Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. We are beginning with these four terms: master, slave, blacklist, and whitelist. Because of the enormity of this endeavor, these changes will be implemented gradually over several upcoming releases. For more details, see our CTO Chris Wright’s message.

Providing feedback on Red Hat documentation

If you have a suggestion to improve this documentation, or find an error, you can contact technical support at https://access.redhat.com to open a request.

Important

Disclaimer: Links contained in this document to external websites are provided for convenience only. Red Hat has not reviewed the links and is not responsible for the content or its availability. The inclusion of any link to an external website does not imply endorsement by Red Hat of the website or their entities, products or services. You agree that Red Hat is not responsible or liable for any loss or expenses that may result due to your use of (or reliance on) the external site or content.

1. Planning for Red Hat Ansible Automation Platform Service on AWS

Before setting up your Red Hat Ansible Automation Platform Service on AWS review the following sections for a comprehensive understanding of the required configurations to plan your deployment effectively.

1.1. Introduction

The Red Hat Ansible Automation Platform Service on Amazon Web Services (AWS) provides you with an Ansible Automation Platform deployment purchased through AWS Marketplace. Red Hat configures and provisions the Ansible Automation Platform environment. The Red Hat team manages the uptime and lifecycle of Ansible Automation Platform applications, while providing the flexibility and security of automation.

While the control plane is managed by the Red Hat team, the execution plane is distributed to your domains through the automation mesh hop node and execution nodes.

This service utilizes the enhancements and features available in Ansible Automation Platform.

1.2. Automation using the Red Hat Ansible Automation Platform Service on AWS on AWS control plane

The control plane is the command center to run your automation. However, before you can begin, you need to configure the control plane to reach the execution nodes. The nature of the hosted control plane and remote execution plane requires traffic over networks to be set up securely. Ansible Automation Platform Service on AWS implements a service architectured based on industry standard communication protocols and modern encryption algorithms to ensure that traffic between the control plane is secure.

There are two ways to configure:

  • Mesh ingress

  • Self-managed hop nodes (Egress model)

You can connect the execution nodes through an egress model from your environment using mesh ingress. Alternatively, the mesh ingress configuration available within the controller sets up hop nodes which can be peered to the execution nodes.

1.2.1. Egress model or pull connectivity

Remote automation mesh nodes can poll the Ansible Automation Platform without needing to open ingress ports through the firewall, using a 'polling' or 'pull' model. This model will eliminate the need to have hop nodes from your DMZ to private networks if private networks have outbound internet connectivity.

Figure 1. Egress model

Egress model

1.2.2. Mesh ingress model or push connectivity

Ansible Automation Platform Service on AWS supports current automation mesh capabilities that push communication about automation to automation mesh nodes; both hop nodes and execution nodes. Customers have the flexibility to design their automation mesh architecture using this model including the ability to configure the ports on which automation mesh communicates. That port must not conflict with existing traffic, like HTTPS.

Figure 1.2 Mesh ingress model

Ingress vs egress model

1.3. Default configurations in Red Hat Ansible Automation Platform Service on AWS

The initial configuration of Ansible Automation Platform includes the control node container group and mesh ingress hop nodes. It does not include execution nodes or connectivity to an OpenShift cluster that operates as the execution plane. By default the only automation job available and supported is the Demo Job Template provided for simple testing.

1.4. Planning the required configurations for Red Hat Ansible Automation Platform Service on AWS

After accessing your Ansible Automation Platform instance, you can confirm that there is only a control node, and mesh ingress hop nodes on the Instances page or Topology page. Before you can start automation jobs you must add remote execution nodes to the cluster, or connect an OpenShift cluster as a container group. For help with configuring execution nodes see Red Hat Ansible Automation Platform Automation Mesh for operator-based installations

2. Setting up Red Hat Ansible Automation Platform Service on AWS

Red Hat Ansible Automation Platform Service on AWS users have access to Ansible Automation Platform without the need to manage the infrastructure.

To set up Red Hat Ansible Automation Platform Service on AWS you must link your Amazon Web Services (AWS) and Red Hat accounts through the AWS marketplace. When you link your accounts you can configure your cluster through the Provision environment page on the Red Hat Hybrid Cloud Console.

Prerequisites

  • An AWS Account

2.1. Subscribing to Red Hat Ansible Automation Platform Service on AWS from the AWS Marketplace

As an AWS customer you can search for and subscribe to Red Hat Ansible Automation Platform Service on AWS from the AWS Marketplace.

Procedure

  1. Log in to your AWS account.

  2. Navigate to the AWS Marketplace.

  3. Go to the Discover products page.

  4. In the search bar, search for "Red Hat Ansible Automation Platform Service on AWS."

    • Depending on your region select one of the following:

      • For EMEA, select Red Hat Limited.

      • For the rest of the world, select Red Hat.

  5. Click View purchase options.

  6. Select your desired contract duration.

  7. Click auto renewal settings if you would like your contract to auto renew.

  8. Select the contract options.

  9. Optional: Add a purchase order number.

  10. Click Create contract.

  11. Click Click here to set up your account. This redirects you to Red Hat Single Sign-On where you need to:

    1. Create or sign into your Red Hat account.

    2. Link your AWS account to the Red Hat account.

  12. This then redirects you to the Provision environment page on the Red Hat Hybrid Cloud Console. Here you can start configuring your environment.

  13. Enter your AWS account ID.

    This account ID must be the account ID that purchased the offer from the AWS marketplace. The system will not recognize associated or nested accounts.

  14. Once your AWS ID is validated click Next.

  15. Select your desired region.

  16. Click Provision.

This redirects you to the Instances page which displays all the details of the instance you created. From here you can confirm if your instance is Assigned or still in a Pending state.

2.2. Subscribing to a Red Hat Ansible Automation Platform Service on AWS private offer

A private offer has pricing and licensing terms specifically offered to your account. The offer has a set expiration date, if you do not accept the private offer by the expiration date, you are either automatically moved to the product’s public offer or no longer subscribed to the product.

Procedure

  1. A Red Hat seller issues you a purchase order and provides it to you by email.

  2. Click the link in the email to accept the terms.

  3. Click Create contract.

  4. Click Click here to set up your account. This redirects you to Red Hat Single Sign-On where you need to:

    1. Create or sign into your Red Hat account.

    2. Link your AWS account to the Red Hat account.

  5. This then redirects you to the Provision environment page on the Red Hat Hybrid Cloud Console. Here you can start configuring your environment.

  6. Enter your AWS account ID.

    This account ID must be the account ID that purchased the offer from the AWS marketplace. The system will not recognize associated or nested accounts.

  7. Once your AWS ID is validated click Next.

  8. Select your desired region.

  9. Click Provision.

This redirects you to the Instances page which displays all the details of the instance you created. From here you can confirm if your instance is Assigned or still in a Pending state.

3. Configuring Red Hat Ansible Automation Platform Service on AWS

After you subscribe to Ansible Automation Platform Service on AWS and gain access to Ansible Automation Platform, you must configure your automation mesh nodes, then set up your automation jobs.

For help with configuring your automation mesh see Red Hat Ansible Automation Platform Automation Mesh for operator-based installations.