Archive

Category Archives for "Systems"

Creating Custom Rules for Ansible Lint

What is Ansible Lint? 

Ansible Lint is a command-line tool (part of the ansible-lint upstream community project) for linting of Ansible Playbooks, Roles, and Collections. Ok, so what exactly is “linting?” Its fundamental objective is to promote proven behaviors, patterns, and practices while avoiding typical traps that can quickly result in errors or make code more difficult to maintain. That is - leverage community recommendations and opinions in writing Ansible content by means of a tool to help ensure what you’re writing is generally valid.

Additionally, Ansible Lint is designed to assist users in updating their code to function with more recent Ansible versions. Even though the version of Ansible being used in production can be an older version of ansible-core, we advise utilizing it with the most recent version.

Ansible Lint is opinionated just like any other linter. However, because community members contributed to its rules, each user has the option to enable or disable them on an individual or category basis.

 

Why should I use Ansible Lint? 

The goal of Ansible Lint is to flag programming errors, bugs, stylistic errors and suspicious constructs and also ensure that content created by different people has Continue reading

Red Hat Ansible Automation Platform now available in AWS Marketplace

AWS marketplace blog

At AnsibleFest 2022 in the “windy city” Chicago, Red Hat announced Ansible Automation Platform’s upcoming availability in AWS Marketplace. That day is here!  

I’d like to take a few moments to provide some more details about this offering and why you should be considering Ansible Automation Platform in AWS Marketplace.

As organization’s hybrid cloud environments continue to grow in complexity, so does the need to increase efficiency and speed. The solution is to leverage an automation platform that can help any organization create, manage, and scale their automation efforts across the entire IT infrastructure. Ansible Automation Platform is the glue that can coordinate and scale automation across all IT domains.

 

AWS Marketplace deployment

Ansible Automation Platform deploys directly from the AWS Marketplace as a self-managed application. There are many benefits of deploying Ansible Automation Platform in AWS Marketplace.

  1. It deploys into your environment, where you have total control over the solution.
  2. Ongoing upgrades will be simpler because of this deployment model, so while this is a self-managed solution, it’s still simpler to maintain than if you had started from scratch yourself.
  3. The ability to scale out the Ansible Automation Platform environment using extension nodes. (I’ll write a blog Continue reading

Crank up your automation with Ansible validated content

 

“Dear Aunt Automation,

 

At Suncavanaugh Corp., we just got this super cool automation platform. It's called Red Hat Ansible Automation Platform. Now, I'm really excited about all this and I have used Ansible before, but I'm worried about getting it working in our environments. How do I even get started with automation that needs to be production ready? What if I need help building what we need? How do I know what I build is good enough for production? This is pretty scary… 

 

Love,

~ Chagrining in Chapel Hill “

 

We can understand these concerns, as this is something that many customers experience when they start their journey into automation. Red Hat Ansible Automation Platform has many tools to assist organizations from savings planner to Red Hat Insights, however, actually getting started still requires you to jump into some YAML and build your first production-ready playbook. You want to start automating, but you don’t know where to start. At AnsibleFest 2022, we announced a new addition to the content ecosystem offered through the platform. Drumroll please….. this is Ansible validated content. 

Ansible validated content is expert-built automation content packaged as Collections that contain Ansible Continue reading

Technology Short Take 162

Welcome to Technology Short Take #162! It’s taken me a bit longer than I would have liked to get this post assembled, but it’s finally here. Hopefully I’ve managed to find something you’ll find useful! As usual, the links below are organized by technology area/discipline, and I’ve added a little bit of commentary to some of the links where it felt necessary. Enjoy!

Networking

Security

  • Rory McCune has a series of articles on PCI compliance in containerized and Kubernetes environments. These are worth a read if security and compliance are your jam (see here, here, here, here, here, here, and here). I suspect more are in the works, so stay tuned to his site!
  • Persistent malware in ESXi hypervisor environments? Ugh! See here for more details.
  • The corny (cheesy?) food references in the title of this Continue reading

Project signing and verification

Project signing card

Project signing is a new feature developed for Red Hat Ansible Automation Platform that came out in the latest 2.3 release. It enables users to sign project-based content (think playbooks, workflows, inventories, etc.) and verify whether or not that content has remained secure. It also features a new CLI tool, ansible-sign. This blog post will explain how it works, illustrate how to implement it, and highlight a few scenarios.

 

Why we need signing capabilities

Organizations need to make sure their automation is tested and performing the intended tasks.  However, what if someone deploys untested automation, or worse yet, someone intentionally tries to automate something nefarious?  It might not even be intentional, but can simply be an organization using a community collection whose author removes a feature that they were using.

When organizations start adopting automation at the enterprise level, there may be hundreds to thousands of tasks being performed every hour across thousands of infrastructure nodes. How do you make sure the automation content that is being executed can be trusted? How do you know your automation is doing what you think it is? Is your organization pulling content from various sources outside of Continue reading

Keep the learning pace! A Holiday recap about network automation sessions

Keep the learning pace blog

AnsibleFest in October was an amazing experience; the best part was meeting and chatting about multiple network automation use cases with our customers and partners.

In case you want to review the most relevant sessions, here is a summary on the abridged network automation related sessions that you can check on-demand for the next 5 months:

 

Why unified network automation and why now? 

Bob Laliberte, Principal Analyst, ESG covers the complexity of modern networks which span across multi-domain teams including campus, branches, data centers, WAN networks and now edge across distributed locations. 

Network automation, when implemented as an end to end solution, can unify teams and make it faster and more efficient to deliver network services.

IT decision makers and managers will be able to have a better insight on network automation challenges and KPIs.

 

Noor Shadid, Wells Fargo | theCUBE at Red Hat AnsibleFest 2022

In this interview, Wells Fargo Senior Vice President, Noor Shadid, describes their cultural change with automation and how Wells Fargo positioned itself as a technology company.

 

Journey to Automated NetOps in Financial Services 

John Teixido from Truist and Tony Dubiel from Red Hat cover this amazing session. You Continue reading

What’s new in Ansible Automation Platform 2.3

AAP 2.3 whats new card

We are thrilled to announce the general availability of Red Hat Ansible Automation Platform 2.3. If you didn’t get the opportunity to attend AnsibleFest 2022 in Chicago, or get time to watch the keynotes on the AnsibleFest content hub, I am the lucky Ansiblite (or is it Ansi-Bull) who will walk you through all the new, cool and exciting features coming with our new release. Ansible Automation Platform 2.3 introduces a number of new features and capabilities that deliver simpler, security-focused automation at scale. Ansible Automation Platform 2.3 is compatible with the Developer Preview of Event-Driven Ansible, a new set of capabilities that empower true end-to-end automation.

You can download the latest version directly from the Red Hat Customer Portal, or sign up for a free trial at red.ht/try_ansible. If you want to skip right to the documentation and release notes, check out the official Product Documentation page.

If you are new to Ansible Automation Platform 2 and wondering what automation execution environments, automation mesh, and automation content navigator all are, I highly recommend watching the video tour that our technical marketing team put together.  If you prefer reading, I recommend checking out Continue reading

Walking on Clouds with Ansible

Today is a good day, and when it's a day like this we often feel like we are walking on clouds. With this latest announcement for the newest Red Hat Ansible Certified Collections available to our customers on the 28th of November, I am sure many cloud practitioners will be anticipating what the future will bring for their cloud automation. 

Over the last few months, there has been a fair amount of activity in the Ansible team showing how Red Hat Ansible Automation Platform can extend and connect different technologies. This has been a crucial component of Ansible’s success in cloud automation for many customers.

 

Cloud automation requires the ability to perform many different complicated tasks and cover just as many domains. Often, organizations have different technologies to meet specific requirements and needs. One of the technologies widely used is Terraform.  

We have done a number of blogs recently on the topic, ranging from a simple example of using Terraform with Ansible Automation Platform - Terraforming Clouds with Ansible, to in-depth looks at the differences between the tools - Ansible vs Terraform Demystified and Ansible vs Terraform, clarified. AnsibleFest 2022 even featured a lab where we Continue reading

Importing/Exporting Collections in automation hubs

This article discusses how to export and import Collections from one automation hub to another.

Ansible automation hub stores Collections within repositories and the Collections are versioned by the curator, so therefore many versions of the same Collection can exist in the same or different repositories at the same time.

Ansible automation hub repositories store Collections as TAR files, as created by ansible-galaxy during the curation and publishing process. This makes for easy downloading and transportation, especially during import and export workflows. You can be assured that the Collection you are importing to the new repository is the same one that was exported, or originally created by ansible-galaxy (assuming nothing malicious has happened to it; for that level of protection we have digital collection signing and can discuss that in a future article). 

There are many reasons why you may wish to export or import Collections from one automation hub to another, so here are some common use cases.

 

Your production automation hub is on a disconnected network

This scenario means that you need to move content from an internet connected automation hub to another automation hub over an air gap. This could be done using a USB Continue reading

3 new Ansible automation hub updates

Beyond the buzz at AnsibleFest 2022 around event-driven automation, availability of Ansible in  AWS and Azure marketplaces, and Project Wisdom, some important changes were happening within Ansible automation hub, so let's take a closer look at the latest developments. 

 

Content signing for enhanced security

Content signing is a new feature currently available in technology preview in Ansible Automation Platform 2.2 and will be generally available with the release of 2.3. Content signing provides the framework to establish a secure chain-of-custody so you can consume, publish, and share Ansible content with more confidence that it is less vulnerable to tampering and malicious code. With content signing, you now have more control over compliance and your organization's internal security requirements. 

In addition, we have completed signing all of Red Hat Ansible Certified Collections available in Ansible automation hub, and we will work with our partners to sign any new content as it's released.  

Private automation hub is your internal content repository for automation execution environments as well as Ansible content you create or download from Ansible automation hub. In a future release, we hope to enable signing both content and execution environments Continue reading

Assessing Red Hat Ansible Automation Platform vulnerabilities

What your security scanner isn’t telling you

 

Security, more than ever, needs to move with speed, and we hear much about “shifting security left” and DevSecOps as methods to help achieve this. As this new paradigm gains momentum, so does the reliance on automated security tools to identify and mitigate software vulnerabilities at scale.

But what if these security tools aren’t telling you the full story?

Often, our customers reach out to us saying their security scanners flag Red Hat Ansible Automation Platform as insecure, or that it contains unpatched vulnerabilities. Rest assured, our products are security-hardened and battle-tested. Red Hat's long-standing track record of upstream contributions extends to improving upstream projects' security and contributing to industry standards. The real culprit here is your security scanner!

In this blog, we’ll cover:

Note

Several links in this blog point you to resources in the Red Hat Customer Portal, which requires a user account. You and members of your team can register online or reach out to your Continue reading

Find and delete ServiceNow records en masse with the updated Ansible Content Collection

Have you ever had to query and remove a long list of ServiceNow records? Yeah, neither have I until recently. Nobody broke into my instance, and this isn't a one-time operation, I just happen to maintain an instance that we use to test our Red Hat Ansible Certified Content Collection for ServiceNow ITSM

To set up the environment, I use a demo system and another workflow to create a random user and then allow a learner to progress through some challenges using full Red Hat Ansible Automation Platform deployments and a shared ServiceNow instance. Because this is a real live instance, there's no telling what sort of records learners will create. For this reason, I recently had to develop some automation to clean up records created by these demo user accounts.

Although my use-case was to clean up demo user accounts, this could just as well have been a critical ServiceNow instance that had erroneous records that needed cleaning up. This Collection can be leveraged to create, update, modify, or delete just about anything on ServiceNow.

If you’re following along, make sure you install a version of the servicenow.itsm Collection equal to or greater than 2.0.0 Continue reading

Introducing the Ansible API for ServiceNow ITSM

Blog ServiceNow API 110222

One of the most popular platform integrations available to Ansible Automation Platform subscribers in Ansible automation hub is the Red Hat Ansible Certified Content Collection for ServiceNow ITSM. This collection helps you create new automation workflows faster based on ServiceNow ITSM while establishing a single source of truth in the ServiceNow configuration management database (CMDB). You can help free teams from hours of manual effort and have greater data integrity within your ServiceNow ITSM instance. 

For ServiceNow users, we've launched a new native ServiceNow application, the API for Red Hat® Ansible® Automation Platform Certified Content Collection, available exclusively through the ServiceNow store to enhance and support the integration between the two platforms.   

 

What is the Ansible API for ServiceNow ITSM?

The API for Red Hat Ansible Automation Platform Certified Content Collection integrates Ansible’s certified content with your ServiceNow instance. Prior to the launch of ServiceNow's Rome API, Ansible users could download the Red Hat Ansible Certified Content Collection for ServiceNow ITSM from the Ansible automation hub and directly manage ServiceNow resources using their REST API. 

With the release of Rome, the REST API no longer provided all of the support needed to automate ServiceNow using Continue reading

Let Ansible keep an eye on your AWS environment

In a cloud model, the security of the environment and compliance becomes the responsibility of both the end users and the cloud provider. This is what we call the shared responsibility model in which every part of the cloud, including the hardware, data, configurations, access rights, and operating system, are protected. Depending on the local legislation and the origin of the data that is handled (for instance laws like HIPAA, the GDPR in Europe, or the Californian CCPA),  you may have to enforce strict rules on your environment and log events for audit purposes. AWS CloudTrail will help you to achieve this goal. The service can collect and record any kind of information coming from your environment and store or send the events to a destination for audit. In addition to security and compliance, this service helps keep track of resource consumption.

Ansible’s CloudTrail module is used to leverage the various features of the CloudTrail service to monitor and audit user activities and API calls in the AWS environment. A trail is a configuration that lets us describe an event filter and decide where the matching entries should be sent. The recent 5.0.0 release of the Amazon.aws Continue reading

Technology Short Take 161

Welcome to Technology Short Take #161! It’s been a little over a month since the last Technology Short Take, although the Full Stack Journey recently did an “Audio Edition” of a Technology Short Take that you should probably check out. In any case, I’ve spent the last month collecting links to articles and tutorials from around the web on all the various technologies that us IT folk are likely to encounter in our day-to-day adventures. I hope there’s something here that you find useful!

Networking

Servers/Hardware

  • Howard Oakley has a great series on Apple Silicon; the series is up to three posts so far. The first post provides a high-level overview of how Apple Silicon M-series chips are different, and the second post has more details on the capabilities of the P and E cores. The third post Continue reading

Edge Automation: A Paradigm Shift

Introduction

Red Hat Ansible Automation Platform has seen wide-scale adoption in a variety of automation domains, however with edge use cases becoming more mainstream, the thought process around automation must shift from “complete a task immediately” to being able to run automation now and later, and respond to incoming automation requests from devices that are yet unmanaged.

 

Automation in a hybrid cloud environment

In today’s hybrid cloud environment, automation exists in a tightly controlled and predictable space, meaning it’s easy to determine what endpoints are reachable and available for connection. In practice, this manifests as inventory syncs from our various management planes (think AWS/Azure/GCP/VMware) and then targeting the devices brought into Controller via those inventory syncs with automation. Cross connectivity shouldn’t be an issue: If we can see the device in a management plant, we can contact and automate against it. In addition, if there are exceptions to the “connectivity everywhere” model, Red Hat Ansible Automation Platform has features and functionality to help address more complex connectivity circumstances.

We can even take this automation approach one step further by pulling those management planes under the management of our automation, giving us the ability to really automate end-to-end. For example, Continue reading

Best of Fest 2022

At AnsibleFest 2022, the power of automation was on full display. Through sessions, workshops, labs and more, we explored how to transform enterprise and industry through automation. There were a lot of exciting announcements made on both days, and in case you missed it, we are going to dive into what is new!

 

Ansible + AWS 

We are thrilled to also announce a new AWS Marketplace offering, Red Hat Ansible Automation Platform. By offering Ansible Automation Platform as a pre-integrated service that can be quickly deployed from cloud marketplaces, we are meeting our customers where they are, while giving them the flexibility to deliver any application, anywhere, without additional overhead or complexity. Whether you are automating your hybrid cloud or multi-cloud environments, Ansible Automation Platform acts as a single platform. This platform provides consistency, visibility, and control to help  you manage these environments at scale. Ansible is the IT automation “glue” for bringing your cloud, network, bare-metal and cloud-native infrastructure together. This  provides the functionality to coordinate and manage across  hybrid cloud environments in a simple and efficient way. Interested in learning more? Check out the press release

 

Automation at the Edge

Ansible Automation Platform provides a Continue reading

Introducing the Event-Driven Ansible developer preview

Today at AnsibleFest 2022, Red Hat announced an exciting new developer preview for Event-Driven Ansible. Most customers are on a journey toward full end-to-end automation and there are many paths you take along this journey.  Event-Driven Ansible is a new way to enhance and expand automation. It improves IT speed and agility, while enabling consistency and resilience. 

By fully automating necessary but routine tasks, you and your team will have more time to focus on interesting engineering challenges and new innovations. For example, what if you no longer needed to pause critical work to manually add technical detail to  a service ticket?  Or address a user password reset request? Or reset a router as a first troubleshooting step? With Event-Driven Ansible, the friction in your day can be dramatically reduced, leaving more time to work on important projects, with some added work-life balance.  

 

Why a developer preview? 

The Event-Driven Ansible technology was developed by Red Hat and is available on GitHub as a developer preview. Community input is essential. Since we are building a solution to best meet your needs, we’re providing an opportunity for you to advocate for those needs. We ask that Continue reading

Getting Started with Event-Driven Ansible

 As one technology advances, it expands the possibilities for other technologies and offers the solutions of tomorrow for the challenges we face today. AnsibleFest 2022 brings us new advances in Ansible automation that are as bright as they are innovative. I am talking about the Event-Driven Ansible developer preview.

Automation allows us to give our systems and technology speed and agility while minimizing human error. However, when it comes to trouble tickets and issues, we are often left to traditional and manual methods of troubleshooting and information gathering. We inherently slow things down and interrupt our businesses. We have to gather information, try our common troubleshooting steps, confirm with different teams, and eventually, we need to sleep. 

Support lifecycle diagram with many manual steps and hand-offs.

 

One application of Event-Driven Ansible is to remediate technology issues before near real-time, or at least trigger troubleshooting and information collection in an attempt to find the root cause of an outage while your support teams handle other issues. 

Event driven automation used in the support lifecycle: fewer steps, faster Mean-Time-To-Resolution.  

 

Event-Driven Ansible has the potential to change the way we respond to issues and illuminates many new automation Continue reading

It takes a community: how partners play a key role in event driven automation

Event-driven automation is increasingly being adopted because of the strong benefits it delivers in managing huge amounts of complexity across multi-clouds, a multi-device remote workforce, and growing edge implementations. In a digital world, maintaining resilience and reliability is essential and event driven automation helps teams meet these needs while working around resource and skills gaps.  

This advanced automation technique can be used to address festering problems before there is a full-blown outage, improve agility and resilience to meet the demands of the business, and maintain consistency to avoid downtime and meet governance requirements. It also frees time spent on routine tasks so IT teams can focus on the innovations that matter.  

 

Partners benefit from enabling end-to-end event-driven automation

For independent software vendors (ISVs), solution providers and service partners, this is a great opportunity to create easy-to-implement solutions for your customers and help them work with modern automation techniques that will truly make an operational impact. Event-driven technologies – including network, security, monitoring tools, observability solutions and workload optimization tools – must be cooperative players in a larger ecosystem. 

Today, we invite ISVs and consulting/service partners to create event driven automation content that makes it easy for Continue reading

1 6 7 8 9 10 125