New reference architecture: Red Hat Ansible Automation Platform 1.2 to 2 Migration Guide
Side-by-Side migration to Ansible Automation Platform 2
The release of Red Hat Ansible Automation Platform 2.1 comes with a re-imagined architecture that delivers exciting features such as automation mesh and automation execution environments among an entire suite of tools and components that enable enterprises to scale automation across their organizations.
With the importance of enterprise automation and taking advantage of the latest Ansible Automation Platform, we created a simple reference architecture to help guide you migrate from Ansible Automation Platform 1.2 to Ansible Automation Platform 2.
It consists of using a side-by-side methodology for the migration process via using the Ansible Automation Platform installer to do the migration and restoring a Database backup from a Ansible Automation Platform 1.2 cluster.
Why are you going to love it?
Say goodbye to the guessing game of how you’ll migrate to the latest and greatest. Our goal is to simplify the migration planning, considerations and, most importantly, the step-by-step on how to do it.
What will I find inside this reference architecture?
Inside this reference architecture you’ll find:
- Migration considerations
- Prerequisites
- Infrastructure migration
- Migrating virtual environments to automation execution environments
The migration considerations focus Continue reading
Deep dive on Ansible VScode extension
Ansible as part of the Red Hat Ansible Automation Platform continues to grow and mature. Recent enhancements include Ansible Content Collections, automation execution environments, and an increasing list of integrations using plugins and modules. It is more important than ever that both new and experienced content creators have access to tools that help them write better content faster. The newly created Ansible Devtools initiative focuses on developing and enhancing tools like ansible-navigator, Ansible VScode extension, ansible-lint and so on to help ease the Ansible automation content creator experience. In this blog, we will do a deep dive into the Ansible VSCode extension, giving an overview of how it works and the initial setup required to get it working after installation.
Evolution
The Ansible VSCode extension was initially a fork of Tomasz Maciążek’s VSCode extension. After the fork, the server and client-side code were decoupled into their own separate repositories to allow independent releases for both server and client.
The Ansible Language Server is released as a node module on the npm repository, allowing it to be reused by other editors supporting language server protocol, while Continue reading
Red Hat Insights for Ansible Automation Platform New Report : Modules
Red Hat Insights is a suite of cloud services available on the Red Hat Hybrid Cloud Console, powered by an expert system that is built upon years of data collected from across Red Hat’s worldwide customer base. For Red Hat Ansible Automation Platform customers, it provides predictive analytical reporting of your Ansible automation.
This blog breaks down the new reports that analyze module usage within the Ansible Automation Platform.
In summary, module usage is really important because modules can contain security vulnerabilities and require updates to support new integrations of hardware or software. It is paramount to know which modules you are using in your automation.
Let's look at each report and what each of them can deliver for you.
Reports
Most used modules
Description: The number of job template and task runs, grouped by Ansible module usage.
Use Case: You can use this report to discover which modules are being used the most across your automation, helping you to check things like organization-wide adoption of purpose-built modules over potentially less performant, catch-all solutions.
Example:
This chart shows how the file and gather_facts modules are the most used, but also shows that over the past 6 Continue reading
Configuring an AWS dynamic inventory with Automation controller
One of the core components of Ansible is inventories. In its most basic form, an inventory provides host information to Ansible so it can trigger the tasks on the right host or system. In most environments, the static inventory is sufficient for the Ansible control node to work from, however as we expand our use of automation, we need to transition to more effective methods of gathering ever-changing environment details.
This is where the use of a dynamic inventory is beneficial. This allows the platform to gather information for the inventory from environments that are not static sources. A prime example of this is using a dynamic inventory plugin to gather inventory information from a cloud provider or hypervisor, enabling you to keep an inventory up to date with instance details.
Amazon Web Services (AWS) is one of the biggest public cloud providers used around the world. Organizations use their Elastic Compute Cloud services (EC2) for their workflows, however managing an inventory for your instances running on AWS would typically have to be done manually, which is problematic and time consuming. Using the AWS Identity and Access Management interface (IAM), we are able to get programmatic access to the AWS Continue reading
Inside the newest features in the Red Hat Ansible Certified Content Collection for ServiceNow ITSM
The Red Hat Ansible Certified Content Collection for ServiceNow helps you create automated workflows targeting IT service management (ITSM) tasks faster while establishing and maintaining a single source of truth in the ServiceNow configuration management database (CMDB). In this blog, I’ll share the latest features we’ve added to the Collection, and you can find additional resources about existing features at the end of this blog.
We’ve added three major updates to the Red Hat Ansible Certified Content Collection for ServiceNow:
- Advanced inventory features
- Customized list mappings
- Creating problem tasks and change requests tasks
Let’s take a closer look at each of these.
Support for advanced inventory features
A new feature in ServiceNow Collection introduces a new inventory functionality, called “enhanced inventory”, which provides the ability to create groups based on CMDB relationships. Previous versions of the inventory plugin allowed us to create predefined groups, such as the “Linux Red Hat” and “Windows XP” examples shown here:
---
plugin: servicenow.itsm.now
query:
- os: = Linux Red Hat
- os: = Windows XP
keyed_groups:
- key: os
prefix: os
Inspecting the inventory collected using the above configuration results in:
ansible-inventory -i inventory.now.yaml --graph` output:
|--@os_Linux_Red_Hat:
Continue readingLet’s Level Set at the Edge
Introduction
Typically when people hear the word edge, everyone gets a little apprehensive of what that means. So Josh, Andy, Martin and Chad got together to collaborate on what that means from their collective experiences across multiple industries. In this blog we will cover what the difference is between the near edge and far edge, as well as give some examples of what we have seen in these environments across multiple industries.
Near Edge
Near edge typically refers to distributed deployments of “scaled-down” IT-like services to support business operations outside the core data centers and public cloud providers. This includes anything from retail stores, branch field offices, manufacturing facilities, warehouses and distribution centers that generally have stable connectivity.
Traditionally, these have been referred to as remote offices or branch offices, with the common acronym ROBO, but there are far more examples of this deployment pattern. Consider the following:
- A point of sale system or back office processing at a retail location.
- A localized authentication/authorization source for badge access to a manufacturing plant.
- A file share located locally to a University’s extension office that’s replicated over an unreliable connection.
These are all examples that fit under our definition of Continue reading
What’s New in the Ansible Content Collection for Kubernetes 2.3
With increased adoption of container automation, IT organizations continue to expand their requirements when it comes to deploying and managing their Kubernetes clusters. As such, we at Red Hat continue to add new features and capabilities to meet those demands by announcing the availability of kubernetes.core version 2.3, our Red Hat Ansible Certified Content Collection for Kubernetes and Helm.
In this blog post, we’ll go over what’s new and what’s different in this release of our Kubernetes Collection.
New Module - k8s_taint
With the release of kubernetes.core 2.3, we introduce the k8s_taint module. This module provides the ability for a Kuberentes node to repel a pod or set of pods from being scheduled unless they have a matching toleration. This establishes that with taints and tolerations in place, pods are not scheduled onto inappropriate nodes.
This feature is quite useful when you are trying to ensure exclusivity of a particular set of nodes (only allow a particular group of users access) or you want to provide particular nodes with special hardware (such as GPUs) to only run pods that require the use of the specialized hardware and keep out the pods that don’t require Continue reading
Two Simple Ways Automation Can Save You Money on Your AWS Bill
Red Hat Ansible Automation Platform is an excellent automation and orchestration tool for public clouds. For this post, I am going to walk through two common scenarios where Ansible Automation Platform can help out. I want to look outside the common public cloud use-case of provisioning and deprovisioning resources and instead look at automating common operational tasks.
What is an operational task? It is simply anything that an administrator has to do outside of creating and deleting cloud resources (e.g. instances, networks, keys, etc.) to help maintain their company's public cloud account. One of the problems I’ve encountered is instances being left on, running up our public cloud bill in the background while we were focusing our attention elsewhere. The more users you have, the more likely problems are to occur; automation can help address these issues and maintain control of your account. There are two common scenarios I want to address here:
- Bespoke AWS instances were manually created for a one-off initiative, usually to test something, then instances were forgotten about and left running.
- Continuous Integration (CI) instances were spun up to test changes programmatically every time a Pull Request (PR) went into our project, and would Continue reading
The Ansible cookie: Magic in the middle
If Ansible Automation Platform was compared to the crunchy goodness of a cookie, private automation hub would be the sweet center bringing it all together and making your mouth water!
Private automation hub provides organizations with a central location for their automation resources. Ansible automation hub is part of the hosted services from console.redhat.com. This hosted offering provides automation adepts access to Red Hat Ansible Certified Content Collections for several industry-leading technologies and partners.
Private automation hub brings this functionality on-premises and allows for users to curate their custom automation content with not only Red Hat Ansible Certified Content but with community content from Ansible Galaxy. Private automation hub also acts as a container registry where we can store and distribute the automation execution environments needed for Ansible Automation Platform 2.
How do we get started with building our own private automation hub and use it in our enterprise? How do automation controller and private automation hub interact?
Let’s get cooking and build our mouthwatering automating platform!
To deploy the “magic in the middle,” we are going to use the Ansible Automation Platform installer from our automation controller node. Since we are installing a private automation Continue reading
How to Migrate your Ansible Playbooks to Support AWS boto3
Red Hat Ansible Automation Platform is known for automating Linux, Windows and networking infrastructure. While both the community version of Ansible and our enterprise offering, Red Hat Ansible Automation Platform, are prominently known for configuration management, this is just a small piece of what you can really achieve with Ansible’s automation. There are many other use-cases that Ansible Automation Platform is great at automating, such as your AWS, Azure or Google public cloud.
Ansible Automation Platform can automate deployments, migrations and operational tasks for your public cloud. This is extremely powerful because you can orchestrate your entire infrastructure workflow, from cloud deployment, to instance configuration, to retirement, rather than requiring a point tool for each separate use-case. This also allows IT administrators to concentrate on automating business outcomes rather than individual technology silos.
Specifically for this blog, I wanted to cover converting your Ansible Playbooks for provisioning an instance on AWS from the unsupported ec2 module to the fully supported ec2_instance module. Amazon has deprecated their Software Development Kit (SDK) Boto in favor of the newer fully supported SDK Boto3. Alina Buzachis announced What's New: The Ansible AWS Collection 2.0 Release back in October 2021, which includes Continue reading
Forecasting and tracking the ROI of automation
Great ideas start with coffee, but business innovation starts with automation. Just like that morning jolt of warm friendly caffeine, Red Hat Ansible Automation Platform has the ability to enhance, optimize and make your technology stack flow like the beloved beverage most of the world consumes on a daily basis.
It is easy to discuss all the technical benefits that Ansible Automation Platform can bring to organizations, but what about the business benefits? How can you observe the state of your automation and return on investment (ROI)? How can you explain the financial impact of automation to key stakeholders? The answer to all of these questions is Red Hat Insights for Red Hat Ansible Automation Platform.
Red Hat Insights is an analytics platform to help you understand your automation efforts. It lets your data work for you by proactively identifying and correcting issues. Included as a hosted service offering with Ansible Automation Platform, Insights provides a visual dashboard to indicate automation performance, health notifications, organizational statistics, and more.
The most relevant features within Insights for IT business leaders and decision makers who want to validate their automation strategy are Reports, Savings Planner and Automation Calculator.
Tracking how automation Continue reading
Performance Improvements in Automation Controller 4.1
Red Hat Ansible Automation Platform 2 is the next generation automation platform from Red Hat’s trusted enterprise technology experts. With the release of Ansible Automation Platform 2.1, users now have access to the latest control plane – automation controller 4.1.
Automation controller helps standardize how automation is deployed, initiated, delegated, and audited, allowing enterprises to automate with confidence while reducing sprawl and variance. Users can manage inventory, launch and schedule workflows, track changes, and integrate into reporting, all from a centralized user interface and RESTful API.
Automation controller 4.1 provides significant performance improvements when compared to its predecessor Ansible Tower 3.8. To put this into context, we used Ansible Tower 3.8 to run jobs, capture various metrics while jobs were running/finished, and compare that with automation controller 4.1. This post highlights the significant performance improvements in automation controller 4.1.
Benchmark framework
In order to deep dive into the prospective performance enhancements with the latest automation controller, we at the performance engineering team at Red Hat created a benchmarking framework consisting of the following workflow:
- Installation of RHEL 8.3 virtual machines with 4 CPU and 16 GB RAM deployed within the IBM Cloud
- Continue reading
Edge Automation with NetGitOps on Red Hat Ansible Automation Platform 2
Network edge automation challenges
As organizations grow and expand geographi cally, they start extending their IT infrastructure into the distributed and far edge layers through opening new branch offices.
Restaurants, retail stores, and other customer-centric businesses provide differentiated wireless access for their employees, contractors and customers to interconnect within their designated areas.
Configuring and managing multiple wireless settings via Red Hat Ansible Automation Platform simplifies the deployments at scale.
Network administrators can use GitOps practices to automate wireless infrastructure as a code (IaC).
This case covers a sample use case for a company that uses an SDN (software-defined network) controller with a large network infrastructure, including access points, switches, and firewalls/routers to provide connectivity for thousands of branches across multiple countries. We will show you step by step how to automate wireless network access point settings at scale through a SD-WAN controller, which will be Cisco Meraki for purposes of this demo.
Considerations about using a source of control. Why not scripts?
Typically an SDN controller has an API. Having access to an SDN API is an advantage, since we have a single point of contact with the controller, and we can operate the whole network Continue reading
Five ways to get started with network automation
As many of you know, Red Hat Ansible Automation Platform is a highly flexible IT automation platform that can automate your Linux and Windows instances, your VMware private cloud, your AWS, Azure or Google public cloud, and even your security infrastructure. Today I want to write about one of my favorite use-cases; using Ansible Automation Platform for network automation. It provides easy, highly customizable automation for your routers and switches so you can automate them just like any other IT infrastructure.
However, even though network automation has become increasingly popular, most organizations are still managing their network infrastructure manually by a CLI or GUI. Why is this? This manual CLI work often means that network engineers are reactive and constantly drowning with break-fix network issues because of manual mis-configurations, or the inability to implement change quickly and efficiently.
Because network engineers are so busy firefighting in their day job, they don’t have time to look at a new activity like automating, even though automation will save them time and money in the long run. I fundamentally believe that network automation is not an all or nothing situation. You need to adopt network automation in small increments so you Continue reading
Migrating from Python virtual environments to automation execution environments in Ansible Automation Platform 2
Red Hat Ansible Tower (included in Ansible Automation Platform 1.x) used Python virtual environments to manage dependencies and implement consistent automation execution across multiple Red Hat Ansible Automation Platform instances. This method of managing dependencies came with its own set of limitations:
- Managing Python virtual environments across multiple Ansible Tower instances.
- Confirming custom dependencies across Ansible Tower instances grew in complexity as more end-users interacted with it.
- Python virtual environments were tightly coupled to the control plane, resulting in Operations teams bearing the majority of the burden to maintain them.
- There were no tools supported and maintained by Red Hat to manage custom dependencies across Ansible Automation Platform deployments.
Ansible Automation Platform 2 introduced automation execution environments. These are container images in which all automation is packaged and run, which includes components such as Ansible Core, Ansible Content Collections, a version of Python, Red Hat Enterprise Linux UBI 8, and any additional package dependencies.
Why should you upgrade?
Ansible Automation Platform 2, announced at AnsibleFest 2021, comes with a re-imagined architecture that fully decouples the automation control plane and execution plane. The new capabilities enable easier to scale automation across the globe and allow Continue reading
Ansible Automation Platform – A video tour
Many people are familiar with the community version of Ansible, the command line automation tool, but I wanted to elaborate on how our enterprise offering, Red Hat Ansible Automation Platform, and how it expands the possibilities of Ansible for our customers in Red Hat's most recent release.
Red Hat Ansible Automation Platform forges that open source innovation into a single, secure enterprise solution. We released our latest version Ansible Automation Platform 2.1 in December 2021, and there are a ton of new components, features and capabilities. So the technical marketing team put together a video tour of Ansible Automation Platform 2. It’s an 8 minute overview that we hope will provide automators with a useful guide to all of the new tools available to them, and how all the parts of Ansible Automation Platform fit together.
If you’re looking to learn more about a specific component of the platform, you can jump right to it:
- Automation controller - 00:00:46
- Automation mesh - 00:01:25
- Automation execution environments - 00:01:59
- Execution environment builder - 00:02:34
- Ansible content tools (highlight ansible-navigator) - 00:02:48
- Microsoft VS code plugin - 00:03:43
- Ansible Content Collections - 00:04:14
- Ansible automation hub - 00:05:03
- Private Continue reading
Private automation hub – Multi-Hub for resilience
Ansible Content Collections have become the new standard for distributing Ansible content (playbooks, roles, modules, and plugins). Collections have been fully supported since Ansible 2.9 and for the last 2 years, the Ansible community has been on a journey to move to this new way of packaging and consuming Ansible content. With Ansible 2.9, Collections were optional, but as of 2.10 they are a requirement. The ability to be able to install and use Collections as needed is increasingly important.
To help customers manage Collections, private automation hub was released with Red Hat Ansible Automation Platform 1.2. Private automation hub can be deployed in a datacenter or cloud provider and allows users to synchronise and curate content from various sources:
- Certified and supported content from automation hub hosted on console.redhat.com
- Self-supported community content from Ansible Galaxy
- Private content
With private automation hub in place, customers can control the Ansible content that they publish and make available within their organisation. Users can either consume these Collections from the command line or directly from within automation controller.
With this increased reliance on Collections and therefore private automation hub, Ansible Automation Platform 2.1 introduced the Continue reading
On-Demand execution with Red Hat OpenShift
Being able to dynamically scale infrastructure is no longer a nice-to-have - it is a requirement. The advent of cloud and container platforms have shifted the expectations in terms of consuming IT infrastructure and services. As a result, any tool that is used to manage infrastructure needs to be able to handle this ever-changing landscape.
Red Hat Ansible Automation Platform provides customers with the tools that they need to build an automation solution. The component automation controller helps enterprises automate and scale with confidence.
One of the ways we can scale our automation is to leverage container groups. Container groups are part of automation controller, and allow customers to leverage an existing OpenShift cluster to create on-demand execution capacity for Ansible Playbooks. When a job is executed from automation controller, it creates pods on the target OpenShift cluster, which runs the automation job. Once the job is complete, the pods are terminated. This provides a number of benefits:
- Fewer wasted resources - infrastructure isn’t sitting idle while waiting for automation jobs. Once a job completes, the resources are instantly freed up.
- Deliver execution capacity quicker - we don’t need to provision infrastructure up front.
- Less focus on capacity Continue reading
How to Activate Red Hat Insights for Red Hat Ansible Automation Platform
Note: This blog refers to Red Hat Insights using Ansible Automation Platform 2.1. Automation controller is the control plane for Ansible Automation Platform, formerly known as Red Hat Ansible Tower.
An indispensable but sometimes overlooked tool included with an Ansible Automation Platform subscription is the cloud-based service, Red Hat Insights for Ansible Automation Platform.
Insights is a suite of reporting and analytics tools to help you identify, troubleshoot, and resolve operational, business, and security issues across your entire ecosystem. You can also use Insights to track the ROI of your automation investment and plan future automation projects to prioritize your efforts where they will have the biggest impact on your business.
Before you can start using Insights to better understand your automation estate and make data-driven decisions, you need to set up the flow of information from your enterprise into the Red Hat Hybrid Cloud Console.
What you’ll need to activate Insights for Ansible Automation Platform
In order to turn on Insights data collection, you’ll need:
- A current Red Hat Ansible Automation Platform license
- Automation controller 4.1.0
Getting Started with Ansible.utils Collection for Playbook Creators: Part 2
Use Case: Operational state assessment using ansible.utils collection
In ansible.utils, there are a variety of plugins which we can use for operational state assessment of network devices. I overviewed the ansible.utils collection in part one of this two part blog series. If you have not reviewed part one, I recommend you do so, since I will build on this information in this part two blog. We will see how the ansible.utils collection can be useful in operational state assessment as an example use case.
In general, state assessment workflow has following steps:
-
Retrieve (Source of Truth)
- Collect the current operational state from the remote host.
- Convert it into normalized structured data. Structured data can be in json, yaml format or any other format.
- Store is an inventory variable.
Validate
- Define the desired state criteria in a standard based format, for example, as defined in a json schema format.
- Retrieve operational state at runtime.
- Validate the current state data against the pre-defined criteria to identify if there is any deviation.
Remediate
- Implement required configuration changes to correct drift.
- Report on the change as an audit trail.