Hi all, are there any news about isolated nodes? I was trying to implement them some months ago, but the feature wasn’t available, although announced, and no documentation or tutorials.
Thanks!
You can find some docs here:
https://github.com/ansible/awx/blob/devel/docs/clustering.md#security-isolated-rampart-groups
Thanks Elijah. I will give a try. Some questions:
-
The doc says that the isolated instances must be declared in the inventory. With AWX, the inventory is only used por provisioning Kubernetes/Openshift. Is it really needed to declare there the isolated nodes and controllers? As, I think, the install.yml playbook just does some Kubernetes work, and not any host provisioning, how are the isolated instances provisioned?
-
Can be the isolated groups declared in external inventory sources? We have a Web service that published our inventory in the format that Ansible expects, and is imported using an inventory script from Ansible. In that Web Service, we could define the isolated groups and its members: Would this work? In this case, how would these isolated instances be provisioned (doc: “will have a minimal set of utilities used to run jobs”)?
-
I think that with AWX, the SSH keys; an API request to /settings/jobs returns this:
{
“AD_HOC_COMMANDS”: [
“command”,
“…”
],
…
“AWX_ISOLATED_KEY_GENERATION”: true,
“AWX_ISOLATED_PRIVATE_KEY”: “”,
“AWX_ISOLATED_PUBLIC_KEY”: “”,
…
}
Is this correct os just that info is not returned by the API (at least the public key)?
Thanks!