Hello guys,
i’d like to ask for help..
situation.
i installed awx operator via kustomize:
cat kustomization.yml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- github.com/ansible/awx-operator/config/default?ref=2.19.1
- awx.yaml
images:
- name: quay.io/ansible/awx-operator
newTag: 2.19.1
namespace: awx
cat awx.yaml
apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
name: awx
spec:
###postgres perm:
postgres_data_volume_init: true
###ingress
ingress_type: ingress
ingress_hosts:
- hostname: awx.....com
tls_secret: awx-cert
###persistance storage###
projects_persistence: true
projects_storage_class: longhorn
projects_storage_size: 10Gi
awxoperator is running within rke2 kubernetes cluster ,
k get pods -n awx
NAME READY STATUS RESTARTS AGE
awx-migration-24.6.1-6n9sc 0/1 Completed 0 4d
awx-operator-controller-manager-77b4f86b76-9958r 2/2 Running 0 16m
awx-postgres-15-0 1/1 Running 0 4d
awx-task-b9b8d4d5b-5vx7m 4/4 Running 0 10m
awx-web-6ffcfb677-xtt7q 3/3 Running 0 16m
problem:
i configured projects/credentials/etc within awx gui to synchronize awx with gitlab repository, but sync does not work due to:
Cloning into '/var/lib/awx/projects/_8__sync_gitlab'...
fatal: could not open '/var/lib/awx/projects/_8__sync_gitlab/.git/objects/pack/tmp_pack_F5iXfZ' for reading: Permission denied
fatal: fetch-pack: invalid index-pack output
i tried put in awx.yaml : task_privileged: true/security context. etc..but nothing helps..
i think if i would be able somehow set Security Context/Pod Filesystem Group/Filesystem Group to 0 , i think it would be work… but kustomoze still rewrite this to 1000…
in case that i omit persistent volume section in awx.yaml, everything works fine, im able to make a sync and run playbook stored in gitlab…
as backend for storage using longhorn:
kubectl get pv -n awx | grep -n awx
pvc-010b9cce-0581-4a50-9440-e71fbeae98c5 10Gi RWX Retain Bound awx/awx-projects-claim
longhorn <unset> 95m
permissions in pod awx-task in awx-task container:
PV mounted:
10.43.85.83:/pvc-010b9cce-0581-4a50-9440-e71fbeae98c5 9.8G 0 9.8G 0% /var/lib/awx/projects
bash-5.1$ cd /var/lib/awx/projects/
bash-5.1$ ls -l
drwxr-xr-x 2 awx root 4096 Jul 8 10:21 _8__sync_gitlab
-rwxr-xr-x 1 awx root 0 Jul 8 10:21 _8__sync_gitlab.lock
drwx------ 2 root root 16384 Jul 8 09:58 lost+found
bash-5.1$ ls -l
total 16
drwxrwxr-x 5 root 1000 4096 Jul 8 10:21 projects
bash-5.1$ ls -l | grep awx
drwxrwxr-x 1 root root 4096 Jul 8 10:19 awx
NO PV:
bash-5.1$ ls -ld awx/
drwxrwxr-x 1 root root 4096 Jul 8 10:31 awx/
bash-5.1$ ls -ld projects/
drwxrwxrwx 4 root root 4096 Jul 8 10:35 projects/
bash-5.1$ ls -l
total 4
drwxr-xr-x 3 awx root 4096 Jul 8 10:37 _8__sync_gitlab
-rwxr-xr-x 1 awx root 0 Jul 8 10:37 _8__sync_gitlab.lock
any idea?
Thanks in advance
L