AWX部署

awx

awx是红帽Ansible Tower的开源版本,他的功能是可以使用web界面来操作ansible

操作系统使用openEuler 22.03

这里是在k8s上部署的,需要使用动态制备pvc,因为他有一个数据库需要使用存储

1. 部署awx

1.1 克隆仓库

[root@master ~]# git clone https://gitee.com/yftyxa/awx-operator.git
[root@master ~]# cd awx-operator/config/default/
[root@master default]# ls
awx-demo.yaml kustomization.yaml manager_auth_proxy_patch.yaml manager_config_patch.yaml

在这里会有4个yaml文件,但是你如果打开看的话,是跟我们日常编写的yaml格式是不一样的,我们现在需要通过这些文件来生成原始的yaml

1.2 生成yaml

我们可以使用kubectl kustomize这个命令来生成yaml

但是有一点需要注意,这里需要指定的是一个目录,而不是一个文件

# 我们可以创建一个目录来存放生成过后的yaml,别都放在这搞混了
[root@master default]# mkdir deploy
[root@master default]# cd deploy/
[root@master default]# kubectl kustomize ../
[root@master deploy]# kubectl kustomize ../ > awx-operator.yaml

1.3 部署operator

[root@master deploy]# kubectl apply -f awx-operator.yaml
namespace/awx created
customresourcedefinition.apiextensions.k8s.io/awxbackups.awx.ansible.com created
customresourcedefinition.apiextensions.k8s.io/awxrestores.awx.ansible.com created
customresourcedefinition.apiextensions.k8s.io/awxs.awx.ansible.com created
serviceaccount/awx-operator-controller-manager created
role.rbac.authorization.k8s.io/awx-operator-awx-manager-role created
role.rbac.authorization.k8s.io/awx-operator-leader-election-role created
clusterrole.rbac.authorization.k8s.io/awx-operator-metrics-reader created
clusterrole.rbac.authorization.k8s.io/awx-operator-proxy-role created
rolebinding.rbac.authorization.k8s.io/awx-operator-awx-manager-rolebinding created
rolebinding.rbac.authorization.k8s.io/awx-operator-leader-election-rolebinding created
clusterrolebinding.rbac.authorization.k8s.io/awx-operator-proxy-rolebinding created
configmap/awx-operator-awx-manager-config created
service/awx-operator-controller-manager-metrics-service created
deployment.apps/awx-operator-controller-manager created
error: unable to recognize "awx-operator.yaml": no matches for kind "AWX" in version "awx.ansible.com/v1beta1"

这里会有一个报错,如果你也遇到了不用管他,再执行一遍这个文件

[root@master deploy]# kubectl apply -f awx-operator.yaml
namespace/awx created
customresourcedefinition.apiextensions.k8s.io/awxbackups.awx.ansible.com created
customresourcedefinition.apiextensions.k8s.io/awxrestores.awx.ansible.com created
customresourcedefinition.apiextensions.k8s.io/awxs.awx.ansible.com created
serviceaccount/awx-operator-controller-manager created
role.rbac.authorization.k8s.io/awx-operator-awx-manager-role created
role.rbac.authorization.k8s.io/awx-operator-leader-election-role created
clusterrole.rbac.authorization.k8s.io/awx-operator-metrics-reader created
clusterrole.rbac.authorization.k8s.io/awx-operator-proxy-role created
rolebinding.rbac.authorization.k8s.io/awx-operator-awx-manager-rolebinding created
rolebinding.rbac.authorization.k8s.io/awx-operator-leader-election-rolebinding created
clusterrolebinding.rbac.authorization.k8s.io/awx-operator-proxy-rolebinding created
configmap/awx-operator-awx-manager-config created
service/awx-operator-controller-manager-metrics-service created
deployment.apps/awx-operator-controller-manager created
awx.awx.ansible.com/awx-operator-awx-demo created

再执行一遍就没有报错了

1.4 查看pod

[root@master deploy]# kubectl get pods -n awx
NAME READY STATUS RESTARTS AGE
awx-operator-awx-demo-postgres-13-0 1/1 Running 0 6m11s
awx-operator-awx-demo-task-6d4ff878ff-txb78 4/4 Running 0 5m21s
awx-operator-awx-demo-web-cb9cc8f9c-lkphd 3/3 Running 0 3m30s
awx-operator-controller-manager-85d95854c9-vqf4s 2/2 Running 0 6m27s

如果你在这个过程中出现了pending,一下pending的原因,很大可能是因为pvc的缘故

1.5 修改镜像地址

注意!!!

回到上一级目录,也就是default目录,这里面如果存在awx-demo.yaml这个文件的话就直接修改,不存在的话就创建

因为dockerhub现在国内访问不了,所以他的数据库镜像包括redis的镜像都是拉不到的,我们需要对镜像进行修改

[root@master deploy]# vim awx-demo.yaml
---
apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
name: awx-demo
namespace: awx
spec:
service_type: nodeport
postgres_image: swr.cn-east-3.myhuaweicloud.com/hcie_openeuler/postgres
postgres_version: "13"
redis_image: swr.cn-east-3.myhuaweicloud.com/hcie_openeuler/redis
redis_version: "7"

然后apply这个文件

[root@master deploy]# kubectl apply -f awx-demo.yaml

执行这个文件之后,等待一会然后去查看pod

[root@master deploy]# kubectl get pods -n awx
NAME READY STATUS RESTARTS AGE
awx-demo-postgres-13-0 1/1 Running 0 7m28s
awx-demo-task-6fc456bbbd-9jcv9 4/4 Running 0 7m2s
awx-demo-web-7f78447cd-74hkw 3/3 Running 0 6m55s
awx-operator-awx-demo-postgres-13-0 1/1 Running 0 17m
awx-operator-awx-demo-task-6d4ff878ff-txb78 4/4 Running 0 16m
awx-operator-awx-demo-web-cb9cc8f9c-lkphd 3/3 Running 0 14m
awx-operator-controller-manager-85d95854c9-vqf4s 2/2 Running 0 17m

这里就会有这么多的pod全都是running了,那么部署就完成了

2. 登录awx

2.1 查看端口

[root@master default]# kubectl get svc -n awx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
awx-operator-awx-demo-postgres-13 ClusterIP None <none> 5432/TCP 34m
awx-operator-awx-demo-service NodePort 10.109.223.144 <none> 80:30080/TCP 34m
awx-operator-controller-manager-metrics-service ClusterIP 10.108.166.93 <none> 8443/TCP 35m

  • 默认账号是admin

2.2 查看默认密码

默认密码是在awx命名空间下有一个secret

[root@master deploy]# kubectl get secrets -n awx |grep admin
awx-operator-awx-demo-admin-password Opaque

会有一个这个secret,我们将数据拿出来就好了

[root@master deploy]# kubectl get secrets -n awx awx-operator-awx-demo-admin-password -o yaml |head -5
apiVersion: v1
data:
password: YlhMR3VtSkxHYkN6d1ZiUHhVZkVpVEp1TmJaa2N6OHc=
kind: Secret
metadata:

这里有一个password,注意这个password是base64加密过后的,我们还需要解密

[root@master deploy]# echo YlhMR3VtSkxHYkN6d1ZiUHhVZkVpVEp1TmJaa2N6OHc= |base64 -d
bXLGumJLGbCzwVbPxUfEiTJuNbZkcz8w

他输出的这一段就是密码了

登录进来之后就是这样的了

posted @   FuShudi  阅读(451)  评论(0编辑  收藏  举报
相关博文:
阅读排行:
· 全程不用写代码,我用AI程序员写了一个飞机大战
· MongoDB 8.0这个新功能碉堡了,比商业数据库还牛
· 记一次.NET内存居高不下排查解决与启示
· DeepSeek 开源周回顾「GitHub 热点速览」
· 白话解读 Dapr 1.15:你的「微服务管家」又秀新绝活了
点击右上角即可分享
微信分享提示