Chapter 2. Red Hat Ansible Automation Platform Service on AWS PULL and PUSH models

The Red Hat Ansible Automation Platform Service on AWS offers a deployment of Ansible Automation Platform deployment purchased through AWS Marketplace. Red Hat configures and provisions an Ansible Automation Platform. The Red Hat team handles the setup and maintenance of the Ansible Automation Platform, ensuring reliability and security.

While Red Hat manages the control plane, the execution plane is implemented in your network using automation mesh hop nodes and execution nodes. For help with configuring execution nodes see Automation mesh for managed cloud or operator environments.

There are two ways to configure the communication between control nodes and execution nodes:

Remote automation mesh nodes can access Ansible Automation Platform using a 'polling' or 'pull' model, which does not require opening ingress ports in your enterprise network.

The pull model initiates a WebSocket from the remote execution node to the control plane hop node secured with mTLS for authentication and encryption. This model eliminates the need to deploy hop nodes into your demilitarized zone (DMZ) to establish connectivity to private networks if private networks have outbound internet connectivity. Proxy servers that terminate TLS are not supported and will disrupt automation mesh connectivity.

For help with configuring your automation mesh see defining automation mesh node types.

Figure 1 Pull model

You can design their automation mesh architecture using the push model and configure the communication ports.

The default port is 27199. If you choose a different port ensure it does not conflict with an existing service, such as HTTPS. Ansible Automation Platform Service on AWS supports current automation mesh features that push communication to both hop nodes and execution nodes.

Figure 1 Push model