Ingress service in AWX with nginx

Hi,

I followed the below documentation and created the AWX deployment:

https://github.com/ansible/awx-operator#network-and-tls-configuration

AWX resource and deployments/awx pods were created as intended. I am facing difficulties in setting up the ingress.

I had the below ingress configuration:
ingress_type: ingress
hostname: awx.domain.com
ingress_path: /awx-test
ingress_path_type: Prefix
ingress_tls_secret: awx-tls-secret
ingress_annotations: |
environment: testing

I am using nginix ingress in my cluster; and I was not sure how to provide this information in this configuration.

So I made the service type as Cluster IP, and created custom ingress configuration for this service.

$ kubectl.exe -n awx get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
awx-operator-controller-manager-metrics-service ClusterIP 10.0.118.219 8443/TCP 4d22h
awx-service ClusterIP 10.0.253.225 80/TCP 56m

$ ./kubectl -n awx describe ingress
Name: awx-ingress
Labels:
Namespace: awx
Address:
Default backend: default-http-backend:80 (<error: endpoints “default-http-backend” not found>)
TLS:
awx-tls-secret terminates awx-domain.com
Rules:
Host Path Backends

awx-domain.com
/awx-test awx-service:80 (10.244.0.63:8052)
Annotations: cert-manager.io/cluster-issuer:
nginx.ingress.kubernetes.io/rewrite-target: /$2
nginx.ingress.kubernetes.io/use-regex: true
Events:
Type Reason Age From Message

Normal CreateCertificate 14m cert-manager Successfully created Certificate “awx-tls-secret”
Normal Sync 13m (x2 over 14m) nginx-ingress-controller Scheduled for sync
Normal Sync 13m (x2 over 14m) nginx-ingress-controller Scheduled for sync

When I configure this and go to the path, I keep getting 502 Bad gateway error. Can someone please let me know what I am doing wrong here?

Thanks and Regards,
Mani

I installed the latest awx operator image with the below definition:

apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
name: awx-test
namespace: awx
spec:
service_type: ClusterIP
service_annotations: |
environment: testing
service_labels: |
environment: testing
postgres_configuration_secret: awx-postgres-configuration
admin_user: awxadmin
admin_email: <>
admin_password_secret: awx-admin-password
image: quay.io/ansible/awx
image_version: latest
ee_images:

• name: awx-test-ee
  image: quay.io/ansible/awx-ee
  redis_image: docker.io/redis
  redis_image_version: latest

I observe that the service is being created. However I am unable to access the service.

$ kubectl -n awx get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
awx-operator-controller-manager-metrics-service ClusterIP 10.0.118.219 8443/TCP 6d1h
awx-test-service ClusterIP 10.0.26.53 80/TCP 17m

From the worker node, I tried curling this cluster IP.

root@:/# curl http://10.0.26.53:80
curl: (7) Failed to connect to 10.0.26.53 port 80: Connection refused

I am not sure why the curl is failing for the cluster IP. This service has been auto-generated by the operator.

Thanks and Regards,
Mani

Hi!

You’ll need to use a NodePort or LoadBalancer type of service to expose the service externally (note the under External-IP). A ClusterIP only routes data internally between pods, but doesn’t allow outside browsers to reach into the pod to access a service.

AWX Team