블로그 구독

Everything you know and love about Ansible Automation Platform in containerized form

We’re excited to announce something that we’ve been working on for a while now, the technical preview of a containerized Red Hat Ansible Automation Platform solution.

Currently, this will allow you to install and run containerized automation controller, Ansible automation hub, and the Event-Driven Ansible controller services on just one or more underlying RHEL hosts on x86_64 and ARM64 architectures. This does not require a kubernetes-based platform, as it just uses native RHEL podman on top of a RHEL host.

 

The rationale behind containerized Ansible Automation Platform

As Ansible Automation Platform evolved, we added more services and components into the stack. Over time, the increasing complexity and inter-dependencies between these components have introduced new challenges in terms of maintenance, installation, and support. They have also opened up opportunities for growth and innovation.

Containerized Ansible Automation Platform is the first step towards a more streamlined and improved platform management experience, incorporating our future vision and strategy.

 

The benefits

Just containerizing existing services was not enough for us, so we set some goals to provide:

  • a slimmed down installation experience
  • a layered installation approach
  • a containerized services approach
  • security out of the box using rootless Podman containers
  • a launchpad for new improved future features
  • a lighter footprint for applicable markets and solutions
  • alignment to the approach for our supported deployment platforms and options

 

New features

New and currently only available with this technical preview release is:

  • the ability to use controller_license_file to apply your Ansible Automation Platform license at install
  • pre-seeding automation controller configuration content as code

 

Setup Overview

As a design goal, we’ve tried to simplify the installation requirements and process.

This now basically boils down to these few tasks:

  1. Download and unpack the installation bundle

Available from the usual RHN portal under our Downloads, download the latest released version in either ‘online’ (internet access required) or ‘offline’ bundle form. Note we support both x86_64 and arm64 architectures so download the right package for your platform choice.

We now mandate running as a non-root user, so extract the installation files in a location of your choice as the user you want to own Ansible Automation Platform.  You’ll need as a minimum just one RHEL 9.2 virtual or physical host for all platform components. For exact host requirements please refer to the installation guide.

  1. Edit the supplied inventory file.

In the extracted installation directory, you’ll find an inventory file. This has been stubbed out with the necessary, optional and recommended configuration to get you going fast. We’ll explain this in a little more detail shortly.

Simply edit the inventory file and modify the configuration as required and fill in the necessary variable information. We’ve tried to make this as foolproof as possible to ensure the greatest success on the first install.

It should look something like this:

# This is the AAP installer inventory file
# Please consult the docs if you're unsure what to add
# For all optional variables please consult the included README.md

# This section is for your AAP Controller host(s)
# -------------------------------------------------
[automationcontroller]
fqdn_of_your_rhel_host ansible_connection=local

# This section is for your AAP Automation Hub host(s)
# -----------------------------------------------------
[automationhub]
fqdn_of_your_rhel_host ansible_connection=local

# This section is for your AAP EDA Controller host(s)
# -----------------------------------------------------
[automationeda]
fqdn_of_your_rhel_host ansible_connection=local

# This section is for the AAP database(s)
# -----------------------------------------
# Uncomment the lines below and amend appropriately if you want AAP to install and manage the postgres databases
# Leave commented out if you intend to use your own external database and just set appropriate _pg_hosts vars
# see mandatory sections under each AAP component
#[database]
#fqdn_of_your_rhel_host ansible_connection=local

[all:vars]

# Common variables needed for installation
# ----------------------------------------
postgresql_admin_username=postgres
postgresql_admin_password=
# If using the online (non-bundled) installer, you need to set RHN registry credentials
registry_username=
registry_password=
# If using the bundled installer, you need to alter defaults by using:
#bundle_install=true
#bundle_dir=

# AAP Controller - mandatory
# --------------------------
controller_admin_password=
controller_pg_host=fqdn_of_your_rhel_host
controller_pg_password=

# AAP Controller - optional
# -------------------------
# To use the postinstall feature you need to set these variables
#controller_postinstall=true
#controller_license_file=
#controller_postinstall_repo_url=
#controller_postinstall_dir=


# AAP Automation Hub - mandatory
# ------------------------------
hub_admin_password=
hub_pg_host=fqdn_of_your_rhel_host
hub_pg_password=

# AAP Automation Hub - optional
# -----------------------------

# AAP EDA Controller - mandatory
# ------------------------------
eda_admin_password=
eda_pg_host=fqdn_of_your_rhel_host
eda_pg_password=
controller_main_url=https://fqdn_of_your_rhel_host

# AAP EDA Controller - optional
# -----------------------------

The [ ] sections represent our groups of services which we want to deploy (automation controller, automation hub, Event-Driven Ansible controller, and associated databases). 

If a component platform service (automation controller, Ansible automation hub, or Event-Driven Ansible controller) is not required, simply comment out the fqdn_of_your_rhel_host line for that service and it’ll be skipped. I encourage you to install all the components though to get the full Ansible Automation Platform experience and benefits. It’ll also do the common integration tasks which you may not get when adding individual components.

The postgres database itself is also containerized on the same RHEL host and is provided and managed by the installer. It is possible to use an external containerized or non-containerized database, but we’ll keep it simple in this example.

fqdn_of_your_rhel_host presents my fully qualified domain named RHEL 9.2 host. Replace anything inside <> with the password or credentials  you wish to use.

As we’re installing from and on the same RHEL host, we can use ansible_connection=local as the connection mechanism to avoid having to use SSH keys.

[all:vars] is a special section where we’re supplying the individual service options as Ansible variables. We’ve sectioned the sample inventory file so it’s easier to know which are mandatory and which are optional. The latter is useful to tweak and customize your configuration further. 

There are many more variables available to provide the ultimate flexibility so please consult the README.md that comes with the installation package. Most are straight forward but I’ll call out registry_*. These are the RHN portal credentials you normally use, which enable the container images we need to be fetched from registry.redhat.io if you use the default online bundle.

Some customers prefer to separate out the more sensitive variable information into a separate file so it can be protected with the likes of ansible-vault. It allows for a much cleaner, simpler inventory file. I won’t use that example here but will instead show how it can be called when installing.

  1. Set environment variables

The actual installer itself is now an Ansible Content Collection in its own right. This is a super cool feature and allows us to commoditize the packaging aspect for the installer, giving us a more flexible future proofed approach.

You need to tell the installer where to go find the installer collections using ANSIBLE_COLLECTIONS_PATH

An example will be something like: 

$ export ANSIBLE_COLLECTIONS_PATH=/full-path-to-installer/collections
  1. Run the collections installer!

We are now ready to run the installer which is done by calling the installer collections playbook:

$ ansible-playbook -i inventory ansible.containerized_installer.install [options]

[options] are ansible-playbook supported options such as increasing verbosity with -v, asking for privilege escalation password -K. Consult the ansible-playbook documentation for more options.

If you’ve separated out your variable information into a separate file (in this example called vars.yml), then you can use something like this:

$ ansible-playbook -i inventory -e @vars.yml ansible.containerized_installer.install [--ask-vault-pass] [-K] [-vvvv]

If you’ve not ansible-vault protected the vars.yml file, then you don’t need to use –ask-vault-pass which prompts for the vaulted file’s password.

Once completed, you’ll see output similar to:

PLAY RECAP *****************************************************************************************************************
caap1.lan                  : ok=227  changed=10   unreachable=0    failed=0    skipped=45   rescued=0    ignored=0
localhost                  : ok=10   changed=0    unreachable=0    failed=0    skipped=14   rescued=0    ignored=0

There should be zero failed actions, but others will vary depending on what and how you’re configuring the platform.

You can now go automate! By default the services will be available on:

  • automation controller - port 443
  • Ansible automation hub - port 444
  • Event-Driven Ansible - controller port 445

Access via your browser and enter https://your_RHEL_host:<port>

 

Summary

This blog provides a quick overview and demonstration of our new tech preview of containerized Ansible Automation Platform. 

You can get started by downloading this from the normal Red Hat Portal Downloads section, and you'll find the current documentation here

Please refer to the installation guide for a more detailed and comprehensive installation walkthrough as we still provide many flexible options.

In a follow up blog, I'll cover another new feature: the ability to pre-seed Ansible Automation Platform configuration at installation time. Watch this space!

 


저자 소개


Phil Griffiths is a Product Manager for Ansible Automation Platform with nearly seven years of experience at Red Hat. Phil has held roles as a solution architect and technical consultant both at Red Hat and for other organizations.

Read full bio

채널별 검색

automation icon

오토메이션

기술, 팀, 인프라를 위한 IT 자동화 최신 동향

AI icon

인공지능

고객이 어디서나 AI 워크로드를 실행할 수 있도록 지원하는 플랫폼 업데이트

open hybrid cloud icon

오픈 하이브리드 클라우드

하이브리드 클라우드로 더욱 유연한 미래를 구축하는 방법을 알아보세요

security icon

보안

환경과 기술 전반에 걸쳐 리스크를 감소하는 방법에 대한 최신 정보

edge icon

엣지 컴퓨팅

엣지에서의 운영을 단순화하는 플랫폼 업데이트

Infrastructure icon

인프라

세계적으로 인정받은 기업용 Linux 플랫폼에 대한 최신 정보

application development icon

애플리케이션

복잡한 애플리케이션에 대한 솔루션 더 보기

Original series icon

오리지널 쇼

엔터프라이즈 기술 분야의 제작자와 리더가 전하는 흥미로운 스토리