DO467 - ch10s03

Review data in the Red Hat Insights for Red Hat Ansible Automation Platform cloud service in order to automate issue remediation, and to detect and alert you to configuration drift.

Insights for Ansible Automation Platform

Insights for Ansible Automation Platform can guide you through the process of resolving existing issues on your platform. It can also alert you to proactively eliminate problems before they occur. Insights for Ansible Automation Platform provides the following tools:

Advisor: Reports on issues with systems and produces remediation playbooks.
Drift: Reports on differences between systems.
Policies: Alerts you to specific changes to system facts.
Notifications: Provides information on automation infrastructure status.

Generating Remediation Playbooks with Advisor

Advisor reports on issues with your systems that Insights for Ansible Automation Platform has identified, and automatically produces Ansible Playbooks to remediate many of those issues. You can download these playbooks and run them with your automation controller or with ansible-navigator.

To use Advisor, from the Red Hat Hybrid Cloud Console, access the Overview dashboard, and navigate to Advisor → Recommendations.

Figure 10.3: Advisor recommendations page

The Advisor recommendations page displays a list of issues that apply to your systems. By default, the list is ordered based on the Total risk value for each issue. This risk is assigned one of four values (Critical, Important, Moderate, or Low) based on the probability that the issue has a negative impact on your infrastructure and the severity of that impact if it were to occur. You can sort the list by any column in the table.

The Category column organizes each issue by the type of impact it has (on availability, performance, security, or stability). The Risk of change column estimates the risk that applying this change might disrupt your systems (High, Moderate, Low, and Very Low). You can find more information on the issue and its impact in the detail page of an issue. This page usually includes a link to a Knowledgebase article with more information. To open the detail page of an issue, click the name of the issue.

You can download an executive report of all recommendations in PDF format by clicking the Download executive report link.

Automating Remediation of an Issue for Multiple Systems

In the Remediation column of the issue, an Ansible icon and the word Playbook is displayed if Advisor can generate an Ansible Playbook to remediate that issue.

Important

Advisor cannot generate remediation Ansible Playbooks for some issues. In those cases, it provides other information and manual instructions on how to remediate those issues.

To generate the required playbook for affected systems:

Click the name of the issue to open its detail page.
Select the checkbox next to each affected system that you want to remediate.

Figure 10.4: Selecting affected systems to remediate

Click Remediate and enter a name for the new playbook in the Create new playbook field, and then click Next.
Review the selected systems and make any necessary changes, and then click Next.
Review the information about the issues included in the remediation playbook. Click Turn on autoreboot if you want the remediated systems to reboot after the changes have been applied. The detail page in Advisor indicates if a reboot is required to complete the remediation of the issue.

Figure 10.5: Creating a remediating playbook

Click Submit to create the remediation playbook.
Navigate to Remediations and locate the playbook that you just created.
Click the name of the created remediation playbook, and then click Download Playbook to download the playbook to your workstation.

Automating Remediation of Multiple Issues for One System

You can use the following procedure to generate a playbook to remediate some or all issues that apply to a particular system:

Navigate to Advisor → Systems. Click the name of the system that you want to remediate to open its detail page.
Select the checkbox next to each issue affecting the system that you want to remediate.

Figure 10.6: Multiple issues to remediate in a single system

Click Remediate, enter a name for the new playbook in the Create new playbook field, and then click Next.
Review the selected issues and make any necessary changes, and then click Next.
Review the information about the issues included in the remediation playbook. Click Turn on autoreboot if you want the remediated systems to reboot after the changes have been applied. The detail page in Advisor indicates if a reboot is required to complete the remediation of the issue.

Figure 10.7: Creating a remediation playbook for multiple issues in a single system

Click Submit to create the remediation playbook.
Navigate to Remediations and locate the playbook that you just created.
Click the name of the created remediation playbook, and then click Download Playbook to download the playbook to your workstation.

Comparing Systems with Drift

Drift is used to detect unexpected differences between the current configuration of a machine and the configuration that you expect. It reports on differences between two systems, between a system and a standard baseline configuration, or one system at two different points in time.

You can use Drift in the following scenarios:

Find different versions of operating systems among servers that should have a uniform operating system.
Determine whether or not two systems have the same version of a software package installed.
Identify differences between a working and a nonworking system to help perform root-cause analysis of issues.
Detect differences in hardware configuration that might be the cause of differences in performance.

Finding Differences Between Systems

The following procedure details how to use Drift to compare systems.

From the Red Hat Hybrid Cloud Console, access the Overview dashboard, and then navigate to Drift → Comparison.
Click Add systems or baselines.
Select the checkbox next to each system that you want to compare, and then click Submit.

Figure 10.8: Selecting the systems to compare

Review the Comparison page. The page shows a table where the left-most column is a list of facts, and the other columns represent the values on each compared system. By default, the columns are sorted by the state of the differences, starting with facts that are different between the compared systems, followed by the facts that are the same.

If a fact has subvalues (if its value is a dictionary, for example), you can click the arrow next to the fact to display the subvalues.

Comparing the State of One System at Different Times

You can use historical profiles to identify changes that a single system has undergone over time.

Use the following procedure to compare a system to one of its historical profiles:

On the comparison page for the selected system, click the blue clock symbol under the name of your system.
Select the checkbox next to the historical profile you want to compare.

Figure 10.9: Comparing historical profiles

Click Compare to display the comparison page.

Figure 10.10: Finding changes over time on the same system

Comparing Systems to a Standard Baseline

You can create one or more standard baseline configurations and then compare your systems against them.

From the Red Hat Hybrid Cloud Console, access the Overview dashboard.
Navigate to Drift → Baselines.
Click Create baseline.
In the window that opens, enter a name for the baseline.
- You can create a baseline from scratch, in which case you must enter each fact by hand.
- You can copy an existing baseline, if you have one.
- Finally, if you have a system already configured to reflect the baseline, you can copy the facts from an existing system or historical profile.

If you create a baseline from an existing system or historical profile, use the following procedure:

Select a system or historical profile from the list that is added to the Create baseline window.
Click Create baseline.

Figure 10.11: Creating a baseline from an existing system

To compare the baseline to a system, use the following procedure:

Navigate to Drift → Comparison.
When finding differences between systems, instead of comparing two systems, select the baseline and a system from the web UI.

Using Policies to Send Alerts Based on Ansible Facts

You can use the Policies component to create alerts to notify you when certain things change on your managed hosts. You can define the condition you want to monitor, based on facts collected by the platform, and trigger a notification when the condition is met. Typically, the notification is either sent by email or by triggering a webhook that you have already configured.

For example, your security team might need to know if a certain RPM package has been installed on one of your systems. You can set up a policy that monitors the installed_packages system fact, which lists the installed RPM packages on a system. If new facts are gathered for a managed host and that sensitive RPM package is present on that system, then the policy triggers the notification.

Note

See the References section for more information about the system facts and operators that you can use as conditions for these policies.

Use the following procedure to create a new policy:

From the Red Hat Hybrid Cloud Console, access the Overview dashboard, and then navigate to Policies to display the Policies page.
Click Create policy.
Click From scratch, and then click Next.
Enter a name for the policy in the Name field. Optionally, enter a description for the policy. Click Next when done.
Define the conditions for your policy in the Conditions text field. Click Validate condition to validate that your condition is well structured, and then click Next.

Figure 10.12: Validating the policy condition

Click Add trigger actions.
Click Notifications and then click Next.
Click the Enable this policy switch to enable it.

References

Remediating Configuration Issues Using Advisor and Ansible Playbooks

Comparing System Configurations and Baselines in Red Hat Insights Inventory

Monitoring and Reacting to Configuration Changes Using Policies

For more information about using Ansible facts in Policies, refer to the Appendix from Monitoring and Reacting to Configuration Changes Using Policies at https://access.redhat.com/documentation/en-us/red_hat_insights/2022/html-single/monitoring_and_reacting_to_configuration_changes_using_policies/index#assembly-policies-monitoring-appendix-ref-materials

Discuss Managing Enterprise Automation with Red Hat Ansible Automation Platform

Go to community

Welcome to the Managing Enterprise Automation with Red Hat Ansible Automation Platform group!

Syed

26 wrz 2023

We are excited to launch a space dedicated to the Red Hat Training course Managing Enterprise Automation with Red Hat Ansible Automation Platform! To gain the most value from this group - click the "Join Group" button in the upper right hand corner of the group home page.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to DO467.Read more about Managing Enterprise Automation with Red Hat Ansible Automation Platform here.

312

Revision: do467-2.2-08877c1