Being able to dynamically scale infrastructure is no longer a nice-to-have - it is a requirement. The advent of cloud and container platforms have shifted the expectations in terms of consuming IT infrastructure and services. As a result, any tool that is used to manage infrastructure needs to be able to handle this ever-changing landscape.
Red Hat Ansible Automation Platform provides customers with the tools that they need to build an automation solution. The component automation controller helps enterprises automate and scale with confidence.
One of the ways we can scale our automation is to leverage container groups. Container groups are part of automation controller, and allow customers to leverage an existing OpenShift cluster to create on-demand execution capacity for Ansible Playbooks. When a job is executed from automation controller, it creates pods on the target OpenShift cluster, which runs the automation job. Once the job is complete, the pods are terminated. This provides a number of benefits:
- Fewer wasted resources - infrastructure isn’t sitting idle while waiting for automation jobs. Once a job completes, the resources are instantly freed up.
- Deliver execution capacity quicker - we don’t need to provision infrastructure up front.
- Less focus on capacity planning - Red Hat OpenShift provides a pool of resources that can be controlled with limits and quotas as opposed to having to develop a number of virtual machines up front.
Let’s look at how we can leverage container groups within automation controller.
Preparing Red Hat OpenShift
Before we can start using container groups in automation controller, we need to create a namespace and service account in Red Hat OpenShift. The following example uses Red Hat OpenShift and the oc command line tool.
First, we will create a new namespace - this namespace will be used to launch the pods that will run our automation jobs.
$ oc new-project ansible-automation
Now using project "ansible-automation" on server "https://api.comet.demolab.local:6443".
Next, we need to create a service-account and assign permissions. The following example creates a service-account called “aap-sa” and assigns the “edit” role to the service account.
$ oc create serviceaccount aap-sa
serviceaccount/aap-sa created
$ oc adm policy add-role-to-user edit -z aap-sa
clusterrole.rbac.authorization.k8s.io/edit added: "aap-sa"
The last step is to retrieve the token for our service-account that we will need for automation controller:
$ oc serviceaccounts get-token aap-sa
<token>
Configuring automation controller
The workflow for creating container groups in automation controller is simple. First, we need to create a credential like “OpenShift or Kubernetes API Bearer Token”. This will allow automation controller to authenticate to the target OpenShift cluster to launch on-demand execution capacity. Enter the API endpoint for the OpenShift cluster and paste the token that we obtained from the service account secret.
Within the Ansible Automation Platform dashboard, under Resources -> Credentials, click the blue Add button. Fill in the details as follows:
The next step is to create the container group in automation controller. Navigate to Administration -> Instance Groups, select Add ->Add container group.
Enter a name for the container group and associate the credential we just created. Check the box to “Customize pod specification” - we want automation controller to create pods in our ansible-automation
namespace. If we don't edit the namespace, it will attempt to use the default namespace in Red Hat OpenShift. This would cause an issue, as we don't have permissions to use the default namespace with our service account.
Modify the custom pod spec for the container because the execution environment associated with the Project, Inventory or Job Template will take precedence. If none are specified, it will use the default automation execution environment within automation controller. The configuration should look as follows:
Once the changes have been made, click Save.
Testing the configuration
In order to use a container group, we must assign them to an inventory, project or job template. To test the configuration, let’s assign our container group to a job template.
There are a couple of fields that we need to pay special attention to in the Job Template. First is the “Execution Environment” field, which specifies the container image that will be used for the execution of the playbook. Here is the job template definition including the Execution Environment - Note the use of the “Minimal execution environment”. We’ll confirm later on that this is the image used during the job execution.
The second parameter we need to edit is the container group from the “Instance Group” option in the job template:
Now let’s launch the job! We can monitor the activity from the OpenShift platform to see what happens. Once the job starts running we should see a pod in our namespace:
$ oc get po
NAME READY STATUS RESTARTS AGE
automation-job-2010-scm85 1/1 Running 0 11s
If we "describe" the pod, we can also verify the image that is being used for the execution. Remember we specified the minimal image:
$ oc describe po automation-job-2010-scm85
Containers:
worker:
Container ID: cri-o://fbdd50bb0c22c763e3e95497848515a2999646f542033f36a6d0e7fe80bf1f4c
Image: registry.redhat.io/ansible-automation-platform-20-early-access/ee-minimal-rhel8:2.0.1
Once the job completes, the pod should terminate. Great! We can now spin up execution capacity for our Ansible jobs on-demand.
Taking it to the next level with job slicing
Container groups can be combined with job slicing to further scale our automation. Job slicing distributes a single automation job across multiple execution nodes. Let’s take an example where we are automating against 1,000 virtual machines. To run this automation job on a single execution node could take some time to complete and we might not even have enough capacity to complete the job.
If we slice the job across five execution nodes, then each would be responsible for automating against 200 virtual machines as the target inventory of 1,000 virtual machines is distributed across each of the execution nodes.
Let’s go back into our job template definition and increase the number of slices to three by editing the “Job Slicing” parameter:
Let’s launch the job again and see what happens this time. You’ll notice that a workflow is automatically created for us. Each of the templates in the workflow represent a slice of the job.
If we look in our OpenShift namespace we can also see that there are three pods running this time - with the job distributed across them:
$ oc get po
NAME READY STATUS RESTARTS AGE
automation-job-2033-558f9 1/1 Running 0 27s
automation-job-2034-zk7sw 1/1 Running 0 27s
automation-job-2035-lln9s 1/1 Running 0 27s
Next Steps
Automation controller provides a platform for executing Ansible automation, and provides powerful features for scaling automation to meet the needs of large and complex enterprise customers. In this example, we saw how we can combine two of these features - container groups and job slicing - to provide a means for dynamically scaling automation by leveraging an existing OpenShift platform.
Sobre o autor
Mais como este
Navegue por canal
Automação
Últimas novidades em automação de TI para empresas de tecnologia, equipes e ambientes
Inteligência artificial
Descubra as atualizações nas plataformas que proporcionam aos clientes executar suas cargas de trabalho de IA em qualquer ambiente
Nuvem híbrida aberta
Veja como construímos um futuro mais flexível com a nuvem híbrida
Segurança
Veja as últimas novidades sobre como reduzimos riscos em ambientes e tecnologias
Edge computing
Saiba quais são as atualizações nas plataformas que simplificam as operações na borda
Infraestrutura
Saiba o que há de mais recente na plataforma Linux empresarial líder mundial
Aplicações
Conheça nossas soluções desenvolvidas para ajudar você a superar os desafios mais complexos de aplicações
Programas originais
Veja as histórias divertidas de criadores e líderes em tecnologia empresarial
Produtos
- Red Hat Enterprise Linux
- Red Hat OpenShift
- Red Hat Ansible Automation Platform
- Red Hat Cloud Services
- Veja todos os produtos
Ferramentas
- Treinamento e certificação
- Minha conta
- Suporte ao cliente
- Recursos para desenvolvedores
- Encontre um parceiro
- Red Hat Ecosystem Catalog
- Calculadora de valor Red Hat
- Documentação
Experimente, compre, venda
Comunicação
- Contate o setor de vendas
- Fale com o Atendimento ao Cliente
- Contate o setor de treinamento
- Redes sociais
Sobre a Red Hat
A Red Hat é a líder mundial em soluções empresariais open source como Linux, nuvem, containers e Kubernetes. Fornecemos soluções robustas que facilitam o trabalho em diversas plataformas e ambientes, do datacenter principal até a borda da rede.
Selecione um idioma
Red Hat legal and privacy links
- Sobre a Red Hat
- Oportunidades de emprego
- Eventos
- Escritórios
- Fale com a Red Hat
- Blog da Red Hat
- Diversidade, equidade e inclusão
- Cool Stuff Store
- Red Hat Summit