how to configure ingress tls

andybourges · October 13, 2022, 12:25pm

Hi everybody,

…I’m a bit confused on how to enable TLS for AWX using ingress. I’m not too familiar with k3s (or k8s) at all and TLS is giving me a hard time now.

We’re currently running on k3s using operator v0.28 and corresponding awx 21.5.0.

Do I need to set up an ingress controller myself or is this part of the deployment when applying my awx-deploy.yml to k3s?

https://github.com/ansible/awx-operator#network-and-tls-configuration

is mentioning service_type, ingress_type and other stuff, but I’m completely unsure what and which combination (and which prerequesites are implied) make sense and would result in giving my https access to awx ?!

Maybe someone else has already gone through this valley of tears and can provide me some guidance on how to enable tls for the awx frontend?

Thanks,

Andreas

Wei-Yen_Tan · October 13, 2022, 12:28pm

K3s comes with traefik as an ingress controller.

Wei-Yen_Tan · October 13, 2022, 12:37pm

I have gotten awx as a https end point.

andybourges · October 13, 2022, 12:59pm

Hi,

…correct – traefik is running:

root@awx-troubleshooting:~# kubectl get pods -A

NAMESPACE NAME READY STATUS RESTARTS AGE

kube-system helm-install-traefik-crd-q9z56 0/1 Completed 0 8d

kube-system helm-install-traefik-9pxl4 0/1 Completed 1 8d

kube-system svclb-traefik-84d9f79c-62gkp 2/2 Running 8 (53s ago) 8d

kube-system coredns-b96499967-vzbkg 1/1 Running 4 (53s ago) 8d

kube-system local-path-provisioner-7b7dc8d6f5-cvwg9 1/1 Running 5 (53s ago) 8d

awx awx-postgres-13-0 1/1 Running 1 (52s ago) 7d2h

awx awx-95657c866-8jhl2 4/4 Running 4 (52s ago) 7d1h

awx awx-operator-controller-manager-7b4dbff7c8-l5x5x 2/2 Running 2 (52s ago) 7d2h

kube-system traefik-7cd4fcff68-z8jxh 1/1 Running 4 (52s ago) 8d

kube-system metrics-server-668d979685-64jsz 1/1 Running 4 (53s ago) 8d

From the docs:

“The following variables are customizable when ingress_type=ingress. The ingress type creates an Ingress resource as documented which can be shared with many other Ingress Controllers as listed.”

So I’ll set ingress_type to ingress and I would use clusterIP as service_type, right?

Thanks,

Andreas

andybourges · October 13, 2022, 3:50pm

Hi,

after some more fiddling with my awx-deploy.yml, I got it up and running now.

Thanks,

Andreas

Topic		Replies	Views
enabling ssl/tls for awx turtorial please AWX Project awx , kubernetes	3	5	January 4, 2023
How to enable https 443 on AWX running on top of K8S Get Help awx	14	1989	December 12, 2023
How to enable https in awx Get Help awx , awx-operator	1	1050	November 8, 2023
Ansible awx - enable https Get Help awx , kubernetes	2	840	May 25, 2024
Ingress service in AWX with nginx AWX Project awx , kubernetes	2	4	June 23, 2022

how to configure ingress tls

Related topics