NOTE: This project does not contain the installer files, you have to download them manually.
In the Red Hat Ansible Automation Platform 2.4 a new installation method was introduced. This installation method is using containers with podman underneath, but does not require a container platform like OpenShift. Learn more about this new installation method in the blog post Announcing Containerized Ansible Automation Platform.
This new installation method is particularly useful for demos, testing and development because you can install everything inside a virtual machine on your laptop or workstation. Note that with Ansible Automation Platform 2.4 the containerized installation is still Technology Preview.
To use containerized AAP with this demo project, you need a virtual machine or cloud instance with Red Hat Enterprise Linux 9.4 or later installed. The provided playbook can create a cloud instance on AWS, Azure or Google Cloud, but not local virtual machines (like KVM, VMware Workstation, VirtualBox). Obviously KVM is highly recommended - if you need a UI, check out virt-manager.
Make sure you followed the general instructions to setup your workstation.
Clone the Playbook CAAP project to your local machine:
git clone https://gitlab.com/ansible-ssa/playbook-caap.git
If you want to use the capability to create a instance on one of the supported providers, create the necessary environment variables described in the chapter setup infrastructure. Depending on your cloud provider or virtualization choice, you might have to set extra variables in the file below as well.
Create a variable file with the following content. This is only the minimal list of variables that are required, optional variables can be set as well. A full list can be found in chapter all variables.
---
caap_fqdn: <FQDN or IP of the virtual machine or instance>
# look for ansible-automation-platform-containerized-setup in /tmp (OPTIONAL)
# caap_install_dir: /tmp
# if archive is named ansible-automation-platform-containerized-setup-2.4-2.tar.gz, the caap_version is 2.4-2
caap_version: 2.4-2
controller_admin_password: "{{ vault_controller_admin_password }}"
# do not deploy Let's encrypt certificates
# set this to false if you have DynDNS set up
letsencrypt_skip: true
letsencrypt_staging: true
quay_registry_username: <your user name>
quay_registry_password: "{{ vault_quay_registry_password }}"
rhsm_username: <your user name>
rhsm_password: "{{ vault_rhsm_password }}"
rhaap_manifest: '{{ lookup("file","/path/to/your/manifest.zip") }}'
In the example above all variables starting with vault_
are stored in an encrypted vault file and not in clear text.
Your environment file (for example save this as environment-variables.sh
) for the cloud credentials and your controller should look something like this:
# if you use AWS
export AWS_ACCESS_KEY_ID=<access key>
export AWS_SECRET_ACCESS_KEY=<secret key>
# if you use Azure
export AZURE_SECRET=<azure password>
export AZURE_CLIENT_ID=<azure client ID>
export AZURE_SUBSCRIPTION_ID=<azure subscription ID>
export AZURE_TENANT=<azure tenant name>
# if you use Google Compute Cloud
export GCP_AUTH_KIND=serviceaccount
export GCP_PROJECT=<your project name>
export GCP_SERVICE_ACCOUNT_FILE=~/.gcp.json
# these are the credentials to automate your controller
export CONTROLLER_HOST=https://<FQDN or IP>:8443
export CONTROLLER_USERNAME=admin
export CONTROLLER_PASSWORD=<your secret password>
export CONTROLLER_VERIFY_SSL=false
It’s best to save all this in a file to make it easier to set them.
You have to download the latest version of the Red Hat Ansible Automation Platform setup tar ball from access.redhat.com. If you store the file in the same directory where you cloned the git repository to, the Playbook will find it automatically. Otherwise, you can set the variable caap_install_dir
and the Playbook will search for the file there.
In both cases, make sure to set the caap_version
correctly. For example, if the archive is called ansible-automation-platform-containerized-setup-2.4-2.tar.gz
the following lines should be in your variable file:
# look for ansible-automation-platform-containerized-setup in /tmp (OPTIONAL)
# caap_install_dir: /tmp
# if archive is named ansible-automation-platform-containerized-setup-2.4-2.tar.gz, the caap_version is 2.4-2
caap_version: 2.4-2
There are a couple of extra variables you can set to make the deployment easier. However, since the are sensitive, use this with care! If you decide to not declare them, the deployment will still continue, but you will have to manually run the postinstall configuration as described below.
If you declare those variables, they will be added in clear text to the inventory file on the CAAP system. During the post installation phase, those variables can be used by the controller configuration and the automation hub configuration.
# optional extra variables
# your AWS access and secret key, will be used to create your ec2 inventory
controller_aws_access_key=
controller_aws_secret_key=
# SSH private key will be used for your machine account
# this variable has to be a single line! Use the following command to create it:
# sed ':a; N; $!ba; s/\n/\\n/g' < id_rsa
controller_ansible_private_key=
# Access token to access console.redhat.com to synchronize content to private automation hub
rhsm_ah_offline_token=
If you followed the instructions for setting up dynamic DNS in the chapter setup infrastructure, you can let this Playbook configure proper let’s encrypt certificates for you. Otherwise make sure to set letsencrypt_skip
and letsencrypt_staging
both to true.
If you want to use an existing virtual machine or cloud instance, you can skip forward to configure existing system.
After creating the variable file, make sure you load the environment variables before running the Playbook.
# source environment variables
. /path/to/your/environment-variables.sh
# Log into Quay
podman login quay.io -u <username>
ansible-navigator run caap-install.yml -e @/path/to/your/variables
Double check you did not forget to define the cloud provider specific extra variables.
If you want to use an existing virtual machine or cloud instance, you can skip the playbook-caap.yml
and launch the caap-setup.yml
instead.
Create an inventory file with your CAAP instance and optional access parameters:
[controller_group]
# example with short host name and default SSH user configuration
caap
# example with FQDN
caap.example.com
# example with IP and user name
caap ansible_host=192.168.122.1 ansible_user=ansible
# caap-setup.yml Playbook to configure existing system
. /path/to/environment-variables.sh
ansible-navigator run caap-setup.yml -e @/path/to/your/variables -i inventory
After the installation was successfully completed, you should see a number of Job Templates called “Use Case XYZ”. Run the necessary job templates to add the respective use case to your automation controller. You can run the same job template again to import the latest version of a use case as well. This helps you to apply latest updates of any use case.
If you want to understand how the configuration is organized check the chapter about the post installation configuration and the use cases configuration.