Ansible AWX on K3s Part2 - Backup and Migration
SummaryPermalink
Continuing from the last post, now that we have a new AWX instance on the latest release how do we move our old instance data over. It is actually quite easy.
SolutionPermalink
- Backup the AWX secret key
- Backup the postgres database
- Drop existing DB in existing on the new AWX instance, restore the key and db, then bring the instance online.
This will also complete the upgrade process. For light upgrades you’ll want to stick with helm/operator updates but this works well for major upgrades or infrastructure changes. There is also a playbook for backup that I may investigate next. After that, we’ll investigate integrating AWX with ServiceNow!
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ####################How to Backup/Migrate/Restore AWX############################# | |
| #1.Create a postgres backup on the old system | |
| #In K8s | |
| kubectl -n awx exec ansible-awx-postgres-15-0 -- bash -c "pg_dump -U awx awx --format=c" > aws_pg_backup.sql | |
| #In Docker | |
| docker exec tools_postgres_1 /bin/bash -c "pg_dump -U awx awx --format=c" > dockerbackup1.sql | |
| #2. Find the secret_key data from old setup | |
| #In K8s | |
| kubectl get secret ansible-awx-secret-key -n awx -o jsonpath="{.data.secret_key}" | base64 --decode | |
| #it is also stored in the file /etc/tower/SECRET_KEY in the ansible-awx-task pod | |
| #In Docker | |
| docker exec tools_awx_1 cat /etc/tower/SECRET_KEY | |
| ####################RESTORING ON A NEW AWX/K8s INSTANCE######################### | |
| #1. Bring it all down | |
| kubectl -n awx scale deployment awx-operator-controller-manager --replicas=0 | |
| kubectl -n awx scale deployment ansible-awx-task --replicas=0 | |
| kubectl -n awx scale deployment ansible-awx-web --replicas=0 | |
| #2. Restore the Key | |
| secret=<secret from steps above> | |
| kubectl patch secret ansible-awx-secret-key -n awx -p '{"data": {"secret_key": "'"$(echo -n $secret | base64)"'"}}' | |
| #3. Restore the DB | |
| kubectl -n awx exec -it ansible-awx-postgres-15-0 -- psql -U postgres -d postgres -c "ALTER USER awx CREATEDB;" | |
| kubectl -n awx exec -it ansible-awx-postgres-15-0 -- dropdb -U awx awx | |
| kubectl -n awx exec -it ansible-awx-postgres-15-0 -- createdb -U awx -T template0 awx | |
| kubectl -n awx exec -it ansible-awx-postgres-15-0 -- pg_restore -U awx -d awx < aws_pg_backup.sql | |
| #4. Bring it online. | |
| kubectl -n awx scale deployment awx-operator-controller-manager --replicas=1 | |
| kubectl -n awx scale deployment ansible-awx-task --replicas=1 | |
| kubectl -n awx scale deployment ansible-awx-web --replicas=1 | |
| #5. If moving to a new version of AWX run "awx-manage migrate --noinput" | |
| awxPod=`kubectl get pods -n awx --no-headers | grep '^ansible-awx-web' | awk '{print $1}'` | |
| kubectl exec -n awx -it pod/$awxPod --container ansible-awx-web -- awx-manage migrate --noinput |
Leave a comment