Archive

Category Archives for "Systems"

Red Hat Insights for Ansible Automation Platform New Report : Modules

Red Hat Insights is a suite of cloud services available on the Red Hat Hybrid Cloud Console, powered by an expert system that is built upon years of data collected from across Red Hat’s worldwide customer base. For Red Hat Ansible Automation Platform customers, it provides predictive analytical reporting of your Ansible automation. 

This blog breaks down the new reports that analyze module usage within the Ansible Automation Platform.

In summary, module usage is really important because modules can contain security vulnerabilities and require updates to support new integrations of hardware or software. It is paramount to know which modules you are using in your automation.

Let's look at each report and what each of them can deliver for you.

 

Reports

Most used modules

Description: The number of job template and task runs, grouped by Ansible module usage.

Use Case: You can use this report to discover which modules are being used the most across your automation, helping you to check things like organization-wide adoption of purpose-built modules over potentially less performant, catch-all solutions.

Example:

This chart shows how the file and gather_facts modules are the most used, but also shows that over the past 6 Continue reading

Configuring an AWS dynamic inventory with Automation controller

One of the core components of Ansible is inventories. In its most basic form, an inventory provides host information to Ansible so it can trigger the tasks on the right host or system. In most environments, the static inventory is sufficient for the Ansible control node to work from, however as we expand our use of automation, we need to transition to more effective methods of gathering ever-changing environment details.

This is where the use of a dynamic inventory is beneficial. This allows the platform to gather information for the inventory from environments that are not static sources. A prime example of this is using a dynamic inventory plugin to gather inventory information from a cloud provider or hypervisor, enabling you to keep an inventory up to date with instance details.

Amazon Web Services (AWS) is one of the biggest public cloud providers used around the world. Organizations use their Elastic Compute Cloud services (EC2) for their workflows, however managing an inventory for your instances running on AWS would typically have to be done manually, which is problematic and time consuming. Using the AWS Identity and Access Management interface (IAM), we are able to get programmatic access to the AWS Continue reading

Inside the newest features in the Red Hat Ansible Certified Content Collection for ServiceNow ITSM

The Red Hat Ansible Certified Content Collection for ServiceNow helps you create automated workflows targeting IT service management (ITSM) tasks faster while establishing and maintaining a single source of truth in the ServiceNow configuration management database (CMDB). In this blog, I’ll share the latest features we’ve added to the Collection, and you can find additional resources about existing features at the end of this blog. 

We’ve added three major updates to the Red Hat Ansible Certified Content Collection for ServiceNow:

  • Advanced inventory features
  • Customized list mappings
  • Creating problem tasks and change requests tasks

Let’s take a closer look at each of these. 

 

Support for advanced inventory features 

A new feature in ServiceNow Collection introduces a new inventory functionality, called “enhanced inventory”, which provides the ability to create groups based on CMDB relationships. Previous versions of the inventory plugin allowed us to create predefined groups, such as the “Linux Red Hat” and “Windows XP” examples shown here: 

---
plugin: servicenow.itsm.now
query:
  - os: = Linux Red Hat
  - os: = Windows XP
keyed_groups:
  - key: os
    prefix: os

Inspecting the inventory collected using the above configuration results in:

ansible-inventory -i inventory.now.yaml --graph` output:
|--@os_Linux_Red_Hat:
 Continue reading

Let’s Level Set at the Edge

Introduction

Typically when people hear the word edge, everyone gets a little apprehensive of what that means. So Josh, Andy, Martin and Chad got together to collaborate on what that means from their collective experiences across multiple industries. In this blog we will cover what the difference is between the near edge and far edge, as well as give some examples of what we have seen in these environments across multiple industries.

 

Near Edge

Near edge typically refers to distributed deployments of “scaled-down” IT-like services to support business operations outside the core data centers and public cloud providers. This includes anything from retail stores, branch field offices, manufacturing facilities, warehouses and distribution centers that generally have stable connectivity. 

Traditionally, these have been referred to as remote offices or branch offices, with the common acronym ROBO, but there are far more examples of this deployment pattern. Consider the following:

  • A point of sale system or back office processing at a retail location.
  • A localized authentication/authorization source for badge access to a manufacturing plant.
  • A file share located locally to a University’s extension office that’s replicated over an unreliable connection.

These are all examples that fit under our definition of Continue reading

What’s New in the Ansible Content Collection for Kubernetes 2.3

With increased adoption of container automation, IT organizations continue to expand their requirements when it comes to deploying and managing their Kubernetes clusters. As such, we at Red Hat continue to add new features and capabilities to meet those demands by announcing the availability of kubernetes.core version 2.3, our Red Hat Ansible Certified Content Collection for Kubernetes and Helm.

In this blog post, we’ll go over what’s new and what’s different in this release of our Kubernetes Collection. 

 

New Module - k8s_taint

With the release of kubernetes.core 2.3, we introduce the k8s_taint module. This module provides the ability for a Kuberentes node to repel a pod or set of pods from being scheduled unless they have a matching toleration. This establishes that with taints and tolerations in place, pods are not scheduled onto inappropriate nodes.

This feature is quite useful when you are trying to ensure exclusivity of a particular set of nodes (only allow a particular group of users access) or you want to provide particular nodes with special hardware (such as GPUs) to only run pods that require the use of the specialized hardware and keep out the pods that don’t require Continue reading

Two Simple Ways Automation Can Save You Money on Your AWS Bill

Red Hat Ansible Automation Platform is an excellent automation and orchestration tool for public clouds. For this post, I am going to walk through two common scenarios where Ansible Automation Platform can help out. I want to look outside the common public cloud use-case of provisioning and deprovisioning resources and instead look at automating common operational tasks.

Screen Shot 2022-03-14 at 2.35.05 PM

What is an operational task? It is simply anything that an administrator has to do outside of creating and deleting cloud resources (e.g. instances, networks, keys, etc.) to help maintain their company's public cloud account. One of the problems I’ve encountered is instances being left on, running up our public cloud bill in the background while we were focusing our attention elsewhere. The more users you have, the more likely problems are to occur; automation can help address these issues and maintain control of your account. There are two common scenarios I want to address here:

  1. Bespoke AWS instances were manually created for a one-off initiative, usually to test something, then instances were forgotten about and left running.
  2. Continuous Integration (CI) instances were spun up to test changes programmatically every time a Pull Request (PR) went into our project, and would Continue reading

The Ansible cookie: Magic in the middle

If Ansible Automation Platform was compared to the crunchy goodness of a cookie, private automation hub would be the sweet center bringing it all together and making your mouth water!

Private automation hub provides organizations with a central location for their automation resources. Ansible automation hub is part of the hosted services from console.redhat.com. This hosted offering provides automation adepts access to Red Hat Ansible Certified Content Collections for several industry-leading technologies and partners.

Private automation hub brings this functionality on-premises and allows for users to curate their custom automation content with not only Red Hat Ansible Certified Content but with community content from Ansible Galaxy. Private automation hub also acts as a container registry where we can store and distribute the automation execution environments needed for Ansible Automation Platform 2. 

How do we get started with building our own private automation hub and use it in our enterprise? How do automation controller and private automation hub interact?

Let’s get cooking and build our mouthwatering automating platform! 

To deploy the “magic in the middle,” we are going to use the Ansible Automation Platform installer from our automation controller node. Since we are installing a private automation Continue reading

How to Migrate your Ansible Playbooks to Support AWS boto3

Red Hat Ansible Automation Platform is known for automating Linux, Windows and networking infrastructure. While both the community version of Ansible and our enterprise offering, Red Hat Ansible Automation Platform, are prominently known for configuration management, this is just a small piece of what you can really achieve with Ansible’s automation. There are many other use-cases that Ansible Automation Platform is great at automating, such as your AWS, Azure or Google public cloud. 

Ansible Automation Platform can automate deployments, migrations and operational tasks for your public cloud. This is extremely powerful because you can orchestrate your entire infrastructure workflow, from cloud deployment, to instance configuration, to retirement, rather than requiring a point tool for each separate use-case. This also allows IT administrators to concentrate on automating business outcomes rather than individual technology silos.

Specifically for this blog, I wanted to cover converting your Ansible Playbooks for provisioning an instance on AWS from the unsupported ec2 module to the fully supported ec2_instance module. Amazon has deprecated their Software Development Kit (SDK) Boto in favor of the newer fully supported SDK Boto3. Alina Buzachis announced What's New: The Ansible AWS Collection 2.0 Release back in October 2021, which includes Continue reading

Forecasting and tracking the ROI of automation

Great ideas start with coffee, but business innovation starts with automation. Just like that morning jolt of warm friendly caffeine, Red Hat Ansible Automation Platform has the ability to enhance, optimize and make your technology stack flow like the beloved beverage most of the world consumes on a daily basis.

It is easy to discuss all the technical benefits that Ansible Automation Platform can bring to organizations, but what about the business benefits? How can you observe the state of your automation and return on investment (ROI)? How can you explain the financial impact of automation to key stakeholders? The answer to all of these questions is Red Hat Insights for Red Hat Ansible Automation Platform.

Red Hat Insights is an analytics platform to help you understand your automation efforts. It lets your data work for you by proactively identifying and correcting issues. Included as a hosted service offering with Ansible Automation Platform, Insights provides a visual dashboard to indicate automation performance, health notifications, organizational statistics, and more.

The most relevant features within Insights for IT business leaders and decision makers  who want to validate their automation strategy are Reports, Savings Planner and Automation Calculator

Tracking how automation Continue reading

Technology Short Take 152

Welcome to Technology Short Take #152! Normally I’d publish a Technology Short Take in the morning on a Friday, but I really wanted to get this one out so I’m making it live late in the day on a Monday. Here’s hoping I’ve included some content below that you find useful!

Networking

  • I was (and am) familiar with RFC 1918 and the concept of non-routable address spaces. However, I was not familiar with the term “bogons” to refer to such prefixes that should not be publicly routed. Thanks to this article, that oversight is now corrected. Oh, and the article shares a handy Python script to help implement bogon filtering in NSX-T.
  • Koyeb describes, at a high level, the global networking stack for their serverless platform. Components involved include the open source Kuma service mesh (in turn leveraging Envoy), anycast BGP, and mutual TLS (mTLS).
  • Ivan Pepelnjak does a great job of describing all the things you really shouldn’t do (or don’t really need to do) when trying to deal with migrating container hosts in a data center fabric. In truth, the answer is exactly as Ivan says at the top of the article: when it comes to Continue reading

Performance Improvements in Automation Controller 4.1

Red Hat Ansible Automation Platform 2 is the next generation automation platform from Red Hat’s trusted enterprise technology experts. With the release of Ansible Automation Platform 2.1, users now have access to the latest control plane – automation controller 4.1.

Automation controller helps standardize how automation is deployed, initiated, delegated, and audited, allowing enterprises to automate with confidence while reducing sprawl and variance. Users can manage inventory, launch and schedule workflows, track changes, and integrate into reporting, all from a centralized user interface and RESTful API.

Automation controller 4.1 provides significant performance improvements when compared to its predecessor Ansible Tower 3.8. To put this into context, we used Ansible Tower 3.8 to run jobs, capture various metrics while jobs were running/finished, and compare that with automation controller 4.1. This post highlights the significant performance improvements in automation controller 4.1.

Benchmark framework

In order to deep dive into the prospective performance enhancements with the latest automation controller, we at the performance engineering team at Red Hat created a benchmarking framework consisting of the following workflow:

  • Installation of RHEL 8.3 virtual machines with 4 CPU and 16 GB RAM deployed within the IBM Cloud
  • Continue reading

Edge Automation with NetGitOps on Red Hat Ansible Automation Platform 2

Network edge automation challenges 

As organizations grow and expand geographi cally, they start extending their IT infrastructure into the distributed and far edge layers through opening new branch offices. 

Restaurants, retail stores, and other customer-centric businesses provide differentiated wireless access for their employees, contractors and customers to interconnect within their designated areas. 

Configuring and managing multiple wireless settings via Red Hat Ansible Automation Platform simplifies the deployments at scale.

Network administrators can use GitOps practices to automate wireless infrastructure as a code (IaC).

This case covers a sample use case for a company that uses an SDN (software-defined network) controller with a large network infrastructure, including access points, switches, and firewalls/routers to provide connectivity for thousands of branches across multiple countries. We will show you step by step how to automate wireless network access point settings at scale through a SD-WAN controller, which will be Cisco Meraki for purposes of this demo.  

 

Considerations about using a source of control. Why not scripts?

Typically an SDN controller has an API. Having access to an SDN API is an advantage, since we have a single point of contact with the controller, and we can operate the whole network Continue reading

Five ways to get started with network automation

As many of you know, Red Hat Ansible Automation Platform is a highly flexible IT automation platform that can automate your Linux and Windows instances, your VMware private cloud, your AWS, Azure or Google public cloud, and even your security infrastructure.  Today I want to write about one of my favorite use-cases; using Ansible Automation Platform for network automation. It provides easy, highly customizable automation for your routers and switches so you can automate them just like any other IT infrastructure.

However, even though network automation has become increasingly popular, most organizations are still managing their network infrastructure manually by a CLI or GUI. Why is this? This manual CLI work often means that network engineers are reactive and constantly drowning with break-fix network issues because of manual mis-configurations, or the inability to implement change quickly and efficiently.

Because network engineers are so busy firefighting in their day job, they don’t have time to look at a new activity like automating, even though automation will save them time and money in the long run. I fundamentally believe that network automation is not an all or nothing situation.  You need to adopt network automation in small increments so you Continue reading

Using cert-manager with Kuma for mTLS

When configuring mutual TLS (mTLS) on the open source Kuma service mesh, users have a couple of different options. They can use a “builtin” certificate authority (CA), in which Kuma itself will generate a CA certificate and key for use in creating service-specific mTLS certificates. Users also have the option of using a “provided” CA, in which they must supply a CA certificate and key for Kuma to use when creating service-specific mTLS certificates. Both of these options are described on this page in the Kuma documentation. In this post, I’d like to explore the use of cert-manager as a “provided” CA for mTLS on Kuma.

Currently, Kuma lacks direct integration with cert-manager, so the process is a bit more manual than I’d prefer. If direct cert-manager integration is something you’d find useful, please consider opening an issue to that effect on the Kuma GitHub repository.

Assuming you have cert-manager installed already, the process for using cert-manager as the CA for a “provided” CA mTLS backend looks like this:

  1. Define the root CA in cert-manager.
  2. Prepare the secrets for Kuma.
  3. Configure the Kuma mesh object for mTLS.

I know these steps are really too high level to be useful Continue reading

Migrating from Python virtual environments to automation execution environments in Ansible Automation Platform 2

Red Hat Ansible Tower (included in Ansible Automation Platform 1.x) used Python virtual environments to manage dependencies and implement consistent automation execution across multiple Red Hat Ansible Automation Platform instances. This method of managing dependencies came with its own set of limitations:

  • Managing Python virtual environments across multiple Ansible Tower instances. 
  • Confirming custom dependencies across Ansible Tower instances grew in complexity as more end-users interacted with it.
  • Python virtual environments were tightly coupled to the control plane, resulting in Operations teams bearing the majority of the burden to maintain them.
  • There were no tools supported and maintained by Red Hat to manage custom dependencies across Ansible Automation Platform deployments.

Ansible Automation Platform 2 introduced automation execution environments. These are container images in which all automation is packaged and run, which includes components such as Ansible Core, Ansible Content Collections, a version of Python, Red Hat Enterprise Linux UBI 8, and any additional package dependencies.

 

Why should you upgrade?

Ansible Automation Platform 2, announced at AnsibleFest 2021, comes with a re-imagined architecture that fully decouples the automation control plane and execution plane. The new capabilities enable easier to scale automation across the globe and allow Continue reading

Ansible Automation Platform – A video tour

Many people are familiar with the community version of Ansible, the command line automation tool, but I wanted to elaborate on how our enterprise offering, Red Hat Ansible Automation Platform, and how it expands the possibilities of Ansible for our customers in Red Hat's most recent release.

Red Hat Ansible Automation Platform forges that open source innovation into a single, secure enterprise solution. We released our latest version Ansible Automation Platform 2.1 in December 2021, and there are a ton of new components, features and capabilities. So the technical marketing team put together a video tour of Ansible Automation Platform 2. It’s an 8 minute overview that we hope will provide automators with a useful guide to all of the new tools available to them, and how all the parts of Ansible Automation Platform fit together. 

 

If you’re looking to learn more about a specific component of the platform, you can jump right to it:

Private automation hub – Multi-Hub for resilience

Ansible Content Collections have become the new standard for distributing Ansible content (playbooks, roles, modules, and plugins). Collections have been fully supported since Ansible 2.9 and for the last 2 years, the Ansible community has been on a journey to move to this new way of packaging and consuming Ansible content. With Ansible 2.9, Collections were optional, but as of 2.10 they are a requirement. The ability to be able to install and use Collections as needed is increasingly important.

To help customers manage Collections, private automation hub was released with Red Hat Ansible Automation Platform 1.2. Private automation hub can be deployed in a datacenter or cloud provider and allows users to synchronise and curate content from various sources:

  • Certified and supported content from automation hub hosted on console.redhat.com
  • Self-supported community content from Ansible Galaxy
  • Private content

With private automation hub in place, customers can control the Ansible content that they publish and make available within their organisation. Users can either consume these Collections from the command line or directly from within automation controller. 

With this increased reliance on Collections and therefore private automation hub, Ansible Automation Platform 2.1 introduced the Continue reading

On-Demand execution with Red Hat OpenShift

Being able to dynamically scale infrastructure is no longer a nice-to-have - it is a requirement. The advent of cloud and container platforms have shifted the expectations in terms of consuming IT infrastructure and services. As a result, any tool that is used to manage infrastructure needs to be able to handle this ever-changing landscape. 

Red Hat Ansible Automation Platform provides customers with the tools that they need to build an automation solution. The component automation controller helps enterprises automate and scale with confidence. 

One of the ways we can scale our automation is to leverage container groups. Container groups are part of automation controller, and allow customers to leverage an existing OpenShift cluster to create on-demand execution capacity for Ansible Playbooks. When a job is executed from automation controller, it creates pods on the target OpenShift cluster, which runs the automation job. Once the job is complete, the pods are terminated. This provides a number of benefits:

  • Fewer wasted resources - infrastructure isn’t sitting idle while waiting for automation jobs. Once a job completes, the resources are instantly freed up.
  • Deliver execution capacity quicker - we don’t need to provision infrastructure up front.
  • Less focus on capacity Continue reading

How to Activate Red Hat Insights for Red Hat Ansible Automation Platform

Note: This blog refers to Red Hat Insights using Ansible Automation Platform 2.1. Automation controller is the control plane for Ansible Automation Platform, formerly known as Red Hat Ansible Tower.

An indispensable but sometimes overlooked tool included with an Ansible Automation Platform subscription is the cloud-based service, Red Hat Insights for Ansible Automation Platform.

Insights is a suite of reporting and analytics tools to help you identify, troubleshoot, and resolve operational, business, and security issues across your entire ecosystem. You can also use Insights to track the ROI of your automation investment and plan future automation projects to prioritize your efforts where they will have the biggest impact on your business.

Before you can start using Insights to better understand your automation estate and make data-driven decisions, you need to set up the flow of information from your enterprise into the Red Hat Hybrid Cloud Console.

What you’ll need to activate Insights for Ansible Automation Platform

In order to turn on Insights data collection, you’ll need:

Getting Started with Ansible.utils Collection for Playbook Creators: Part 2

Use Case: Operational state assessment using ansible.utils collection

In ansible.utils, there are a variety of plugins which we can use for operational state assessment of network devices. I overviewed the ansible.utils collection in part one of this two part blog series. If you have not reviewed part one, I recommend you do so, since I will build on this information in this part two blog. We will see how the ansible.utils collection can be useful in operational state assessment as an example use case.

In general, state assessment workflow has following steps:

  • Retrieve (Source of Truth)

  • Collect the current operational state from the remote host. 
  • Convert it into normalized structured data. Structured data can be in json, yaml format or any other format.
  • Store is an inventory variable.
  • Validate 

    • Define the desired state criteria in a standard based format, for example, as defined in a json schema format.
    • Retrieve operational state at runtime.
    • Validate the current state data against the pre-defined criteria to identify if there is any deviation.
  • Remediate 

    •  Implement required configuration changes to correct drift. 
    • Report on the change as an audit trail.

     

    How can ansible.utils collection Continue reading

    1 10 11 12 13 14 125