Hello,
I am very new to kubernetes.

I managed to install awx v18 using awx-operator since that process was well explained in README.md however I am struggling to enable awx gui to work over https.
1 do I need to install k8s load balancer service (what should I use, how do I do that)
2 can I install x.509 cert on the host and bind awx to use it somehow (if so what are required steps)

Can someone be so kind and elaborate a bit/provide step by step guide (explain the process as if I was 5y old)?

Thanks

I’m afraid I cannot explain it well enough. I’m a newbie myself, taking up a running installation and trying to upgrade it. Still, I’ll tell you what I inherited.

We create a secret before doing the oc apply

export ca_root=“$HOME/github/openshift-platform/clusters/shared_files/root-ca.pem”
oc create secret generic our-root-ca-cert -n $project --from-file=ldap-ca.crt=$ca_root --from-file=bundle-ca.crt=$ca_root

In the yaml instance definition, we then call to the secret

bundle_cacert_secret: our-root-ca-cert

If there are other steps, I’m not yet aware of them.

Thanks Kevin,
From what I found out kubernetes relies on cloud infrastructure for ingress traffic and doesn’t provide tool for that natively for on prem installs.
There is build in Traefik (edge router) and Klipper (single node load balancer) build into k3s but its pretty new concept to me and I find traefik rather complicated.
I understand awx would rely on traefik to define how traffic should go in/out of awx and tls encryption to be provided by LB (load balancer) ==> http traffic between web console user and awx will be tls encrypted and after that it would be plain text http.
Just need to figure out how to make it work all together (there for I asked for some tutorial for newbies).
Can anyone with working on-prem https share how you put it all together?

Thanks

)

You may hear something better than what I shared, but we are on prem with ssl working.