AWX ldap spec/myvalues.yaml file

jeremytourville · February 27, 2024, 5:07pm

Environment:

AWX Operator Helm Chart ver 2.11.0
AWX 23.7.0 on a K8s cluster
myvalues.yaml / spec applied during install of helm chart

AWX:
  # enable use of awx-deploy template
  enabled: true
  name: awx
  spec:
    admin_user: admin
    hostname: awx.idm.gsil.org
    image: gsil-docker1.idm.gsil.org:5001/quay.io/ansible/awx:23.7.0
    image_version: 23.7.0
    init_container_image: gsil-docker1.idm.gsil.org:5001/quay.io/ansible/awx-ee
    init_container_image_version: latest
    ee_images:
    - name: AWX EE (latest)
      image: gsil-docker1.idm.gsil.org:5001/quay.io/ansible/awx-ee:latest
    redis_image: gsil-docker1.idm.gsil.org:5001/redis
    redis_image_version: "7"
    control_plane_ee_image: gsil-docker1.idm.gsil.org:5001/quay.io/ansible/awx-ee:latest
    postgres_image: gsil-docker1.idm.gsil.org:5001/postgres
    postgres_image_version: "13" 
  
customVolumes:
  postgres:
    enabled: true
    hostPath: /var/lib/postgresql/data
    size: 2Gi
    storageClassName: local-storage
  projects:
    enabled: true
    hostPath: /opt/projects/data
    size: 5Gi
 
  extra_settings:
    - setting: AUTH_LDAP_SERVER_URI
      value: >-
      "ldaps://ad01.gsil.org:636 ldaps://ad02.gsil.org:636"

    - setting: AUTH_LDAP_BIND_DN
      value: >-
      "CN=MyLDAPUser,OU=Service Accounts,DC=gsil,DC=org"

I can include myvalues file with the helm chart at the time of install. While the install doesn’t complain about bad syntax in my yaml file, I don’t see that the ldap settings are getting set when opening up the web GUI. Can anyone explain this? What should I be doing different? I am still very new to Kubernetes and AWX (in Kubernetes) I did run AWX in docker years ago when awx was version 17. My other items such as custom repos to pull offline images from are working as expected.

I thought the purpose of myvalues.yaml/spec file was to pre-populate information and assist with configuration. Any clarity or insight you can provide is appreciated!

Rtwolfe94022 · March 1, 2024, 2:55am

The LDAP settings in your myvalues.yaml file might not be directly applied by the AWX Helm chart during installation because some configurations, especially external authentication like LDAP, need to be set up through the AWX web UI or API after deployment. To automate this, consider using an Ansible playbook to configure LDAP settings via the AWX API post-installation.

kurokobo · March 1, 2024, 12:45pm

@jeremytourville
Hi again, is this issue still existing?

Maybe you already know that structure is important in YAML, and you can find extra_settings is not placed correctly.

extra_settings is for the AWX CR, so this should be under AWX.spec.

jeremytourville · March 1, 2024, 2:49pm

Yes, after getting the LDAP and certs working correctly from the other post I knew my issue was the same for here. Indentation and getting settings in the correct area, spacing etc. While I don’t have this fixed just yet, I expect I should have this fixed quickly. Thanks.