Install AWX on Centos/RedHat 8 offline with Minikube
Are you suffering to install the software to your devices due to your company tight policies?
If your answer is yes, then hopefully this article and installation step can help you escape from the nightmare.
Pre-requisite:
1. A RedHat 8/Centos 8 VM or bare-metal machine which is installed with docker. The server should have internet access to pull the AWX images for docker saveto create the container image.
2. Docker binary. Can be downloaded from your Windows/Linux machine via https://download.docker.com/linux/static/stable/
3. Minikube binary. Can be downloaded from your Windows/Linux machine via https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64
4. Kubectl binary. Can be downloaded from your Windows/Linux machine via https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/
(I am using v1.20.2 and the download link is curl -LO “https://dl.k8s.io/release/v1.20.2/bin/linux/amd64/kubectl")
5. AWX operator yaml file. Can be downloaded using your Windows/Linux device from the link provided in Github https://github.com/ansible/awx-operator
(I am using TAG 0.10.0 and the download link is something like https://raw.githubusercontent.com/ansible/awx-operator/0.10.0/deploy/awx-operator.yaml)
Let’s start our installation!
- Install docker:
#untar the downloaded docker binaries
$ tar xvf docker-20.10.7.tar
$ sudo cp docker/* /usr/bin/#start dockerd to verify the installation is working
$ sudo dockerd &#load and run hello-world container to verify the docker is running
$ sudo docker load < hello-world:latest.tar
$ sudo docker run hello-worldHello from Docker!
This message shows that your installation appears to be working correctly.
If Docker installed successfully, you should see the Hello from Docker! message after issuing the docker run command.
2. To run Docker without sudo
$ sudo groupadd docker
$ sudo usermod -aG docker $USER
$ newgrp docker3. Configure the systemctlto start docker automatically:
I am taking shortcut by copy out the below files from my device with docker installed and copy them to the correct path in the target device. After creating the file, systemctl enable <service name> to enable docker.service and containerd.service start automatically after device power up/restart.
$ sudo vi /etc/systemd/system/docker.service
$ sudo vi /etc/systemd/system/containerd.service
$ sudo vi /usr/lib/systemd/system/docker.socket$ sudo systemctl enable docker.service
$ sudo systemctl enable containerd.service$ sudo reboot
After reboot the device, the services will start automatically and you can run docker without sudo anymore
$ docker run hello-worldHello from Docker!
This message shows that your installation appears to be working correctly.
4. Install Minikube:
The minikube binary should be downloaded and copy to your device before executing the steps below.
$ sudo install minikube-linux-amd64 /usr/local/bin/minikubeExecute the dry run command to create the necessary directory for the installation.
$ minikube start --dry-runDue to the target devices has no internet access, we have to prepare the container image first and copy them to the device. You should able to get the kic and preloaded-image tarball from your device with internet access.
$ cd ~/.minikube/cache#For base image
$ mkdir kic
$ cp /your/path/kicbase_v0.0.22\@sha256_7cc3a3cb6e51c628d8ede157ad9e1f797e8d22a1b3cedc12d3f1999cb52f962e.tar kic/#For preloaded-image tarball
$ mkdir preloaded-tarball/
$ cp /your/path/preloaded-images-k8s-v10-v1.20.2-docker-overlay2-amd64.tar.lz4 preloaded-tarball/
$ cp /your/path/preloaded-images-k8s-v10-v1.20.2-docker-overlay2-amd64.tar.lz4.checksum preloaded-tarball/
Load the Docker image to the minikube image:
- Minikube base image : kicbase_v0.0.22\@sha256_7cc3a3cb6e51c628d8ede157ad9e1f797e8d22a1b3cedc12d3f1999cb52f962e.tar
- kube-webhook-certgen_v1.5.1.tar
- NGINX ingress controller:- controller:v0.44.0.tar
- Flannel plugin:- flannel:v0.12.0-amd64.tar
$ eval $(minikube docker-env)
$ docker load < ~/.minikube/cache/kic/kicbase_v0.0.22\@sha256_7cc3a3cb6e51c628d8ede157ad9e1f797e8d22a1b3cedc12d3f1999cb52f962e.tar
$ docker load < /your/path/kube-webhook-certgen_v1.5.1.tar
$ docker load < /your/path/controller\:v0.44.0.tar
$ docker load < /your/path/flannel\:v0.12.0-amd64.tar#To verify the image loaded
$ docker image ls#This command is from Github AWX installation
$ minikube start --addons=ingress --cpus=4 --cni=flannel --install-addons=true \
--kubernetes-version=stable --memory=6g --base-image='gcr.io/k8s-minikube/kicbase:v0.0.22'#Wait for the Minikube to complete ...
#Install the kubectl so we can run kubectl command.
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl#Now you can check your pods status using kubectl command
kubectl get pod -A
We are almost done!
if you found the flannel port stuck at Init:ErrImagePull, then use the above way to load your flanner docker image again.
5. Install AWX:
For AWX installation, I am referring the Github installation procedure usnig awx-operator from https://github.com/ansible/awx-operator
- AWX version 19.2.0
- TAG: 0.10.0
#To load the saved docker image of AWX
$ eval $(minikube docker-env)
$ docker load /your/path/awx:19.2.0.tar
$ docker load /your/path/awx-operator:0.10.0.tar
$ docker load /your/path/redis:latest.tar
$ docker load /your/path/awx-ee:0.3.0.tar
$ docker load /your/path/postgres:12.tar#Changing the image pull policy in the awx-operator.yaml
$ sed 's/imagePullPolicy: "Always"/#imagePullPolicy: "Always"/' awx-operator.yaml > awx-operator-2.yaml#Create the awx-demo.yaml to use the persistent storage for project folder and nodeport service.
$ vi awx-demo.yaml
---
apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
name: awx-demo
spec:
service_type: nodeport
ingress_type: none
hostname: awx-demo.example.com
projects_persistence: true
projects_existing_claim: awx-pvc#Create the PV/PVC as persistence storage
#Create the pvc yaml file.
$ vi awx-pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: awx-pvc #This is the name of pv/pvc, can be changed
namespace: default
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 8Gi #This can be changed based on your requirement.# Create the PVC using the "kubectl create -f" command
# PV will be created automatically and bound to the PVC
$ kubectl create -f awx-pvc.yaml# To check the PV and PVC using "kubectl" command
$ kubectl get pvc,pv#Create the pods/service using the YAML file now
$ kubectl create -f awx-operator-2.yaml
$ kubectl create -f awx-demo.yaml#Check the pods are up (below is the sample)
$ kubectl get pod
NAME READY STATUS RESTARTS AGE
awx-demo-57c8bb4484-2c5m5 4/4 Running 0 3m7s
awx-demo-postgres-0 1/1 Running 0 3m20s
awx-operator-5dd757f594-xwsnk 1/1 Running 4 24h
6. Access the AWX portal:
After all the pods are up, we can run the port-forward command to forward our http request to the AWX service. You can write your own systemctl script for the port-forward start automatically every time the device restarted.
# You can change 30080 to the port you like.
$ kubectl port-forward service/awx-demo-service 30080:80 --address=0.0.0.0&Now, you can access your AWX portal via http://<you ip address>:30080
To get the default admin password:
$ kubectl get secrets awx-demo-admin-password -oyaml | grep " password: " | sed 's/ password: //' | base64 -dYeah!
Hopefully this is useful and good luck to your installation!
