bunny-lab/docs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update Docker & Kubernetes/Servers/AWX/AWX Operator/Ansible AWX Operator.md

Browse Source
This commit is contained in:
Nicole Rappe
2024-09-26 03:55:10 -06:00
parent 774e5f0a00
commit b60fc45a15
1 changed files with 8 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
Docker & Kubernetes/Servers/AWX/AWX Operator/Ansible AWX Operator.md
View File

@ -293,10 +293,9 @@ kubectl apply -f custom_dns_records.yml
### Create an AWX Instance Group
At this point, we need to make a custom pod for the AWX Execution Environments that will use both a Keytab file and custom DNS servers defined by configmap files created below. Reference information was found [here](https://github.com/kurokobo/awx-on-k3s/blob/main/tips/use-kerberos.md#create-container-group).
Create the following files in their respective locations so we can mount them into the Execution Environment's
Create the following files in the `/awx` folder on the AWX Operator server you deployed earlier when setting up the Kubernetes Cluster and deploying AWX Operator into it so we can later mount them into the new Execution Environment we will be building.
=== "/awx/krb5.conf"
Add the following file to the `/awx` folder on the AWX Operator server you deployed earlier when setting up the Kubernetes Cluster and deploying AWX Operator into it.
```
[libdefaults]
@ -317,19 +316,9 @@ Create the following files in their respective locations so we can mount them in
.bunny-lab.io = BUNNY-LAB.IO
bunny-lab.io = BUNNY-LAB.IO
```
**Convert Keytab File into ConfigMap**:
Run the following command to apply the Kerberos Keytab file as a configmap into the Kubernetes cluster that we will later use AWX to make a custom Execution Environment with.
```
kubectl -n awx create configmap awx-kerberos-config --from-file=/awx/krb5.conf
```
=== "/awx/custom_dns_records.yml"
**Create Custom DNS Host Records for Domain Controllers**:
!!! note
This section is not strictly needed if the server has a good DNS server outside of it that can resolve the DNS of the domain controllers / devices.
You will need to be sure that AWX is able to resolve the FQDNs of the domain controllers for Kerberos authentication to function within the execution environment and instance group. We will do this by adding another config file in the /awx directory and applying it to the deployment.
```
apiVersion: v1
kind: ConfigMap
@ -342,10 +331,12 @@ Create the following files in their respective locations so we can mount them in
192.168.3.26 LAB-DC-02.bunny-lab.io LAB-DC-02
192.168.3.22 VIRT-NODE-01.bunny-lab.io VIRT-NODE-01
```
Then we apply them with the following command:
```
kubectl apply -f custom_dns_records.yml
```
Then we apply the configmaps to the AWX namespace with the following commands:
```
kubectl -n awx create configmap awx-kerberos-config --from-file=/awx/krb5.conf
kubectl apply -f custom_dns_records.yml
```
- Create Container Group with custom pod spec that mounts `krb5.conf` to allow Kerberos authentication to be used in this new Execution Environment (EE).
- Open AWX UI and click on "**Instance Groups**" under the "**Administration**" section, then press "**Add > Add container group**".