Home How to enable HTTPS on awx
Post
Cancel

How to enable HTTPS on awx

Posted Jun 13, 2024 Updated Jun 13, 2024
By Jeffrey Bekker
2 min read

So In this blog I will explain very simple how to enable https on awx. You do need some knowledge about kubernetes but I will try to show as many examples as possible.

First of all the secrets

First we need to create the secret that is used later. The secret in this case is the certificate with chain and private key.
So what we need:

  • Cert with the entire chain in pem format
  • private key (If you get a encrypted private key you need to decrypt it)

So when you have those items in the same folder lets create a secret that we can use then:

1

kubectl create secret tls awx-tls-cert-secret --namespace awx --key certdecrypt.key --cert cert.crt

Couple of notes: The name you can alter the way you want, for now we call it awx-tls-info-secret Don’t forget to specify the correct namespace. And if you don’t want to type that much you can also just do -n ….

Secret done, now change the awx.yaml

So now we create the secret, next step is altering the awx.yaml, or the yaml file where you specify the spec.

1
2
3
4
5
6
7
8
9
10
11

---
apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
  name: awx
spec:
  ingress_type: ingress
  ingress_hosts:
    - hostname: <hostname>
      tls_secret: awx-tls-cert-secret
  nodeport_port: 443

Don’t forget to alter the hostname part to a hostname that can be resolved correctly by your dns.
It used to be that you would need to use ingress_tls_secret but that is deprecated. That notation was easier:

1
2
3
4
5

spec:
  ingress_type: ingress
  hostname: <hostname>
  ingress_tls_secret: awx-tls-cert-secret
  nodeport_port: 443

Maybe it still works but it is deprecated Some information: awx-operator documenation .

Now apply it!

So since we have made all the changes lets apply it:

1

kubectl apply -k .

So the command works if you are in the same directory as your kustomization file and awx.yaml file.
After it has run you need to wait a moment of course. do check if the deployment and the pods are deployed correctly. If not then some troubleshooting is needed, maybe I will once make a blogpost about kubernetes troubleshooting.

Thats all for now

Well that was all for now, nothing to excited but at least something that maybe can be used a bit if you use AWX.

blog, tech
AWX
This post is licensed under CC BY 4.0 by the author.
Recently Updated
Contents