This repo includes ansible playbooks for a demo project of automating content management in Red Hat Satellite with Red Hat Ansible Automation Platform on AWS EC2.
The goal behind the code is to demonstrate a simple example for automating the periodic publishing of Content Views in Red Hat Satellite and testing those contents before applying to production.
The assumed environment can be set up on AWS EC2 easily by using playbooks and roles in the managing-rhel-lifecycle-seup paired repo.
Name | Description |
---|---|
publish_cv.yml |
Publish a new version of the configured content view. |
promote_cv.yml |
Promote the content view to a life cycle environment. |
snapshot_vm.yml |
Snapshot the disk of runnning managed VMs. |
update_vm.yml |
Update all packages following the configured content view. |
restart_vm.yml |
Restart the running managed VMs. |
test_vm.yml |
Test the infrastructure of the restarted VMs. |
test_app.yml |
Test the application of the restarted VMs. |
These variables have already been set as follows, corresponding to the setup by managing-rhel-lifecycle-setup. You can adjust them based on your environment.
purpose: demo
foreman_organization: My_Organization
foreman_location: Tokyo
foreman_admin_username: admin
foreman_content_view: "RHEL9_SOE"
foreman_activation_key_name: "Demo_Key"
managed_vms_name_prefix: "managed"
aws_region: ap-northeast-1 # adjust with your preference
wp_weblog_title: "DemoSite"
Assuming the demo environement has been already created by the way of before mentioned and you've also performed git clone
this repo.
You can create the demo environment automatedly by running the playbook create_aac_demo.yml
included in the managing-rhel-lifecycle-seup paired repo.
Ensure that you are logged in to your Ansible Automation Controller before proceeding with following steps.
At leaset the following two credentails need to be defined.
- Click
Credentials
in the left menu. - Click
Add
button. - Enter the following fields:
- Name:
aws_cred
- Credential Type:
Amazon Web Services
- Access Key: your AWS_ACCESS_KEY_ID
- Secret Key: your AWS_SECRET_ACCESS_KEY
- Name:
- Click
Save
button.
Please refer to Ansible Doc for more details.
- Click
Credentials
in the left menu. - Click
Add
button. - Enter the following fields:
- Name:
aws_key
- Credential Type:
Machine
- SSH Private Key: your AWS private key
- Name:
- Click
Save
button.
Please refer to Ansible Doc for more details.
- Click
Inventories
in the left menu. - Click
Add
button and selectAdd inventory
. - Enter the following fields:
- Name:
RHEL_Demo
- Name:
- Click
Save
button and then selectSources
tab. - Click
Add
button. - Enter the following fields:
- Name:
AWS
- Source:
Amazon EC2
- Credential:
aws_cred
- Update options:
Overwrite
,Overwrite variables
,Update on launch
- Source variables:
--- # Minimal example using environment variables # Fetch all hosts taged with "purpose" tag as "demo" in ap-northeast-1 plugin: amazon.aws.aws_ec2 keyed_groups: - prefix: tag key: tags # Change regions corresponding to your environment regions: - ap-northeast-1 # adjust with your preference # Filter only objects taged with "purpose" tag as "demo" filters: tag:purpose: demo # Ignores 403 errors rather than failing strict_permissions: false
- Name:
- Click
Save
button.
- Click
Projects
in the left menu. - Click
Add
button. - Enter the following fields:
- Name:
RHEL_Lifecycle_Demo
- Organization:
Default
(or your prefered organization) - Execution Environment:
Default execution environment
- Source Control Type:
Git
- Source Control URL: your git repositoriy
- Name:
- Click
Save
button
Please refer to Ansible Doc for more details.
NOTE: You need to configure Red Hat automation hub as your primary source of content. To configure automation hub, you must create a credential and add it to the Organization’s Galaxy Credentials field (in this case "Default"). With automation hub, you have access to certified, supported collection i.e., "redhat.satellite".
Each job template is equivalent to a playbook in this repository. Repeat these steps for each template/playbook that you want to use and change the variables specific to the individual playbook. Please refer to Ansible Doc for more details.
- Click
Templates
in the left menu. - Click
Add
button and selectAdd job template
. - Follow the next steps respectively.
- Click
Save
button
- Name:
Content View Publish
- Job Type:
Run
- Inventory:
RHEL_Demo
- Project:
RHEL_Lifecycle_Demo
- Playbook:
publish_cv.yml
- Name:
Promote To Dev
- Job Type:
Run
- Inventory:
RHEL_Demo
- Project:
RHEL_Lifecycle_Demo
- Playbook:
promote_cv.yml
- Variables:
---
current_lce: Library
target_lce: Development
- Name:
Backup Dev VM
- Job Type:
Run
- Inventory:
RHEL_Demo
- Project:
RHEL_Lifecycle_Demo
- Playbook:
snapshot_vm.yml
- Credentials:
aws_cred
- Variables:
---
managed_vms_environment: dev
- Name:
Update Dev VM
- Job Type:
Run
- Inventory:
RHEL_Demo
- Project:
RHEL_Lifecycle_Demo
- Playbook:
update_vm.yml
- Credentials:
aws_key
- Variables:
---
target_hosts: tag_environment_dev
- Name:
Restart Dev VM
- Job Type:
Run
- Inventory:
RHEL_Demo
- Project:
RHEL_Lifecycle_Demo
- Playbook:
restart_vm.yml
- Credentials:
aws_cred
- Variables:
---
managed_vms_environment: dev
- Name:
Test Dev VM
- Job Type:
Run
- Inventory:
RHEL_Demo
- Project:
RHEL_Lifecycle_Demo
- Playbook:
test_vm.yml
- Credentials:
aws_key
- Variables:
---
target_hosts: tag_environment_dev
- Name:
Test Dev App
- Job Type:
Run
- Inventory:
RHEL_Demo
- Project:
RHEL_Lifecycle_Demo
- Playbook:
test_app.yml
- Credentials:
aws_cred
- Variables:
---
managed_vms_environment: dev
- Name:
Promote To Prod
- Job Type:
Run
- Inventory:
RHEL_Demo
- Project:
RHEL_Lifecycle_Demo
- Playbook:
promote_cv.yml
- Variables:
---
current_lce: Development
target_lce: Production
- Name:
Backup Prod VM
- Job Type:
Run
- Inventory:
RHEL_Demo
- Project:
RHEL_Lifecycle_Demo
- Playbook:
snapshot_vm.yml
- Credentials:
aws_cred
- Variables:
---
managed_vms_environment: prod
- Name:
Update Prod VM
- Job Type:
Run
- Inventory:
RHEL_Demo
- Project:
RHEL_Lifecycle_Demo
- Playbook:
update_vm.yml
- Credentials:
aws_key
- Variables:
---
target_hosts: tag_environment_prod
- Name:
Restart Prod VM
- Job Type:
Run
- Inventory:
RHEL_Demo
- Project:
RHEL_Lifecycle_Demo
- Playbook:
restart_vm.yml
- Credentials:
aws_cred
- Variables:
---
managed_vms_environment: prod
- Name:
Test Prod VM
- Job Type:
Run
- Inventory:
RHEL_Demo
- Project:
RHEL_Lifecycle_Demo
- Playbook:
test_vm.yml
- Credentials:
aws_key
- Variables:
---
target_hosts: tag_environment_prod
- Name:
Test Prod App
- Job Type:
Run
- Inventory:
RHEL_Demo
- Project:
RHEL_Lifecycle_Demo
- Playbook:
test_app.yml
- Credentials:
aws_cred
- Variables:
---
managed_vms_environment: prod
Above job templates are acutually configured as separate workflow templates for Development and for Production respectively. Follow the next steps for each environment. Please refer to Ansible Doc for more details.
- Click
Templates
in the left menu. - Click
Add
button and selectAdd workflow template
. - Click
Save
button. - Click
Start
and launch Visualizer. - Configure the workflow template as follows:
- Click
Save
button. - Click
Survery
tab and clickAdd
button. - Add the following two surveys and enable them:
- ErrataByDate
- Question: Enter ErrataByDate
- Answer variable name:
foreman_cv_end_date
- Satellite Password
- Questoin: Enter Satellite Password
- Answer variable name:
foreman_admin_passwd
- ErrataByDate
NOTE: Although foreman_admin_passwd
should be encrypted in production, using vault for example, I just use easier way for demo purpose.
- Click
Templates
in the left menu. - Click
Add
button and selectAdd workflow template
. - Click
Save
button. - Click
Start
and launch Visualizer. - Configure the workflow template as follows:
- Click
Save
button. - Click
Survery
tab and clickAdd
button. - Add the following two surveys and enable them:
- ErrataByDate
- Question: Enter ErrataByDate
- Answer variable name:
foreman_cv_end_date
- Satellite Password
- Questoin: Enter Satellite Password
- Answer variable name:
foreman_admin_passwd
- ErrataByDate
NOTE: When running the workflow for Production , foreman_cv_end_date
needs to be set identical to the input for Development.