Chapter 1. Planning for automation mesh in your Red Hat Ansible Automation Platform environment
The following topics contain information to help plan an automation mesh deployment in your Ansible Automation Platform environment. The subsequent sections explain the concepts that comprise automation mesh in addition to providing examples on how you can design automation mesh topologies. Simple to complex topology examples are included to illustrate the various ways you can deploy automation mesh.
1.1. About automation mesh
Automation mesh is an overlay network intended to ease the distribution of work across a large and dispersed collection of workers through nodes that establish peer-to-peer connections with each other using existing networks.
Red Hat Ansible Automation Platform 2 replaces Ansible Tower and isolated nodes with automation controller and automation hub. Automation controller provides the control plane for automation through its UI, Restful API, RBAC, workflows and CI/CD integration, while automation mesh can be used for setting up, discovering, changing or modifying the nodes that form the control and execution layers.
Automation mesh introduces:
- Dynamic cluster capacity that scales independently, allowing you to create, register, group, ungroup and deregister nodes with minimal downtime.
- Control and execution plane separation that enables you to scale playbook execution capacity independently from control plane capacity.
- Deployment choices that are resilient to latency, reconfigurable without outage, and that dynamically re-reroute to choose a different path when outages may exist. mesh routing changes.
- Connectivity that includes bi-directional, multi-hopped mesh communication possibilities which are Federal Information Processing Standards (FIPS) compliant.
1.2. Control and execution planes
Automation mesh makes use of unique node types to create both the control and execution plane. Learn more about the control and execution plane and their node types before designing your automation mesh topology.
1.2.1. Control plane
The control plane consists of hybrid and control nodes. Instances in the control plane run persistent automation controller services such as the the web server and task dispatcher, in addition to project updates, and management jobs.
-
Hybrid nodes - this is the default node type for control plane nodes, responsible for automation controller runtime functions like project updates, management jobs and
ansible-runner
task operations. Hybrid nodes are also used for automation execution. - Control nodes - control nodes run project and inventory updates and system jobs, but not regular jobs. Execution capabilities are disabled on these nodes.
1.2.2. Execution plane
The execution plane consists of execution nodes that execute automation on behalf of the control plane and have no control functions. Hop nodes serve to communicate. Nodes in the execution plane only run user-space jobs, and may be geographically separated, with high latency, from the control plane.
-
Execution nodes - Execution nodes run jobs under
ansible-runner
withpodman
isolation. This node type is similar to isolated nodes. This is the default node type for execution plane nodes. - Hop nodes - similar to a jump host, hop nodes will route traffic to other execution nodes. Hop nodes cannot execute automation.
1.2.3. Peers
Peer relationships define node-to-node connections. You can define peers within the [automationcontroller]
and [execution_nodes]
groups or using the [automationcontroller:vars]
or [execution_nodes:vars]
groups
1.2.4. Defining automation mesh node types
The examples in this section demonstrate how to set the node type for the hosts in your inventory file.
You can set the node_type
for single nodes in the control plane or execution plane inventory groups. To define the node type for an entire group of nodes, set the node_type
in the vars
stanza for the group.
-
The allowed values for
node_type
in the control plane[automationcontroller]
group arehybrid
(default) andcontrol
. -
The allowed values for
node_type
in the[execution_nodes]
group areexecution
(default) andhop
.
Hybrid node
The following inventory consists of a single hybrid node in the control plane:
[automationcontroller] control-plane-1.example.com
Control node
The following inventory consists of a single control node in the control plane:
[automationcontroller] control-plane-1.example.com node_type=control
If you set node_type
to control
in the vars
stanza for the control plane nodes, then all of the nodes in control plane are control nodes.
[automationcontroller] control-plane-1.example.com [automationcontroller:vars] node_type=control
Execution node
The following stanza defines a single execution node in the execution plane:
[execution_nodes] execution-plane-1.example.com
Hop node
The following stanza defines a single hop node and an execution node in the execution plane. The node_type
variable is set for every individual node.
[execution_nodes] execution-plane-1.example.com node_type=hop execution-plane-2.example.com
If you want to set the node-type
at the group level, you must create separate groups for the execution nodes and the hop nodes.
[execution_nodes] execution-plane-1.example.com execution-plane-2.example.com [execution_group] execution-plane-2.example.com [execution_group:vars] node_type=execution [hop_group] execution-plane-1.example.com [hop_group:vars] node_type=hop
Peer connections
Create node-to-node connections using the peers=
host variable. The following example connects control-plane-1.example.com
to execution-node-1.example.com
and execution-node-1.example.com
to execution-node-2.example.com
:
[automationcontroller] control-plane-1.example.com peers=execution-node-1.example.com [automationcontroller:vars] node_type=control [execution_nodes] execution-node-1.example.com peers=execution-node-2.example.com execution-node-2.example.com
Additional resources
- See the example automation mesh topologies in this guide for more examples of how to implement mesh nodes.