101 lines
3.4 KiB
YAML
101 lines
3.4 KiB
YAML
---
|
|
- name: Deploy latest stable AWX using AWX Operator on Kubernetes
|
|
hosts: localhost
|
|
connection: local
|
|
become: false
|
|
gather_facts: false
|
|
|
|
vars:
|
|
# Простые fallback-значения (переопределяются Semaphore Variable Group)
|
|
awx_namespace: awx
|
|
awx_instance_name: awx
|
|
awx_service_type: NodePort # NodePort / ClusterIP / LoadBalancer
|
|
awx_operator_version: 2.19.1 # Последняя стабильная на конец 2025
|
|
kubeconfig_path: "/home/semaphore/.kube/config"
|
|
|
|
tasks:
|
|
- name: Fail if kubeconfig not found inside container
|
|
ansible.builtin.stat:
|
|
path: "{{ kubeconfig_path }}"
|
|
register: kubeconfig_stat
|
|
failed_when: not kubeconfig_stat.stat.exists
|
|
delegate_to: localhost
|
|
|
|
- name: Create namespace for AWX
|
|
kubernetes.core.k8s:
|
|
state: present
|
|
kubeconfig: "{{ kubeconfig_path }}"
|
|
definition:
|
|
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
name: "{{ awx_namespace }}"
|
|
|
|
- name: Apply AWX Operator from GitHub kustomize
|
|
ansible.builtin.command:
|
|
cmd: >-
|
|
kubectl apply -k "github.com/ansible/awx-operator/config/default?ref={{ awx_operator_version }}"
|
|
environment:
|
|
KUBECONFIG: "{{ kubeconfig_path }}"
|
|
changed_when: true
|
|
register: operator_apply
|
|
failed_when: operator_apply.rc != 0 and 'already exists' not in operator_apply.stderr | default('')
|
|
|
|
- name: Wait for AWX Operator to be ready
|
|
kubernetes.core.k8s_info:
|
|
kubeconfig: "{{ kubeconfig_path }}"
|
|
api_version: apps/v1
|
|
kind: Deployment
|
|
name: awx-operator-controller-manager
|
|
namespace: "{{ awx_namespace }}"
|
|
register: operator_status
|
|
until: >-
|
|
operator_status.resources | length > 0 and
|
|
operator_status.resources[0].status.readyReplicas is defined and
|
|
operator_status.resources[0].status.readyReplicas >= 1
|
|
retries: 40
|
|
delay: 15
|
|
|
|
- name: Deploy AWX instance
|
|
kubernetes.core.k8s:
|
|
state: present
|
|
kubeconfig: "{{ kubeconfig_path }}"
|
|
definition:
|
|
apiVersion: awx.ansible.com/v1beta1
|
|
kind: AWX
|
|
metadata:
|
|
name: "{{ awx_instance_name }}"
|
|
namespace: "{{ awx_namespace }}"
|
|
spec:
|
|
service_type: "{{ awx_service_type }}"
|
|
|
|
- name: Wait for AWX pods to be running
|
|
kubernetes.core.k8s_info:
|
|
kubeconfig: "{{ kubeconfig_path }}"
|
|
kind: Pod
|
|
namespace: "{{ awx_namespace }}"
|
|
label_selectors:
|
|
- "app.kubernetes.io/managed-by=awx-operator"
|
|
register: awx_pods
|
|
until: >-
|
|
awx_pods.resources | selectattr('status.phase', 'equalto', 'Running') | list | length >= 2
|
|
retries: 60
|
|
delay: 20
|
|
|
|
- name: Retrieve AWX admin password
|
|
kubernetes.core.k8s_info:
|
|
kubeconfig: "{{ kubeconfig_path }}"
|
|
api_version: v1
|
|
kind: Secret
|
|
name: "{{ awx_instance_name }}-admin-password"
|
|
namespace: "{{ awx_namespace }}"
|
|
register: awx_secret
|
|
|
|
- name: Display AWX login information
|
|
ansible.builtin.debug:
|
|
msg: |
|
|
AWX deployed successfully!
|
|
Access URL: http://<your-node-ip>:<node-port>
|
|
(get port: kubectl get svc {{ awx_instance_name }}-service -n {{ awx_namespace }})
|
|
Username: admin
|
|
Password: {{ awx_secret.resources[0].data.password | b64decode }} |