OK, I think I have part of an answer but I am not getting the syntax right for a successful Kubernetes deployment it looks like.
Can somebody look this over and help me out in getting the yaml file syntax right, please? ####################################### # part 1 my ‘kustomization.yaml' file # ####################################### --- apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: # Find the latest tag here: https://github.com/ansible/awx-operator/releases - github.com/ansible/awx-operator/config/default?ref=0.22.0 - awx-myorg_awx.yaml # Set the image tags to match the git version from above images: - name: quay.io/ansible/awx-operator newTag: 0.22.0 # Specify a custom namespace in which to install AWX namespace: awx ####################################### # part 2 my ‘awx-myorg_awx.yaml’ file # ####################################### --- kind: ConfigMap apiVersion: v1 metadata: name: awx-myorg namespace: awx data: krb5.conf: |- # To opt out of the system crypto-policies configuration of krb5, remove the # symlink at /etc/krb5.conf.d/crypto-policies which will not be recreated. # includedir /etc/krb5.conf.d/ # my myorg krb5.conf file includedir /etc/krb5.conf.d/ [libdefaults] default_realm = MYORG.DOM # The follodomg krb5.conf variables are only for MIT Kerberos. kdc_timesync = 1 ccache_type = 4 forwardable = true proxiable = true # The follodomg encryption type specification will be used by MIT Kerberos # if uncommented. In general, the defaults in the MIT Kerberos code are # correct and overriding these specifications only serves to disable new # encryption types as they are added, creating interoperability problems. # # The only time when you might need to uncomment these lines and change # the enctypes is if you have local software that will break on ticket # caches containing ticket encryption types it doesn't know about (such as # old versions of Sun Java). # default_tgs_enctypes = des3-hmac-sha1 # default_tkt_enctypes = des3-hmac-sha1 # permitted_enctypes = des3-hmac-sha1 # The follodomg libdefaults parameters are only for Heimdal Kerberos. fcc-mit-ticketflags = true [realms] MYORG.DOM = { kdc = dc1.myorg.dom kdc = dc2.myorg.dom admin_server = dc1.myorg.dom default_domain = MYORG.DOM } [domain_realm] .myorg.dom = MYORG.DOM --- apiVersion: awx.ansible.com/v1beta1 kind: AWX metadata: name: awx-myorg spec: service_type: nodeport web_extra_volume_mounts: | - name: krb5-conf mountPath: /etc/krb5.conf subPath: krb5.conf task_extra_volume_mounts: | - name: krb5-conf mountPath: /etc/krb5.conf subPath: krb5.conf ee_extra_volume_mounts: | - name: krb5-conf mountPath: /etc/krb5.conf subPath: krb5.conf extra_volumes: | - name: krb5-conf configMap: defaultMode: 420 items: - key: krb5.conf path: krb5.conf name: awx-myorg kustomize accepts this when I issue a VERSION=0.22.0 kustomize build . | kubectl apply -f - BUT it never finishes building the containers. Evan after a full hour it is still in building container state. Can somebody do the necessary edits to make the above apply and build the awx cluster successfully, please? Thanks in advance. Urs Rau On Monday, 13 June 2022 at 12:23:36 UTC+2 Urs Rau wrote: > I am deploying awx 21.1.0 using the 0.22.0 operator into a minikube > cluster doing what they call a ‘basic install’ by way of creating the > documented kustomize.yml . > > *https://github.com/ansible/awx-operator#basic-install > <https://github.com/ansible/awx-operator#basic-install>* > > But then my awx pods do not have the required kerberos realm info and both > winrm and kerberos transports fail. > > How do I add the contents of my locally required krb5.conf file to all > pods via the new operator install method? > > — > Urs Rau > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/1cee30db-45e7-4123-9e23-760ee65be3den%40googlegroups.com.