Use awx-operator deploy AWX on kubernetes in AWS with Route53.
These resources have been deployed:
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: external-dns
namespace: external-dns
spec:
template:
spec:
containers:
- name: external-dns
image: k8s.gcr.io/external-dns/external-dns:v0.7.6
args:
- --source=service
- --source=ingress
- --provider=aws
- --registry=txt
- --policy=upsert-only
- --txt-owner-id=external-dns
- --aws-zone-type=public
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-demo
spec:
acme:
email: admin@my-domain.com
server: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef:
name: letsencrypt-demo
solvers:
- http01:
ingress: {}
https://raw.githubusercontent.com/ansible/awx-operator/0.13.0/deploy/awx-operator.yaml
---
apiVersion: awx.ansible.com/v1beta1
kind: AWX
metadata:
name: awx-demo
spec:
service_type: LoadBalancer
loadbalancer_protocol: https
loadbalancer_port: 443
loadbalancer_annotations: |
environment: test
service_labels: |
environment: test
ingress_type: ingress
ingress_annotations: |
environment: test
kubernetes.io/tls-acme: "true"
certmanager.k8s.io/cluster-issuer: letsencrypt-demo
hostname: awx-demo.my-domain.com
service_account_annotations: |
eks.amazonaws.com/role-arn: arn:aws:iam::aws_account:role/externaldns-route53
When access https://awx-demo.my-domain.com and check the certification, it showed haven’t been trusted and the page showed 504 DNS look up failed.
The service which created by kind: AWX has a DNS and mapped it to Route53 with awx-demo.my-domain.com.
About Issuer, if not use letsencrypt, there also an option to use AWS Certificate Manager. But how to set it?