Merge pull request #201 from kurokobo/awx-2.0.0

feat: bump operator version to 2.0.0
2025-12-16 22:12:14 +11:00 · 2023-04-05 01:17:44 +09:00 · 2023-04-05 01:17:44 +09:00 · 283250bfbe
commit 283250bfbe
parent 25ffe92bd1 7d08810dd4
7 changed files with 85 additions and 62 deletions
--- a/README.md
+++ b/README.md
@ -29,17 +29,17 @@ An example implementation of AWX on single node K3s using AWX Operator, with eas
 - Tested on:
  - CentOS Stream 8 (Minimal)
-  - K3s v1.25.7+k3s1
+  - K3s v1.26.3+k3s1
 - Products that will be deployed:
-  - AWX Operator 1.4.0
+  - AWX Operator 2.0.0
-  - AWX 21.14.0
+  - AWX 22.0.0
  - PostgreSQL 13
 ## References
 - [K3s - Lightweight Kubernetes](https://docs.k3s.io/)
- [INSTALL.md on ansible/awx](https://github.com/ansible/awx/blob/21.14.0/INSTALL.md) @21.14.0
+- [INSTALL.md on ansible/awx](https://github.com/ansible/awx/blob/22.0.0/INSTALL.md) @22.0.0
- [README.md on ansible/awx-operator](https://github.com/ansible/awx-operator/blob/1.4.0/README.md) @1.4.0
+- [README.md on ansible/awx-operator](https://github.com/ansible/awx-operator/blob/2.0.0/README.md) @2.0.0
 ## Requirements
@ -90,7 +90,7 @@ Install specified version of AWX Operator. Note that this procedure is applicabl
 cd ~
 git clone https://github.com/ansible/awx-operator.git
 cd awx-operator
-git checkout 1.4.0
+git checkout 2.0.0
 ```
 Export the name of the namespace where you want to deploy AWX Operator as the environment variable `NAMESPACE` and run `make deploy`. The default namespace is `awx`.
@ -127,7 +127,7 @@ If you want to use files suitable for the specific version of AWX Operator, [ref
 cd ~
 git clone https://github.com/kurokobo/awx-on-k3s.git
 cd awx-on-k3s
-git checkout 1.4.0
+git checkout 2.0.0
 ```
 Generate a Self-Signed certificate. Note that IP address can't be specified. If you want to use a certificate from public ACME CA such as Let's Encrypt or ZeroSSL instead of Self-Signed certificate, follow the guide on [📁 **Use SSL Certificate from Public ACME CA**](acme) first and come back to this step when done.
@ -200,7 +200,7 @@ $ kubectl -n awx logs -f deployments/awx-operator-controller-manager
 ...
 ----- Ansible Task Status Event StdOut (awx.ansible.com/v1beta1, Kind=AWX, awx/awx) -----
 PLAY RECAP *********************************************************************
-localhost                  : ok=80   changed=0    unreachable=0    failed=0    skipped=78   rescued=0    ignored=1
+localhost                  : ok=83   changed=0    unreachable=0    failed=0    skipped=79   rescued=0    ignored=1
 ```
 Required objects has been deployed next to AWX Operator in `awx` namespace.
@ -208,42 +208,45 @@ Required objects has been deployed next to AWX Operator in `awx` namespace.
 ```bash
 $ kubectl -n awx get awx,all,ingress,secrets
 NAME                      AGE
-awx.awx.ansible.com/awx   5m
+awx.awx.ansible.com/awx   6m15s
 NAME                                                   READY   STATUS    RESTARTS   AGE
-pod/awx-operator-controller-manager-5d5d58758c-7xcrl   2/2     Running   0          5m35s
+pod/awx-operator-controller-manager-57867569c4-ggl29   2/2     Running   0          6m50s
-pod/awx-postgres-13-0                                  1/1     Running   0          4m46s
+pod/awx-postgres-13-0                                  1/1     Running   0          5m56s
-pod/awx-5b859c644-zp6x5                                4/4     Running   0          4m26s
+pod/awx-task-5d8cd9b6b9-8ptjt                          4/4     Running   0          5m25s
 pod/awx-web-66f89bc9cf-6zck5                           3/3     Running   0          4m39s
 NAME                                                      TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
-service/awx-operator-controller-manager-metrics-service   ClusterIP   10.43.229.20    <none>        8443/TCP   5m45s
+service/awx-operator-controller-manager-metrics-service   ClusterIP   10.43.18.30     <none>        8443/TCP   7m
-service/awx-postgres-13                                   ClusterIP   None            <none>        5432/TCP   4m46s
+service/awx-postgres-13                                   ClusterIP   None            <none>        5432/TCP   5m55s
-service/awx-service                                       ClusterIP   10.43.135.205   <none>        80/TCP     4m28s
+service/awx-service                                       ClusterIP   10.43.237.218   <none>        80/TCP     5m28s
 NAME                                              READY   UP-TO-DATE   AVAILABLE   AGE
-deployment.apps/awx-operator-controller-manager   1/1     1            1           5m45s
+deployment.apps/awx-operator-controller-manager   1/1     1            1           7m
-deployment.apps/awx                               1/1     1            1           4m26s
+deployment.apps/awx-task                          1/1     1            1           5m25s
 deployment.apps/awx-web                           1/1     1            1           4m39s
 NAME                                                         DESIRED   CURRENT   READY   AGE
-replicaset.apps/awx-operator-controller-manager-5d5d58758c   1         1         1       5m35s
+replicaset.apps/awx-operator-controller-manager-57867569c4   1         1         1       6m50s
-replicaset.apps/awx-5b859c644                                1         1         1       4m26s
+replicaset.apps/awx-task-5d8cd9b6b9                          1         1         1       5m25s
 replicaset.apps/awx-web-66f89bc9cf                           1         1         1       4m39s
 NAME                               READY   AGE
-statefulset.apps/awx-postgres-13   1/1     4m46s
+statefulset.apps/awx-postgres-13   1/1     5m56s
-NAME                                    CLASS    HOSTS             ADDRESS         PORTS     AGE
+NAME                                    CLASS     HOSTS             ADDRESS         PORTS     AGE
-ingress.networking.k8s.io/awx-ingress   <none>   awx.example.com   192.168.0.219   80, 443   4m27s
+ingress.networking.k8s.io/awx-ingress   traefik   awx.example.com   192.168.0.219   80, 443   5m27s
 NAME                                  TYPE                DATA   AGE
-secret/awx-admin-password             Opaque              1      5m
+secret/awx-admin-password             Opaque              1      6m15s
-secret/awx-postgres-configuration     Opaque              6      5m
+secret/awx-postgres-configuration     Opaque              6      6m15s
-secret/awx-secret-tls                 kubernetes.io/tls   2      3m54s
+secret/awx-secret-tls                 kubernetes.io/tls   2      6m15s
-secret/redhat-operators-pull-secret   Opaque              1      4m30s
+secret/redhat-operators-pull-secret   Opaque              1      6m11s
-secret/awx-app-credentials            Opaque              3      4m30s
+secret/awx-app-credentials            Opaque              3      5m30s
-secret/awx-secret-key                 Opaque              1      4m55s
+secret/awx-secret-key                 Opaque              1      6m6s
-secret/awx-broadcast-websocket        Opaque              1      4m52s
+secret/awx-broadcast-websocket        Opaque              1      6m2s
-secret/awx-receptor-ca                Opaque              2      4m26s
+secret/awx-receptor-ca                kubernetes.io/tls   2      5m37s
-secret/awx-receptor-work-signing      Opaque              2      4m29s
+secret/awx-receptor-work-signing      Opaque              2      5m33s
 ```
 Now your AWX is available at `https://awx.example.com/` or the hostname you specified.
--- a/backup/ansible/README.md
+++ b/backup/ansible/README.md
@ -32,7 +32,7 @@ An example simple playbook for Ansible is also provided in this repository. This
 | - | - | - |
 | `awxbackup_namespace` | The name of the NameSpace where the `AWXBackup` resource will be created. | `awx` |
 | `awxbackup_name` | The name of the `AWXBackup` resource. Dynamically generated using execution time by default. | `awxbackup-{{ lookup('pipe', 'date +%Y-%m-%d-%H-%M-%S') }}` |
-| `awxbackup_spec` | The `spec` of the `AWXBackup` resource. Refer [official documentation](https://github.com/ansible/awx-operator/tree/1.4.0/roles/backup) for acceptable fields. | `deployment_name: awx`<br>`backup_pvc: awx-backup-claim`<br>`clean_backup_on_delete: true` |
+| `awxbackup_spec` | The `spec` of the `AWXBackup` resource. Refer [official documentation](https://github.com/ansible/awx-operator/tree/2.0.0/roles/backup) for acceptable fields. | `deployment_name: awx`<br>`backup_pvc: awx-backup-claim`<br>`clean_backup_on_delete: true` |
 | `awxbackup_timeout` | Time to wait for backup to complete, in seconds. If exceeded, the playbook will fail. | `600` |
 | `awxbackup_keep_days` | Number of days to keep `AWXBackup` resources. `AWXBackup` resources older than this value will be deleted by this playbook. Set `0` to keep forever. | `30` |
--- a/base/awx.yaml
+++ b/base/awx.yaml
@ -5,10 +5,10 @@ metadata:
  name: awx
 spec:
  # These parameters are designed for use with:
-  # - AWX Operator: 1.4.0
+  # - AWX Operator: 2.0.0
-  #   https://github.com/ansible/awx-operator/blob/1.4.0/README.md
+  #   https://github.com/ansible/awx-operator/blob/2.0.0/README.md
-  # - AWX: 21.14.0
+  # - AWX: 22.0.0
-  #   https://github.com/ansible/awx/blob/21.14.0/INSTALL.md
+  #   https://github.com/ansible/awx/blob/22.0.0/INSTALL.md
  admin_user: admin
  admin_password_secret: awx-admin-password
@ -27,6 +27,9 @@ spec:
  projects_persistence: true
  projects_existing_claim: awx-projects-claim
  web_replicas: 1
  task_replicas: 1
  postgres_init_container_resource_requirements: {}
  postgres_resource_requirements: {}
  web_resource_requirements: {}
@ -35,3 +38,14 @@ spec:
  # Uncomment to reveal "censored" logs
  #no_log: false
  # A workaround to allow Manual type projects. This have to be removed in the next release
  # https://github.com/ansible/awx-operator/issues/1323
  extra_volumes: |
    - name: awx-projects
      persistentVolumeClaim:
        claimName: awx-projects-claim
  web_extra_volume_mounts: |
    - name: awx-projects
      mountPath: /var/lib/awx/projects
--- a/restore/README.md
+++ b/restore/README.md
@ -100,7 +100,7 @@ $ kubectl -n awx logs -f deployments/awx-operator-controller-manager
 ...
 ----- Ansible Task Status Event StdOut (awx.ansible.com/v1beta1, Kind=AWX, awx/awx) -----
 PLAY RECAP *********************************************************************
-localhost                  : ok=82   changed=0    unreachable=0    failed=0    skipped=76   rescued=0    ignored=1
+localhost                  : ok=85   changed=0    unreachable=0    failed=0    skipped=77   rescued=0    ignored=1
 ```
 This will create AWXRestore object in the namespace, and now your AWX is restored.
--- a/tips/troubleshooting.md
+++ b/tips/troubleshooting.md
@ -43,9 +43,10 @@ If the Pods are working properly, its `STATUS` are `Running`. If your Pods are n
 ```bash
 $ kubectl -n awx get pod
 NAME                                               READY   STATUS    RESTARTS   AGE
-awx-operator-controller-manager-68d787cfbd-j6k7z   2/2     Running   0          7m43s
+awx-operator-controller-manager-57867569c4-ggl29   2/2     Running   0          8m20s
-awx-postgres-13-0                                  1/1     Running   0          4m6s
+awx-postgres-13-0                                  1/1     Running   0          7m26s
-awx-84d5c45999-h7xm4                               0/4     Pending   0          3m59s
+awx-task-5d8cd9b6b9-8ptjt                          0/4     Pending   0          6m55s
 awx-web-66f89bc9cf-6zck5                           0/3     Pending   0          6m9s
 ```
 If you have the Pods which has the unexpected state instead of `Running`, the next step is checking `Events` for the Pod. The command to get `Events` for the pod is:
@ -57,7 +58,7 @@ kubectl -n awx describe pod <Pod Name>
 By this command, you can get the `Events` for the Pod you specified at the end of the output.
 ```bash
-$ kubectl -n awx describe pod awx-84d5c45999-h7xm4
+$ kubectl -n awx describe pod awx-task-5d8cd9b6b9-8ptjt
 ...
 Events:
  Type     Reason            Age   From               Message
@ -77,18 +78,18 @@ The commands to get the logs are following. `-f` is optional, useful to watch th
 ```bash
 # Get the logs of specific Pod.
 # If the Pod includes multiple containers, container name has to be specified.
-kubectl -n awx logs -f <Pod Name>
+kubectl -n awx logs -f <POD>
-kubectl -n awx logs -f <Pod Name> -c <Container Name>
+kubectl -n awx logs -f <POD> -c <CONTAINER>
 # Get the logs of specific Pod which is handled by Deployment resource.
 # If the Pod includes multiple containers, container name has to be specified.
-kubectl -n awx logs -f deployment/<Deployment Name>
+kubectl -n awx logs -f deployment/<DEPLOYMENT>
-kubectl -n awx logs -f deployment/<Deployment Name> -c <Container Name>
+kubectl -n awx logs -f deployment/<DEPLOYMENT> -c <CONTAINER>
 # Get the logs of specific Pod which is handled by StatefulSet resource
 # If the Pod includes multiple containers, container name has to be specified.
-kubectl -n awx logs -f statefulset/<Deployment Name>
+kubectl -n awx logs -f statefulset/<STATEFULSET>
-kubectl -n awx logs -f statefulset/<Deployment Name> -c <Container Name>
+kubectl -n awx logs -f statefulset/<STATEFULSET> -c <CONTAINER>
 ```
 For AWX Operator and AWX, specifically, the following commands are helpful.
@ -96,13 +97,16 @@ For AWX Operator and AWX, specifically, the following commands are helpful.
 - Logs of AWX Operator
  - `kubectl -n awx logs -f deployment/awx-operator-controller-manager`
 - Logs of AWX related init containers
-  - `kubectl -n awx logs -f deployment/awx -c init`
+  - `kubectl -n awx logs -f deployment/awx-task -c init`
-  - `kubectl -n awx logs -f deployment/awx -c init-projects`
+  - `kubectl -n awx logs -f deployment/awx-task -c init-projects`
 - Logs of AWX related containers
-  - `kubectl -n awx logs -f deployment/awx -c awx-web`
+  - `kubectl -n awx logs -f deployment/awx-web -c awx-web`
-  - `kubectl -n awx logs -f deployment/awx -c awx-task`
+  - `kubectl -n awx logs -f deployment/awx-web -c awx-rsyslog`
-  - `kubectl -n awx logs -f deployment/awx -c awx-ee`
+  - `kubectl -n awx logs -f deployment/awx-web -c redis`
-  - `kubectl -n awx logs -f deployment/awx -c redis`
+  - `kubectl -n awx logs -f deployment/awx-task -c awx-task`
  - `kubectl -n awx logs -f deployment/awx-task -c awx-ee`
  - `kubectl -n awx logs -f deployment/awx-task -c awx-rsyslog`
  - `kubectl -n awx logs -f deployment/awx-task -c redis`
 - Logs of PostgreSQL
  - `kubectl -n awx logs -f statefulset/awx-postgres-13`
@ -157,7 +161,7 @@ To solve this, you can simply wait until the limit is freed up, or [consider giv
 If your Pod is in `Pending` state and its `Events` shows following events, the reason is that the node does not have enough CPU and memory to start the Pod. By default AWX requires at least 2 CPUs and 4 GB RAM. In addition more resources are required to run K3s and the OS itself.
 ```bash
-$ kubectl -n awx describe pod awx-84d5c45999-h7xm4
+$ kubectl -n awx describe pod awx-task-5d8cd9b6b9-8ptjt
 ...
 Events:
  Type     Reason            Age   From               Message
@ -182,7 +186,7 @@ Typical solutions are one of the following:
      ee_resource_requirements: {}     👈👈👈
    ```
-  - You can specify more specific value for each containers. Refer [official documentation](https://github.com/ansible/awx-operator/blob/1.4.0/README.md#containers-resource-requirements) for details.
+  - You can specify more specific value for each containers. Refer [official documentation](https://github.com/ansible/awx-operator/blob/2.0.0/README.md#containers-resource-requirements) for details.
  - In this way you can run AWX with fewer resources, but you may encounter performance issues.
 ### The Pod is `Pending` with "1 pod has unbound immediate PersistentVolumeClaims." event
@ -190,7 +194,7 @@ Typical solutions are one of the following:
 If your Pod is in `Pending` state and its `Events` shows following events, the reason is that no usable Persistent Volumes are available.
 ```bash
-$ kubectl -n awx describe pod awx-84d5c45999-h7xm4
+$ kubectl -n awx describe pod awx-task-5d8cd9b6b9-8ptjt
 ...
 Events:
  Type     Reason            Age   From               Message
@ -240,7 +244,7 @@ To solve this, typical solutions are one of the following:
 Sometimes your AWX pod is `Running` state correctly but not functional at all, and its log shows following message repeatedly.
 ```bash
-kubectl -n awx logs -f deployment/awx -c awx-web
+kubectl -n awx logs -f deployment/awx-web -c awx-web
 [wait-for-migrations] Waiting for database migrations...
 [wait-for-migrations] Attempt 1 of 30
 [wait-for-migrations] Waiting 0.5 seconds before next attempt
@ -277,9 +281,10 @@ In this situation, your Pod for PostgreSQL is in `CrashLoopBackOff` state and it
 ```bash
 $ kubectl -n awx get pod
 NAME                                               READY   STATUS             RESTARTS   AGE
-awx-operator-controller-manager-68d787cfbd-j6k7z   2/2     Running            0          7m43s
+awx-operator-controller-manager-57867569c4-ggl29   2/2     Running            0          8m20s
-awx-postgres-13-0                                  1/1     CrashLoopBackOff   3          4m6s
+awx-postgres-13-0                                  1/1     CrashLoopBackOff   5          7m26s
-awx-84d5c45999-h7xm4                               4/4     Running            0          3m59s
+awx-task-5d8cd9b6b9-8ptjt                          0/4     Running            0          6m55s
 awx-web-66f89bc9cf-6zck5                           0/3     Running            0          6m9s
 $ kubectl -n awx logs statefulset/awx-postgres
 mkdir: cannot create directory '/var/lib/postgresql/data': Permission denied
--- a/tips/trust-custom-ca.md
+++ b/tips/trust-custom-ca.md
@ -27,7 +27,7 @@ Trusting custom Certificate Authority can be achieved by following steps:
 There are two kinds of certificate, one is used to trust LDAP server, and the other is used as the CA bundle.
-| Fields in the specification for AWX | Keys in Secret | Containers in AWX pod that the certificate will be mounted | Paths that the certificate will be mounted as |
+| Fields in the specification for AWX | Keys in Secret | Containers that the certificate will be mounted | Paths that the certificate will be mounted as |
 |-|-|-|-|
 | `ldap_cacert_secret` | `ldap-ca.crt` | `awx-web` | `/etc/openldap/certs/ldap-ca.crt` |
 | `bundle_cacert_secret` | `bundle-ca.crt` | `awx-web`, `awx-task`, and `awx-ee` | `/etc/pki/ca-trust/source/anchors/bundle-ca.crt` |
@ -131,7 +131,7 @@ If you have problem with SSL connection such as LDAPS, you can verify your certi
 ```bash
 # Open Bash shell of the "awx-web" container
-$ kubectl -n awx exec -it deployment/awx -c awx-web -- bash
+$ kubectl -n awx exec -it deployment/awx-web -c awx-web -- bash
 bash-5.1$
 ```
--- a/tips/version-mapping.md
+++ b/tips/version-mapping.md
@ -10,6 +10,7 @@ The table below maps the AWX Operator versions and bundled AWX versions.
 | AWX Operator | AWX |
 | - | - |
 | 2.0.0 | 22.0.0 |
 | 1.4.0 | 21.14.0 |
 | 1.3.0 | 21.13.0 |
 | 1.2.0 | 21.12.0 |