In the world of automation and agility, it seems that Information Technology Infrastructure Library (ITIL) doesn’t have a role to play anymore, being marked as an “old school” framework. Can it be the end of the methodology after it served numerous IT organizations for so long as a guideline and blueprint for their processes?
This series of articles shows how automation, and more specifically Red Hat Ansible Automation Platform and the principles of Infrastructure as Code (IaC), can help bring some of the ITIL topics into the agile and automated bliss:
So let’s step into the topic of configuration management and what everybody still knows as CMDB (Configuration Management Database) even if ITIL has since long titled it as CMS (Configuration Management System). This name change was meant to highlight the fact that the function can be fulfilled by a combination of multiple databases and tools, but it won’t matter here, so we’ll stick to the infamous CMDB term.
Do you love your CMDB? Probably not, according to my experience with numerous customers. The data is generally outdated and wrong, considered useless, which means that its maintenance is considered a Continue reading
Red Hat Ansible Automation Platform 2.1 introduced automation execution environments, which is a new way to package automation into a container runtime environment. In addition, private automation hub also joined the party by adding significant support for execution environments.
Let's dive into those features:
Private automation hub now ships with the pulp container registry. This means it can store and serve up container images.
We only support the Ansible private automation hub registry serving execution environment images.
The Ansible private automation hub user interface allows the administrator to define remote registries. This allows for the registry to mirror container images from their source. A good example of remote registries is adding the base execution environment images available at Red Hat.
To access the Red Hat registry, visit registry.redhat.io and use the same username and password that you use for access.redhat.com.
Upon adding the registry, you will see a new remote registry definition.
This capability is available after you have added a remote registry as per Feature 2;click the menu on the registry Continue reading
Red Hat Ansible Automation Platform 2.2 introduces a technical preview of automation services catalog.
Automation services catalog was first developed in the cloud at console.redhat.com, with capabilities for fast, agile development and feature release. Over time, Red Hat continually adapted features to meet customer requirements and incorporate their feedback. As customers became more familiar with the benefits, they’ve since requested the ability to access these catalog components within their firewalled infrastructure with direct access to the Ansible clusters and their corporate identity services. We continue to listen and are providing a private version of automation services catalog, installed by the platform installer alongside automation controller and private automation hub.
As far as catalogs go, there is a fairly standard pattern to follow. Here is the first glimpse of the user interface.
This image shows what are known as “products”. Products reside within “portfolios,” which allow the administrator to group products into sharable, access controlled folders. Products are simply references to a job template or workflow.
What I really like about having this new level of abstraction is that I can reference the same job template in a product multiple times. Continue reading
In April 2021 I wrote a post on making Firefox use Private Browsing by default, in which I showed how to modify the GNOME desktop file so that Firefox would open private windows by default without restricting access to normal browsing windows and functionality. I’ve used that technique on all my Fedora-based systems since that time, until just recently. What happened recently, you ask? I switched to the Flatpak version of Firefox. Fortunately, with some minor tweaks, this technique works with the Flatpak version of Firefox as well. In this post, I’ll share with you the changes needed to make the Flatpak version of Firefox also use private browsing by default.
When working with the non-Flatpak version of Firefox, the GNOME desktop file installed with the Firefox package is found at /usr/share/applications
. In my earlier article, I suggested editing that file to add the --private-window
parameter to the Exec
line. Unfortunately, that change gets overwritten every time the Firefox package is updated. It’s better, actually, to use a locally customized desktop file placed in ~/.local/share/applications
instead, which will take precedence over the shared desktop file.
With the Flatpak version of Firefox, there is still a shared Continue reading
Automation content navigator was released alongside Red Hat Ansible Automation Platform 2.0 and changed the way content creators build and test Ansible automation. Navigator 1.0 drew together multiple Ansible command line tools like ansible-playbook, ansible-doc, ansible-config, etc. and continues to accrue seriously useful new features to help deliver greater flexibility to automation creators.
Coinciding with the release of Ansible Automation Platform 2.2, navigator 2.0 introduces improvements to existing functionality alongside additional features to aid in the development of automation content.
Within navigator 2.0, you will find:
Before the release of navigator 2.0, a separate command line application (ansible-builder) was needed to build execution environment images from human readable YAML files. With this release, ansible-navigator Continue reading
I love being a network engineer, even though I struggled to explain to non-networking people about the utmost relevance of network administration. However, during the last two years of the COVID-19 pandemic, the world could see the relevance of having connectivity. Networks are the highways of information. Data, applications, entertainment, and factories need the network connectivity roads to make the world run. It’s interesting that even network models to estimate traffic behavior use algorithms that are similar to the ones to estimate transportation.
To enable this communication, networks have to interconnect through routing protocols. There are many ways to configure routing; you can permit or restrict traffic to certain networks to leave some sectors isolated, and propagate routes to allow connectivity only to specific segments of your network.
When you configure routing settings to allow this interconnection, you not only want to reach the ultimate purpose of configuring connectivity, but you want to do this in an efficient manner.
The use of prefix-lists is one mechanism to permit a better use of resources in your routers. In this blog we are going to briefly cover why prefix-lists configuration is relevant, and Continue reading
I’ve recently started migrating many of the applications on my Fedora 36 laptop to their Flatpak versions. For the most part, this has been pretty straightforward, although there isn’t really any method for migrating configuration and data. Today I ran into a problem with Meld, a graphical diff utility, and using it with the git difftool
command. Below I’ll share how I worked around this problem.
Normally, the integration between Git and Meld—which is what enables you to run git difftool
and have the results show up in Meld—would look something like this (this is from ~/.gitconfig
):
[merge]
tool = meld
[diff]
tool = meld
[difftool]
prompt = no
[difftool "meld"]
cmd = /usr/bin/meld "$LOCAL" "$REMOTE"
[mergetool "meld"]
cmd = /usr/bin/meld "$LOCAL" "$REMOTE"
However, when Meld is installed as a Flatpak, /usr/bin/meld
doesn’t exist. In order to continue using Meld with the git difftool
command, you must change the Git configuration to look like this instead:
[merge]
tool = meld
[diff]
tool = meld
[difftool]
prompt = no
[difftool "meld" Continue reading
Welcome to Technology Short Take #155, just in time for the 2022 Memorial Day holiday weekend! (Here in the US, at least.) I mean, don’t you want to spend this weekend catching up on some technology-related articles instead of cooking on the grill and gathering with friends and family? I certainly hope not! Still, for those who need a little technology fix over the weekend, hopefully I’ve included something useful in the list of articles below. Enjoy!
The Ansible product team at Red Hat is thrilled to announce the general availability of Red Hat Ansible Automation Platform 2.2, which includes numerous features and bug fixes that further solidify Ansible Automation Platform as the de facto enterprise IT automation solution for developers to operations teams in data centers, clouds, and at the edge. A few of the most noteworthy features in this release include:
Don’t forget to check out the product documentation including the release notes!
Let’s face it, automating at enterprise scale is really hard. Although many features were added for the content creator and developer in Ansible Automation Platform 2, the automation operations teams are typically responsible for making sure automation is up and running as it should across all inventories, worldwide, with 24/7 availability and uptime. As enterprise Continue reading
We recently made available an experimental alpha Collection of generated modules using the AWS Cloud Control API for interacting with AWS Services. This content is not intended for production in its current state. We are making this work available because we thought it was important to share our research and get your feedback.
In this post, we’ll highlight how to try out this alpha release of the new amazon.cloud content Collection.
Launched in September 2021 and featured at AWS re:Invent, AWS Cloud Control API is a set of common application programming interfaces (APIs) that provides five operations for developers to create, read, update, delete, and list (CRUDL) resources and make it easy for developers and partners to manage the lifecycle of AWS and third-party services in a standard way.
The Cloud Control API provides support for hundreds of AWS resources today with support for more existing AWS resources across services such as Amazon Elastic Compute Cloud (Amazon EC2) and Amazon Simple Storage Service (Amazon S3) in the coming months.
AWS delivers a broad and deep portfolio of cloud services. It started with Amazon Simple Storage Service (Amazon S3) and grew over Continue reading
Red Hat Ansible Automation Platform 2 includes major features that allow customers to onboard more easily with even more flexible automation architectures and use cases. Ansible Automation Platform enables IT professionals to automate at enterprise scale more easily and flexibly. This means that everything you know and love about writing Ansible Playbooks is largely unchanged, but what is evolving is the underlying implementation of how automation is developed, managed, and operated in large complex environments.
Ansible Automation Platform now includes new automation creator tools such as ansible-lint, ansible-navigator and ansible-builder, a new architecture using container-based automation execution environments and automation mesh, and new tools such as private automation hub and automation services catalog to help operationalize teams to work together. For a complete list of everything included in your subscription, check out the knowledge base article: What is included in Red Hat Ansible Automation Platform subscription? If you prefer to consume our content via videos, check out my blog and YouTube video: Ansible Automation Platform - A video tour.
That is a lot of cool new stuff that is included in your Red Hat subscription! You might be thinking that your Ansible knowledge is really good, but you are unsure Continue reading
As some of you may know, Red Hat Summit was back in person in Boston last week. For those who are not familiar, Red Hat Summit is the premier enterprise open source event for IT professionals to learn, collaborate, and innovate on technologies from the datacenter and public cloud to the edge and beyond. Red Hat made a lot of exciting announcements, with several that included Red Hat Ansible Automation Platform. If you could not make the event or would like to revisit some of the content, you can access any session on demand.
One of the big announcements at Summit was the unveiling of new levels of security from the software supply chain to the edge. In Ansible Automation Platform 2.2, Red Hat is introducing a technical preview of Ansible content signing technology. The new capability helps with software supply chain security by enabling automation teams to validate that the automation content being executed in their enterprise is verified and trusted.
With the announcement of this new edge capability, we showcased a session for Ansible and edge that is available on demand. The session “GitOps your distributed edge computing model with Red Hat Ansible Automation Platform” Continue reading
I recently had the opportunity to emcee an Ask me Anything webinar in April 12, These sessions are a good opportunity for the community, customers, partners and more to talk directly to Red Hat employees about what is happening on Red Hat Ansible Automation Platform and beyond. For this webinar, we had an awesome group of individuals with a diverse talent range across multiple skill sets from Product Management, Technical Marketing and Engineering:
To watch the webinar on-demand check it out here.
As it turns out, we can’t get to every question that comes in, so we had Continue reading
When Cluster API creates a workload cluster, it also creates a load balancing solution to handle traffic to the workload cluster’s control plane. This is necessary so that the control plane endpoint is decoupled from the underlying control plane nodes (which facilitates scaling the control plane, among other things). On AWS, this mean creating an ELB and a set of security groups. For flexibility, Cluster API provides a limited ability to customize this control plane load balancer. In this post, I’ll show you how to use this functionality to fine-tune access to a workload cluster’s control plane when using Cluster API with AWS.
If you’re not familiar with Cluster API (hereafter just referred to as “CAPI”), then my introduction to CAPI article may be useful. Keep in mind that article was written in 2019, while the project was still in its early stages. The high-level concepts are correct, but some of the details may have shifted slightly over the last three years as the project progressed from v1alpha1
APIs to the now-current v1beta1
APIs.
The key here is the controlPlaneLoadBalancer
object, which is part of the AWSCluster
object (see details here in the code or here via pkg.go.dev
Continue reading
In December of 2021, Red Hat and Microsoft announced the Red Hat Ansible Automation Platform on Microsoft Azure.
This year during Red Hat Summit 2022, Red Hat announced the General Availability of the Red Hat Ansible Automation Platform on Microsoft Azure in North America with global availability coming soon.
I’d like to spend some time providing some more details about this offering and why you should be considering Ansible Automation Platform on Azure.
Ansible Automation Platform on Azure (AAP on Azure) deploys from the Azure Marketplace as a managed application. It deploys directly into your Azure Subscription, but Red Hat as the publisher of the application has access to a shared and secured managed resource group to support, maintain, and upgrade your deployment. More specifically, a dedicated Red Hat SRE team deals with all the ongoing management of AAP on Azure, while you focus on expanding your automation strategy within your organization across the hybrid cloud.
For many organizations using Azure today, there’s a huge benefit in taking advantage of AAP on Azure. It runs in your Azure subscription. It integrates seamlessly with many of the Azure services, Continue reading
Ansible for security automation
Per NASCIO, the top priority for state CIOs is cybersecurity and risk management. A key focus for this initiative is to leverage the Continuous Diagnostics and Mitigation (CDM) framework provided by the Cybersecurity and Infrastructure Security Agency (CISA). In this blog post we will explore a high level view of the CDM framework, review Ansible’s role in security automation and finally understand how Ansible can help agencies with Day 0 through Day 2 tasks while working with the CDM framework.
Today more than ever, cyber threats mean that securing and defending our networks are of utmost importance. A recent report published by the National League of Cities revealed that an astonishing 44% of local governments report they experience a cyberattack daily or even hourly. So it is not surprising to see that cybersecurity and risk management is the number one priority for our state CIOs. With that background, let’s understand the CDM program.
Source: https://www.cisa.gov/cdm-training
The CDM framework is defined by CISA. CDM provides capabilities and tools that help identify Continue reading
In my previous blog, Why 2022 will be the year for edge automation, we discussed the objective of edge solutions to bring resources closer to the end user or data source.
As edge expands its IT footprint and becomes an extension of the data center, bare-metal, virtual environments, private cloud and public cloud start to coexist as part of the infrastructure.
While our customers move forward with their own automation journey, they are adding edge computing to the puzzle, with common automation challenges such as:
How to automate disparate architectures at scale?
How do we reduce the operational burden, if the IT teams do not grow exponentially?
What is needed to foster a collaborative automation practice?
As part of this blog we will go through a hybrid edge computing automation scenario. But let's start with the fundamental question: Why is hybrid cloud critical for edge computing?
At the edge, geography matters.
The fundamental need is to allocate resources closer to where the data is generated to pre-process the information before forwarding it to the data centers. The reason for this architectural change is to increase Continue reading
Welcome to Technology Short Take #154! My link of links and articles from around the Internet is a bit light on networking and virtualization this time around, but heftier in the security, cloud, and OS/application sections. I hope that I’ve managed to include something that you’ll find useful. Enjoy the content!
Over the many years of working as an engineer and architect with a particular interest in storage, I have learned that donuts and energy drinks can really bring you some joy in trying situations. When it seems that your infrastructure is on fire and you need an exorcist to help you find the ghost in the machine, a humble box of glazed donuts can give you and your team a much-needed break and allow you to refocus.
Now, the issue with this habit is that it might help you in the moment, but over time this can become a real health issue. Configuration drift, technical issues, and technical debt can all have similar effects on your health, increasing your heart rate and causing sleepless nights. Red Hat Ansible Automation Platform can assist you here with not only keeping your infrastructure in check, but also giving your teams the peace of mind that systems are running as they should.
Being able to schedule compliance checks on your systems with Ansible Automation Platform enables you to preserve configuration and system states, and keep them running the way you prefer. But sometimes this is not proactive enough. What if you have Continue reading
Side-by-Side migration to Ansible Automation Platform 2
The release of Red Hat Ansible Automation Platform 2.1 comes with a re-imagined architecture that delivers exciting features such as automation mesh and automation execution environments among an entire suite of tools and components that enable enterprises to scale automation across their organizations.
With the importance of enterprise automation and taking advantage of the latest Ansible Automation Platform, we created a simple reference architecture to help guide you migrate from Ansible Automation Platform 1.2 to Ansible Automation Platform 2.
It consists of using a side-by-side methodology for the migration process via using the Ansible Automation Platform installer to do the migration and restoring a Database backup from a Ansible Automation Platform 1.2 cluster.
Say goodbye to the guessing game of how you’ll migrate to the latest and greatest. Our goal is to simplify the migration planning, considerations and, most importantly, the step-by-step on how to do it.
Inside this reference architecture you’ll find:
The migration considerations focus Continue reading