Category Archives for "Ansible Blog"

Red Hat Ansible Automation Platform 2: Migration strategy considerations

Red Hat Ansible Automation Platform 2 introduces an updated architecture, new tools and an improved but familiar experience to automation teams. However, there are multiple considerations for your planning and strategy to migrate your current deployment to Ansible Automation Platform 2.

This document provides guidance to all of the stakeholders responsible for planning and executing an Ansible Automation Platform migration guidance with factors to address in your migration strategy.

This document does not provide a one-size-fits-all approach for migration. Various factors unique to your organization will impact the effort required, stakeholders involved and delivery plan.

What to consider before migrating

We understand that many factors specific to your needs affect your migration assessment and planning. This section highlights critical factors to determine your migration readiness and what approach will best suit your organization.

Assess your current environment

There will be configurations unique to your environment, and it’s crucial to perform a thorough technical assessment. We recommend including the following:

  • Analyze your current Ansible Automation Platform installation, including current deployment patterns, integrations and any complexities relevant to the migration.

  • Determine changes needed in your environment to meet the Ansible Automation Platform 2 technical requirements.

  • Assess stakeholders’ readiness to plan and execute Continue reading

VMware resource MOID lookup filter

Are you trying to manage private clouds easily and efficiently using Ansible Automation Platform? When it comes to VMware infrastructure automation, the latest release of the vmware.vmware_rest Collection and new lookup plugins bring a set of fresh features to build, manage and govern various VMware use cases and accelerate the process from development to production.

The modules in the vmware.vmware_rest Collection rely on the resource MOID a lot. This is a design decision that we covered in an earlier blog. Consequently, when the users want to modify a VMware resource, they need to first write Ansible tasks to identify its MOID.

The new 2.1.0 release of vmware.vmware_rest Collection comes with a series of filter plugins dedicated to gathering the resource MOID. In this blog post, we will help you to keep your VMware automation playbooks concise.


But first, What is a MOID?

Internally VMware vSphere manages resources in the form of objects. Every object has a type and an ID. What we are calling MOID stands for Managed Object ID. Using the vSphere UI obfuscates the MOID logic from users and presents the objects in a visible hierarchy, potentially at several different locations.


Continue reading

What’s new in Ansible Automation Platform 2: automation content navigator

AAP 2 gray sliding a

With the introduction of Red Hat Ansible Automation Platform 2, several new key components are being introduced as a part of the overall developer experience. This includes automation execution environments, introduced to provide predictable environments during automation runtime. All collection dependencies are contained within the execution environment to make sure that automation created in development environments runs the same as in production environments.

Building execution environments is now easier with the introduction of the execution environment builder (ansible-builder) tool included with Ansible Automation Platform, while the updates to automation controller help IT teams leverage execution environments.

Considering the shift towards containerized execution of automation, the automation development workflow and pre-existing tooling must be reimagined. In short, ansible-navigator replaces ansible-playbook and other ansible-*` command line utilities.

However, ansible-navigator serves a much greater purpose than just a drop in replacement or alias to ansible-playbook. With this release, ansible-navigator is introduced as an application exclusively for developing and executing automation. Ansible-playbook has long been one of the first utilities that is leveraged in an Ansible automated environment. Building on the ease of use, the automation content navigator exposes automation runs in greater detail. Apart from debugging Continue reading

What’s new in Ansible Automation Platform 2: private automation hub

AAP 2 gray rising a

We are excited to announce that the Ansible Automation Platform 2 release includes private automation hub 4.3. Private automation hub provides automation developers the ability to collaborate and publish their own automation content and streamline delivery of Ansible code within their organization.

Private automation hub in Ansible Automation Platform 2 primarily delivers support for automation execution environments. Execution environments are a standardized way to define, build and distribute the environments that the automation runs in. In a nutshell, automation execution environments are container images that allow for easier administration of Ansible by the platform administrator. If you are unfamiliar with execution environments, please refer to this blog written by Technical Marketing manager Anshul Behl.

Private automation hub will serve as the on-premises execution environment container image repository for customers who wish to use this feature, aimed at customers who run the platform on physical or virtual environments. Ansible Automation Platform will seamlessly integrate with private automation hub for publishing and pulling execution environment container images.

Who uses private automation hub?

Private automation hub is intended for curating automation content from creators and making it seamlessly accessible to operators. It makes it easy to share these execution environments, which make Continue reading

What’s new in Ansible Automation Platform 2: automation controller

AAP 2 dark flying As

Red Hat Ansible Automation Platform 2 is the next generation automation platform from Red Hat’s trusted enterprise technology experts. We are excited to announce that the Ansible Automation Platform 2 release includes automation controller 4.0, the improved and renamed Red Hat Ansible Tower.

Automation controller continues to provide a standardized way to define, operate and delegate automation across the enterprise. It also introduces new, exciting technologies and an enhanced architecture that enables automation teams to scale and deliver automation rapidly to meet ever-growing business demand.

Why was Ansible Tower renamed to automation controller?

As Ansible Automation Platform 2 continues to evolve, certain functionality has been decoupled (and will continue to be decoupled in 2.1) from what was formerly known as Ansible Tower. The naming change better reflects these enhancements and the overall position within the Ansible Automation Platform suite.

Who uses automation controller?

All automation team members interact with or rely on automation controller, either directly or indirectly.

  • Automation creators develop Ansible Playbooks, roles and modules.
  • Automation architects elevate automation across teams to align with IT processes and streamline adoption.
  • Automation operators verify that the automation platform and framework are operational.

These roles are not necessarily dedicated to Continue reading

What’s new in Ansible Automation Platform 2: automation execution environments

aap 2 gray flying as-1

Red Hat Ansible Automation Platform 2 is now available to customers. This release expands the possibilities of automation across your organization, with a more secure, flexible foundation to build and deploy automation with greater acceleration, orchestration and innovation.

As automation usage/practices/etc. spreads throughout an organization, managing multiple automation environments for different teams and use cases become challenging. This is even more true as automation starts to scale across the IT organization. As automation continues to be part of critical workflows, the following enhancements have been made in Ansible Automation Platform 2:

  • Enables the Ansible Automation Platform administrator with the ability to provide and manage automation execution environments (see below) to differing groups, like networking and cloud teams. Each has specific content needs for their roles  instead of addressing different environments as an individual.

  • Provide the automation developers with a consistent Ansible environment that’s the same as production, so they can stop worrying about the automation environment and dependencies and focus more on the automation content itself.

  • Enable automation teams to define, build and update their automation environments without requiring them to contact the platform administrator for changes to the platform.

  • Build and distribute automation execution environments via private automation hub, Continue reading

Introducing Ansible Automation Platform 2


aap 2-1

For the last two years, the Red Hat Ansible Automation Platform product team has been hard at work developing the next major release. We are incredibly excited to introduce Red Hat Ansible Automation Platform 2, which was just announced at AnsibleFest 2021.

What’s new in Ansible Automation Platform 2?

The main focus was to enhance the foundational pieces of the Ansible Automation Platform and to enable automators to automate at enterprise scale more easily and flexibly. This means everything you know and love about writing Ansible Playbooks is largely unchanged, but what is evolving is the underlying implementation of how automation is developed, managed, and operated in large complex environments. In the end, enterprise automation platforms must be designed, packaged, and supported with container native and hybrid cloud environments in mind.

So how did we get here? It’s been years in the making, which included the following changes:

1. Ansible content was separated from the Ansible executable in the Ansible Project, creating a new construct called an Ansible Content Collections to house Ansible modules, plugins, roles and more in a discrete and atomic form.

The vast majority of time recently has been spent relocating the majority of Ansible Continue reading

What you can expect: AnsibleFest 2021 for IT Leaders

This year, we are adapting our signature automation event, AnsibleFest, into a free virtual experience. Seasoned pros and new Ansible enthusiasts alike can find answers and learn more about Red Hat Ansible Automation Platform, the platform for building and operating automation at scale and creating an enterprise automation strategy. We are excited to offer a track designed specifically for IT leaders

Let’s take a closer look at this track for AnsibleFest 2021.


IT Leaders at AnsibleFest

The role of automation for IT leaders has certainly evolved in recent years. Automation that used to be contained to domain-specific, task-bound practices has evolved to encompass full enterprises -- connecting teams and areas that were not connected before. The prospect of beginning an automation practice, or even unifying separate automation efforts, can often seem daunting. No matter where you are on your automation journey, we have a session for you.

Attendees will hear from like-minded companies about their targeted use cases and experiences with automation, sharing how they navigated their digital transformation journeys and lessons learned. We are also excited to be joined by several analysts who will share their insights and perspectives.

If you are experienced with the Ansible Automation Continue reading

What you can expect: AnsibleFest 2021 for Telco Customers

This year, we are adapting our signature automation event, AnsibleFest, into a free virtual experience. Seasoned pros and new Ansible enthusiasts alike can find answers and learn more about Red Hat Ansible Automation Platform, the platform for building and operating automation at scale and creating an enterprise automation strategy. This year, we have a content topic designed specifically for attendees from telecommunications and media companies with our Telco topic within the Network track. 

Let’s take a closer look at this content topic for AnsibleFest 2021.


Telco Automation at AnsibleFest

Telecommunication service providers have extremely critical and complex workflows that require specialized attention for automation. Attendees can expect to learn about targeted use cases, especially for Telecommunications customers, partners and vendors. You will hear from like-minded companies about their experiences with automation, understand advanced automation use cases like AIOps, pair programming, provisioning for Red Hat OpenShift, NetOps with continuous innovation/continuous delivery (CI/CD) and more.  

In addition, you can take advantage of the Telco content topic where Telco customers can learn how to get started with network automation, how to expand their network automation use cases, what’s new for those developing the automation for network projects, and how they Continue reading

What’s new: Automating ServiceNow with Ansible Automation Platform

It has been almost half a year since the XLAB Steampunk and Red Hat Ansible Automation Platform teams developed the first version of the Red Hat Ansible Certified Content Collection for ServiceNow IT Service Management (ITSM). You may also want to read our ServiceNow introduction if you are not familiar with this already.  So, let’s take a look at what is new since the last release.

We will skip most of the technical details in this post because, let us face it, talking about interactions between API pagination and filtering is not something many people enjoy. Instead, we will focus on the new things users can do using the current 1.2.0 version of this collection.


Attachment management

ServiceNow records (incidents, problems, change requests, etc.) may contain attachments, but the first version of the ServiceNow Collection did not expose this capability to Ansible Automation Platform users. We changed this in version 1.2.0 when we added the attachments parameter to all non-info modules.

Ansible users can now upload error logs and other artifacts when creating new incidents and other ServiceNow records. They can also add them later to existing ServiceNow records. For example, users might Continue reading

AnsibleFest 2021: Network Automation Track

This year, we are adapting our signature automation event, AnsibleFest, into a free virtual experience to connect our communities with a wider audience and to collaborate to solve problems. Seasoned pros and new Ansible enthusiasts alike can find answers and learn more about Red Hat Ansible Automation Platform, the platform for building and operating automation at scale and creating an enterprise automation strategy. Have you already automated some type of server or infrastructure management? Use the network automation track to understand the benefits that come with automating network management the Ansible way. 

Let’s take a closer look at this track for AnsibleFest 2021.


Network Automation at AnsibleFest

Gone are the days of hand-typing commands into network devices one by one, because you simply can’t keep up. Manage your network infrastructure using Ansible Automation Platform throughout the entire development and production life cycle, and free time as a result to focus on your top priority network engineering challenges. This AnsibleFest track focuses on network automation topics for automation content developers as well as network and cloud engineers or operators

Attendees will learn how network automation can no longer be a point tool, but instead part of a holistic Continue reading

Audit your VMware vCenter Server using Ansible

vCenter has a graphical user interface if you want to interact with it, but what if you manage multiple vCenter servers and want to automate audits or the maintenance of those servers? In this blog, we will see how we can retrieve details about the VMware vCenter Server directly using Ansible. The practices laid out in the blog will help system administrators responsible for managing multiple vCenter servers. In addition, Ansible automation becomes imperative in development environments for testing against multiple instances in your CI/CD pipeline. 

The new vmware.vmware_rest Collection has recently been released and published, and it comes with a new set of modules dedicated to vCenter Server (VCSA) management.

VMware vSphere (Product bundle that includes vCenter Server and other features) 7.0.2 (a.k.a 7.0U2) comes with some new REST end-points. This REST API does not cover all the features exposed over the SOAP interface. Modules in the vmware.vmware_rest Collection are built on top of this API and face the same limitations.

The vmware.vmware_rest Collection contains these modules, which is supported by Red Hat and available on Ansible automation hub.


Validate the state of a vCenter Server instance from Ansible

Continue reading

Getting Started With BGP Address Family Resource Modules

Modern enterprise networks have grown a lot in size and complexity, making them more difficult to manage than ever before. Working on these complex networks manually can be tedious, time-consuming, costly, and more prone to error.

Red Hat Ansible Network Automation resource modules provide a path for users to ease the network management, especially across multiple different product vendors. This enables users to manipulate configuration as structured data without worrying about network platform specific details.

In this blog post, we’ll explore the newly added BGP address family resource module using junipernetwork.junos.junos_bgp_address_family as an example. Similar blogs are also available, which cover resource modules for OSPFv2, ACLs, BGP Global and route maps.

Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information between autonomous systems (AS) on the internet. The protocol is often classified as a path vector protocol, but is sometimes also classed as a distance-vector routing protocol. It is used in larger network setups, as Network World so aptly observes:

BGP has been called the glue of the Internet and the postal service of the internet. One comparison likens BGP to GPS applications on mobile phones.

Managing Continue reading

Fun with private Automation Hub – Part 2

In the previous blog post, I provided a brief history on Ansible Content Collections and demonstrated how to upload a Collection to a private Automation Hub. We ended the blog by synchronizing content from Ansible Galaxy and Automation Hub. Today, we will configure Ansible Tower to communicate with private Automation Hub.

"Great things are done by a series of small things brought together." - Vincent Van Gogh on Ansible Collections

A particular type of credential: "Ansible Galaxy/Automation Hub API Token" is what allows Red Hat Ansible Tower to authenticate and connect to private Automation Hub. Logging into Ansible Tower's GUI, in the left frame under ‘Resources’, let's click on 'Credentials,' then 'Create a new credential' . In the spirit of simplicity, we'll use the same names, URLs and so on as they appear in private Automation Hub under 'Repo Management / Local.' The credentials below would be used to connect to the 'published' (our proprietary) Collections. Remember that loading a new token in private Automation Hub will delete your old token.

Creating credentials to connect Ansible Tower directly to 'Automation Hub' or 'Ansible Galaxy' will not be described here, as the scope of this blog is limited to Continue reading

Automation Savings Planner

Pre-plan your automation savings with Red Hat Insights for Red Hat Ansible Automation Platform

Enterprise organizations understand that to be leaders in their industries, they must change the way they deliver applications, improve their relationships with customers and gain competitive advantages.

Positioning those advantages to have a positive return on investment often starts with proper planning and automation.

But what does proper planning of your automation even look like?

For some enterprises, proper planning includes reducing automation costs. For others, it’s reducing time spent to open new opportunities.

With this in mind, Red Hat is excited to introduce Automation Savings Planner, a new enhancement that puts automation planning in the forefront within the hosted services on

The Automation Savings Planner is designed to provide a one stop shop to plan, track and analyze potential efficiency improvements and cost savings of your automation initiatives.


How does it work?

Users can create an automation savings plan within Red Hat Insights for Red Hat Ansible Automation Platform by defining how long and often the work is done manually, as well as a list of tasks needed to successfully automate this job.

Once defined, you can integrate your newly Continue reading

Mapping SAML attributes to Red Hat Ansible Automation Platform organizations and teams

Two-Factor Authentication (2FA) is an additional layer of security that can be used to help protect enterprise applications from unauthorized access. While OAuth, and even some LDAP configs are viable options to enable 2FA in Ansible Automation Platform, users prefer to leverage Security Assertion Markup Language (SAML) for this purpose, as described in Using two-factor SAML with Red Hat Ansible Tower. On the other hand, 2FA to managed machines is discouraged.

SAML Blog 1

SAML is an open standard that allows Identity Providers (IdP) exchange authorization credentials with a Service Provider (SP). The IdP supplies an XML document—known as assertion—to the SP to deliver a series of attributes that identify the login user. 

These attributes can be used in Ansible Automation Platform to determine the team and organization of a user. Let’s explore an example, with Microsoft Azure’s Active Directory as the IdP (and, of course, Ansible Automation Platform as the SP).


Attribute mapping

The goal of this example is to map users from four different groups (Alpha, Beta, Gamma and Delta) to either the Cloud or Network Organization in Ansible Tower, and make them part of a specific team (Engineering or Operations). Continue reading

AIX Patch Management with Ansible

Leading enterprises today use Red Hat Ansible Automation Platform to provision, configure, manage, secure and orchestrate hybrid IT environments. A common misconception is that Ansible is just used to manage the Linux operating system. This is a false belief. Ansible supports Linux, Windows, AIX, IBM i and IBM z/OS environments. This blog will help AIX system administrators get started with Ansible on AIX, and introduce a patching use case.

Ansible Content Collections

When Ansible Automation Platform was released, Ansible Content Collections became the de facto standard for distributing, maintaining and consuming automation content. The shift to Collections increased community participation and has exponentially increased the number of stable and supported Ansible modules. Modules delivered via Collections rather than packaged with Ansible Core have resulted in a faster release cadence for new modules.

Let us explore the IBM provided Ansible Collection for AIX. It is important to note that many of the Ansible modules for the Linux operating system will also work on AIX (in addition to the IBM provided AIX modules), making the use cases for Ansible on AIX very broad.


Ansible and AIX, why?

The AIX operating system has been around for 35 years and is used to Continue reading

Using VMware vCenter Tags in a Red Hat Ansible Tower Dynamic Inventory

VMware vCenter Server tags are labels that can be applied to objects like the system’s environment and usage, therefore it is a very useful method of asset management - also making tags a perfect fit in the Ansible world to organize systems in an Ansible inventory. Red Hat customers have regularly requested the ability to use vCenter Tags in Red Hat Ansible Tower. This is now possible with an Ansible Tower inventory source that supports tags and provides the vmware_vm_inventory plugin.

Ansible Automation Platform 1.2 brings completely native Ansible inventory plugin support to Ansible Tower 3.8. In previous versions, there were specific inventory plugin configurations based on the old inventory scripts where a specific set of parameters surfaced in Ansible Tower's user interface. For example: cloud region and a specific subset of variables you could pass to those inventory scripts surfaced as variables you could pass to the inventory source, which means that new configuration parameters that come with Ansible inventory plugins are not supported in order to maintain compatibility with the old inventory scripts. 

The move to support native inventory plugins allows Red Hat Ansible Automation Platform customers to use all the configuration parameters available through Continue reading

Getting started with Ansible security automation: Incident Response

Technological advancements are intended to bring more control, agility and velocity to organizations. However, adopting these new technologies and techniques, such as cloud computing and microservices, increases an organization’s security footprint, bringing greater risk of security breaches. 

Cyberattacks potentially expose organizations to financial loss, reputational damage, legal liability, and business continuity risk. As a result, security teams are under increased pressure to help proactively protect organizations against cyberattacks and maintain a more consistent, rapid incident response framework to respond to security breaches. 

In our previous blogs in this series, we explored how Ansible security automation enables security teams to automate and simplify investigation enrichment and threat hunting practices. We also discussed and provided our answer to the lack of integration across the IT security industry.

In this blog post, we’ll have a closer look at incident response and how Ansible security automation empowers security teams to respond effectively to security breaches.


What is an incident response, and why is it so difficult?

Incident response is the approach and techniques that security departments implement to neutralize and mitigate cyberattacks, and is a core responsibility of the security team. Recent news headlines are rife with high-profile security breaches and Continue reading

What’s New in the Ansible Content Collection for Kubernetes – 2.0

As the adoption of containers and Kubernetes increases to drive application modernization, IT organizations must find ways to easily deploy and manage multiple Kubernetes clusters across regions, both residing in the public cloud and/or on-premises, and all the way to the edge. As such, we continue to expand on the capabilities of our Certified Ansible Content Collection for kubernetes.core.

In this blog post, we’ll highlight some of the exciting new changes in the 2.0 release of this Collection.


A New Name

Development on the kubernetes.core Collection had historically taken place in the community.kubernetes GitHub repository, which was built off community contributions before Red Hat supported it. That code base served as the source for both Collections. With this release, we have shifted all development to the kubernetes.core GitHub repository. Moving forward, the community.kubernetes namespace will simply redirect to the kubernetes.core Collection. If you are currently using the community.kubernetes namespace in your playbooks, we encourage you to begin switching over to kubernetes.core. This change better reflects that this codebase is a Red Hat supported Collection.


Forward-looking Changes

One of the main objectives of our 2.0 release was to Continue reading

1 2 3 24