In the world of IT automation, Red Hat Ansible Automation Platform has emerged as a powerful tool for streamlining tasks and orchestrating complex systems. With the release of Ansible Automation Platform 2.X, managing automation workflows has become even more efficient. In this blog post, we'll explore how to configure a newly deployed Ansible Automation Platform 2.X instance using API calls directly from a playbook. By following these steps, you'll be able to set up your automation environment swiftly and seamlessly.
Of course, in most cases, you will use a Red Hat Ansible Certified Content Collection such as ansible.controller or Ansible validated content infra.controller_configuration as a more flexible option to configure the Ansible Automation Platform. In certain situations, you might find that regular collections aren't available. This could occur post-installation of the Ansible Automation Platform or in environments with strict security policies disallowing external collections. In these instances, your best course of action is to leverage API calls for initial configuration.
Prerequisites:
Before diving into the configuration process, ensure you meet the following prerequisites:
Ansible Automation Platform 2.X: Check that Ansible Automation Platform 2.X is installed without errors and is accessible along with a private automation hub.
Ansible package: The latest release of Ansible Automation Platform (2.9 or later) must be installed on the host where the playbook will run. If you haven't already installed it, make sure to set it up on your system before proceeding further. If you are running the playbook on the same host that was used for the Ansible Automation Platform installation, the Ansible package will already be there.
Repo Credentials:
While we've tested this setup using GitHub, you can configure it to work with other repository sources as needed.
GitHub Credentials: You'll need your GitHub username and personal access token to authenticate with GitHub and access repositories. The examples below assume the repository with Ansible Automation Platform configuration is not public.
GitHub Repository: Prepare the GitHub repository URL where your Ansible Playbook and related files are stored. This repository will be used for version control and synchronization with your Ansible Automation Platform environment.
Collections Tarballs: If you are going to import any collections into a private automation hub, make sure collection tarball files are accessible by the playbook. Collections contain reusable automation content and modules necessary for various tasks within your automation workflows.
Ansible Installation Inventory File: Make sure you have an inventory file containing the necessary configuration details, such as host addresses and groupings, for your Ansible Automation Platform installation. This can be the same inventory file you used for Ansible Automation Platform installation and it is expected to be located in the same folder as the playbook containing the examples below.
Configuration Process
Before delving into the configuration of the Ansible Automation Platform 2.X, it's imperative to prepare all the necessary variables required for the setup using API calls. This initial step lays the foundation for a smooth and seamless configuration process, so that all essential components are in place before proceeding further.
1) Get and Prepare Variables for Ansible Automation Platform Configuration:
The first step involves retrieving and preparing all the variables essential for configuring Ansible Automation Platform. Through API calls, we gather pertinent information such as controller node addresses, authentication tokens and user credentials. These variables serve as the building blocks for our configuration process, providing the necessary parameters for interaction with the Ansible Automation Platform environment.
Example:
- name: Generate Controller token
ansible.builtin.uri:
url: "https://{{ controller_node }}/api/v2/tokens/"
method: POST
body_format: json
headers:
Content-Type: "application/json"
Authorization: "Basic {{ ('admin:' + admin_password) | b64encode }}"
body:
description: "Personal Controller token"
validate_certs: false
register: controller_token
failed_when: "controller_token.status not in [200, 201]"
This example assumes that we are creating a personal token for an admin account since this account is created by default during the Ansible Automation Platform deployment and its credentials are what is available by default in the inventory file used for the deployment. If the requirement is to use another account, it has to be created first and can also be parameterized in the task above. Step 3 has an example of creating a user.
2) Create Namespaces for Private Automation Hub Collections:
As the private automation hub is newly installed and collections are not available, we next check that there’s organizational clarity within the Ansible Automation Platform environment by creating namespaces for collections. These namespaces serve as logical containers for organizing and managing automation assets effectively. In the absence of predefined namespaces, we create them to streamline access control and resource allocation within our automation ecosystem.
Example:
- name: Create namespaces for collections
ansible.builtin.uri:
url: https://{{ automation_hub }}/api/galaxy/_ui/v1/namespaces/
user: "{{ automationhub_admin_user }}"
password: "{{ automationhub_admin_password }}"
method: POST
body: '{
"name": "{{ item }}",
"groups": []
}'
force_basic_auth: true
status_code: 201
body_format: json
validate_certs: false
loop: "{{ namespaces_to_match | difference(matched_namespaces) }}"
For private automation hub configuration, we'll use a username and password. At the same time, existing the hub-wide API token gets reset each time a new one is requested, and since the hub-wide API token is also used by the automation controller to get collections, it’s not something we want to be changing each time we run the playbook.
3) Create Necessary Users, Credentials, Inventory:
With the foundational elements in place, we proceed to create essential components such as users, credentials and inventories within Ansible Automation Platform. This step encompasses the creation of accounts for further automation or administrative tasks, inventory configurations and credential setups, enabling a robust authentication and authorization framework for our automation workflows.
Example:
- name: Create an automation user with a random password
ansible.builtin.uri:
url: "https://{{ controller_node }}/api/v2/users/"
method: POST
body_format: json
headers:
Content-Type: "application/json"
Authorization: "Bearer {{ controller_token.json.token }}"
body:
username: "aap-admin"
password: "{{ automation_user_random_password.stdout }}"
is_superuser: true
4) Create Private Automation Hub (PAH) Users and namespaces:
Simultaneously, we configure the private automation hub, a critical component for orchestrating automation workflows securely. This involves creating private automation hub users and namespaces, and establishing secure authentication mechanisms. By implementing stringent access controls and authentication protocols, we fortify the security posture of our automation infrastructure, safeguarding sensitive data and workflows.
Example:
- name: Create Private Automation Hub credential
ansible.builtin.uri:
url: "https://{{ controller_node }}/api/v2/credentials/"
method: POST
body_format: json
headers:
Content-Type: "application/json"
Authorization: "Bearer {{ controller_token.json.token }}"
body:
validate_certs: false
5) Create a Project, Add WebHook, Connect with GitHub, and Launch the Job:
To culminate our configuration process, we create a project within the Ansible Automation Platform environment, integrate it with external services such as GitHub and automate the deployment process using webhooks. This comprehensive approach offers seamless collaboration and versioning capabilities within our automation workflows. Finally, we add the project to a job template and launch the job, validating the functionality of our playbook and enabling the successful execution of our configuration tasks.
Example:
- name: Create project
ansible.builtin.uri:
url: "https://{{ controller_node }}/api/v2/projects/"
method: POST
body_format: json
headers:
Content-Type: "application/json"
Authorization: "Bearer {{ controller_token.json.token }}"
body:
name: aap-config
scm_type: "git"
scm_url: "{{ github_repo }}"
organization: 1
credential: "{{ github_credential_id }}"
scm_update_on_launch: true
validate_certs: false
By following these configuration steps, you can configure Ansible Automation Platform 2.X using API calls. Each step in the process contributes to the establishment of a robust automation environment, characterized by efficiency, security and agility. With proper execution, you'll have a fully functional Ansible Automation Platform instance ready to streamline your IT automation workflows and drive organizational success. You will find a complete example playbook here.
Conclusion
In this blog post, we've provided a detailed guide on setting up Ansible Automation Platform 2.X through API calls from a playbook, starting from a fresh installation with no existing configuration. By adhering to these steps, you'll establish the essential initial configurations for your day-to-day tasks with the Ansible Automation Platform.
Learn more
저자 소개
Sohidur Rahman is a dedicated Red Hat Container Infrastructure Consultant, driven by a passion for helping clients overcome their strategic technology and business challenges using open source methods and technologies.
유사한 검색 결과
채널별 검색
오토메이션
기술, 팀, 인프라를 위한 IT 자동화 최신 동향
인공지능
고객이 어디서나 AI 워크로드를 실행할 수 있도록 지원하는 플랫폼 업데이트
오픈 하이브리드 클라우드
하이브리드 클라우드로 더욱 유연한 미래를 구축하는 방법을 알아보세요
보안
환경과 기술 전반에 걸쳐 리스크를 감소하는 방법에 대한 최신 정보
엣지 컴퓨팅
엣지에서의 운영을 단순화하는 플랫폼 업데이트
인프라
세계적으로 인정받은 기업용 Linux 플랫폼에 대한 최신 정보
애플리케이션
복잡한 애플리케이션에 대한 솔루션 더 보기
오리지널 쇼
엔터프라이즈 기술 분야의 제작자와 리더가 전하는 흥미로운 스토리
제품
- Red Hat Enterprise Linux
- Red Hat OpenShift Enterprise
- Red Hat Ansible Automation Platform
- 클라우드 서비스
- 모든 제품 보기
툴
체험, 구매 & 영업
커뮤니케이션
Red Hat 소개
Red Hat은 Linux, 클라우드, 컨테이너, 쿠버네티스 등을 포함한 글로벌 엔터프라이즈 오픈소스 솔루션 공급업체입니다. Red Hat은 코어 데이터센터에서 네트워크 엣지에 이르기까지 다양한 플랫폼과 환경에서 기업의 업무 편의성을 높여 주는 강화된 기능의 솔루션을 제공합니다.