This playbook spawns a ready-to-use AWX system on K3S, on a Debian 11 or Ubuntu 22.04 host. AWX is a tool that can be used to manage multiple servers with Ansible.
License: MIT License
Bit of a strange one, $ borg init just takes forever (it didn't time out after 12 hours!).
- name: Perform borg init on backup server
delegate_to: '{{ backup_server_ip }}'
#become: yes
#become_user: borg
command: |
runuser -u borg -- borg init --encryption=repokey {{ backup_directory }}
args:
creates: '{{ backup_directory }}nonce'
Here's it timing out:
TASK [awx-custom-config : Perform borg init on backup server] ****************************************************************************************
^C [ERROR]: User interrupted execution
when running again it then fails, registering as a borg repo without having a noonce file:
TASK [awx-custom-config : Perform borg init on backup server] ****************************************************************************************
fatal: [awx3.vacatejaws.xyz -> 178.128.109.124]: FAILED! => {"changed": true, "cmd": ["runuser", "-u", "borg", "--", "borg", "init", "--encryption=repokey", "/home/borg/AWX/"], "delta": "0:00:00.469025", "end": "2022-12-17 22:20:28.402484", "msg": "non-zero return code", "rc": 2, "start": "2022-12-17 22:20:27.933459", "stderr": "A repository already exists at /home/borg/AWX.", "stderr_lines": ["A repository already exists at /home/borg/AWX."], "stdout": "", "stdout_lines": []}
PLAY RECAP *******************************************************************************************************************************************
awx3.vacatejaws.xyz : ok=26 changed=5 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
Straaaaange...
Hmm...
TASK [awx-custom-config : Add 'AWX on K3s' project to AWX admins organisation] *******************************************************************
fatal: [awx2.vacatejaws.xyz]: FAILED! => {"changed": false, "msg": "Project update failed"}
This section of cleanup_defaults.yml fails:
- name: Create a AWX/Automation Controller session token for executing AWX modules
awx.awx.tower_token:
description: 'AWX/Automation Controller Session Token'
scope: "write"
state: present
tower_host: "https://{{ awx_url }}"
tower_oauthtoken: "{{ master_token }}"
validate_certs: yes
register: awx_session_token
causes:
TASK [awx-custom-config : Create a AWX/Automation Controller session token for executing AWX modules] *********************************************************************************
fatal: [awx.penholder.xyz]: FAILED! => {"changed": false, "msg": "There was an unknown error when trying to connect to https://awx.penholder.xyz/api/v2/tokens/: URLError <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:997)>"}
Strange error when running:
- name: "Get AWX/Automation Controller administrator token (1/2)"
shell: |
kubectl get pods --namespace=awx | grep -v 'NAME\|awx-operator\|awx-postgres' | awk '{print $1}'
register: awx_pod
- name: "Get AWX/Automation Controller administrator token (2/2)"
command: |
kubectl exec -n awx -i -t {{ awx_pod.stdout }} --container awx-task -- /bin/bash -c 'awx-manage create_oauth2_token --user {{ admin_username }}'
register: awx_token
#no_log: True
Produces:
TASK [awx-custom-config : Get AWX/Automation Controller administrator token (2/2)] ****************************************************************************************************
fatal: [awx.vacatejaws.xyz]: FAILED! => {"changed": true, "cmd": ["kubectl", "exec", "-n", "awx", "-i", "-t", "awx-596c5cd8b4-qgr7h", "--container", "awx-task", "--", "/bin/bash", "-c", "awx-manage create_oauth2_token --user admin"], "delta": "0:00:01.172216", "end": "2022-12-11 04:23:57.689557", "msg": "non-zero return code", "rc": 1, "start": "2022-12-11 04:23:56.517341", "stderr": "command terminated with exit code 1", "stderr_lines": ["command terminated with exit code 1"], "stdout": "Traceback (most recent call last):\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/base/base.py\", line 219, in ensure_connection\r\n self.connect()\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/utils/asyncio.py\", line 33, in inner\r\n return func(*args, **kwargs)\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/base/base.py\", line 200, in connect\r\n self.connection = self.get_new_connection(conn_params)\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/utils/asyncio.py\", line 33, in inner\r\n return func(*args, **kwargs)\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/postgresql/base.py\", line 187, in get_new_connection\r\n connection = Database.connect(**conn_params)\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/psycopg2/__init__.py\", line 126, in connect\r\n conn = _connect(dsn, connection_factory=connection_factory, **kwasync)\r\npsycopg2.OperationalError: FATAL: could not open file \"base/16384/2601\": Permission denied\r\n\r\n\r\nThe above exception was the direct cause of the following exception:\r\n\r\nTraceback (most recent call last):\r\n File \"/usr/bin/awx-manage\", line 8, in <module>\r\n sys.exit(manage())\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/awx/__init__.py\", line 185, in manage\r\n if (connection.pg_version // 10000) < 12:\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/utils/connection.py\", line 15, in __getattr__\r\n return getattr(self._connections[self._alias], item)\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/utils/functional.py\", line 48, in __get__\r\n res = instance.__dict__[self.name] = self.func(instance)\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/postgresql/base.py\", line 329, in pg_version\r\n with self.temporary_connection():\r\n File \"/usr/lib64/python3.9/contextlib.py\", line 119, in __enter__\r\n return next(self.gen)\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/base/base.py\", line 603, in temporary_connection\r\n with self.cursor() as cursor:\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/utils/asyncio.py\", line 33, in inner\r\n return func(*args, **kwargs)\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/base/base.py\", line 259, in cursor\r\n return self._cursor()\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/base/base.py\", line 235, in _cursor\r\n self.ensure_connection()\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/utils/asyncio.py\", line 33, in inner\r\n return func(*args, **kwargs)\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/base/base.py\", line 219, in ensure_connection\r\n self.connect()\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/utils.py\", line 90, in __exit__\r\n raise dj_exc_value.with_traceback(traceback) from exc_value\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/base/base.py\", line 219, in ensure_connection\r\n self.connect()\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/utils/asyncio.py\", line 33, in inner\r\n return func(*args, **kwargs)\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/base/base.py\", line 200, in connect\r\n self.connection = self.get_new_connection(conn_params)\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/utils/asyncio.py\", line 33, in inner\r\n return func(*args, **kwargs)\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/postgresql/base.py\", line 187, in get_new_connection\r\n connection = Database.connect(**conn_params)\r\n File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/psycopg2/__init__.py\", line 126, in connect\r\n conn = _connect(dsn, connection_factory=connection_factory, **kwasync)\r\ndjango.db.utils.OperationalError: FATAL: could not open file \"base/16384/2601\": Permission denied", "stdout_lines": ["Traceback (most recent call last):", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/base/base.py\", line 219, in ensure_connection", " self.connect()", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/utils/asyncio.py\", line 33, in inner", " return func(*args, **kwargs)", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/base/base.py\", line 200, in connect", " self.connection = self.get_new_connection(conn_params)", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/utils/asyncio.py\", line 33, in inner", " return func(*args, **kwargs)", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/postgresql/base.py\", line 187, in get_new_connection", " connection = Database.connect(**conn_params)", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/psycopg2/__init__.py\", line 126, in connect", " conn = _connect(dsn, connection_factory=connection_factory, **kwasync)", "psycopg2.OperationalError: FATAL: could not open file \"base/16384/2601\": Permission denied", "", "", "The above exception was the direct cause of the following exception:", "", "Traceback (most recent call last):", " File \"/usr/bin/awx-manage\", line 8, in <module>", " sys.exit(manage())", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/awx/__init__.py\", line 185, in manage", " if (connection.pg_version // 10000) < 12:", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/utils/connection.py\", line 15, in __getattr__", " return getattr(self._connections[self._alias], item)", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/utils/functional.py\", line 48, in __get__", " res = instance.__dict__[self.name] = self.func(instance)", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/postgresql/base.py\", line 329, in pg_version", " with self.temporary_connection():", " File \"/usr/lib64/python3.9/contextlib.py\", line 119, in __enter__", " return next(self.gen)", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/base/base.py\", line 603, in temporary_connection", " with self.cursor() as cursor:", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/utils/asyncio.py\", line 33, in inner", " return func(*args, **kwargs)", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/base/base.py\", line 259, in cursor", " return self._cursor()", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/base/base.py\", line 235, in _cursor", " self.ensure_connection()", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/utils/asyncio.py\", line 33, in inner", " return func(*args, **kwargs)", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/base/base.py\", line 219, in ensure_connection", " self.connect()", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/utils.py\", line 90, in __exit__", " raise dj_exc_value.with_traceback(traceback) from exc_value", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/base/base.py\", line 219, in ensure_connection", " self.connect()", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/utils/asyncio.py\", line 33, in inner", " return func(*args, **kwargs)", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/base/base.py\", line 200, in connect", " self.connection = self.get_new_connection(conn_params)", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/utils/asyncio.py\", line 33, in inner", " return func(*args, **kwargs)", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/django/db/backends/postgresql/base.py\", line 187, in get_new_connection", " connection = Database.connect(**conn_params)", " File \"/var/lib/awx/venv/awx/lib64/python3.9/site-packages/psycopg2/__init__.py\", line 126, in connect", " conn = _connect(dsn, connection_factory=connection_factory, **kwasync)", "django.db.utils.OperationalError: FATAL: could not open file \"base/16384/2601\": Permission denied"]}
PLAY RECAP ****************************************************************************************************************************************************************************
awx.vacatejaws.xyz : ok=45 changed=21 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
Not sure what's caused this... reverting to K3s version v1.24.8+k3s1.
- name: "Get AWX/Automation Controller administrator token (2/2)"
command: |
kubectl exec -n awx -i -t {{ awx_pod.stdout }} --container awx-task -- /bin/bash -c 'awx-manage create_oauth2_token --user {{ admin_username }}'
register: awx_token
#no_log: True
produces
TASK [awx-custom-config : Get AWX/Automation Controller administrator token (2/2)] ***************************************************************
fatal: [awx.vacatejaws.xyz]: FAILED! => {"changed": true, "cmd": ["kubectl", "exec", "-n", "awx", "-i", "-t", "awx-f9c4f86cc-4gl2h", "--container", "awx-task", "--", "/bin/bash", "-c", "awx-manage create_oauth2_token --user admin"], "delta": "0:00:02.831705", "end": "2022-12-15 08:49:33.233392", "msg": "non-zero return code", "rc": 1, "start": "2022-12-15 08:49:30.401687", "stderr": "command terminated with exit code 1", "stderr_lines": ["command terminated with exit code 1"], "stdout": "\u001b[31;1mCommandError: The user does not exist.\r\n\u001b[0m", "stdout_lines": ["\u001b[31;1mCommandError: The user does not exist.", "\u001b[0m"]}
Local backup fails
TASK [Create new AWXBackup resource and wait for complete] *********************
task path: /runner/project/backup/ansible/project/backup.yml:56
<localhost> ESTABLISH LOCAL CONNECTION FOR USER: runner
<localhost> EXEC /bin/sh -c 'echo ~runner && sleep 0'
<localhost> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/runner/.ansible/tmp `"&& mkdir "` echo /home/runner/.ansible/tmp/ansible-tmp-1671251730.989548-35-14517937981327 `" && echo ansible-tmp-1671251730.989548-35-14517937981327="` echo /home/runner/.ansible/tmp/ansible-tmp-1671251730.989548-35-14517937981327 `" ) && sleep 0'
Using module file /usr/share/ansible/collections/ansible_collections/kubernetes/core/plugins/modules/k8s.py
<localhost> PUT /home/runner/.ansible/tmp/ansible-local-18yypngq4s/tmpp3_tpqes TO /home/runner/.ansible/tmp/ansible-tmp-1671251730.989548-35-14517937981327/AnsiballZ_k8s.py
<localhost> EXEC /bin/sh -c 'chmod u+x /home/runner/.ansible/tmp/ansible-tmp-1671251730.989548-35-14517937981327/ /home/runner/.ansible/tmp/ansible-tmp-1671251730.989548-35-14517937981327/AnsiballZ_k8s.py && sleep 0'
<localhost> EXEC /bin/sh -c '/usr/bin/python3 /home/runner/.ansible/tmp/ansible-tmp-1671251730.989548-35-14517937981327/AnsiballZ_k8s.py && sleep 0'
<localhost> EXEC /bin/sh -c 'rm -f -r /home/runner/.ansible/tmp/ansible-tmp-1671251730.989548-35-14517937981327/ > /dev/null 2>&1 && sleep 0'
{
"changed": true,
"result": {
"apiVersion": "awx.ansible.com/v1beta1",
"kind": "AWXBackup",
"metadata": {
"creationTimestamp": "2022-12-17T04:35:32Z",
"finalizers": [
"awx.ansible.com/finalizer"
],
"generation": 1,
"labels": {
"app.kubernetes.io/component": "awx",
"app.kubernetes.io/managed-by": "awx-operator",
"app.kubernetes.io/name": "awxbackup-2022-12-17-04-35-30",
"app.kubernetes.io/operator-version": "1.1.0",
"app.kubernetes.io/part-of": "awxbackup-2022-12-17-04-35-30"
},
"managedFields": [
{
"apiVersion": "awx.ansible.com/v1beta1",
"fieldsType": "FieldsV1",
"fieldsV1": {
"f:metadata": {
"f:finalizers": {
".": {},
"v:\"awx.ansible.com/finalizer\"": {}
}
}
},
"manager": "ansible-operator",
"operation": "Update",
"time": "2022-12-17T04:35:32Z"
},
{
"apiVersion": "awx.ansible.com/v1beta1",
"fieldsType": "FieldsV1",
"fieldsV1": {
"f:status": {
".": {},
"f:conditions": {}
}
},
"manager": "ansible-operator",
"operation": "Update",
"subresource": "status",
"time": "2022-12-17T04:35:32Z"
},
{
"apiVersion": "awx.ansible.com/v1beta1",
"fieldsType": "FieldsV1",
"fieldsV1": {
"f:metadata": {
"f:labels": {
".": {},
"f:app.kubernetes.io/component": {},
"f:app.kubernetes.io/managed-by": {},
"f:app.kubernetes.io/name": {},
"f:app.kubernetes.io/operator-version": {},
"f:app.kubernetes.io/part-of": {}
}
},
"f:spec": {
".": {},
"f:backup_pvc": {},
"f:clean_backup_on_delete": {},
"f:deployment_name": {},
"f:no_log": {},
"f:set_self_labels": {}
}
},
"manager": "OpenAPI-Generator",
"operation": "Update",
"time": "2022-12-17T04:35:35Z"
}
],
"name": "awxbackup-2022-12-17-04-35-30",
"namespace": "awx",
"resourceVersion": "75593",
"uid": "dedf7506-2890-412f-b0a9-2a22f5bd688c"
},
"spec": {
"backup_pvc": "awx-backup-claim",
"clean_backup_on_delete": true,
"deployment_name": "awx",
"no_log": true,
"set_self_labels": true
},
"status": {
"conditions": [
{
"lastTransitionTime": "2022-12-17T04:35:41Z",
"reason": "",
"status": "False",
"type": "Successful"
},
{
"lastTransitionTime": "2022-12-17T04:43:25Z",
"reason": "Running",
"status": "False",
"type": "Running"
},
{
"lastTransitionTime": "2022-12-17T04:43:34Z",
"reason": "Failed",
"status": "True",
"type": "Failure"
}
]
}
},
"duration": 601,
"method": "create",
"msg": "Resource creation timed out",
"invocation": {
"module_args": {
"state": "present",
"wait": true,
"wait_condition": {
"reason": "Successful",
"status": true,
"type": "Running"
},
"wait_timeout": 600,
"resource_definition": {
"apiVersion": "awx.ansible.com/v1beta1",
"kind": "AWXBackup",
"metadata": {
"name": "awxbackup-2022-12-17-04-35-30",
"namespace": "awx"
},
"spec": {
"deployment_name": "awx",
"backup_pvc": "awx-backup-claim",
"clean_backup_on_delete": true
}
},
"api_version": "v1",
"wait_sleep": 5,
"append_hash": false,
"apply": false,
"continue_on_error": false,
"force": false,
"kind": null,
"name": null,
"namespace": null,
"src": null,
"kubeconfig": null,
"context": null,
"host": null,
"api_key": null,
"username": null,
"password": null,
"validate_certs": null,
"ca_cert": null,
"client_cert": null,
"client_key": null,
"proxy": null,
"no_proxy": null,
"proxy_headers": null,
"persist_config": null,
"impersonate_user": null,
"impersonate_groups": null,
"merge_type": null,
"validate": null,
"template": null,
"delete_options": null,
"label_selectors": null,
"generate_name": null,
"server_side_apply": null
}
},
"_ansible_no_log": false
}
Hmm seems like after a half dozen installs to the same URL this setups SSL freaks out producing:
I guess I'll just have to use a few more cheap testing domains...
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.