Ansible管理平台AWX的部署 https://www.sujx.net/2023/09/17/Kubernetes-K3s/index.html
(含 docker.io,gcr.io,registry.k8s.io mirror 配置)
一、K3S 环境
mirror 加速配置
cat > /etc/rancher/k3s/registries.yaml <<EOF
mirrors:
docker.io:
endpoint:
- "https://registry.cn-hangzhou.aliyuncs.com/"
quay.io:
endpoint:
- "https://quay.tencentcloudcr.com/"
registry.k8s.io:
endpoint:
- "https://registry.aliyuncs.com/v2/google_containers"
gcr.io:
endpoint:
- "https://gcr.m.daocloud.io/"
k8s.gcr.io:
endpoint:
- "https://registry.aliyuncs.com/google_containers"
ghcr.io:
endpoint:
- "https://ghcr.m.daocloud.io/"
EOF
二、源码准备
[root@VM-201-12-centos ~]# git clone https://github.com/ansible/awx-operator.git
[root@VM-201-12-centos ~]# cd awx-operator/
[root@VM-201-12-centos awx-operator]# git branch
* devel
[root@VM-201-12-centos awx-operator]# git checkout tags/2.12.2
Note: switching to 'tags/2.12.2'.
You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by switching back to a branch.
If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -c with the switch command. Example:
git switch -c <new-branch-name>
Or undo this operation with:
git switch -
Turn off this advice by setting config variable advice.detachedHead to false
HEAD is now at 630a5ee Fix bug where uppercase Route fails (#1731)
[root@VM-201-12-centos awx-operator]# git branch
* (HEAD detached at 2.12.2)
devel
可以使用
git tag查看所有 tag 信息
三、部署 awx-operator
[root@VM-201-12-centos awx-operator]# make deploy
namespace/awx created
customresourcedefinition.apiextensions.k8s.io/awxbackups.awx.ansible.com created
customresourcedefinition.apiextensions.k8s.io/awxmeshingresses.awx.ansible.com created
customresourcedefinition.apiextensions.k8s.io/awxrestores.awx.ansible.com created
customresourcedefinition.apiextensions.k8s.io/awxs.awx.ansible.com created
serviceaccount/awx-operator-controller-manager created
role.rbac.authorization.k8s.io/awx-operator-awx-manager-role created
role.rbac.authorization.k8s.io/awx-operator-leader-election-role created
clusterrole.rbac.authorization.k8s.io/awx-operator-metrics-reader created
clusterrole.rbac.authorization.k8s.io/awx-operator-proxy-role created
rolebinding.rbac.authorization.k8s.io/awx-operator-awx-manager-rolebinding created
rolebinding.rbac.authorization.k8s.io/awx-operator-leader-election-rolebinding created
clusterrolebinding.rbac.authorization.k8s.io/awx-operator-proxy-rolebinding created
configmap/awx-operator-awx-manager-config created
service/awx-operator-controller-manager-metrics-service created
deployment.apps/awx-operator-controller-manager created
[root@VM-201-12-centos awx-operator]# kubectl get pods --namespace awx
NAME READY STATUS RESTARTS AGE
awx-operator-controller-manager-589cdd869b-k57p4 2/2 Running 0 139m
[root@VM-201-12-centos awx-operator]# kubectl config set-context --current --namespace=awx
Context "default" modified.
[root@VM-201-12-centos awx-operator]# kubectl get pods
NAME READY STATUS RESTARTS AGE
awx-operator-controller-manager-589cdd869b-k57p4 2/2 Running 0 140m
四、默认部署 (awx-demo)
在同目录创建文件 awx-demo.yml(默认有的),如下:
---
apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
name: awx-demo
spec:
service_type: nodeport
自定义需要添加到文件 kustomization.yaml,如下
...
resources:
- github.com/ansible/awx-operator/config/default?ref=<tag>
# Add this extra line:
- awx-demo.yml
...
部署
[root@VM-201-12-centos awx-operator]# kubectl apply -k .
error: unable to find one of 'kustomization.yaml', 'kustomization.yml' or 'Kustomization' in directory '/root/awx-operator'
创建 kustomization.yaml 如下
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
# Find the latest tag here: https://github.com/ansible/awx-operator/releases
- github.com/ansible/awx-operator/config/default?ref=2.12.2
# Add this extra line:
- awx-demo.yml
# Set the image tags to match the git version from above
images:
- name: quay.io/ansible/awx-operator
newTag: 2.12.2
# Specify a custom namespace in which to install AWX
namespace: awx
[root@VM-201-12-centos awx-operator]# kubectl apply -k .
...
awx.awx.ansible.com/awx-demo created
慢慢等
[root@VM-201-12-centos ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
awx-demo-postgres-13-0 1/1 Running 0 4h48m
awx-demo-task-6bd48c549d-rcdbm 4/4 Running 0 4h47m
awx-demo-web-869bf8d66d-swc82 3/3 Running 0 4h45m
awx-operator-controller-manager-589cdd869b-k57p4 2/2 Running 1 (4h38m ago) 7h15m
[root@VM-201-12-centos ~]# kubectl get pods -l "app.kubernetes.io/managed-by=awx-operator"
NAME READY STATUS RESTARTS AGE
awx-demo-postgres-13-0 1/1 Running 0 4h50m
awx-demo-task-6bd48c549d-rcdbm 4/4 Running 0 4h49m
awx-demo-web-869bf8d66d-swc82 3/3 Running 0 4h46m
[root@VM-201-12-centos ~]# kubectl get svc -l "app.kubernetes.io/managed-by=awx-operator"
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
awx-demo-postgres-13 ClusterIP None <none> 5432/TCP 4h50m
awx-demo-service NodePort 10.43.125.17 <none> 80:31664/TCP 4h49m
五、自定义部署 (外联pgsql)
1. 创建 pgsql
CREATE USER awx WITH PASSWORD 'awx';
CREATE DATABASE awx OWNER awx;
2. 创建 pgsql 的 secret
pg-secret.yaml 如下
---
apiVersion: v1
kind: Secret
metadata:
name: sitawx-postgres-configuration
namespace: awx
stringData:
host: "10.41.98.124"
port: "5432"
database: awx
username: awx
password: awx
sslmode: prefer
type: unmanaged
type: Opaque
[root@VM-201-31-centos awx-operator]# kubectl apply -f pg-secret.yaml
secret/sitawx-postgres-configuration created
[root@VM-201-31-centos awx-operator]#
[root@VM-201-31-centos awx-operator]# kubectl get secrets
NAME TYPE DATA AGE
sitawx-postgres-configuration Opaque 7 10s
3. 创建 aws-sit.yaml
---
apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
name: awx-sit
spec:
service_type: nodeport
postgres_configuration_secret: sitawx-postgres-configuration
4. 修改 kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
# Find the latest tag here: https://github.com/ansible/awx-operator/releases
#- github.com/ansible/awx-operator/config/default?ref=2.15.0
- ./config/default
# Add this extra line:
- awx-sit.yml
# Set the image tags to match the git version from above
images:
- name: quay.io/ansible/awx-operator
newTag: 2.15.0
# Specify a custom namespace in which to install AWX
namespace: awx
5. 部署 awx
[root@VM-201-31-centos awx-operator]# kubectl apply -k .
namespace/awx unchanged
...
awx.awx.ansible.com/awx-sit created
[root@VM-201-31-centos awx-operator]# kubectl get pods
NAME READY STATUS RESTARTS AGE
awx-operator-controller-manager-9874d5cfc-hhqql 2/2 Running 0 26m
awx-sit-web-869b5fcbb8-96ts9 3/3 Running 0 16m
awx-sit-migration-24.2.0-hjt6h 0/1 Completed 0 16m
awx-sit-task-dd9dcb5fc-d6kwb 4/4 Running 0 16m
六、卸载
[root@VM-201-31-centos awx-operator]# kubectl delete awx awx-sit
awx.awx.ansible.com "awx-sit" deleted
[root@VM-201-31-centos awx-operator]# kubectl get pods
NAME READY STATUS RESTARTS AGE
awx-operator-controller-manager-9874d5cfc-7kj5s 2/2 Running 0 89m
awx-sit-web-75895b8f88-84cd4 3/3 Terminating 0 58m
...
[root@VM-201-31-centos awx-operator]# kubectl get pods
NAME READY STATUS RESTARTS AGE
awx-operator-controller-manager-9874d5cfc-7kj5s 2/2 Running 0 90m
[root@VM-201-31-centos awx-operator]# kubectl get deployments
NAME READY UP-TO-DATE AVAILABLE AGE
awx-operator-controller-manager 1/1 1 1 90m
七、访问
获取密码
[root@VM-201-12-centos ~]# kubectl get secret awx-demo-admin-password -o jsonpath="{.data.password}" | base64 --decode ; echo
Z4SEZLrZnDqjsHpWJqfNQYF7b6llT1Tp
[root@VM-201-31-centos awx-operator]# kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
awx-operator-controller-manager-metrics-service ClusterIP 10.43.73.225 <none> 8443/TCP 36m
awx-sit-service NodePort 10.43.7.169 <none> 80:30791/TCP 26m
URL
http://k3s_worknode_ip:port
k3s_worknode_ip 为 POD 所在 node ip
port 通过 kubectl get service 查找,如上为 30791
网友评论