Hi.
We’re running AWX 24.6.1 on K3s (see GitHub - kurokobo/awx-on-k3s: An example implementation of AWX on single node K3s using AWX Operator, with easy-to-use simplified configuration with ownership of data and passwords. · GitHub), hosted on Rocky Linux.
For quite some time now, Cisco FireAMP’s been affecting whole application badly (to the point that couple of simultaneous jobs can error out, despite quite a few resources assigned to it). Even Cisco themselves are aware of the resource usage - see https://www.ciscolive.com/c/dam/r/ciscolive/global-event/docs/2025/pdf/TACSEC-2022.pdf.
It’s really hard to find proper documentation on what to exclude. Similar apps have these on the list:
-
folders:
/var/lib/docker/
/var/lib/containerd/
/var/lib/rancher/k3s/ -
processes (alongside with child processes):
/usr/bin/python3
/usr/bin/python
/usr/bin/ansible-playbook
Is there any documentation listing best practices for exclusions (either for AWX or AAP)?