Managing Enterprise Automation with Red Hat Ansible Automation Platform

Bookmark this page
P123456789101112
PreviousNext

Lab: Deploying and Operating an Automation Mesh

  • Install Red Hat Ansible Automation Platform configured to use an automation controller, a private automation hub, and automation mesh.

Outcomes

  • Configure an inventory file to install Red Hat Ansible Automation Platform, which includes an automation controller, a private automation hub, and automation mesh.

  • Create instance groups and assign execution nodes to the instance groups.

As the student user on the workstation machine, use the lab command to prepare your system for this exercise.

This command removes resources created in previous chapters and downloads and extracts the Red Hat Ansible Automation Platform installation bundle archive to the /home/student/aap2.2-bundle directory.

[student@workstation ~]$ lab start compreview-mesh

Specifications

Use the installation bundle in the /home/student/aap2.2-bundle directory to install Red Hat Ansible Automation Platform and automation mesh, based on the following specification.

  • Configure the [automationcontroller] and [automationcontroller:vars] sections of the /home/student/aap2.2-bundle/inventory file using the following information:

    • Add the controller.lab.example.com and control2.lab.example.com hosts as control nodes.

    • Do not explicitly configure any peering connections.

    • Using the web_server_ssl_cert and web_server_ssl_key variables, configure each host to use its own web certificate and private key. Use the certificates and private keys located in the /home/student/certs directory.

  • Configure the [execution_nodes] section of the inventory file using the following information:

    • Add the exec1.lab.example.com host as an execution node and have it peer with hosts that are defined in the [automationcontroller] section.

    • Add the exec2.lab.example.com and exec3.lab.example.com hosts as execution nodes and have both hosts peer with the hop1.lab.example.com host.

    • Add the hop1.lab.example.com host as a hop node and have it peer with hosts defined in the [automationcontroller] section.

  • Configure the [automationhub] section of the inventory file using the following information:

    • Install the private automation hub on the hub.lab.example.com host.

  • Configure the [database] section of the inventory file using the following information:

    • Add the db.lab.example.com host.

  • Configure the [all:vars] section of the inventory file with the following lines. Do not modify the other lines in that section.

    admin_password='redhat'
pg_host='db.lab.example.com'
pg_password='redhat'
registry_url='hub.lab.example.com'
registry_username='admin'
registry_password='redhat'
automationhub_admin_password='redhat'
automationhub_pg_host='db.lab.example.com'
automationhub_pg_password='redhat'
custom_ca_cert=/home/student/certs/classroom-ca.pem
automationhub_ssl_cert=/home/student/certs/hub.lab.example.com.crt
automationhub_ssl_key=/home/student/certs/hub.lab.example.com.key
postgres_use_ssl=True
postgres_ssl_cert=/home/student/certs/db.lab.example.com.crt
postgres_ssl_key=/home/student/certs/db.lab.example.com.key

  • Validate the automation mesh configuration that is defined in the /home/student/aap2.2-bundle/inventory file.

    • Use the ./setup.sh -- --tag generate_dot_file command from within the /home/student/aap2.2-bundle directory to generate a topology file.

    • Render the generated topology file using the dot command, provided by the graphviz package. The graphic should look similar to the following example.

      Figure 12.1: Expected automation mesh topology

  • As the root user, run the /home/student/aap2.2-bundle/setup.sh script to install Red Hat Ansible Automation Platform. Because the systems in the classroom environment do not meet the minimum hardware requirements for installation, you must use the -e ignore_preflight_errors=true option when you run the script.

  • After the installation completes, navigate to https://controller.lab.example.com and log in as the admin user with redhat as the password. Create two instance groups and assign execution nodes to those groups using the following table:

     Instance group nameInstances
    Instance Group 1 public exec1.lab.example.com
    Instance Group 2 internal exec2.lab.example.com exec3.lab.example.com

  • Use the automation controller web UI to verify the automation mesh installation and the instance groups specified in this exercise.

  1. Configure the /home/student/aap2.2-bundle/inventory file for automation mesh.

    1. Change to the /home/student/aap2.2-bundle directory.

      [student@workstation ~]$ cd ~/aap2.2-bundle/

    2. Add the controller.lab.example.com and control2.lab.example.com hosts to the [automationcontroller] section of the inventory file. When completed, the inventory file contains the following content for the [automationcontroller] section:

      [automationcontroller]
controller.lab.example.com
control2.lab.example.com

    3. Configure variables in the [automationcontroller:vars] section.

      • Remove the existing peers=execution_nodes line so that you can define peer connections in the [execution_nodes] section.

      • Add the node_type=control line to indicate that the control nodes should be configured as the control node type.

      • Configure the web_server_ssl_cert and web_server_ssl_key variables for each control node using Jinja2 variables. Alternatively, configure these variables in the [automationcontroller] section using the absolute path to each file.

      When completed, the inventory file contains the following content for the [automationcontroller:vars] section:

      [automationcontroller:vars]
node_type=control
web_server_ssl_cert=/home/student/certs/{{ inventory_hostname }}.crt
web_server_ssl_key=/home/student/certs/{{ inventory_hostname }}.key

    4. Configure variables in the [execution_nodes] section.

      • Add the exec1.lab.example.com host as an execution node and have it peer with hosts defined in the [automationcontroller] section.

      • Add the exec2.lab.example.com and exec3.lab.example.com hosts as execution nodes and have both hosts peer with the hop1.lab.example.com host.

      • Add the hop1.lab.example.com host as a hop node and have it peer with hosts defined in the [automationcontroller] section.

      When completed, the inventory file contains the following content for the [execution_nodes] section:

      [execution_nodes]
exec1.lab.example.com peers=automationcontroller
exec2.lab.example.com peers=hop1.lab.example.com
exec3.lab.example.com peers=hop1.lab.example.com
hop1.lab.example.com node_type=hop peers=automationcontroller

    5. Add the hub.lab.example.com host to the [automationhub] section. When completed, the inventory file contains the following content for the [automationhub] section:

      [automationhub]
hub.lab.example.com

    6. Add the db.lab.example.com host to the [database] section. When completed, the inventory file contains the following content for the [database] section:

      [database]
db.lab.example.com

    7. Configure common variables in the [all:vars] section. All other variables should retain their original value from the inventory file.

      admin_password='redhat'
pg_host='db.lab.example.com'
pg_password='redhat'
registry_url='hub.lab.example.com'
registry_username='admin'
registry_password='redhat'
automationhub_admin_password='redhat'
automationhub_pg_host='db.lab.example.com'
automationhub_pg_password='redhat'
custom_ca_cert=/home/student/certs/classroom-ca.pem
automationhub_ssl_cert=/home/student/certs/hub.lab.example.com.crt
automationhub_ssl_key=/home/student/certs/hub.lab.example.com.key
postgres_use_ssl=True
postgres_ssl_cert=/home/student/certs/db.lab.example.com.crt
postgres_ssl_key=/home/student/certs/db.lab.example.com.key

      Note

      The /home/student/compreview-mesh directory contains inventory files that you can use for comparison.

  2. Validate the automation mesh configuration defined in the /home/student/aap2.2-bundle/inventory file.

    1. Use the ./setup.sh -- --tag generate_dot_file command to generate a topology file.

      [student@workstation aap2.2-bundle]$ ./setup.sh -- --tag generate_dot_file
...output omitted...
TASK [debug] *******************************************************************
ok: [controller.lab.example.com] => {
    "msg": "Ansible Mesh topology graph created at 'mesh-topology.dot'. To render your dot graph, you could run: dot -Tjpg mesh-topology.dot -o graph-topology.jpg\n"
}
...output omitted...

    2. Install the graphviz package. When prompted, enter student for the password and then install the package.

      [student@workstation aap2.2-bundle]$ sudo yum install graphviz
[sudo] password for student: student
...output omitted...

    3. Render the generated topology file using the dot command.

      [student@workstation aap2.2-bundle]$ dot -Tjpg mesh-topology.dot \
> -o graph-topology.jpg

    4. Open the /home/student/aap2.2-bundle/graph-topology.jpg file in a web browser. The graphic should look similar to the following example.

      Figure 12.2: Expected automation mesh topology

  3. Initiate the Ansible Automation Platform installation as the root user using the /home/student/aap2.2-bundle/setup.sh script. Because the systems in the classroom environment do not meet the minimum installation requirements, you must add the -e ignore_preflight_errors=true option.

    1. Use the sudo command to change to the root user, using student as the password.

      [student@workstation aap2.2-bundle]$ sudo -i
[sudo] password for student: student
[root@workstation ~]#

    2. Change to the /home/student/aap2.2-bundle directory.

      [root@workstation ~]# cd /home/student/aap2.2-bundle/

    3. Run the setup.sh script with -e ignore_preflight_errors=true set to ignore the results of checks it makes before the installation starts. (The classroom systems have less RAM than is optimal for a production installation.) The installation takes approximately 15 minutes to complete. The output of your installation might be slightly different from the following output.

      [root@workstation aap2.2-bundle]# ./setup.sh -e ignore_preflight_errors=true
...output omitted...
PLAY RECAP *********************************************************************
control2.lab.example.com   : ok=246  changed=129  ...  failed=0  ...  ignored=5
controller.lab.example.com : ok=263  changed=52   ...  failed=0  ...  ignored=1
db.lab.example.com         : ok=73   changed=12   ...  failed=0  ...  ignored=1
exec1.lab.example.com      : ok=104  changed=51   ...  failed=0  ...  ignored=3
exec2.lab.example.com      : ok=104  changed=51   ...  failed=0  ...  ignored=3
exec3.lab.example.com      : ok=104  changed=51   ...  failed=0  ...  ignored=3
hop1.lab.example.com       : ok=83   changed=36   ...  failed=0  ...  ignored=2
hub.lab.example.com        : ok=195  changed=22   ...  failed=0  ...  ignored=1
localhost                  : ok=3    changed=1    ...  failed=0  ...  ignored=0

The setup process completed successfully.
[warn] /var/log/tower does not exist. Setup log saved to setup.log.

    4. Exit from the root user session.

      [root@workstation aap2.2-bundle]# exit

  4. Create two automation controller instance groups and assign execution nodes to the instance groups using the following table:

     Instance group nameInstances
    Instance Group 1 public exec1.lab.example.com
    Instance Group 2 internal exec2.lab.example.com exec3.lab.example.com

    1. Navigate to https://controller.lab.example.com and log in as the admin user with redhat as the password.

    2. Navigate to AdministrationInstance Groups and then click AddAdd instance group.

    3. Create the first instance group using public as the name and then click Save.

    4. Click the Instances tab and then click Associate.

    5. Select the exec1.lab.example.com host and then click Save.

    6. Navigate to AdministrationInstance Groups and then click AddAdd instance group.

    7. Create the second instance group using internal as the name and then click Save.

    8. Click the Instances tab and then click Associate.

    9. Select the exec2.lab.example.com and exec3.lab.example.com hosts and then click Save.

  5. Use the automation controller web UI to verify the automation mesh installation and the instance groups specified in this exercise.

    1. Navigate to AdministrationTopology View. Your automation mesh environment should display a graphic similar to the following:

      Figure 12.3: Automation mesh topology view

      • All nodes are healthy.

      • The node type of each node matches the exercise specifications.

      • The execution nodes can communicate with the control nodes.

    2. Navigate to AdministrationInstance Groups. Your instance groups should match the following:

      Figure 12.4: Automation controller instance groups

      • The installer created the controlplane instance group and associated the controller.lab.example.com and control2.lab.example.com instances with the instance group.

      • The installer created the default instance group and associated the exec1.lab.example.com, exec2.lab.example.com, and exec3.lab.example.com instances with the instance group.

      • You created the internal instance group and associated the exec2.lab.example.com and exec3.lab.example.com instances with the instance group.

      • You created the public instance group and associated the exec1.lab.example.com instance with the instance group.

Finish

On the workstation machine, change to the student user home directory and use the lab command to complete this exercise. This step is important to ensure that resources from previous exercises do not impact upcoming exercises.

[student@workstation ~]$ lab finish compreview-mesh

This concludes the section.

PreviousNext
Revision: do467-2.2-08877c1