AWX部署
awx
awx是红帽Ansible Tower的开源版本,他的功能是可以使用web界面来操作ansible
操作系统使用openEuler 22.03
这里是在k8s上部署的,需要使用动态制备pvc,因为他有一个数据库需要使用存储
1. 部署awx
1.1 克隆仓库
[root@master ~]# git clone https://gitee.com/yftyxa/awx-operator.git
[root@master ~]# cd awx-operator/config/default/
[root@master default]# ls
awx-demo.yaml kustomization.yaml manager_auth_proxy_patch.yaml manager_config_patch.yaml
在这里会有4个yaml文件,但是你如果打开看的话,是跟我们日常编写的yaml格式是不一样的,我们现在需要通过这些文件来生成原始的yaml
1.2 生成yaml
我们可以使用kubectl kustomize这个命令来生成yaml
但是有一点需要注意,这里需要指定的是一个目录,而不是一个文件
# 我们可以创建一个目录来存放生成过后的yaml,别都放在这搞混了
[root@master default]# mkdir deploy
[root@master default]# cd deploy/
[root@master default]# kubectl kustomize ../
[root@master deploy]# kubectl kustomize ../ > awx-operator.yaml
1.3 部署operator
[root@master deploy]# kubectl apply -f awx-operator.yaml
namespace/awx created
customresourcedefinition.apiextensions.k8s.io/awxbackups.awx.ansible.com created
customresourcedefinition.apiextensions.k8s.io/awxrestores.awx.ansible.com created
customresourcedefinition.apiextensions.k8s.io/awxs.awx.ansible.com created
serviceaccount/awx-operator-controller-manager created
role.rbac.authorization.k8s.io/awx-operator-awx-manager-role created
role.rbac.authorization.k8s.io/awx-operator-leader-election-role created
clusterrole.rbac.authorization.k8s.io/awx-operator-metrics-reader created
clusterrole.rbac.authorization.k8s.io/awx-operator-proxy-role created
rolebinding.rbac.authorization.k8s.io/awx-operator-awx-manager-rolebinding created
rolebinding.rbac.authorization.k8s.io/awx-operator-leader-election-rolebinding created
clusterrolebinding.rbac.authorization.k8s.io/awx-operator-proxy-rolebinding created
configmap/awx-operator-awx-manager-config created
service/awx-operator-controller-manager-metrics-service created
deployment.apps/awx-operator-controller-manager created
error: unable to recognize "awx-operator.yaml": no matches for kind "AWX" in version "awx.ansible.com/v1beta1"
这里会有一个报错,如果你也遇到了不用管他,再执行一遍这个文件
[root@master deploy]# kubectl apply -f awx-operator.yaml
namespace/awx created
customresourcedefinition.apiextensions.k8s.io/awxbackups.awx.ansible.com created
customresourcedefinition.apiextensions.k8s.io/awxrestores.awx.ansible.com created
customresourcedefinition.apiextensions.k8s.io/awxs.awx.ansible.com created
serviceaccount/awx-operator-controller-manager created
role.rbac.authorization.k8s.io/awx-operator-awx-manager-role created
role.rbac.authorization.k8s.io/awx-operator-leader-election-role created
clusterrole.rbac.authorization.k8s.io/awx-operator-metrics-reader created
clusterrole.rbac.authorization.k8s.io/awx-operator-proxy-role created
rolebinding.rbac.authorization.k8s.io/awx-operator-awx-manager-rolebinding created
rolebinding.rbac.authorization.k8s.io/awx-operator-leader-election-rolebinding created
clusterrolebinding.rbac.authorization.k8s.io/awx-operator-proxy-rolebinding created
configmap/awx-operator-awx-manager-config created
service/awx-operator-controller-manager-metrics-service created
deployment.apps/awx-operator-controller-manager created
awx.awx.ansible.com/awx-operator-awx-demo created
再执行一遍就没有报错了
1.4 查看pod
[root@master deploy]# kubectl get pods -n awx
NAME READY STATUS RESTARTS AGE
awx-operator-awx-demo-postgres-13-0 1/1 Running 0 6m11s
awx-operator-awx-demo-task-6d4ff878ff-txb78 4/4 Running 0 5m21s
awx-operator-awx-demo-web-cb9cc8f9c-lkphd 3/3 Running 0 3m30s
awx-operator-controller-manager-85d95854c9-vqf4s 2/2 Running 0 6m27s
如果你在这个过程中出现了pending,一下pending的原因,很大可能是因为pvc的缘故
1.5 修改镜像地址
注意!!!
回到上一级目录,也就是default目录,这里面如果存在awx-demo.yaml这个文件的话就直接修改,不存在的话就创建
因为dockerhub现在国内访问不了,所以他的数据库镜像包括redis的镜像都是拉不到的,我们需要对镜像进行修改
[root@master deploy]# vim awx-demo.yaml
---
apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
name: awx-demo
namespace: awx
spec:
service_type: nodeport
postgres_image: swr.cn-east-3.myhuaweicloud.com/hcie_openeuler/postgres
postgres_version: "13"
redis_image: swr.cn-east-3.myhuaweicloud.com/hcie_openeuler/redis
redis_version: "7"
然后apply这个文件
[root@master deploy]# kubectl apply -f awx-demo.yaml
执行这个文件之后,等待一会然后去查看pod
[root@master deploy]# kubectl get pods -n awx
NAME READY STATUS RESTARTS AGE
awx-demo-postgres-13-0 1/1 Running 0 7m28s
awx-demo-task-6fc456bbbd-9jcv9 4/4 Running 0 7m2s
awx-demo-web-7f78447cd-74hkw 3/3 Running 0 6m55s
awx-operator-awx-demo-postgres-13-0 1/1 Running 0 17m
awx-operator-awx-demo-task-6d4ff878ff-txb78 4/4 Running 0 16m
awx-operator-awx-demo-web-cb9cc8f9c-lkphd 3/3 Running 0 14m
awx-operator-controller-manager-85d95854c9-vqf4s 2/2 Running 0 17m
这里就会有这么多的pod全都是running了,那么部署就完成了
2. 登录awx
2.1 查看端口
[root@master default]# kubectl get svc -n awx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
awx-operator-awx-demo-postgres-13 ClusterIP None <none> 5432/TCP 34m
awx-operator-awx-demo-service NodePort 10.109.223.144 <none> 80:30080/TCP 34m
awx-operator-controller-manager-metrics-service ClusterIP 10.108.166.93 <none> 8443/TCP 35m
- 默认账号是admin
2.2 查看默认密码
默认密码是在awx命名空间下有一个secret
[root@master deploy]# kubectl get secrets -n awx |grep admin
awx-operator-awx-demo-admin-password Opaque
会有一个这个secret,我们将数据拿出来就好了
[root@master deploy]# kubectl get secrets -n awx awx-operator-awx-demo-admin-password -o yaml |head -5
apiVersion: v1
data:
password: YlhMR3VtSkxHYkN6d1ZiUHhVZkVpVEp1TmJaa2N6OHc=
kind: Secret
metadata:
这里有一个password,注意这个password是base64加密过后的,我们还需要解密
[root@master deploy]# echo YlhMR3VtSkxHYkN6d1ZiUHhVZkVpVEp1TmJaa2N6OHc= |base64 -d
bXLGumJLGbCzwVbPxUfEiTJuNbZkcz8w
他输出的这一段就是密码了
登录进来之后就是这样的了
本文来自博客园,作者:FuShudi,转载请注明原文链接:https://www.cnblogs.com/fsdstudy/p/18261190
