**".