Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.
Chapter 4. Operator topologies
The Ansible Automation Platform Operator uses Red Hat OpenShift Operators to deploy Ansible Automation Platform within Red Hat OpenShift. Customers manage the product and infrastructure lifecycle.
You can only install a single instance of the Ansible Automation Platform Operator into a single namespace. Installing multiple instances in the same namespace can lead to improper operation for both Operator instances.
4.1. Operator growth topology
The growth topology is intended for organizations that are getting started with Ansible Automation Platform and do not require redundancy or higher compute for large volumes of automation. This topology allows for smaller footprint deployments.
4.1.1. Infrastructure topology
The following diagram outlines the infrastructure topology that Red Hat has tested with this deployment model that customers can use when self-managing Ansible Automation Platform:
Figure 4.1. Infrastructure topology diagram
While Redis and PostgreSQL can be installed as part of the operator-based installation process, this diagram represents a Red Hat supported topology where both Redis and PostgreSQL are external to Ansible Automation Platform.
A Single Node OpenShift (SNO) cluster has been tested with the following requirements: 32 GB RAM, 16 CPUs, 128 GB local disk, and 3000 IOPS.
| Count | Component | 
|---|---|
| 1 | Automation controller web pod | 
| 1 | Automation controller task pod | 
| 1 | Automation hub web pod | 
| 1 | Automation hub API pod | 
| 2 | Automation hub content pod | 
| 2 | Automation hub worker pod | 
| 1 | Automation hub Redis pod | 
| 1 | Event-Driven Ansible API pod | 
| 1 | Event-Driven Ansible activation worker pod | 
| 1 | Event-Driven Ansible default worker pod | 
| 1 | Event-Driven Ansible event stream pod | 
| 1 | Event-Driven Ansible scheduler pod | 
| 1 | Platform gateway pod | 
| 1 | Database pod | 
| 1 | Redis pod | 
You can deploy multiple isolated instances of Ansible Automation Platform into the same Red Hat OpenShift Container Platform cluster by using a namespace-scoped deployment model. This approach allows you to use the same cluster for several deployments.
4.1.2. Tested system configurations
Red Hat has tested the following configurations to install and run Red Hat Ansible Automation Platform:
| Type | Description | 
|---|---|
| Subscription | Valid Red Hat Ansible Automation Platform subscription | 
| Red Hat OpenShift | 
 | 
| Ansible-core | Ansible-core version 2.16 or later | 
| Browser | A currently supported version of Mozilla Firefox or Google Chrome. | 
| Database | PostgreSQL 15 | 
4.1.3. Example custom resource file
Use the following example custom resource (CR) to add your Ansible Automation Platform instance to your project:
4.1.4. Nonfunctional requirements
Ansible Automation Platform’s performance characteristics and capacity are impacted by its resource allocation and configuration. With OpenShift, each Ansible Automation Platform component is deployed as a pod. You can specify resource requests and limits for each pod.
Use the Ansible Automation Platform Custom Resource (CR) to configure resource allocation for OpenShift installations. Each configurable item has default settings. These settings are the minimum requirements for an installation, but might not meet your production workload needs.
By default, each component’s deployments are set for minimum resource requests but no resource limits. OpenShift only schedules the pods with available resource requests, but the pods are allowed to consume unlimited RAM or CPU provided that the OpenShift worker node itself is not under node pressure.
In the Operator growth topology, Ansible Automation Platform is deployed on a Single Node OpenShift (SNO) with 32 GB RAM, 16 CPUs, 128 GB Local disk, and 3000 IOPS. This is not a shared environment, so Ansible Automation Platform pods have full access to all of the compute resources of the OpenShift SNO. In this scenario, the capacity calculation for the automation controller task pods is derived from the underlying OpenShift Container Platform node that runs the pod. It does not have access to the entire node. This capacity calculation influences how many concurrent jobs automation controller can run.
					OpenShift manages storage distinctly from VMs. This impacts how automation hub stores its artifacts. In the Operator growth topology, we use S3 storage because automation hub requires a ReadWriteMany type storage, which is not a default storage type in OpenShift.
				
4.1.5. Network ports
Red Hat Ansible Automation Platform uses several ports to communicate with its services. These ports must be open and available for incoming connections to the Red Hat Ansible Automation Platform server for it to work. Ensure that these ports are available and are not blocked by the server firewall.
| Port number | Protocol | Service | Source | Destination | 
|---|---|---|---|---|
| 80/443 | HTTP/HTTPS | Receptor | Execution node | OpenShift Container Platform ingress | 
| 80/443 | HTTP/HTTPS | Receptor | Hop node | OpenShift Container Platform ingress | 
| 80/443 | HTTP/HTTPS | Platform | Customer clients | OpenShift Container Platform ingress | 
| 27199 | TCP | Receptor | OpenShift Container Platform cluster | Execution node | 
| 27199 | TCP | Receptor | OpenShift Container Platform cluster | Hop node | 
4.2. Operator enterprise topology
The enterprise topology is intended for organizations that require Ansible Automation Platform to be deployed with redundancy or higher compute for large volumes of automation.
The Ansible Automation Platform Service on AWS is an example of an OpenShift Operator based enterprise topology.
4.2.1. Infrastructure topology
The following diagram outlines the infrastructure topology that Red Hat has tested with this deployment model that customers can use when self-managing Ansible Automation Platform:
Figure 4.2. Infrastructure topology diagram
While Redis and PostgreSQL can be installed as part of the operator-based installation process, this diagram represents a Red Hat supported topology where both Redis and PostgreSQL are external to Ansible Automation Platform.
The following infrastructure topology describes an OpenShift Cluster with 3 primary nodes and 2 worker nodes.
Each OpenShift Worker node has been tested with the following component requirements: 16 GB RAM, 4 CPUs, 128 GB local disk, and 3000 IOPS.
| Count | Component | 
|---|---|
| 1 | Automation controller web pod | 
| 1 | Automation controller task pod | 
| 1 | Automation hub web pod | 
| 1 | Automation hub API pod | 
| 2 | Automation hub content pod | 
| 2 | Automation hub worker pod | 
| 1 | Automation hub Redis pod | 
| 1 | Event-Driven Ansible API pod | 
| 2 | Event-Driven Ansible activation worker pod | 
| 2 | Event-Driven Ansible default worker pod | 
| 2 | Event-Driven Ansible event stream pod | 
| 1 | Event-Driven Ansible scheduler pod | 
| 1 | Platform gateway pod | 
| 2 | Mesh ingress pod | 
| N/A | Externally managed database service | 
| N/A | Externally managed Redis | 
| N/A | Externally managed object storage service (for automation hub) | 
4.2.2. Tested system configurations
Red Hat has tested the following configurations to install and run Red Hat Ansible Automation Platform:
| Type | Description | 
|---|---|
| Subscription | Valid Red Hat Ansible Automation Platform subscription | 
| Red Hat OpenShift | 
 | 
| Ansible-core | Ansible-core version 2.16 or later | 
| Browser | A currently supported version of Mozilla Firefox or Google Chrome. | 
| AWS RDS PostgreSQL service | 
 | 
| AWS Memcached Service | 
 | 
| s3 storage | HTTPS only accessible through AWS Role assigned to automation hub SA at runtime by using AWS Pod Identity | 
4.2.3. Example custom resource file
					For example CR files for this topology, see the ocp-b.env-a directory in the test-topologies GitHub repository.
				
4.2.4. Nonfunctional requirements
Ansible Automation Platform’s performance characteristics and capacity are impacted by its resource allocation and configuration. With OpenShift, each Ansible Automation Platform component is deployed as a pod. You can specify resource requests and limits for each pod.
Use the Ansible Automation Platform custom resource to configure resource allocation for OpenShift installations. Each configurable item has default settings. These settings are the exact configuration used within the context of this reference deployment architecture and presumes that the environment is being deployed and managed by an Enterprise IT organization for production purposes.
By default, each component’s deployments are set for minimum resource requests but no resource limits. OpenShift only schedules the pods with available resource requests, but the pods are allowed to consume unlimited RAM or CPU provided that the OpenShift worker node itself is not under node pressure.
In the Operator enterprise topology, Ansible Automation Platform is deployed on a Red Hat OpenShift on AWS (ROSA) Hosted Control Plane (HCP) cluster with 2 t3.xlarge worker nodes spread across 2 AZs within a single AWS Region. This is not a shared environment, so Ansible Automation Platform pods have full access to all of the compute resources of the ROSA HCP cluster. In this scenario, the capacity calculation for the automation controller task pods is derived from the underlying HCP worker node that runs the pod. It does not have access to the CPU or memory resources of the entire node. This capacity calculation influences how many concurrent jobs automation controller can run.
					OpenShift manages storage distinctly from VMs. This impacts how automation hub stores its artifacts. In the Operator enterprise topology, we use S3 storage because automation hub requires a ReadWriteMany type storage, which is not a default storage type in OpenShift. Externally provided Redis, PostgreSQL, and object storage for automation hub are specified. This provides the Ansible Automation Platform deployment with additional scalability and reliability features, including specialized backup, restore, and replication services and scalable storage.
				
4.2.5. Network ports
Red Hat Ansible Automation Platform uses several ports to communicate with its services. These ports must be open and available for incoming connections to the Red Hat Ansible Automation Platform server for it to work. Ensure that these ports are available and are not blocked by the server firewall.
| Port number | Protocol | Service | Source | Destination | 
|---|---|---|---|---|
| 80/443 | HTTP/HTTPS | Object storage | OpenShift Container Platform cluster | External object storage service | 
| 80/443 | HTTP/HTTPS | Receptor | Execution node | OpenShift Container Platform ingress | 
| 80/443 | HTTP/HTTPS | Receptor | Hop node | OpenShift Container Platform ingress | 
| 5432 | TCP | PostgreSQL | OpenShift Container Platform cluster | External database service | 
| 6379 | TCP | Redis | OpenShift Container Platform cluster | External Redis service | 
| 27199 | TCP | Receptor | OpenShift Container Platform cluster | Execution node | 
| 27199 | TCP | Receptor | OpenShift Container Platform cluster | Hop node | 
 
    