Improving VirtOps: Manage, migrate or modernize with Red Hat and Cisco

Virtualization has been an evolving part of ITOps over the past several years. A variety of applications run on virtualization technology and many companies are assessing their options for new platforms to run  these critical workloads. Goals include cost optimization, protection of budget, identifying advantages in new platforms, and modernization. 

Red Hat and Cisco have teamed to provide a comprehensive computing platform for virtualization. While the focus of this article is virtualization, this platform can also support other types of computing. It combines the following solutions to deliver an enterprise environment that is easy to manage and align to security and compliance needs, while delivering resilient virtualization services:
 

• Cisco Unified Computing Solution (UCS), a converged infrastructure platform that unifies compute, networking, and storage access to streamline server operations.
   
• Cisco Intersight to unify management of Cisco UCS servers located anywhere in the world, from edge to data center locations, offering both on-prem (air-gapped) and cloud-based software-as-a-service (SaaS) management of Cisco UCS servers. 
   
• Red Hat OpenShift Virtualization enables you to run VMs across the hybrid cloud while providing a path for application modernization, allowing you to migrate or modernize at your own pace.
   
• Red Hat Ansible Automation Platform flexibly automates management at scale across the entire lifecycle of VirtOps including migration, automating ongoing management tasks and workflows as desired across the lifecycle. It also acts as an orchestrator for Cisco Intersight, Red Hat OpenShift, and related infrastructure such as storage and network resources, observability and more.

Combined, Red Hat and Cisco provide a comprehensive solution to help simplify operations across compute, network, and storage for virtualized applications and workloads. More information is available through the Cisco Validated Design paper. 

Use cases for using Cisco Intersight with Ansible Automation Platform

Cisco Intersight natively automates comprehensive infrastructure lifecycle management through policy-driven configuration and a built-in drag-and-drop workflow designer, offering curated tasks for compute, networking, and storage. The power of Intersight is that it is also a single API endpoint to automate UCS servers located anywhere in the world. Its API-first architecture also enables robust ecosystem integration, allowing it to extend capabilities with solutions like Ansible Automation Platform, which extends this at scale and across Red Hat, Cisco, multivendor storage and other infrastructure. 

Here are some use cases and examples, based on Red Hat Ansible Certified Content Collection for Cisco Intersight:

• Automated workflows: Ansible Automation Platform can automate tasks directly or call a variety of tools to complete work in the way you desire. For example, there are many steps to fully deploy a virtualized application to production. Once hardware is provisioned, you may need to provision the virtual machine (VM) or call a desired solution to do so, orchestrate multivendor monitoring tools, and deploy the application. Ansible Automation Platform has the power and flexibility to allow you to orchestrate all of the steps in the way you desire, doing this at scale.
• Automated configuration as code (CaC): This is a flexible, extensible and often multivendor way to standardize and manage the configuration of your technologies. It can include version control through a source of truth (SoT) which is often a configuration file. Ansible Automation Platform supports configuration as code for the entire virtualization stack including Cisco UCS, virtualization, network, storage, and more. Let’s say your preferred method for UCS is to use policy-based rules within Cisco Intersight. This can still be employed as part of an automation workflow where you would call the API for Cisco Intersight to address and implement these rules as part of your automated workflow.
• Event-driven issue response: Event-Driven Ansible is included in Ansible Automation Platform to respond to changing conditions in your environment as they occur. It can automatically rotate an expired certificate to minimize downtime or enrich a ticket to support faster mean time to resolution (MTTR). It works with a variety of logging and monitoring tools including Splunk, ServiceNow, Dynatrace, Grafana, BigPanda, and others.
• CI/CD integration: Ansible Automation Platform can be used up and down the technology stack for applications based on Cisco UCS. You can manage aspects of the software development lifecycle with automation, such as moving an application through dev, test, and production, as well as automating testing steps and hardening the application for production use. 

What’s new with the Cisco Intersight content collection

Ansible Automation Platform includes a broad array of content collections that help you jumpstart use of automation with a specific technology. For Cisco, there are a number of content collections you can use, and Cisco Intersight is one such collection. 

The latest cisco.intersight collection bridges the gap between software-defined automation and physical hardware. We have grown the Cisco Intersight content collection from 10 modules to over 100 modules to make it more capable. Leveraging Cisco UCS's policy-driven, software-defined compute architecture, the cisco.intersight collection allows you to automate server management, so you can define its state, configuration, and actions entirely through code.

Key capabilities include:

• Server Profile Templates as code: Automate the creation, deployment, and modification of Server Profiles Templates. These templates can then be used to instantiate a server profile to configure 100s to 1000s of servers. This defines the settings of a UCS server (UUIDs, MAC addresses, BIOS settings) before an OS even touches it.
• Massive policy management: Configure dozens of granular policies (firmware, boot order, network, storage, power, NTP, syslog) and enforce them across thousands of servers to maintain compliance and eliminate configuration drift.
• Automated firmware management: Orchestrate non-disruptive firmware upgrades for compute and fabric interconnects as part of standard Ansible Playbooks and modules.
• Dynamic inventory: Use the intersight_info module to dynamically populate your Ansible inventory based on real-time hardware data from Intersight (e.g., "Target all servers with X tag" or "Update all specific model servers").
• 100% API coverage: Includes an intersight_rest_api module that acts as a "catch-all" wrapper, allowing you to automate any new Intersight feature immediately, even if a specific Ansible module hasn't been written for it yet.

In the context of migrating to OpenShift Virtualization, this collection matters because it handles the underlying compute infrastructure. It automates the preparation of the physical Cisco UCS hardware so it is ready for the OpenShift bare metal installation, where Intersight is also integrated into OpenShift Assisted Installer.

Migrating at scale to OpenShift Virtualization on Cisco UCS with Day 2 virtual infrastructure management
Ansible Automation Platform works in conjunction with Red Hat OpenShift’s migration toolkit for virtualization (MTV) to complete migrations at scale. MTV can be used to identify how to migrate VMs.  Ansible Automation Platform comes in to complete the migration at scale – including related infrastructure needs. You can add additional steps as required such as creating automated snapshots, enrolling VMs in security or observability monitoring, adding them to a CMDB and more. 

Once migrated, automation supports Day 2 management activities including orchestrated workflows, healthchecks, issue management, foundational infrastructure such as network, storage, and more. You can handle all of your ongoing needs for provisioning and orchestration of VMs within your operational process as well as related infrastructure. Other workflows can handle backup and restore, health checks, and compliance validations, as well as a deprovisioning process for VMs and resources that are no longer used. Event-Driven Ansible can also help you automate response to changing conditions, such as a security concern, adjusting compute or storage limits, rotating certificates, ticket enrichment for faster MTTR, and more. As a highly flexible solution, you can design the workflows that meet your needs for speed, consistency, accuracy, and resilience. 

What is the role of Cisco Unified Computing, Cisco Intersight, and network and storage vendors in this solution? As shown in Figure 3, your computing platform is based on the UCS foundation. Ansible Automation Platform can help automate functions on this platform at scale, as specified by Cisco Intersight, such as compliance policies, firmware administration, network connectivity, and other functions. 

For storage, similar functions can be automated. There are existing Red Hat Ansible Certified Content Collections available to help customers jumpstart management tasks for a variety of storage vendors, including NetApp and Pure Storage, which are commonly included in Cisco UCS solutions. 

Managing AI the edge and beyond
Many engineers associate the cisco.intersight content collection primarily with the initial deployment of UCS servers in traditional data centers. In this current content collection, its power shines during Day 2 operations across the entire Cisco compute landscape. This includes Cisco AI PODs and Unified Edge fleet management.

The real challenge isn't just deployment, it's the ongoing battle against configuration drift, security patching, and capacity scaling. With this collection, you can standardize these critical lifecycle tasks using a single inventory. Imagine running a playbook that not only updates firmware on your high-performance AI clusters to support new GPU drivers but simultaneously pushes a security compliance policy to hundreds of Unified Edge nodes at remote retail locations.

Whether it’s automating OS installations, rotating API keys, or performing non-disruptive rolling upgrades on your compute fabric, the Intersight collection transforms disparate maintenance tasks into a unified, code-driven workflow that makes sure your infrastructure—from the core AI workload to the distributed edge—remains consistent, protected, and resilient. 

Learn more

There are a number of ways to learn more about this joint offering.

First up, there's a webinar we're presenting along with Cisco. Whether you attend live or listen on demand, we will be expanding our discussion of this area. Register now!

There is also a Cisco Validated Design paper, “Enhancing Day 2 Operations with Cisco Compute and the Red Hat Ansible Automation Platform,” that dives deeper into the technical side of things. 

The following Red Hat resources are also available: 

• Red Hat Ansible Automation Platform for virtualization
• Automation interactive walk-through for virtualization
• Migrate and manage virtual infrastructure ebook
• Red Hat OpenShift for Virtualization
• Red Hat AI automation