Can a Remote Execution Node launch Pods instead of running ansible-runner ?

Get Help
, ,
1

Hi,
I’m new to the concept of remote execution node, and I’ve setup my first node a few weeks ago.
I’m designing a concept of a microk8s, or k3s (or actually anything smaller than k8s) tool machine, in order to access, monitor and control a remote environment.
Of course AWX would be in the mix, and thus I have a question. Can I configure the receptor of a remote execution node so it launches pods instead of directly running ansible-runner ?
I saw that receptor has a configuration for kubernetes, in the work-kubernetes stanza, but I don’t know how to use a receptor configured this way via AWX…
I also see that I can create “container groups” in AWX, but I can’t add instances…
I’m struggling to find any documentation about it all.

Any tip ?

2

Hello, you have below a good tutorial about basic receptor / ansible-runner usage which could be a good starting point :

3

Thank you.
Receptor works out of the box with ansible-runner, and that’s what seems to be leveraged by default with AWX.

When I create a new runner on AWX, I have to download a package that automatically deploys, and configures the receptor on what I call the “runner machine”, i.e. the VM that will execute jobs.

And indeed, it configures the receptor to run ansible-runner with the “worker” command.

But, in the receptor configuration, I noticed that, side by side with the work-command stanza, there’s also a work-kubernetes. Sign for me that the receptor can also run kubernetes pods instead of directly launching ansible-runner.

Also, on AWX, there’s the notion of “Container Group”, that allows me to create a Pod Configuration. Actually, the default pod configuration is to launch an ansible-runner image. The pods are launched locally, meaning on the Kubernetes cluster where AWX is setup. But I don’t understand how to configure it to be launched remotely

So :

  • I can remotely use receptor but it launches ansible-runner directly on the target VM
  • I can locally tell AWX to launch Kubernetes Pods

But I can’t tell AWX to use a receptor to launch Kubernetes Pods ?

4

Haven’t touched this configuration since more than a year, but in my environment, we use Ansible Automation Platform to launch jobs on Openshift.

To do so, we had to configure in openshift a service account (with create privileges in an AAP namespace), and generate a token for it.

Then, on AAP, we configured a credential from the type “Openshift or Kubernetes API Bearer token”, which includes the Openshift API URL and the token.

Besides, we created a container group, with the previously defined credential, and a yaml specification like this one :

apiVersion: v1
kind: Pod
metadata:
  namespace: target-namespace
spec:
  containers:
    - image: registry.redhat.io/ee-minimal-rhel8:latest
      name: worker
      args:
        - ansible-runner
        - worker
        - '--private-data-dir=/runner'
      resources:
        requests:
          cpu: 250m
          memory: 100Mi

After that, when configuring a job template, we were able to selected this containergroup as a target. This pops up a temporary ‘automation-job’ on openshift, which only exists during the execution of the playbook it includes.

Should be similar for AWX/Kubernetes :slight_smile: