diff --git a/README.md b/README.md index 049744a..3bd54a6 100644 --- a/README.md +++ b/README.md @@ -27,17 +27,17 @@ An example implementation of AWX on single node K3s using AWX Operator, with eas - Tested on: - CentOS Stream 8 (Minimal) - - K3s v1.22.7+k3s1 + - K3s v1.23.6+k3s1 - Products that will be deployed: - - AWX Operator 0.21.0 - - AWX 21.0.0 + - AWX Operator 0.22.0 + - AWX 21.1.0 - PostgreSQL 12 ## References - [K3s - Lightweight Kubernetes](https://rancher.com/docs/k3s/latest/en/) -- [INSTALL.md on ansible/awx](https://github.com/ansible/awx/blob/21.0.0/INSTALL.md) @21.0.0 -- [README.md on ansible/awx-operator](https://github.com/ansible/awx-operator/blob/0.21.0/README.md) @0.21.0 +- [INSTALL.md on ansible/awx](https://github.com/ansible/awx/blob/21.1.0/INSTALL.md) @21.1.0 +- [README.md on ansible/awx-operator](https://github.com/ansible/awx-operator/blob/0.22.0/README.md) @0.22.0 ## Requirements @@ -83,7 +83,7 @@ Install specified version of AWX Operator. Note that this procedure is applicabl cd ~ git clone https://github.com/ansible/awx-operator.git cd awx-operator -git checkout 0.21.0 +git checkout 0.22.0 ``` Export the name of the namespace where you want to deploy AWX Operator as the environment variable `NAMESPACE` and run `make deploy`. The default namespace is `awx`. @@ -230,6 +230,7 @@ secret/awx-operator-controller-manager-token-sz6wq kubernetes.io/service-accou secret/awx-admin-password Opaque 1 4m17s secret/awx-postgres-configuration Opaque 6 4m17s secret/awx-secret-tls kubernetes.io/tls 2 4m17s +secret/redhat-operators-pull-secret kubernetes.io/dockerconfigjson 1 4m17s secret/awx-app-credentials Opaque 3 4m2s secret/awx-token-jfndh kubernetes.io/service-account-token 3 4m2s secret/awx-secret-key Opaque 1 4m13s @@ -277,7 +278,7 @@ Refer [๐Ÿ“ **Back up AWX using AWX Operator**](backup) and [๐Ÿ“ **Restore AWX - [๐Ÿ“Trust custom Certificate Authority](tips/trust-custom-ca.md) - [๐Ÿ“Expose `/etc/hosts` to Pods on K3s](tips/expose-hosts.md) - [๐Ÿ“Redirect HTTP to HTTPS](tips/https-redirection.md) - - [๐Ÿ“Add HTTP Proxy](tips/add-http-proxy.md) + - [๐Ÿ“Use HTTP proxy](tips/use-http-proxy.md) - [๐Ÿ“Uninstall deployed resouces](tips/uninstall.md) - [๐Ÿ“Deploy older version of AWX Operator](tips/deploy-older-operator.md) - [๐Ÿ“Upgrade AWX Operator and AWX](tips/upgrade-operator.md) diff --git a/backup/README.md b/backup/README.md index d85a900..8c512cd 100644 --- a/backup/README.md +++ b/backup/README.md @@ -86,12 +86,6 @@ total 736 -rw-------. 1 systemd-coredump root 745302 Jun 6 06:51 tower.db ``` -Note that if you are using AWX Operator `0.12.0` or earlier, the contents of the Secret that passed through `ingress_tls_secret` parameter will not be included in this backup files. If necessary, get a dump of this Secret, or keep original certificate file and key file. In `0.13.0` or later, this secret is included in the backup file therefore you can ignore this step. - -```bash -kubectl get secret awx-secret-tls -n awx -o yaml > awx-secret-tls.yaml -``` - ## Appendix: Back up AWX using Ansible An example simple playbook for Ansible is also provided in this repository. This can be used with `ansible-playbook`, `ansible-runner`, and AWX. It can be also used with the scheduling feature on AWX too. diff --git a/backup/ansible/README.md b/backup/ansible/README.md index 4423534..b41b964 100644 --- a/backup/ansible/README.md +++ b/backup/ansible/README.md @@ -30,7 +30,7 @@ An example simple playbook for Ansible is also provided in this repository. This | - | - | - | | `awxbackup_namespace` | The name of the NameSpace where the `AWXBackup` resource will be created. | `awx` | | `awxbackup_name` | The name of the `AWXBackup` resource. Dynamically generated using execution time by default. | `awxbackup-{{ lookup('pipe', 'date +%Y-%m-%d-%H-%M-%S') }}` | -| `awxbackup_spec` | The `spec` of the `AWXBackup` resource. Refer [official documentation](https://github.com/ansible/awx-operator/tree/0.21.0/roles/backup) for acceptable fields. | `{'deployment_name':'awx','backup_pvc':'awx-backup-claim'}` | +| `awxbackup_spec` | The `spec` of the `AWXBackup` resource. Refer [official documentation](https://github.com/ansible/awx-operator/tree/0.22.0/roles/backup) for acceptable fields. | `{'deployment_name':'awx','backup_pvc':'awx-backup-claim'}` | | `awxbackup_timeout` | Time to wait for backup to complete, in seconds. If exceeded, the playbook will fail. | `600` | | `awxbackup_keep_days` | Number of days to keep `AWXBackup` resources. `AWXBackup` resources older than this value will be deleted by this playbook. Set `0` to keep forever. **Note that the actual backup data will remain in the PVC after the `AWXBackup` resource is deleted.** | `30` | @@ -53,7 +53,7 @@ Obtain the API Token which required to authenticate the Kubernetes API. This tok ```bash $ SECRET=$(kubectl -n ${NAMESPACE} get sa awx-backup -o jsonpath='{.secrets[0].name}') -$ kubectl -n awx get secret ${SECRET} -o jsonpath='{.data.token}' | base64 -d +$ kubectl -n ${NAMESPACE} get secret ${SECRET} -o jsonpath='{.data.token}' | base64 -d eyJhbGciOiJSUzI...hcGsPI5MzmaMHQvw ``` diff --git a/base/awx.yaml b/base/awx.yaml index d0ce644..69891c7 100644 --- a/base/awx.yaml +++ b/base/awx.yaml @@ -5,10 +5,10 @@ metadata: name: awx spec: # These parameters are designed for use with: - # - AWX Operator: 0.21.0 - # https://github.com/ansible/awx-operator/blob/0.21.0/README.md - # - AWX: 21.0.0 - # https://github.com/ansible/awx/blob/21.0.0/INSTALL.md + # - AWX Operator: 0.22.0 + # https://github.com/ansible/awx-operator/blob/0.22.0/README.md + # - AWX: 21.1.0 + # https://github.com/ansible/awx/blob/21.1.0/INSTALL.md admin_user: admin admin_password_secret: awx-admin-password diff --git a/base/kustomization.yaml b/base/kustomization.yaml index 348fa99..565d8bf 100644 --- a/base/kustomization.yaml +++ b/base/kustomization.yaml @@ -28,7 +28,7 @@ secretGenerator: literals: - password=Ansible123! - # Temporary workaround to suppress errors from AWX Operator 0.21.0. + # Temporary workaround to suppress errors from AWX Operator 0.22.0. # Refer: https://github.com/kurokobo/awx-on-k3s/issues/74 - name: redhat-operators-pull-secret files: diff --git a/builder/README.md b/builder/README.md index aa916ba..36b8904 100644 --- a/builder/README.md +++ b/builder/README.md @@ -9,8 +9,8 @@ This repository includes ready-to-use files as an example to use Ansible Builder - CentOS Stream 8 (Minimal) - Python 3.9 -- Docker 20.10.12 -- Ansible Builder 1.0.1 +- Docker 20.10.17 +- Ansible Builder 1.1.0 ## Install diff --git a/galaxy/README.md b/galaxy/README.md index 6d24c39..20a8963 100644 --- a/galaxy/README.md +++ b/galaxy/README.md @@ -180,7 +180,7 @@ There is a Kubernetes Operator for Pulp 3 named Pulp Operator. - [pulp/pulp-operator: Kubernetes Operator for Pulp 3](https://github.com/pulp/pulp-operator) -This project is still under active development and there is no support, however, at least the code to create a new instance seems to be implemented. In this procedure, we use [Pulp Operator 0.8.0](https://github.com/pulp/pulp-operator/tree/0.8.0) +This project is still under active development and there is no support, however, at least the code to create a new instance seems to be implemented. In this procedure, we use [Pulp Operator 0.11.0](https://github.com/pulp/pulp-operator/tree/0.11.0) ### Patch K3s @@ -208,7 +208,7 @@ Install specified version of Pulp Operator. cd ~ git clone https://github.com/pulp/pulp-operator.git cd pulp-operator -git checkout 0.8.0 +git checkout 0.11.0 ``` Export the name of the namespace where you want to deploy Pulp Operator as the environment variable `NAMESPACE` and run `make deploy`. The default namespace is `pulp-operator-system`. @@ -314,7 +314,7 @@ $ kubectl -n galaxy logs -f deployments/pulp-operator-controller-manager -c pulp ... ----- Ansible Task Status Event StdOut (pulp.pulpproject.org/v1beta1, Kind=Pulp, galaxy/galaxy) ----- PLAY RECAP ********************************************************************* -localhost : ok=75 changed=0 unreachable=0 failed=0 skipped=62 rescued=0 ignored=0 +localhost : ok=84 changed=0 unreachable=0 failed=0 skipped=67 rescued=0 ignored=0 ``` Required objects has been deployed next to Pulp Operator in `galaxy` namespace. @@ -322,58 +322,57 @@ Required objects has been deployed next to Pulp Operator in `galaxy` namespace. ```bash $ kubectl -n galaxy get pulp,all,ingress,secrets NAME AGE -pulp.pulp.pulpproject.org/galaxy 3m58s +pulp.pulp.pulpproject.org/galaxy 4m48s -NAME READY STATUS RESTARTS AGE -pod/pulp-operator-controller-manager-9b8644f46-plw72 2/2 Running 0 4m37s -pod/galaxy-redis-65c899f464-c6dhb 1/1 Running 0 3m50s -pod/galaxy-postgres-0 1/1 Running 0 3m53s -pod/galaxy-content-76f68bb68f-6tn2q 1/1 Running 0 3m37s -pod/galaxy-worker-76c986fd54-qjg28 1/1 Running 0 3m36s -pod/galaxy-api-76985868c8-vjwks 1/1 Running 0 3m39s -pod/galaxy-web-67cc96d8d6-644dh 1/1 Running 0 3m48s -pod/galaxy-resource-manager-64dbf49746-jcsfs 1/1 Running 0 118s +NAME READY STATUS RESTARTS AGE +pod/pulp-operator-controller-manager-74d4f59ddb-mtwzq 2/2 Running 0 5m4s +pod/galaxy-postgres-13-0 1/1 Running 0 4m31s +pod/galaxy-redis-6f79b47f66-4dg75 1/1 Running 0 4m5s +pod/galaxy-content-57fd45b97c-mxkdx 1/1 Running 0 3m39s +pod/galaxy-worker-6fcbd5ff47-b2h6v 1/1 Running 0 3m37s +pod/galaxy-api-5cf69c85d-vc6z8 1/1 Running 0 3m43s +pod/galaxy-web-5f7bc488fb-69mbk 1/1 Running 0 4m22s NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE -service/pulp-operator-controller-manager-metrics-service ClusterIP 10.43.173.114 8443/TCP 4m37s -service/galaxy-postgres-svc ClusterIP None 5432/TCP 3m53s -service/galaxy-redis-svc ClusterIP 10.43.29.57 6379/TCP 3m51s -service/galaxy-web-svc ClusterIP 10.43.245.204 24880/TCP 3m47s -service/galaxy-api-svc ClusterIP 10.43.146.254 24817/TCP 3m40s -service/galaxy-content-svc ClusterIP 10.43.214.64 24816/TCP 3m38s +service/pulp-operator-controller-manager-metrics-service ClusterIP 10.43.145.99 8443/TCP 5m4s +service/galaxy-postgres-13 ClusterIP None 5432/TCP 4m31s +service/galaxy-web-svc ClusterIP 10.43.17.192 24880/TCP 4m21s +service/galaxy-redis-svc ClusterIP 10.43.58.131 6379/TCP 4m7s +service/galaxy-api-svc ClusterIP 10.43.106.139 24817/TCP 3m52s +service/galaxy-content-svc ClusterIP 10.43.154.10 24816/TCP 3m41s NAME READY UP-TO-DATE AVAILABLE AGE -deployment.apps/pulp-operator-controller-manager 1/1 1 1 4m37s -deployment.apps/galaxy-redis 1/1 1 1 3m50s -deployment.apps/galaxy-content 1/1 1 1 3m37s -deployment.apps/galaxy-worker 1/1 1 1 3m36s -deployment.apps/galaxy-api 1/1 1 1 3m39s -deployment.apps/galaxy-web 1/1 1 1 3m48s -deployment.apps/galaxy-resource-manager 1/1 1 1 118s +deployment.apps/pulp-operator-controller-manager 1/1 1 1 5m4s +deployment.apps/galaxy-redis 1/1 1 1 4m5s +deployment.apps/galaxy-content 1/1 1 1 3m39s +deployment.apps/galaxy-worker 1/1 1 1 3m37s +deployment.apps/galaxy-api 1/1 1 1 3m43s +deployment.apps/galaxy-web 1/1 1 1 4m22s -NAME DESIRED CURRENT READY AGE -replicaset.apps/pulp-operator-controller-manager-9b8644f46 1 1 1 4m37s -replicaset.apps/galaxy-redis-65c899f464 1 1 1 3m50s -replicaset.apps/galaxy-content-76f68bb68f 1 1 1 3m37s -replicaset.apps/galaxy-worker-76c986fd54 1 1 1 3m36s -replicaset.apps/galaxy-api-76985868c8 1 1 1 3m39s -replicaset.apps/galaxy-web-67cc96d8d6 1 1 1 3m48s -replicaset.apps/galaxy-resource-manager-64dbf49746 1 1 1 118s +NAME DESIRED CURRENT READY AGE +replicaset.apps/pulp-operator-controller-manager-74d4f59ddb 1 1 1 5m4s +replicaset.apps/galaxy-redis-6f79b47f66 1 1 1 4m5s +replicaset.apps/galaxy-content-57fd45b97c 1 1 1 3m39s +replicaset.apps/galaxy-worker-6fcbd5ff47 1 1 1 3m37s +replicaset.apps/galaxy-api-5cf69c85d 1 1 1 3m43s +replicaset.apps/galaxy-web-5f7bc488fb 1 1 1 4m22s -NAME READY AGE -statefulset.apps/galaxy-postgres 1/1 3m53s +NAME READY AGE +statefulset.apps/galaxy-postgres-13 1/1 4m31s NAME CLASS HOSTS ADDRESS PORTS AGE -ingress.networking.k8s.io/galaxy-ingress galaxy.example.com 192.168.0.100 80, 443 3m50s +ingress.networking.k8s.io/galaxy-ingress galaxy.example.com 192.168.0.100 80, 443 4m19s NAME TYPE DATA AGE -secret/default-token-vsnlj kubernetes.io/service-account-token 3 4m37s -secret/pulp-operator-sa-token-smzj2 kubernetes.io/service-account-token 3 4m37s -secret/galaxy-admin-password Opaque 1 3m58s -secret/galaxy-postgres-configuration Opaque 6 3m58s -secret/galaxy-secret-tls kubernetes.io/tls 2 3m58s -secret/galaxy-server Opaque 1 3m44s -secret/galaxy-db-fields-encryption Opaque 1 3m41s +secret/default-token-lhlds kubernetes.io/service-account-token 3 5m4s +secret/pulp-operator-sa-token-45zqf kubernetes.io/service-account-token 3 5m4s +secret/galaxy-admin-password Opaque 1 4m48s +secret/galaxy-postgres-configuration Opaque 6 4m48s +secret/galaxy-secret-tls kubernetes.io/tls 2 4m48s +secret/redhat-operators-pull-secret Opaque 1 4m40s +secret/galaxy-server Opaque 1 4m3s +secret/galaxy-db-fields-encryption Opaque 1 3m54s +secret/galaxy-container-auth Opaque 2 3m47s ``` Now your AWX is available at `https://galaxy.example.com/` or the hostname you specified. You can log in to the GUI by user `admin` with password you specified in `pulp/kustomization.yaml`. @@ -475,7 +474,7 @@ ansible-galaxy collection build Then create `demo` namespace on Galaxy NG, and publish your collection. -Note that you can get appropriate URL for `--server` from `Collections` > `Namespaces` > `View collections` > `CLI Configuration` per collections. Your token is available at `Collections` > `API Token`. +Note that you can get appropriate URL for `--server` from `Collections` > `Namespaces` > `View collections` > `CLI Configuration` per collections. Your token is available at `Collections` > `API token management` > `Load token`. ```bash ansible-galaxy collection publish \ diff --git a/galaxy/pulp/galaxy.yaml b/galaxy/pulp/galaxy.yaml index d03b492..ca5f219 100644 --- a/galaxy/pulp/galaxy.yaml +++ b/galaxy/pulp/galaxy.yaml @@ -4,15 +4,15 @@ metadata: name: galaxy spec: # These parameters are designed for use with: - # - Pulp Operator: 0.8.0 - # https://github.com/pulp/pulp-operator/blob/0.8.0/README.md - # - Galaxy NG: 4.4.2 - # https://github.com/ansible/galaxy_ng/tree/4.4.2 + # - Pulp Operator: 0.11.0 + # https://github.com/pulp/pulp-operator/blob/0.11.0/README.md + # - Galaxy NG: 4.5.0 + # https://github.com/ansible/galaxy_ng/tree/4.5.0 image: quay.io/pulp/galaxy - image_version: 4.4.2 + image_version: 4.5.0 image_web: quay.io/pulp/galaxy-web - image_web_version: 4.4.2 + image_web_version: 4.5.0 admin_password_secret: galaxy-admin-password diff --git a/galaxy/pulp/kustomization.yaml b/galaxy/pulp/kustomization.yaml index 9f0c2a4..7f25015 100644 --- a/galaxy/pulp/kustomization.yaml +++ b/galaxy/pulp/kustomization.yaml @@ -16,7 +16,7 @@ secretGenerator: - name: galaxy-postgres-configuration type: Opaque literals: - - host=galaxy-postgres-svc + - host=galaxy-postgres-13 - port=5432 - database=galaxy - username=galaxy @@ -29,6 +29,5 @@ secretGenerator: - password=Galaxy123! resources: - - namespace.yaml - pv.yaml - galaxy.yaml diff --git a/galaxy/pulp/namespace.yaml b/galaxy/pulp/namespace.yaml deleted file mode 100644 index 9fe09cc..0000000 --- a/galaxy/pulp/namespace.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: galaxy diff --git a/restore/README.md b/restore/README.md index 76373c0..f9c9aca 100644 --- a/restore/README.md +++ b/restore/README.md @@ -112,9 +112,3 @@ $ kubectl -n awx get awxrestore NAME AGE awxrestore-2021-06-06 137m ``` - -Note that if you are using AWX Operator `0.12.0` or earlier, the Secret for TLS should be manually restored (or create newly using original certificate and key file). This step is not required for `0.13.0` or later. - -```bash -kubectl apply -f awx-secret-tls.yaml -``` diff --git a/restore/kustomization.yaml b/restore/kustomization.yaml index 92de4b6..9c4eff5 100644 --- a/restore/kustomization.yaml +++ b/restore/kustomization.yaml @@ -6,13 +6,6 @@ namespace: awx generatorOptions: disableNameSuffixHash: true -#secretGenerator: -# - name: awx-secret-tls -# type: kubernetes.io/tls -# files: -# - tls.crt -# - tls.key - resources: - pv.yaml - pvc.yaml diff --git a/runner/README.md b/runner/README.md index 5d4ac04..87be847 100644 --- a/runner/README.md +++ b/runner/README.md @@ -9,8 +9,8 @@ This repository includes ready-to-use files as an example to run Ansible Runner. - CentOS Stream 8 (Minimal) - Python 3.9 -- Docker 20.10.12 -- Ansible Runner 2.1.3 +- Docker 20.10.17 +- Ansible Runner 2.2.0 ## Install diff --git a/tips/README.md b/tips/README.md index 5c1cbc4..b6630c7 100644 --- a/tips/README.md +++ b/tips/README.md @@ -4,7 +4,7 @@ - [๐Ÿ“Trust custom Certificate Authority](trust-custom-ca.md) - [๐Ÿ“Expose `/etc/hosts` to Pods on K3s](expose-hosts.md) - [๐Ÿ“Redirect HTTP to HTTPS](https-redirection.md) -- [๐Ÿ“Add HTTP Proxy](add-http-proxy.md) +- [๐Ÿ“Use HTTP proxy](use-http-proxy.md) - [๐Ÿ“Uninstall deployed resouces](uninstall.md) - [๐Ÿ“Deploy older version of AWX Operator](deploy-older-operator.md) - [๐Ÿ“Upgrade AWX Operator and AWX](upgrade-operator.md) diff --git a/tips/add-http-proxy.md b/tips/add-http-proxy.md deleted file mode 100644 index 1014971..0000000 --- a/tips/add-http-proxy.md +++ /dev/null @@ -1,29 +0,0 @@ -# Add Proxy Settings for AWX containers - -If you are deploying AWX in a corporate environment, you may have no direct access to the internet, but need to go through a proxy way to achieve this is to add a section `extra_settings:` to awx.yaml. These settings will be available in the `Settings` -> `Jobs Settings` -> `Extra Environment Variables` block in the AWX UI. - -## Add Proxy Settings to base/awx.yaml -You need to specify your proxy settings in the section `extra_settings:` in `base/awx.yaml` like this: - -``` -extra_settings: | - - setting: AWX_TASK_ENV['HTTP_PROXY'] - value: "'http://proxy.example.com:3128'" - - setting: AWX_TASK_ENV['HTTPS_PROXY'] - value: "'http://proxy.example.com:3128'" - - setting: AWX_TASK_ENV['NO_PROXY'] - value: "'localhost,.example.com,127.0.0.1'" -``` - -You may have to adjust your settings to match your environment. - -## Deploy your changes -To activate your proxy settings you need to deploy your changes using `kubectl` like this: -``` -kubectl apply -k base -``` - -Now you need to wait some time until K3S has restarted all your pods. - -After logging in you can navigate to `Settings` -> `Jobs Settings` and find your proxy settings in the `Extra Environment Variables` block. - diff --git a/tips/troubleshooting.md b/tips/troubleshooting.md index d756269..4da83dc 100644 --- a/tips/troubleshooting.md +++ b/tips/troubleshooting.md @@ -153,7 +153,7 @@ Typical solutions are one of the following: ee_resource_requirements: {} ๐Ÿ‘ˆ๐Ÿ‘ˆ๐Ÿ‘ˆ ``` - - You can specify more specific value for each containers. Refer [official documentation](https://github.com/ansible/awx-operator/blob/0.21.0/README.md#containers-resource-requirements) for details. + - You can specify more specific value for each containers. Refer [official documentation](https://github.com/ansible/awx-operator/blob/0.22.0/README.md#containers-resource-requirements) for details. - In this way you can run AWX with fewer resources, but you may encounter performance issues. ### The Pod is `Pending` with "1 pod has unbound immediate PersistentVolumeClaims." event diff --git a/tips/use-http-proxy.md b/tips/use-http-proxy.md new file mode 100644 index 0000000..60e2c12 --- /dev/null +++ b/tips/use-http-proxy.md @@ -0,0 +1,94 @@ + +# Configure AWX to use HTTP proxy + +If you are deploying AWX in a corporate environment, you may have no direct access to the internet, but need to go through a proxy way. To achieve this, adding proxy settings to both K3s and AWX is required. + + +## Table of Contents + +- [Add proxy settings to K3s](#add-proxy-settings-to-k3s) +- [Add proxy settings to AWX](#add-proxy-settings-to-awx) + - [Add proxy settings to AWX by AWX UI](#add-proxy-settings-to-awx-by-awx-ui) + - [Add Proxy Settings to AWX by AWX Operator](#add-proxy-settings-to-awx-by-awx-operator) + +## Add proxy settings to K3s + +The proxy settings for K3s is used to pull container images from the internet. + +If you have exported the environment variables for your proxy like `HTTP_PROXY` before installation of K3s, the installation script detected them and store your environment variables to `/etc/systemd/system/k3s.service.env`. + +Ensure your `/etc/systemd/system/k3s.service.env` has correct environment variables. + +```bash +sudo cat /etc/systemd/system/k3s.service.env +``` + +If your `/etc/systemd/system/k3s.service.env` already has correct envirnment variables for your proxy, there is nothing to do for your K3s. + +If not, export environment variables and re-run installation script, + +```bash +export HTTP_PROXY=http://proxy.example.com:3128 +export HTTPS_PROXY=http://proxy.example.com:3128 +export NO_PROXY=127.0.0.1,localhost,.example.com +curl -sfL https://get.k3s.io | sh -s - --write-kubeconfig-mode 644 +``` + +or, add environment variables to `/etc/systemd/system/k3s.service.env` and restart your K3s. + +```bash +sudo tee -a /etc/systemd/system/k3s.service.env < `Jobs settings` page in the AWX UI and modify `Extra Environment Variables` block in JSON format. + +```json +{ + "HTTPS_PROXY": "http://proxy.example.com:3128", + "HTTP_PROXY": "http://proxy.example.com:3128", + "NO_PROXY": "127.0.0.1,localhost,.example.com" +} +``` + +### Add Proxy Settings to AWX by AWX Operator + +Specify your proxy settings in the section `extra_settings:` in `base/awx.yaml` like this: + +```yaml +... +spec: + ... + extra_settings: ๐Ÿ‘ˆ๐Ÿ‘ˆ๐Ÿ‘ˆ + - setting: AWX_TASK_ENV['HTTP_PROXY'] ๐Ÿ‘ˆ๐Ÿ‘ˆ๐Ÿ‘ˆ + value: "'http://proxy.example.com:3128'" ๐Ÿ‘ˆ๐Ÿ‘ˆ๐Ÿ‘ˆ + - setting: AWX_TASK_ENV['HTTPS_PROXY'] ๐Ÿ‘ˆ๐Ÿ‘ˆ๐Ÿ‘ˆ + value: "'http://proxy.example.com:3128'" ๐Ÿ‘ˆ๐Ÿ‘ˆ๐Ÿ‘ˆ + - setting: AWX_TASK_ENV['NO_PROXY'] ๐Ÿ‘ˆ๐Ÿ‘ˆ๐Ÿ‘ˆ + value: "'127.0.0.1,localhost,.example.com'" ๐Ÿ‘ˆ๐Ÿ‘ˆ๐Ÿ‘ˆ +``` + +Note that the `value` have to be wrapped in single quotes and then double quotes as shown above. + +To activate your proxy settings you need to deploy your changes using `kubectl` like this: + +```bash +kubectl apply -k base +``` + +Now you need to wait some time until K3S has restarted all your pods. + +After logging in you can navigate to `Settings` > `Jobs settings` in the AWX UI and find your proxy settings in the `Extra Environment Variables` block. But note that you will not be able to edit the setting via Web UI once the configuration has passed through AWX Operator. If you want to modify your configuration, use AWX Operator again. diff --git a/tips/version-mapping.md b/tips/version-mapping.md index 5f47432..fe83121 100644 --- a/tips/version-mapping.md +++ b/tips/version-mapping.md @@ -10,6 +10,7 @@ The table below maps the AWX Operator versions and bundled AWX versions. | AWX Operator | AWX | | - | - | +| 0.22.0 | 21.1.0 | | 0.21.0 | 21.0.0 | | 0.20.2 | 21.0.0 | | 0.20.1 | 21.0.0 |