Ansible Validated Content: Introduction to infra.osbuild Collection
Introduction to the Image builder use case
During the last year we met with multiple edge customers, covering the automation needs for IT Linux infrastructure at scale across remote locations where there is often no IT staff on site. Think about retail stores, dark stores and warehouses where self-checkout, handhelds and POS devices hosting RHEL are distributed everywhere.
For industrial setups and manufacture, this could be the scenario for small factor servers and storage hosting logging monitoring to gather information about operational activities, which are located in secure facilities.
One of the recurrent needs for our customers with distributed devices is the ability to upgrade Linux devices faster, at scale, mostly due to regulations or security risks. Ideally, you should be able to patch at scale as soon as a vulnerability is identified.
The main challenge with the traditional RPM patching model is that it is incremental, and frequently some Linux devices might have slight differences. That is why there are new edge-focused capabilities and models that start with the premise that you could and should test a whole base image, and once it passes your validations, it should be deployed into all the target devices that Continue reading
A Deeper Look: Red Hat Named a Leader in the Forrester Wave
This week, we announced that Red Hat has been named a leader in The Forrester Wave™ Infrastructure Automation, Q1 2023. In an effort to help explain this result from our point of view, the following blog answers some of the most frequently asked questions.
What is The Forrester Wave?
“The Forrester Wave™ is a guide for buyers considering their purchasing options in a technology marketplace and is based on our analysis and opinion. To offer an equitable process for all participants, Forrester follows a publicly available methodology, which we apply consistently across all participating vendors.” [source]
Forrester has been a mainstay throughout people’s automation journeys, and Red Hat is proud to be recognized as a leader in the results of this Q1 2023 report.
What were the results?
Red Hat, specifically focused on Ansible Automation Platform, has been named a leader in the Q1, 2023 Forrester Wave™ Infrastructure Automation report.
Refer to the following graphic, that can be viewed in the final report:
Why is this significant to us?
We believe Forrester is one of the most recognized technology analyst firms in the IT space, and Continue reading
New reference architecture: Deploying Ansible Automation Platform 2 on Red Hat OpenShift
It has arrived! The latest reference architecture showcasing the best practices for deploying Red Hat Ansible Automation Platform 2.3 on Red Hat OpenShift!
Why are you going to love it?
With Ansible Automation Platform running on top of Red Hat OpenShift, you get the best of both worlds. You can now focus on what really matters - automation - while taking advantage of Red Hat Ansible Automation Platform Operator to do the heavy lifting of deploying, managing, scaling and upgrading your Ansible Automation Platform environment.
This reference architecture not only focuses on the step-by-step to deploy Red Hat Ansible Automation Platform 2.3 on Red Hat OpenShift, but focuses on key aspects including:
-
Sizing your automation controller: Learn how to size your automation controller by understanding its control capacity and how many automation jobs can run concurrently.
-
Resource management: Discover how to set resource requests and limits for the Ansible Automation Platform, ensuring that your deployment has enough resources to run smoothly and efficiently.
-
Installation guidance: Understand key considerations prior to your deployment of Red Hat Ansible Automation Platform.
-
Monitoring your Ansible Automation Platform: Learn how to use Prometheus and Grafana to monitor your Ansible Continue reading
Providing Terraform with that Ansible Magic
Late last year, we introduced a Red Hat Ansible Certified Collection Collection for Terraform. This was an important step in automation, as these two tools really are great together and leveraging Ansible's ability to orchestrate other tools in the enterprise made this a no-brainer. Terraform with its infrastructure as code (IaC) provisioning and Ansible’s strength in configuration as code are a synergy that cannot be ignored - we are better together! Organizations are now in the position to utilize their existing infrastructure as code manifests and extend their automation with Terraform and Ansible together.
Now, we are back with help from our partners at Kyndryl and XLAB and adding more value and magic to infrastructure as code - This time we have some extra muscle with an addition to the Red Hat Ansible Certified Content Collection: The Ansible provider for Terraform.
So what does the provider help us with?
Without a provider, we would need to rely on inventory plugins for the different cloud platforms and use filters to grab instance information from our freshly "Terraformed" infrastructure. This allows us to update our inventory so we can run automated tasks against these hosts. This is pretty smooth in Continue reading
Kubernetes Meets Event-Driven Ansible
In today’s fast paced world, every second counts and the ability to react to activities in a timely fashion can mean the difference between satisfying the needs of consumers and meeting Service-Level Agreements. Each are goals of Event-Driven Ansible, which seeks to further the reach of Ansible based automation by responding to events that meet certain criteria. These events can originate from a variety of sources, such as from an HTTP endpoint, messages on a queue or topic, or from public cloud resources. Kubernetes has become synonymous with managing infrastructure and applications in cloud native architectures and many organizations are reliant on these systems for running their business critical workloads. Automation and Kubernetes go hand in hand and Ansible already plays a role within this ecosystem. A new capability leveraging the Event-Driven Ansible framework is now available that extends the integration between both Ansible and Kubernetes so that Ansible automation activities can be triggered based on events and actions occurring within a Kubernetes cluster.
Event-Driven Ansible is designed using a concept called Rulebooks which consists of three main components:
- Actions - Triggering the execution of assets including an Ansible Playbook or module
- Rules - Determination of whether received events Continue reading
Enhancing/Maximizing your Scaling capability with Automation Controller 2.3
Red Hat Ansible Automation Platform 2 is the next generation automation platform from Red Hat’s trusted enterprise technology experts. We are excited to announce that the Ansible Automation Platform 2.3 release includes automation controller 4.3.
In the previous blog, we saw that automation controller 4.1 provides significant performance improvements as compared to Red Hat Ansible Tower 3.8. Automation controller 4.3 is taking that one step further. We will elaborate on an important change with callback receiver workers in automation controller 4.3 and how it can have an impact on the performance.
Callback Receiver
The callback receiver is the process in charge of transforming the standard output of Ansible into serialized objects in the automation controller database. This enables reviewing and querying results from across all your infrastructure and automation. This process is I/O and CPU intensive and requires performance considerations.
Every control node in automation controller has a callback receiver process. It receives job events that result from Ansible jobs. Job events are JSON structures, created when Ansible calls the runner callback plugin hooks. This enables Ansible to capture the result of a playbook run. The job event data structures contain Continue reading
Troubleshoot RDS connectivity issues with Ansible validated content
The Ansible validated content cloud.aws_troubleshooting introduces a role named troubleshoot_rds_connectivity. This role helps you troubleshoot AWS Relational Database Service (RDS) connectivity issues from an EC2 instance.
The role diagnoses connectivity issues between an EC2 instance and an Amazon Relational Database Service instance by ensuring that the RDS instance is available and checking the associated security group rules, network access control lists, and route tables for potential connectivity issues.
To do this, the role will need the EC2 instance identifier to test connectivity from the RDS instance identifier to connect to.
Let's see how this can be used with the following example.
Configuration
We have an RDS instance and an EC2 instance running in the same VPC (virtual private cloud) with the CIDR block 10.1.0.0/16.
The RDS instance is running on two subnets with the following CIDR blocks 10.1.1.0/24 and 10.1.2.0/24.
The EC2 instance is running in another subnet in the VPC with the CIDR block 10.1.10.0/24. The EC2 instance has been assigned the following private IP address 10.1.10.41.
In the initial configuration, a security group is attached to the VPC with the following Continue reading
Maximize your hybrid cloud mastery with the Ansible validated content
In today's environment, mastering the hybrid cloud has become a key factor in IT transformation and business innovation. In this context, network complexity can be a nightmare, especially as organizations expand their infrastructure and embrace hybrid cloud and multi-cloud strategies. Without automation, monitoring and controlling network routing, infrastructure, and security in a hybrid and multi-cloud environment are difficult to manage. Furthermore, identifying and resolving network performance issues in these infrastructures are quite challenging.
In one of the previous blogs, titled “Crank up your automation with Ansible validated content”, Nuno Martins highlighted the Ansible validated content included in Red Hat Ansible Automation Platform 2.3.
In this blog post, we will show you how to leverage the amazon.aws_troubleshooting Collection for hybrid cloud to troubleshoot network performance issues and maximize your hybrid cloud mastery. In particular, we’ll use the aws_troubleshooting.connectivity_troubleshooter role.
First, let’s take a look at the amazon.aws_troubleshooting Collection.
Deep dive on cloud.aws_troubleshooting
Let’s take a deep look at the amazon.aws_troubleshooting Collection. This Collection includes a variety of Ansible Roles to help troubleshoot AWS resources. The Collection includes the following roles:
- cloud.aws_troubleshooting.troubleshoot_rds_connectivity - A role to troubleshoot RDS Continue reading
Using Red Hat Insights as a source of events for Event-Driven Ansible automation
One of the key announcements at AnsibleFest 2022 was the introduction of the Event-Driven Ansible developer preview. This technology is currently available on GitHub and accessible by technology providers and end users to provide feedback and drive the ecosystem. ISVs and consulting/service partners are specifically invited to create event driven automation content that makes it easy for customers to use in joint solutions.
Red Hat Insights events as a source for Event-Driven Ansible
Red Hat Insights, is a managed service that is included in every Red Hat subscription. It continuously analyzes platforms and applications to help enterprises manage hybrid cloud environments, and can trigger events through its Notifications service. Each account configures how and who can receive these events, with the ability to perform actions depending on the event type. For example, one may want to forward new recommendations found for Red Hat Enterprise Linux (RHEL) system configuration to a specific team by email, and/or create a new ticket in ServiceNow for the Operations team to handle. Others may want to forward all triggered events to Splunk for external analysis and troubleshooting. Through its Integrations service, Insights provides end-point integrations to Splunk, ServiceNow, Slack, as well as Continue reading
Red Hat Ansible Automation Platform now available on Google Cloud Marketplace
Breaking news! Red Hat just announced Ansible Automation Platform’s availability on Google Cloud Marketplace.
I’d like to take a few moments to provide some more details about this offering and why you should consider accessing Ansible Automation Platform directly from the Google Cloud Marketplace.
As organization’s hybrid cloud environments continue to grow in complexity, so does the need to increase efficiency and speed. The solution is to leverage an automation platform that can help any organization create, manage, and scale their automation efforts across the entire IT infrastructure. Ansible Automation Platform is the glue that coordinates and scales automation across all IT domains, and fosters a culture of collaboration across the disparate teams within an organization.
Google Cloud Marketplace deployment
Ansible Automation Platform deploys directly from the Google Cloud Marketplace as a self-managed application. The many benefits include:
- It deploys into your environment, where you have total control over how you deploy, configure, and operationalize the solution.
- Ongoing upgrades will be simpler because of this deployment model, so while this is a self-managed solution, it’s still simpler to maintain than if you had started from scratch yourself.
- The ability to scale out the Ansible Automation Platform environment using Continue reading
Enable Extensions on Azure Arc Connected Machines with Ansible Automation Platform
Last year, I blogged about how to use Red Hat Ansible Automation Platform to migrate Azure Arc-enabled servers from Azure Log Analytics Agents (MMA/OMS) to Azure Monitor Agent (AMA). Azure Arc supports a number of other extensions that can add additional value to your Arc-enabled infrastructure. Since my previous article, all of these extensions have been added to the azure.infrastructure_config_demos collection that contains a role for managing Arc-enabled server VM extensions with Ansible.
Each extension offers unique capabilities to your Arc-enabled fleet, such as logging, vulnerability scanning, key vault cert sync, update management, and more. Enabling these extensions is simple for small numbers of machines. When you need to scale out the work of enabling and configuring these extensions across hundreds or thousands of devices, then Ansible Automation Platform can help!
This article covers how to use Ansible Automation Platform to enable VM extensions supported in the azure.infrastructure_config_demos collection. Within the collection, there are a number of playbooks and roles; the following are pertinent to this post.
| File or Folder |
Description |
| Playbook that will be used as a job template to enable Azure Arc extensions. |
|
| Playbook that will be used Continue reading |
Bringing faster updates to Ansible Automation Platform
In today’s fast moving world, schedule driven, incremental releases may not be what customers are looking for. After gathering input from both external and internal customers, there is a definite appetite for more content driven releases.
Rather than waiting weeks to get official builds with a bug fix (schedule driven), most would like to have those builds made available within days after the code has been tested and merged (content driven). Beginning with Red Hat Ansible Automation Platform 2.3, this new release mechanism will be the norm. This blog will explain what it means for you and your processes.
What is Ansible Automation Platform?
From a business perspective, Ansible Automation Platform is the solution Red Hat offers its customers to reach and unleash the full potential of strategic automation.
From a technical perspective, Ansible Automation Platform is an umbrella of many components that provide automation capabilities. Some of these well known components include automation controller, Ansible automation hub, ansible-runner and ansible-core, which also have underlying dependencies.
A parallel can be easily drawn with Red Hat Enterprise Linux, which is the sum of all its components’ capabilities to run a battle tested operating system, just like Ansible Continue reading
Creating custom Event-Driven Ansible source plugins
We’re surrounded! Our modern systems and applications are constantly generating events. These events could be generated by service requests, application events, health checks, etc. With the wealth of information from event traffic surrounding everything we do, Event-Driven Ansible allows for automated responses to incoming events.
But not only are we completely engulfed in event data, we’re also enveloped by event sources. Think about your organization or even your household for a minute and consider how many pieces of equipment or applications are generating data that could be put to use if only you were able to easily collect it.
Event source plugins within Event-Driven Ansible act as a bridge between Ansible and event generating applications and services. Event-Driven Ansible already has a handful of event plugins to consume events from a variety of sources. But what if your source plug-in isn’t represented in that list? Or what if you’re a Red Hat partner who wants to connect Event-Driven Ansible to your own solution? The good news is, developing event source plugins for Event-Driven Ansible can be a relatively painless endeavor.
What is a source plugin?
Event-Driven Ansible leverages rulebooks to codify the response to an event. Rulebooks combine Continue reading
Ansible Automation Platform Moving Towards Smarter Inventory
TL;DR What is this?
It has been a long term ask and our desire to make Smart Inventory, well, smarter. We’ve listened to feedback, and are now addressing not only direct customer asks but also presenting solutions to make it better overall.
The current Red Hat Ansible Automation Platform Smart Inventory
The current Smart Inventory has a number of shortcomings:
- The smart inventory host_filter cannot express that a variable EQUALS a value, or do basic logic like NOT.
- Host/group/inventory variables cannot be filtered as a combined unit, as these are separate fields.
- Resultant smart inventories do not contain groups.
- The smart inventory host_filter has its own custom syntax, which isn’t the most friendly.
All of these issues stem from the original design of Smart Inventory, and the fact that Inventory Django models (Inventory, Group, and Host) save their “variables” in text form as YAML/JSON, as they appear in the UI. We then have to parse these into a dictionary form so they are in some way usable. This introduces new challenges and constraints.
A better solution: “constructed inventory”
So rather than continuing down a sub-optimal route, we’ve taken stock of the options (there were many and they got Continue reading
Ansible Automation Platform 2.3 Configuration as Code Improvements
On November 29, we launched Red Hat Ansible Automation Platform 2.3, which included new and exciting features including improvements for Configuration as Code (CaC). Ansible Automation Platform 2.3 also includes improvements to automation controller as well as the introduction of Ansible validated content. This blog post will walk you through what CaC is and the benefits it can bring to your organization, including a UI and API walkthrough of automation controller and how to take a full Configuration as Code approach to your automation infrastructure.
What is Configuration as Code (CaC) in Ansible Automation Platform?
CaC is a term generally referring to the separation of configuration settings from the actual code. The ideal being you can store that configuration data in source control, and easily run and tweak it to match different environments.
In Ansible Automation Platform terms, we can use the features within the automation controller in combination with CaC to provide a more flexible, richer experience. Essentially we’ve added ‘Prompt on Launch’ to everything within a job template, many of which will also trickle down into workflows.
‘Prompt on launch’ is our Ansible Automation Platform way of saying ‘this is the Continue reading
The Zen of Ansible
[This blog post is based on my presentation at AnsibleFest 2022 in Chicago and virtually.]
Recently, a suggestion was made to adopt Tim Peters’ “The Zen of Python” as an overall guiding principle for designing good automation content. That gave me pause because it didn’t seem like the right thing to me. While there is definitely some very good advice to “The Zen of Python” that can be applied to Ansible content, adopting it in its entirety would not provide the best user experience that Ansible is capable of and known for. Its presence as a guiding principle for content design gives the wrong impression and re-enforces a mindset we don't want to recommend.
This got me thinking, what is “the zen” of Ansible?
I considered the spirit of “The Zen of Python” and then I returned to the Ansible best practices talk that I first co-presented back in 2016 at Red Hat Summit and later touched upon here in this blog. In that talk, I said that Ansible was designed with a philosophy of sorts from the very beginning.
“The Ansible way” is to provide an automation tool that is simple, powerful and agentless. Ansible enables users with Continue reading
Fundamentals of Network Automation with Ansible Validated Content using the network.base collection
We introduced resource modules in Ansible 2.9, which provided a path for users to ease network management, especially across multiple different product vendors. This announcement was significant because these resource modules added a well structured representation of device configurations and made it easy to manage common network configurations.
At AnsibleFest 2022, we announced a new addition to the content ecosystem offered through the platform: Ansible validated content. Ansible validated content is use cases-focused automation that is packaged as Collections. They contain Ansible plugins, roles and playbooks that you can use as an automation job through Red Hat Ansible Automation Platform.
The Ansible validated content for network base focuses on abstract platform-agnostic network automation and enhances the experience of resource module consumption by providing production-ready content. This network base content acts as the core to the other network validated content, which I will explain more about in the examples below.
Network base use cases
The network.base Collection acts as a core for other Ansible validated content, as it provides the platform agnostic role called Resource Manager, which is the platform-agnostic entry point for managing all of the resources supported for a given network OS. It includes the Continue reading
Ansible Wisdom and ChatGPT: Putting it to the test
Image: DALL-E
Artificial intelligence (AI) is revolutionizing how we work and play in exciting ways. At first glance, AI tools, such as ChatGPT, seem to provide all the correct answers. But once we delve deeper and implement the suggestions, it often isn’t as effortless as it appears. This is especially true when generating code.
In this blog, we wanted to put ChatGPT to the test and see how it fares with developing Ansible Playbooks and share our results. We’ll also cover the experience and feedback from developers across domains.
We’ll also provide more information on our upcoming automation AI superpower, Project Wisdom.
First, let’s briefly discuss what ChatGPT is and how it works.
What is ChatGPT?
“We’ve trained a model called ChatGPT which interacts in a conversational way. The dialogue format makes it possible for ChatGPT to answer followup questions, admit its mistakes, challenge incorrect premises, and reject inappropriate requests.”
OpenAI ChatGPT release announcement
ChatGPT is a chatbot developed by OpenAI and built on top of their GPT (Generative Pre-trained Transformer) 3.5 large language model.
Large language models (LLM) are trained on massive amounts of data to predict the next word in a sentence. GPT 3. Continue reading
Deploy production grade automation technology at scale with Red Hat and F5
The complexity of enterprise networks is increasing with the widespread adoption of networks spanning on premises data centers and cloud. To meet the challenge of this complexity, automation technology specifically designed for a NetOpps approach for Hybrid Cloud environments has been jointly developed by Red Hat and F5. Its focus on security, scale, and speed are all goals inherent in a NetOpps strategy that allow teams to thrive in the increasingly complex world of enterprise networking.
Network teams also need to work well with groups across the IT stack while also taking advantage of the benefits of infrastructure as code. When everyone speaks the same language and uses the same revision control tools to deploy and update their infrastructure, IT infrastructure is more reliable, secure, downtime is reduced, and organizations save money.
F5 and the Red Hat Ansible Automation Platform delivers the features and functionality needed for a NetOpps team - with a powerful automation platform designed for simplicity and inter team cooperation. You will learn how F5 and Red Hat assist network teams transitioning to a NetOps workflow, while reducing risk and increasing productivity. From on-prem to the cloud, F5 and Red Hat can Continue reading
AnsibleFest 2022 Quick Take: expanding to AWS, Event-Driven Automation and Project Wisdom
AnsibleFest 2022 was our first in-person event in a few years, and it delivered some exciting news that will impact the growth and expansion of automation for our customers in the months to come. We had more than 450 organizations represented in person in Chicago. Our keynotes featured Red Hat, IBM Research, and Rockwell Automation. During the two days, we announced several new features and capabilities to make adopting automation more accessible. In addition, IDC analyst Jevin Jensen recently published his opinions and insights on AnsibleFest 2022 that we break down below .
What did we announce?
Each day of the event featured keynotes, one on the Current State of Automation and one on The Future of Automation. There was a lot of excitement over the many announcements, including:
- New Red Hat Ansible Automation Platform offering for AWS
- By offering Ansible Automation Platform as a pre-integrated service that can be quickly deployed from cloud marketplaces, we are meeting our customers where they are, while giving them the flexibility to deliver any application, anywhere, without additional overhead or complexity. Whether you are automating your hybrid cloud or multi-cloud environments, Ansible Automation Platform acts as a single platform. This platform Continue reading