Kubernetes Meets Event-Driven Ansible
In today’s fast paced world, every second counts and the ability to react to activities in a timely fashion can mean the difference between satisfying the needs of consumers and meeting Service-Level Agreements. Each are goals of Event-Driven Ansible, which seeks to further the reach of Ansible based automation by responding to events that meet certain criteria. These events can originate from a variety of sources, such as from an HTTP endpoint, messages on a queue or topic, or from public cloud resources. Kubernetes has become synonymous with managing infrastructure and applications in cloud native architectures and many organizations are reliant on these systems for running their business critical workloads. Automation and Kubernetes go hand in hand and Ansible already plays a role within this ecosystem. A new capability leveraging the Event-Driven Ansible framework is now available that extends the integration between both Ansible and Kubernetes so that Ansible automation activities can be triggered based on events and actions occurring within a Kubernetes cluster.
Event-Driven Ansible is designed using a concept called Rulebooks which consists of three main components:
- Actions - Triggering the execution of assets including an Ansible Playbook or module
- Rules - Determination of whether received events Continue reading
Enhancing/Maximizing your Scaling capability with Automation Controller 2.3
Red Hat Ansible Automation Platform 2 is the next generation automation platform from Red Hat’s trusted enterprise technology experts. We are excited to announce that the Ansible Automation Platform 2.3 release includes automation controller 4.3.
In the previous blog, we saw that automation controller 4.1 provides significant performance improvements as compared to Red Hat Ansible Tower 3.8. Automation controller 4.3 is taking that one step further. We will elaborate on an important change with callback receiver workers in automation controller 4.3 and how it can have an impact on the performance.
Callback Receiver
The callback receiver is the process in charge of transforming the standard output of Ansible into serialized objects in the automation controller database. This enables reviewing and querying results from across all your infrastructure and automation. This process is I/O and CPU intensive and requires performance considerations.
Every control node in automation controller has a callback receiver process. It receives job events that result from Ansible jobs. Job events are JSON structures, created when Ansible calls the runner callback plugin hooks. This enables Ansible to capture the result of a playbook run. The job event data structures contain Continue reading
Troubleshoot RDS connectivity issues with Ansible validated content
The Ansible validated content cloud.aws_troubleshooting introduces a role named troubleshoot_rds_connectivity. This role helps you troubleshoot AWS Relational Database Service (RDS) connectivity issues from an EC2 instance.
The role diagnoses connectivity issues between an EC2 instance and an Amazon Relational Database Service instance by ensuring that the RDS instance is available and checking the associated security group rules, network access control lists, and route tables for potential connectivity issues.
To do this, the role will need the EC2 instance identifier to test connectivity from the RDS instance identifier to connect to.
Let's see how this can be used with the following example.
Configuration
We have an RDS instance and an EC2 instance running in the same VPC (virtual private cloud) with the CIDR block 10.1.0.0/16.
The RDS instance is running on two subnets with the following CIDR blocks 10.1.1.0/24 and 10.1.2.0/24.
The EC2 instance is running in another subnet in the VPC with the CIDR block 10.1.10.0/24. The EC2 instance has been assigned the following private IP address 10.1.10.41.
In the initial configuration, a security group is attached to the VPC with the following Continue reading
Maximize your hybrid cloud mastery with the Ansible validated content
In today's environment, mastering the hybrid cloud has become a key factor in IT transformation and business innovation. In this context, network complexity can be a nightmare, especially as organizations expand their infrastructure and embrace hybrid cloud and multi-cloud strategies. Without automation, monitoring and controlling network routing, infrastructure, and security in a hybrid and multi-cloud environment are difficult to manage. Furthermore, identifying and resolving network performance issues in these infrastructures are quite challenging.
In one of the previous blogs, titled “Crank up your automation with Ansible validated content”, Nuno Martins highlighted the Ansible validated content included in Red Hat Ansible Automation Platform 2.3.
In this blog post, we will show you how to leverage the amazon.aws_troubleshooting Collection for hybrid cloud to troubleshoot network performance issues and maximize your hybrid cloud mastery. In particular, we’ll use the aws_troubleshooting.connectivity_troubleshooter role.
First, let’s take a look at the amazon.aws_troubleshooting Collection.
Deep dive on cloud.aws_troubleshooting
Let’s take a deep look at the amazon.aws_troubleshooting Collection. This Collection includes a variety of Ansible Roles to help troubleshoot AWS resources. The Collection includes the following roles:
- cloud.aws_troubleshooting.troubleshoot_rds_connectivity - A role to troubleshoot RDS Continue reading
Using Red Hat Insights as a source of events for Event-Driven Ansible automation
One of the key announcements at AnsibleFest 2022 was the introduction of the Event-Driven Ansible developer preview. This technology is currently available on GitHub and accessible by technology providers and end users to provide feedback and drive the ecosystem. ISVs and consulting/service partners are specifically invited to create event driven automation content that makes it easy for customers to use in joint solutions.
Red Hat Insights events as a source for Event-Driven Ansible
Red Hat Insights, is a managed service that is included in every Red Hat subscription. It continuously analyzes platforms and applications to help enterprises manage hybrid cloud environments, and can trigger events through its Notifications service. Each account configures how and who can receive these events, with the ability to perform actions depending on the event type. For example, one may want to forward new recommendations found for Red Hat Enterprise Linux (RHEL) system configuration to a specific team by email, and/or create a new ticket in ServiceNow for the Operations team to handle. Others may want to forward all triggered events to Splunk for external analysis and troubleshooting. Through its Integrations service, Insights provides end-point integrations to Splunk, ServiceNow, Slack, as well as Continue reading
Red Hat Ansible Automation Platform now available on Google Cloud Marketplace
Breaking news! Red Hat just announced Ansible Automation Platform’s availability on Google Cloud Marketplace.
I’d like to take a few moments to provide some more details about this offering and why you should consider accessing Ansible Automation Platform directly from the Google Cloud Marketplace.
As organization’s hybrid cloud environments continue to grow in complexity, so does the need to increase efficiency and speed. The solution is to leverage an automation platform that can help any organization create, manage, and scale their automation efforts across the entire IT infrastructure. Ansible Automation Platform is the glue that coordinates and scales automation across all IT domains, and fosters a culture of collaboration across the disparate teams within an organization.
Google Cloud Marketplace deployment
Ansible Automation Platform deploys directly from the Google Cloud Marketplace as a self-managed application. The many benefits include:
- It deploys into your environment, where you have total control over how you deploy, configure, and operationalize the solution.
- Ongoing upgrades will be simpler because of this deployment model, so while this is a self-managed solution, it’s still simpler to maintain than if you had started from scratch yourself.
- The ability to scale out the Ansible Automation Platform environment using Continue reading
Enable Extensions on Azure Arc Connected Machines with Ansible Automation Platform
Last year, I blogged about how to use Red Hat Ansible Automation Platform to migrate Azure Arc-enabled servers from Azure Log Analytics Agents (MMA/OMS) to Azure Monitor Agent (AMA). Azure Arc supports a number of other extensions that can add additional value to your Arc-enabled infrastructure. Since my previous article, all of these extensions have been added to the azure.infrastructure_config_demos collection that contains a role for managing Arc-enabled server VM extensions with Ansible.
Each extension offers unique capabilities to your Arc-enabled fleet, such as logging, vulnerability scanning, key vault cert sync, update management, and more. Enabling these extensions is simple for small numbers of machines. When you need to scale out the work of enabling and configuring these extensions across hundreds or thousands of devices, then Ansible Automation Platform can help!
This article covers how to use Ansible Automation Platform to enable VM extensions supported in the azure.infrastructure_config_demos collection. Within the collection, there are a number of playbooks and roles; the following are pertinent to this post.
| File or Folder |
Description |
| Playbook that will be used as a job template to enable Azure Arc extensions. |
|
| Playbook that will be used Continue reading |
Bringing faster updates to Ansible Automation Platform
In today’s fast moving world, schedule driven, incremental releases may not be what customers are looking for. After gathering input from both external and internal customers, there is a definite appetite for more content driven releases.
Rather than waiting weeks to get official builds with a bug fix (schedule driven), most would like to have those builds made available within days after the code has been tested and merged (content driven). Beginning with Red Hat Ansible Automation Platform 2.3, this new release mechanism will be the norm. This blog will explain what it means for you and your processes.
What is Ansible Automation Platform?
From a business perspective, Ansible Automation Platform is the solution Red Hat offers its customers to reach and unleash the full potential of strategic automation.
From a technical perspective, Ansible Automation Platform is an umbrella of many components that provide automation capabilities. Some of these well known components include automation controller, Ansible automation hub, ansible-runner and ansible-core, which also have underlying dependencies.
A parallel can be easily drawn with Red Hat Enterprise Linux, which is the sum of all its components’ capabilities to run a battle tested operating system, just like Ansible Continue reading
Creating custom Event-Driven Ansible source plugins
We’re surrounded! Our modern systems and applications are constantly generating events. These events could be generated by service requests, application events, health checks, etc. With the wealth of information from event traffic surrounding everything we do, Event-Driven Ansible allows for automated responses to incoming events.
But not only are we completely engulfed in event data, we’re also enveloped by event sources. Think about your organization or even your household for a minute and consider how many pieces of equipment or applications are generating data that could be put to use if only you were able to easily collect it.
Event source plugins within Event-Driven Ansible act as a bridge between Ansible and event generating applications and services. Event-Driven Ansible already has a handful of event plugins to consume events from a variety of sources. But what if your source plug-in isn’t represented in that list? Or what if you’re a Red Hat partner who wants to connect Event-Driven Ansible to your own solution? The good news is, developing event source plugins for Event-Driven Ansible can be a relatively painless endeavor.
What is a source plugin?
Event-Driven Ansible leverages rulebooks to codify the response to an event. Rulebooks combine Continue reading
Ansible Automation Platform Moving Towards Smarter Inventory
TL;DR What is this?
It has been a long term ask and our desire to make Smart Inventory, well, smarter. We’ve listened to feedback, and are now addressing not only direct customer asks but also presenting solutions to make it better overall.
The current Red Hat Ansible Automation Platform Smart Inventory
The current Smart Inventory has a number of shortcomings:
- The smart inventory host_filter cannot express that a variable EQUALS a value, or do basic logic like NOT.
- Host/group/inventory variables cannot be filtered as a combined unit, as these are separate fields.
- Resultant smart inventories do not contain groups.
- The smart inventory host_filter has its own custom syntax, which isn’t the most friendly.
All of these issues stem from the original design of Smart Inventory, and the fact that Inventory Django models (Inventory, Group, and Host) save their “variables” in text form as YAML/JSON, as they appear in the UI. We then have to parse these into a dictionary form so they are in some way usable. This introduces new challenges and constraints.
A better solution: “constructed inventory”
So rather than continuing down a sub-optimal route, we’ve taken stock of the options (there were many and they got Continue reading
Ansible Automation Platform 2.3 Configuration as Code Improvements
On November 29, we launched Red Hat Ansible Automation Platform 2.3, which included new and exciting features including improvements for Configuration as Code (CaC). Ansible Automation Platform 2.3 also includes improvements to automation controller as well as the introduction of Ansible validated content. This blog post will walk you through what CaC is and the benefits it can bring to your organization, including a UI and API walkthrough of automation controller and how to take a full Configuration as Code approach to your automation infrastructure.
What is Configuration as Code (CaC) in Ansible Automation Platform?
CaC is a term generally referring to the separation of configuration settings from the actual code. The ideal being you can store that configuration data in source control, and easily run and tweak it to match different environments.
In Ansible Automation Platform terms, we can use the features within the automation controller in combination with CaC to provide a more flexible, richer experience. Essentially we’ve added ‘Prompt on Launch’ to everything within a job template, many of which will also trickle down into workflows.
‘Prompt on launch’ is our Ansible Automation Platform way of saying ‘this is the Continue reading
The Zen of Ansible
[This blog post is based on my presentation at AnsibleFest 2022 in Chicago and virtually.]
Recently, a suggestion was made to adopt Tim Peters’ “The Zen of Python” as an overall guiding principle for designing good automation content. That gave me pause because it didn’t seem like the right thing to me. While there is definitely some very good advice to “The Zen of Python” that can be applied to Ansible content, adopting it in its entirety would not provide the best user experience that Ansible is capable of and known for. Its presence as a guiding principle for content design gives the wrong impression and re-enforces a mindset we don't want to recommend.
This got me thinking, what is “the zen” of Ansible?
I considered the spirit of “The Zen of Python” and then I returned to the Ansible best practices talk that I first co-presented back in 2016 at Red Hat Summit and later touched upon here in this blog. In that talk, I said that Ansible was designed with a philosophy of sorts from the very beginning.
“The Ansible way” is to provide an automation tool that is simple, powerful and agentless. Ansible enables users with Continue reading
Fundamentals of Network Automation with Ansible Validated Content using the network.base collection
We introduced resource modules in Ansible 2.9, which provided a path for users to ease network management, especially across multiple different product vendors. This announcement was significant because these resource modules added a well structured representation of device configurations and made it easy to manage common network configurations.
At AnsibleFest 2022, we announced a new addition to the content ecosystem offered through the platform: Ansible validated content. Ansible validated content is use cases-focused automation that is packaged as Collections. They contain Ansible plugins, roles and playbooks that you can use as an automation job through Red Hat Ansible Automation Platform.
The Ansible validated content for network base focuses on abstract platform-agnostic network automation and enhances the experience of resource module consumption by providing production-ready content. This network base content acts as the core to the other network validated content, which I will explain more about in the examples below.
Network base use cases
The network.base Collection acts as a core for other Ansible validated content, as it provides the platform agnostic role called Resource Manager, which is the platform-agnostic entry point for managing all of the resources supported for a given network OS. It includes the Continue reading
Ansible Wisdom and ChatGPT: Putting it to the test
Image: DALL-E
Artificial intelligence (AI) is revolutionizing how we work and play in exciting ways. At first glance, AI tools, such as ChatGPT, seem to provide all the correct answers. But once we delve deeper and implement the suggestions, it often isn’t as effortless as it appears. This is especially true when generating code.
In this blog, we wanted to put ChatGPT to the test and see how it fares with developing Ansible Playbooks and share our results. We’ll also cover the experience and feedback from developers across domains.
We’ll also provide more information on our upcoming automation AI superpower, Project Wisdom.
First, let’s briefly discuss what ChatGPT is and how it works.
What is ChatGPT?
“We’ve trained a model called ChatGPT which interacts in a conversational way. The dialogue format makes it possible for ChatGPT to answer followup questions, admit its mistakes, challenge incorrect premises, and reject inappropriate requests.”
OpenAI ChatGPT release announcement
ChatGPT is a chatbot developed by OpenAI and built on top of their GPT (Generative Pre-trained Transformer) 3.5 large language model.
Large language models (LLM) are trained on massive amounts of data to predict the next word in a sentence. GPT 3. Continue reading
Deploy production grade automation technology at scale with Red Hat and F5
The complexity of enterprise networks is increasing with the widespread adoption of networks spanning on premises data centers and cloud. To meet the challenge of this complexity, automation technology specifically designed for a NetOpps approach for Hybrid Cloud environments has been jointly developed by Red Hat and F5. Its focus on security, scale, and speed are all goals inherent in a NetOpps strategy that allow teams to thrive in the increasingly complex world of enterprise networking.
Network teams also need to work well with groups across the IT stack while also taking advantage of the benefits of infrastructure as code. When everyone speaks the same language and uses the same revision control tools to deploy and update their infrastructure, IT infrastructure is more reliable, secure, downtime is reduced, and organizations save money.
F5 and the Red Hat Ansible Automation Platform delivers the features and functionality needed for a NetOpps team - with a powerful automation platform designed for simplicity and inter team cooperation. You will learn how F5 and Red Hat assist network teams transitioning to a NetOps workflow, while reducing risk and increasing productivity. From on-prem to the cloud, F5 and Red Hat can Continue reading
AnsibleFest 2022 Quick Take: expanding to AWS, Event-Driven Automation and Project Wisdom
AnsibleFest 2022 was our first in-person event in a few years, and it delivered some exciting news that will impact the growth and expansion of automation for our customers in the months to come. We had more than 450 organizations represented in person in Chicago. Our keynotes featured Red Hat, IBM Research, and Rockwell Automation. During the two days, we announced several new features and capabilities to make adopting automation more accessible. In addition, IDC analyst Jevin Jensen recently published his opinions and insights on AnsibleFest 2022 that we break down below .
What did we announce?
Each day of the event featured keynotes, one on the Current State of Automation and one on The Future of Automation. There was a lot of excitement over the many announcements, including:
- New Red Hat Ansible Automation Platform offering for AWS
- By offering Ansible Automation Platform as a pre-integrated service that can be quickly deployed from cloud marketplaces, we are meeting our customers where they are, while giving them the flexibility to deliver any application, anywhere, without additional overhead or complexity. Whether you are automating your hybrid cloud or multi-cloud environments, Ansible Automation Platform acts as a single platform. This platform Continue reading
AAP 2.3 Introducing Remote Execution Mesh Nodes for Openshift
Last year Ansible Automation Platform (AAP) 2 introduced major changes around the mechanics on how automation is run. The main focus was to enhance the foundational pieces of the platform while providing flexibility and simplicity for automators to automate at enterprise scale. One of those foundational pieces introduced was automation mesh.
Automation mesh provides a simple, flexible and reliable way to scale automation of large inventories across diverse network topologies, platforms and teams. It was important to evolve how the platform was developed, managed, operated to meet business demands and needs, for the large majority of customers.
Pre 2.3 Automation Mesh in OCP
Prior to AAP 2.3, the automation mesh was mostly a VM deployment base option and feature. I’ve tried to highlight the main differences between platform choices in this diagram:
We are now starting to level up the feature parity, and this brings remote mesh execution nodes to non-VM supported deployments. Before we look more at the new feature, let’s look at the options that were available before:
For VM based deployments, the automation mesh introduced horizontal scaling, the ability to scale your automation needs out, whether locally or globally. We did this by Continue reading
Addressing NetOps issues with Event-Driven Ansible
A simple example - No Shut, No Problem
Since the announcement of Event-Driven Ansible, I cannot stop thinking about potential use cases. Can I get events to automate scaling? Could I use a filesystem event to trigger filesystem integrity checks? Could I get a slackbot to trigger my choice of heavy metal playlist based on a “mood” event? It's all possible! But let’s not go too crazy, not yet.
I started having a look at the fantastic work that one of our engineers, Nilashish Chakraborty has been doing around network telemetry and Ansible. This led me down the path to explore network events and what I could potentially do with something like Event-Driven Ansible. So let’s start with a super simple interface example.
Reaching out to the team at Arista, we started discussing and looking at the mechanisms they are using to get telemetry data. With Arista we are able to use gNMI, gNMI is an open source protocol specification created by the OpenConfig working group that is used to stream data to and from network devices. The OpenConfig working group operates as an open source project with contributions from network operators, equipment vendors in providing vendor-neutral Continue reading
The Top 10 Ansible Blogs of 2022
Introduction
If you're looking to brush up on the most popular Ansible information from 2022 (or just grasping at any excuse to break away from your relatives for a few minutes during the holidays), you've come to the right place. What follows are the top 10 blogs that have captured the most attention from Ansible.com readers in 2022.
10. Introducing the Event-Driven Ansible developer preview
One of the buzzworthy announcements at AnsibleFest 2022 was Event-Driven Ansible, released as Developer Preview by Red Hat. In this blog, Joe Pisciotta, Ansible Product Manager, describes Event-Driven Ansible's integration with 3rd-party event sources and support for establishing rules using "if-then" scenarios. Discover why Event-Driven Ansible makes remediating issues simple and removes the time-consuming customization usually required with "self-healing" approaches.
9. What's new in Ansible Automation Platform 2.3
Several new features and enhancements were announced as part of Ansible Automation Platform 2.3, such as more flexibility and control over execution nodes in automation mesh, the launch of Ansible validated content to help you get started automating operational tasks, support for LDAP with RBAC, and much more. Sean Cavanaugh, Ansible Technical Marketing Manager, outlines the capabilities of these new Continue reading
Creating Custom Rules for Ansible Lint
What is Ansible Lint?
Ansible Lint is a command-line tool (part of the ansible-lint upstream community project) for linting of Ansible Playbooks, Roles, and Collections. Ok, so what exactly is “linting?” Its fundamental objective is to promote proven behaviors, patterns, and practices while avoiding typical traps that can quickly result in errors or make code more difficult to maintain. That is - leverage community recommendations and opinions in writing Ansible content by means of a tool to help ensure what you’re writing is generally valid.
Additionally, Ansible Lint is designed to assist users in updating their code to function with more recent Ansible versions. Even though the version of Ansible being used in production can be an older version of ansible-core, we advise utilizing it with the most recent version.
Ansible Lint is opinionated just like any other linter. However, because community members contributed to its rules, each user has the option to enable or disable them on an individual or category basis.
Why should I use Ansible Lint?
The goal of Ansible Lint is to flag programming errors, bugs, stylistic errors and suspicious constructs and also ensure that content created by different people has Continue reading