Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Developing automation content

Red Hat Ansible Automation Platform 2.5

Develop Ansible automation content to run automation jobs

Red Hat Customer Content Services

Abstract

This guide describes how to develop Ansible automation content and how to use it to run automation jobs from Red Hat Ansible Automation Platforms.

Preface

Thank you for your interest in Red Hat Ansible Automation Platform. Ansible Automation Platform is a commercial offering that helps teams manage complex multi-tier deployments by adding control, knowledge, and delegation to Ansible-powered environments.

This guide describes how to develop Ansible automation content and how to use it to run automation jobs from Red Hat Ansible Automation Platform. This document has been updated to include information for the latest release of Ansible Automation Platform.

Providing feedback on Red Hat documentation

If you have a suggestion to improve this documentation, or find an error, you can contact technical support at https://access.redhat.com to open a request.

Chapter 1. Ansible development tools

Ansible development tools (ansible-dev-tools) is a suite of tools provided with Ansible Automation Platform to help automation creators to create, test, and deploy playbook projects, execution environments, and collections.

The Ansible VS Code extension by Red Hat integrates most of the Ansible development tools: you can use these tools from the VS Code user interface.

Use Ansible development tools during local development of playbooks, local testing, and in a CI pipeline (linting and testing).

This document describes how to use Ansible development tools to create a playbook project that contains playbooks and roles that you can reuse within the project. It also describes how to test the playbooks and deploy the project on your Ansible Automation Platform instance so that you can use the playbooks in automation jobs.

1.1. Ansible development tools components

You can operate some Ansible development tools from the VS Code UI when you have installed the Ansible extension, and the remainder from the command line. VS Code is a free open-source code editor available on Linux, Mac, and Windows.

Ansible VS Code extension

This is not packaged with the Ansible Automation Platform RPM package, but it is an integral part of the automation creation workflow. From the VS Code UI, you can use the Ansible development tools for the following tasks:

  • Scaffold directories for a playbook project or a collection.
  • Write playbooks with the help of syntax highlighting and auto-completion.
  • Debug your playbooks with a linter.
  • Execute playbooks with Ansible Core using ansible-playbook.
  • Execute playbooks in an execution environment with ansible-navigator.

From the VS Code extension, you can also connect to Red Hat Ansible Lightspeed with IBM watsonx Code Assistant.

Command-line Ansible development tools

You can perform the following tasks with Ansible development tools from the command line, including the terminal in VS Code:

  • Create an execution environment.
  • Test your playbooks, roles, modules, plugins and collections.

Chapter 2. Workflow for developing automation content

2.1. Workflow

2.1.1. Create

In the create stage, you create a new playbook project locally, using VS Code. The following is a typical workflow:

  1. Install and run the Ansible extension in VS Code.
  2. Scaffold a playbook project from VS Code.
  3. Add playbook files to your project and edit them in VS Code.

2.1.2. Test

  1. Debug your playbook with the help of ansible-lint.
  2. Select or create an automation execution environment so that your local environment replicates the environment on Ansible Automation Platform.
  3. Run your playbooks from VS Code, using ansible-playbook or using ansible-navigator with an execution environment.
  4. Test your playbooks by running them on an execution environment that replicates your production environment.

2.1.3. Deploy

  1. Push your playbooks project to a source control repository.
  2. Set up credentials on Ansible Automation Platform to pull from your source control repository and create a project for your playbook repository.
  3. If you have created an execution environment, push it to private automation hub.
  4. Create a job template on Ansible Automation Platform that runs a playbook from your project, and specify the execution environment that you want to use.

Chapter 3. Installing Ansible development tools

Red Hat provides two options for installing Ansible development tools.

  • Installation on a RHEL container running inside VS Code. You can install this option on MacOS, Windows, and Linux systems.
  • Installation on your local RHEL system using an RPM (Red Hat Package Manager) package.

3.1. Requirements

To install and use Ansible development tools, you must meet the following requirements. Extra requirements for Windows installations and containerized installations are indicated in the procedures.

3.1.1. Requirements for Ansible development tools on Windows

If you are installing Ansible development tools on a container in VS Code on Windows, there are extra requirements:

  • Windows Subsystem for Linux(WSL2)
  • Podman Desktop
3.1.1.1. Installing WSL

  1. Install WSL2 without a distribution: 

    $ `wsl --install --no-distribution`

  2. Use cgroupsv2 by disabling cgroupsv1 for WSL2:

    Edit the %USERPROFILE%/wsl.conf file and add the following lines to force cgroupv2 usage: 

    [wsl2]
kernelCommandLine = cgroup_no_v1="all"
3.1.1.2. Installing Podman Desktop on a Windows machine

  1. Install Podman Desktop. Follow the instructions in Installing Podman Desktop and Podman on Windows in the Podman Desktop documentation.

    You do not need to change the default settings in the set-up wizard.

  2. Ensure the podman machine is using cgroupsv2: 

    $ podman info | findstr cgroup

  3. Test Podman Desktop: 

    $ podman run hello
3.1.1.3. Configuring settings for Podman Desktop

  1. Add a %USERPROFILE%\bin\docker.bat file with the following content: 

    @echo off
podman %*

    This avoids having to install Docker as required by the VS Code Dev Container extension.

  2. Add the %USERPROFILE%\bin directory to the PATH.

    1. Select Settings and search for "Edit environment variables for your account" to display all of the user environment variables.
    2. Highlight "Path" in the top user variables box, click Edit and add the path.
    3. Click Save to set the path for any new console that you open.

3.1.2. Authenticating with the Red Hat container registry

All container images available through the Red Hat container catalog are hosted on an image registry, registry.redhat.io. The registry requires authentication for access to images.

To use the registry.redhat.io registry, you must have a Red Hat login. This is the same account that you use to log in to the Red Hat Customer Portal (access.redhat.com) and manage your Red Hat subscriptions.

Note

If you are planning to install the Ansible development tools on a container inside VS Code, you must log in to registry.redhat.io before launching VS Code so that VS Code can pull the devtools container from registry.redhat.io.

If you are running Ansible development tools on a container inside VS Code and you want to pull execution environments or the devcontainer to use as an execution environment, you must log in from a terminal prompt within the devcontainer from a terminal inside VS Code.

You can use the podman login or docker login commands with your credentials to access content on the registry.

Podman
$ podman login registry.redhat.io
Username: my__redhat_username
Password: ***********
Docker
$ docker login registry.redhat.io
Username: my__redhat_username
Password: ***********

For more information about Red Hat container registry authentication, see Red Hat Container Registry Authentication on the Red Hat customer portal.

3.1.3. Installing VS Code

3.1.4. Installing the VS Code Ansible extension

The Ansible extension adds language support for Ansible to VS Code. It incorporates Ansible development tools to facilitate creating and running automation content.

For a full description of the Ansible extension, see the Visual Studio Code Marketplace.

See Learning path - Getting Started with the Ansible VS Code Extension for tutorials on working with the extension.

To install the Ansible VS Code extension:

  1. Open VS Code.
  2. Click the Extensions ( Extensions ) icon in the Activity Bar, or click ViewExtensions, to display the Extensions view.
  3. In the search field in the Extensions view, type Ansible Red Hat.
  4. Select the Ansible extension and click Install.

When the language for a file is recognized as Ansible, the Ansible extension provides features such as auto-completion, hover, diagnostics, and goto. The language identified for a file is displayed in the Status bar at the bottom of the VS Code window.

The following files are assigned the Ansible language:

  • YAML files in a /playbooks directory
  • Files with the following double extension: .ansible.yml or .ansible.yaml
  • Certain YAML names recognized by Ansible, for example site.yml or site.yaml
  • YAML files whose filename contains "playbook": playbook.yml or playbook.yaml

If the extension does not identify the language for your playbook files as Ansible, follow the procedure in Associating the Ansible language to YAML files.

3.1.5. Configuring Ansible extension settings

The Ansible extension supports multiple configuration options.

You can configure the settings for the extension on a user level, on a workspace level, or for a particular directory. User-based settings are applied globally for any instance of VS Code that is opened. Workspace settings are stored within your workspace and only apply when the current workspace is opened.

It is useful to configure settings for your workspace for the following reasons:

  • If you define and maintain configurations specific to your playbook project, you can customize your Ansible development environment for individual projects without altering your preferred setup for other work. You can have different settings for a Python project, an Ansible project, and a C++ project, each optimized for the respective stack without the need to manually reconfigure settings each time you switch projects.
  • If you include workspace settings when setting up version control for a project you want to share with your team, everyone uses the same configuration for that project.

Procedure

  1. Open the Ansible extension settings:

    1. Click the 'Extensions' icon in the activity bar.

    2. Select the Ansible extension, and click the 'gear' icon and then Extension Settings to display the extension settings.

      Alternatively, click CodeSettingsSettings to open the Settings page.

    3. Enter Ansible in the search bar to display the settings for the extension.
  2. Select the Workspace tab to configure your settings for the current VS Code workspace.

  3. The Ansible extension settings are pre-populated. Modify the settings to suit your requirements:

    • Check the AnsibleValidationLint: Enabled box to enable ansible-lint.
    • Check the Ansible Execution Environment: Enabled box to use an execution environment.
    • Specify the execution environment image you want to use in the Ansible > Execution Environment: image field.
    • To use Red Hat Ansible Lightspeed, check the Ansible > Lightspeed: Enabled box, and enter the URL for Lightspeed.

The settings are documented on the Ansible VS Code Extension by Red Hat page in the VisualStudio marketplace documentation.

3.1.6. Associating the Ansible language to YAML files

The Ansible VS Code extension works only when the language associated with a file is set to Ansible. The extension provides features that help create Ansible playbooks, such as auto-completion, hover, and diagnostics.

The Ansible VS Code extension automatically associates the Ansible language with some files. The procedures below describe how to set the language for files that are not recognized as Ansible files.

Manually associating the Ansible language to YAML files

The following procedure describes how to manually assign the Ansible language to a YAML file that is open in VS Code.

  1. Open or create a YAML file in VS Code.
  2. Hover the cursor over the language identified in the status bar at the bottom of the VS Code window to open the Select Language Mode list.

  3. Select Ansible in the list.

    The language shown in the status bar at the bottom of the VS Code window for the file is changed to Ansible.

Adding persistent file association for the Ansible language to settings.json

Alternatively, you can add file association for the Ansible language in your settings.json file.

  1. Open the settings.json file:

    1. Click ViewCommand Palette to open the command palette.
    2. Enter Workspace settings in the search box and select Open Workspace Settings (JSON).

  2. Add the following code to settings.json. 

    {
  ...

  "files.associations": {
    "*plays.yml": "ansible",
    "*init.yml": "yaml",
  }
}

3.1.7. Installing and configuring the Dev Containers extension

If you are installing the containerized version of Ansible development tools, you must install the Microsoft Dev Containers extension in VS Code.

  1. Open VS Code.
  2. Click the Extensions ( Extensions ) icon in the Activity Bar, or click ViewExtensions, to display the Extensions view.
  3. In the search field in the Extensions view, type Dev Containers.
  4. Select the Dev Containers extension from Microsoft and click Install.

If you are using Podman or Podman Desktop as your containerization platform, you must modify the default settings in the Dev Containers extension.

  1. Replace docker with podman in the Dev Containers extension settings:

    1. In VS Code, open the settings editor.

    2. Search for @ext:ms-vscode-remote.remote-containers.

      Alternatively, click the Extensions icon in the activity bar and click the gear icon for the Dev Containers extension.

  2. Set Dev > Containers:Docker Path to podman.
  3. Set Dev > Containers:Docker Compose Path to podman-compose.

3.2. Installing Ansible development tools on a container inside VS Code

The Dev Containers VS Code extension requires a .devcontainer file to store settings for your dev containers. You must use the Ansible extension to scaffold a config file for your dev container, and reopen your directory in a container in VS Code.

Prerequisites

  • You have installed a containerization platform, for example Podman, Podman Desktop, Docker, or Docker Desktop.
  • You have a Red Hat login and you have logged in to the Red Hat registry at registry.redhat.io. For information about logging in to registry.redhat.io, see Authenticating with the Red Hat container registry.
  • You have installed VS Code.
  • You have installed the Ansible extension in VS Code.
  • You have installed the Microsoft Dev Containers extension in VS Code.

  • If you are installing Ansible development tools on Windows, launch VS Code and connect to the WSL machine:

    1. Click the Remote ( Remote ) icon.
    2. In the dropdown menu that appears, select the option to connect to the WSL machine.

Procedure

  1. In VS Code, navigate to your project directory.
  2. Click the Ansible icon in the VS Code activity bar to open the Ansible extension.
  3. In the Ansible Development Tools section of the Ansible extension, scroll down to the ADD option and select Devcontainer.

  4. In the Create a devcontainer page, select the Downstream container image from the Container image options.

    This action adds devcontainer.json files for both Podman and Docker in a .devcontainer directory.

  5. Reopen or reload the project directory:

    • If VS Code detects that your directory contains a devcontainer.json file, the following notification appears:

      Reopen in container

      Click Reopen in Container.

    • If the notification does not appear, click the Remote ( Remote ) icon. In the dropdown menu that appears, select Reopen in Container.

  6. Select the dev container for Podman or Docker according to the containerization platform you are using.

    The Remote () status in the VS Code Status bar displays opening Remote and a notification indicates the progress in opening the container.

Verification

When the directory reopens in a container, the Remote () status displays Dev Container: ansible-dev-container.

Note

The base image for the container is a Universal Base Image Minimal (UBI Minimal) image that uses microdnf as a package manager. The dnf and yum package managers are not available in the container.

For information about using microdnf in containers based on UBI Minimal images, see Adding software in a minimal UBI container in the Red Hat Enterprise Linux Building, running, and managing containers guide.

3.3. Installing Ansible development tools from a package on RHEL

Ansible development tools is bundled in the Ansible Automation Platform RPM (Red Hat Package Manager) package. Refer to the RPM installation documentation for information on installing Ansible Automation Platform.

Prerequisites

  • You have installed RHEL.
  • You have registered your system with Red Hat Subscription Manager.
  • You have installed a containerization platform, for example Podman or Docker.

Procedure

  1. Run the following command to check whether Simple Content Access (SCA) is enabled: 

    $ sudo subscription-manager status

    If Simple Content Access is enabled, the output contains the following message: 

    Content Access Mode is set to Simple Content Access.

    1. If Simple Content Access is not enabled, attach the Red Hat Ansible Automation Platform SKU: 

      $ sudo subscription-manager attach --pool=<sku-pool-id>

  2. Install Ansible development tools with the following command: 

    $ sudo dnf install --enablerepo=ansible-automation-platform-2.5-for-rhel-8-x86_64-rpms ansible-dev-tools
    $ sudo dnf install --enablerepo=ansible-automation-platform-2.5-for-rhel-9-x86_64-rpms ansible-dev-tools

Verification:

Verify that the Ansible development tools components have been installed: 

$ rpm -aq | grep ansible

The output displays the Ansible packages that are installed: 

ansible-sign-0.1.1-2.el9ap.noarch
ansible-creator-24.4.1-1.el9ap.noarch
python3.11-ansible-runner-2.4.0-0.1.20240412.git764790f.el9ap.noarch
ansible-runner-2.4.0-0.1.20240412.git764790f.el9ap.noarch
ansible-builder-3.1.0-0.2.20240413.git167ed5c.el9ap.noarch
ansible-dev-environment-24.1.0-2.el9ap.noarch
ansible-core-2.16.6-0.1.20240413.gite636132.el9ap.noarch
python3.11-ansible-compat-4.1.11-2.el9ap.noarch
python3.11-pytest-ansible-24.1.2-1.el9ap.noarch
ansible-lint-6.14.3-4.el9ap.noarch
ansible-navigator-3.4.1-2.el9ap.noarch
python3.11-tox-ansible-24.2.0-1.el9ap.noarch
ansible-dev-tools-2.5-2.el9ap.noarch

On successful installation, you can view the help documentation for ansible-creator: 

$ ansible-creator --help

usage: ansible-creator [-h] [--version] command ...

The fastest way to generate all your ansible content.

Positional arguments:
 command
  add           Add resources to an existing Ansible project.
  init          Initialize a new Ansible project.

Options:
 --version      Print ansible-creator version and exit.
 -h     --help  Show this help message and exit

Chapter 4. Creating a playbook project

4.1. Scaffolding a playbook project

The following steps describe the process for scaffolding a new playbook project with the Ansible VS Code extension.

  1. Prerequisites

    • You have installed Ansible development tools.
    • You have installed and opened the Ansible VS Code extension.
    • You have identified a directory where you want to save the project.

Procedure

  1. Open VS Code.
  2. Click the Ansible icon in the VS Code activity bar to open the Ansible extension.

  3. Select Get started in the Ansible content creator section.

    The Ansible content creator tab opens.

  4. In the Create section, click Ansible playbook project.

    The Create Ansible project tab opens.

  5. In the form in the Create Ansible project tab, enter the following:

    • Destination directory: Enter the path to the directory where you want to scaffold your new playbook project.

      Note

      If you enter an existing directory name, the scaffolding process overwrites the contents of that directory. The scaffold process only allows you to use an existing directory if you enable the Force option.

      • If you are using the containerized version of Ansible Dev tools, the destination directory path is relative to the container, not a path in your local system. To discover the current directory name in the container, run the pwd command in a terminal in VS Code. If the current directory in the container is workspaces, enter workspaces/<destination_directory_name>.
      • If you are using a locally installed version of Ansible Dev tools, enter the full path to the directory, for example /user/<username>/projects/<destination_directory_name>.
    • SCM organization and SCM project: Enter a name for the directory and subdirectory where you can store roles that you create for your playbooks.
  6. Enter a name for the directory where you want to scaffold your new playbook project.

Verification

After the project directory has been created, the following message appears in the Logs pane of the Create Ansible Project tab. In this example, the destination directory name is destination_directory_name. 

------------------ ansible-creator logs ------------------
    Note: ansible project created at /Users/username/test_project

The following directories and files are created in your project directory: 

$ tree -a -L 5 .
├── .devcontainer
│   ├── devcontainer.json
│   ├── docker
│   │   └── devcontainer.json
│   └── podman
│       └── devcontainer.json
├── .gitignore
├── README.md
├── ansible-navigator.yml
├── ansible.cfg
├── collections
│   ├── ansible_collections
│   │   └── scm_organization_name
│   │       └── scm_project_name
│   └── requirements.yml
├── devfile.yaml
├── inventory
│   ├── group_vars
│   │   ├── all.yml
│   │   └── web_servers.yml
│   ├── host_vars
│   │   ├── server1.yml
│   │   ├── server2.yml
│   │   ├── server3.yml
│   │   ├── switch1.yml
│   │   └── switch2.yml
│   └── hosts.yml
├── linux_playbook.yml
├── network_playbook.yml
└── site.yml

Chapter 5. Writing and running a playbook with Ansible development tools

5.1. Setting up the Ansible configuration file for your playbook project

When you scaffolded your playbook project, an Ansible configuration file, ansible.cfg, was added to the root directory of your project.

If you have configured a default Ansible configuration file in /etc/ansible/ansible.cfg, copy any settings that you want to reuse in your project from your default Ansible configuration file to the ansible.cfg file in your project’s root directory.

To learn more about the Ansible configuration file, see Ansible Configuration Settings in the Ansible documentation.

5.2. Writing your first playbook

The instructions below describe how Ansible development tools help you to create and run your first playbook in VS Code.

Prerequisites

  • You have installed and opened the Ansible VS Code extension.
  • You have opened a terminal in VS Code.
  • You have installed ansible-devtools.

Procedure

  1. Create a new .yml file in VS Code for your playbook, for example example_playbook.yml. Put it in the same directory level as the example site.yml file.

  2. Add the following example code into the playbook file and save the file. The playbook consists of a single play that executes a ping to your local machine. 

    ---
- name: My first play
  hosts: localhost
  tasks:
    - name: Ping my hosts
      ansible.builtin.ping:

    Ansible-lint runs in the background and displays errors in the Problems tab of the terminal. There are no errors in this playbook:

    Ansible-lint showing no errors in a playbook
  3. Save your playbook file.

5.3. Inspecting your playbook

The Ansible VS Code extension provides syntax highlighting and assists you with indentation in .yml files.

The following rules apply for playbook files:

  • Every playbook file must finish with a blank line.
  • Trailing spaces at the end of lines are not allowed.
  • Every playbook and every play require an identifier (name).

5.3.1. Inline help

The Ansible extension also provides inline help when you are editing your playbook file.

  • If you hover your mouse over a keyword or a module name, the Ansible extension provides documentation:

    Ansible-lint showing no errors in a playbook

  • If you begin to type the name of a module, for example ansible.builtin.ping, the extension provides a list of suggestions.

    Select one of the suggestions to autocomplete the line.

    Ansible-lint showing no errors in a playbook

5.4. Running your playbook

The Ansible VS Code extension provides two options to run your playbook:

  • ansible-playbook runs the playbook on your local machine using Ansible Core.
  • ansible-navigator runs the playbook in an execution environment in the same manner that Ansible Automation Platform runs an automation job. You specify the base image for the execution environment in the Ansible extension settings.

5.4.1. Running your playbook with ansible-playbook

Procedure

  • To run a playbook, right-click the playbook name in the Explorer pane, then select Run Ansible Playbook viaRun playbook via ansible-playbook.

    Run playbook via ansible-playbook

The output is displayed in the Terminal tab of the VS Code terminal. The ok=2 and failed=0 messages indicate that the playbook ran successfully.

Success message for ansible-playbook execution

5.4.2. Running your playbook with ansible-navigator

Prerequisites

  • In the Ansible extension settings, enable the use of an execution environment in Ansible Execution Environment > Enabled.
  • Enter the path or URL for the execution environment image in Ansible > Execution Environment: Image.

Procedure

  1. To run a playbook, right-click the playbook name in the Explorer pane, then select Run Ansible Playbook viaRun playbook via ansible-navigator run.

    The output is displayed in the Terminal tab of the VS Code terminal. The Successful status indicates that the playbook ran successfully.

    Output for ansible-navigator execution

  2. Enter the number next to a play to step into the play results. The example playbook only contains one play. Enter 0 to view the status of the tasks executed in the play.

    Tasks in ansible-navigator output

    Type the number next to a task to review the task results.

For more information on running playbooks with automation content navigator, see Executing a playbook from automation content navigator in the Using content navigator Guide.

5.4.3. Working with execution environments

You can view the automation execution environments provided by Red Hat in the Red Hat Ecosystem Catalog.

Click on an execution environment for information on how to download it.

  1. Log in to registry.redhat.io if you have not already done so.

    Note

    If you are running Ansible development tools on a container inside VS Code and you want to pull execution environments or the devcontainer to use as an execution environment, you must log in to registry.redhat.io from a terminal prompt within the devcontainer inside VS Code.

  2. Using the information in the Red Hat Ecosystem Catalog, download the execution environment you need.

    For example, to download the minimal RHEL 8 base image, run the following command: 

    $ podman pull registry.redhat.io/ansible-automation-platform-25/ee-minimal-rhel9

You can build and create custom execution environments with ansible-builder. For more information about working with execution environments locally, see Creating and using execution environments.

After customizing your execution environment, you can push your new image to the container registry in automation hub. See Publishing an automation execution environment in the Creating and using execution environments documentation.

5.5. Debugging your playbook

5.5.1. Error messages

The following playbook contains multiple errors: 

- name:
  hosts: localhost
  tasks:
   - name:
     ansible.builtin.ping:

The errors are indicated with a wavy underline in VS Code. Hover your mouse over an error to view the details:

Popup message explaining a playbook error

The errors are listed in the Problems tab of the VS Code terminal. Playbook files that contain errors are indicated with a number in the Explorer pane:

Playbook errors shown in Problems tab and explorer list

$[0].tasks[0].name None is not of type 'string' indicates that the playbook does not have a label.

5.6. Testing your playbooks

To test your playbooks in your project, run them in a non-production environment such as a lab setup or a virtual machine.

Automation content navigator (ansible-navigator) is a text-based user interface (TUI) for developing and troubleshooting Ansible content with execution environments.

Running a playbook using ansible-navigator generates verbose output that you can inspect to check whether the playbook is running the way you expected. You can specify the execution environment that you want to run your playbooks on, so that your tests replicate the production setup on Ansible Automation Platform:

  • To run a playbook on an execution environment, run the following command from the terminal in VS Code: 

    $ ansible-navigator run <playbook_name.yml> -eei <execution_environment_name>

    For example, to execute a playbook called site.yml on the Ansible Automation Platform RHEL 9 minimum execution environment, run the following command from the terminal in VS Code. 

    ansible-navigator run site.yml --eei ee-minimal-rhel8

The output is displayed in the terminal. You can inspect the results and step into each play and task that was executed.

For more information about running playbooks, refer to Running Ansible playbooks with automation content navigator in the Using content navigator guide.

Chapter 6. Publishing and running your playbooks in Ansible Automation Platform

The following procedures describe how to deploy your new playbooks in your instance of Ansible Automation Platform so that you can use them to run automation jobs.

6.1. Saving your project in SCM

Save your playbook project as a repository in your source control management system, for example GitHub.

Procedure

  1. Initialize your project directory as a git repository.
  2. Push your project up to a source control system such as GitHub.

6.2. Running your playbook in Ansible Automation Platform

To run your playbook in Ansible Automation Platform, you must create a project in automation controller for the repository where you stored your playbook project. You can then create a job template for each playbook from the project.

Procedure

  1. In a browser, log in to automation controller.
  2. Configure a Source Control credential type for your source control system if necessary. See the Creating new credentials section of Using automation execution for more details. https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/using_automation_execution/controller-credentials#controller-create-credential
  3. In automation controller, create a project for the GitHub repository where you stored your playbook project. Refer to the Projects chapter of Using automation execution.
  4. Create a job template that uses a playbook from the project that you created. Refer to the Job Templates chapter of Using automation execution.
  5. Run your playbook from automation controller by launching the job template. Refer to the Launching a job template section of Using automation execution.

Chapter 7. Developing collections

Collections are a distribution format for Ansible content that can include playbooks, roles, modules, and plugins. Red Hat provides Ansible Content Collections on Ansible automation hub that contain both Red Hat Ansible Certified Content and Ansible validated content.

If you have installed private automation hub, you can create collections for your organization and push them to private automation hub so that you can use them in job templates in Ansible Automation Platform. You can use collections to package and distribute plug-ins. These plug-ins are written in Python.

You can also create collections to package and distribute Ansible roles, which are expressed in YAML. You can also include playbooks and custom plug-ins that are required for these roles in the collection. Typically, collections of roles are distributed for use within your organization.

Chapter 8. Creating a collection for distributing roles

An Ansible role is a self-contained unit of Ansible automation content that groups related tasks and associated variables, files, handlers, and other assets in a defined directory structure.

You can run Ansible roles in one or more plays, and reuse them across playbooks. Invoking roles instead of tasks simplifies playbooks. You can migrate existing standalone roles into collections, and push them to private automation hub to share them with other users in your organization. Distributing roles in this way is a typical way to use collections.

With Ansible collections, you can store and distribute multiple roles in a single unit of reusable automation. Inside a collection, you can share custom plug-ins across all roles in the collection instead of duplicating them in each role.

You must move roles into collections if you want to use them in Ansible Automation Platform.

You can add existing standalone roles to a collection, or add new roles to it. Push the collection to source control and configure credentials for the repository in Ansible Automation Platform.

8.1. Planning your collection

Organize smaller bundles of curated automation into separate collections for specific functions, rather than creating one big general collection for all of your roles.

For example, you could store roles that manage the networking for an internal system called myapp in a company_namespace.myapp_network collection, and store roles that manage and deploy networking in AWS in a collection called company_namespace.aws_net.

8.2. Prerequisites

  • You have installed VS Code and the Ansible extension.
  • You have installed the Microsoft Dev Containers extension in {VS Code.
  • You have installed Ansible development tools.
  • You have installed a containerization platform, for example Podman, Podman Desktop, Docker, or Docker Desktop.
  • You have a Red Hat account and you can log in to the Red Hat container registry at registry.redhat.io. For information about logging in to registry.redhat.io, see Authenticating with the Red Hat container registry.

8.3. Scaffolding a collection for your roles

You can scaffold a collection for your roles from the Ansible extension in VS Code.

Procedure

  1. Open VS Code.
  2. Navigate to the directory where you want to create your roles collection.
  3. Click the Ansible icon in the VS Code activity bar to open the Ansible extension.

  4. Select Get started in the Ansible content creator section.

    The Ansible content creator tab opens.

  5. In the Create section, click Ansible collection project.

    The Create new Ansible project tab opens.

  6. In the form in the Create Ansible project tab, enter the following:

    • Namespace: Enter a name for your namespace, for example company_namespace.
    • Collection: Enter a name for your collection, for example, myapp_network.

    • Init path: Enter the path to the directory where you want to scaffold your new collection.

      If you enter an existing directory name, the scaffolding process overwrites the contents of that directory. The scaffold process only allows you to use an existing directory if you enable the Force option.

      • If you are using the containerized version of Ansible development tools, the destination directory path is relative to the container, not a path in your local system. To discover the current directory name in the container, run the pwd command in a terminal in VS Code. If the current directory in the container is workspaces, enter workspaces/<current_project>/collections.
      • If you are using a locally installed version of Ansible Dev tools, enter the full path to the directory, for example /user/<username>/path/to/<collection_directory>.
  7. Click Create.

Verification

The following message appears in the Logs pane of the Create Ansible collection tab. 

--------------------- ansible-creator logs ---------------------

    Note: collection company_namespace.myapp_network created at /path/to/collections/directory

The following directories and files are created in your collections/ directory: 

├── .devcontainer
├── .github
├── .gitignore
├── .isort.cfg
├── .pre-commit-config.yaml
├── .prettierignore
├── .vscode
├── CHANGELOG.rst
├── CODE_OF_CONDUCT.md
├── CONTRIBUTING
├── LICENSE
├── MAINTAINERS
├── README.md
├── changelogs
├── devfile.yaml
├── docs
├── extensions
├── galaxy.yml
├── meta
├── plugins
├── pyproject.toml
├── requirements.txt
├── roles
├── test-requirements.txt
├── tests
└── tox-ansible.ini

8.4. Migrating existing roles to your collection

The directory for a standalone role has the following structure. Your role might not contain all of these directories. 

my_role
├── README.md
├── defaults
│   └── main.yml
├── files
├── handlers
│   └── main.yml
├── meta
│   └── main.yml
├── tasks
│   └── main.yml
├── templates
├── tests
│   ├── inventory
│   └── test.yml
└── vars
    └── main.yml

An Ansible role has a defined directory structure with seven main standard directories. Each role must must include at least one of these directories. You can omit any directories the role does not use. Each directory contains a main.yml file.

Procedure

  1. If necessary, rename the directory that contains your role to reflect its content, for example, acl_config or tacacs.

    Roles in collections cannot have hyphens in their names. Use the underscore character (_) instead.

  2. Copy the roles directories from your standalone role into the roles/ directory in your collection.

    For example, in a collection called myapp_network, add your roles to the myapp_network/roles/ directory.

  3. Copy any plug-ins from your standalone roles into the plugins directory/ for your new collection. The collection directory structure resembles the following. 

    company_namespace
└── myapp_network
    ├── ...
    ├── galaxy.yml
    ├── docs
    ├── extensions
    ├── meta
    ├── plugins
    ├── roles
    │   ├── acl_config
    │   │   ├── README.md
    │   │   ├── defaults
    │   │   ├── files
    │   │   ├── handlers
    │   │   ├── meta
    │   │   ├── tasks
    │   │   ├── templates
    │   │   ├── tests
    │   │   └── vars
    │   └── tacacs
    │       ├── README.md
    │       ├── default
    │       ├── files
    │       ├── handlers
    │       ├── meta
    │       ├── tasks
    │       ├── templates
    │       ├── tests
    │       └── vars
    │   ├── run
    ├── ...
    ├── tests
    └── vars

    The run role is a default role directory that is created when you scaffold the collection.

  4. Update your playbooks to use the fully qualified collection name (FQDN) for your new roles in your collection.

Not every standalone role will seamlessly integrate into your collection without modification of the code. For example, if a third-party standalone role from Galaxy that contains a plug-in uses the module_utils/ directory, then the plug-in itself has import statements.

8.5. Creating a new role in your collection

Procedure

  1. To create a new role, copy the default run role directory that was scaffolded when you created the collection.
  2. Define the tasks that you want your role to perform in the tasks/main.yml file. If you are creating a role to reuse tasks in an existing playbook, copy the content in the tasks block of your playbook YAML file. Remove the whitespace to the left of the tasks. Use ansible-lint in VS Code to check your YAML code.
  3. If your role depends on another role, add the dependency in the meta/main.yml file.

8.6. Adding documentation for your roles collection

It is important to provide documentation for your roles so that other users understand what your roles do and how to use them.

8.6.1. Documenting your roles

When you scaffolded your collection directory, a README.md file was added in the role directory. Add your documentation for your role in this file. Provide the following information in the README.md files for every role in your collection:

  • Role description: A brief summary of what the role does
  • Requirements: List the collections, libraries, and required installations
  • Dependencies

  • Role variables: Provide the following information about the variables your role uses.

    • Description
    • Defaults
    • Example values
    • Required variables
  • Example playbook: Show an example of a playbook that uses your role. Use comments in the playbook to help users understand where to set variables.

The README.md file in controller_configuration.ad_hoc_command_cancel is an example of a role with standard documentation:

8.6.2. Documenting your collection

In the README.md file for your collection, provide the following information:

  • Collection description: Describe what the collection does.
  • Requirements: List required collections.
  • List the roles as a component of the collection.
  • Using the collection: Describe how to run the components of the collection.
  • Add a troubleshooting section.
  • Versioning: Describe the release cycle of your collection.

8.7. Publishing your collection in private automation hub

  1. Prerequisite

    • Package your collection into a tarball. Format your collection file name as follows:

<my_namespace-my_collection-x.y.z.tar.gz>

For example, company_namespace-myapp_network-1.0.0.tar.gz

Procedure

  1. Create a namespace for your collection in private automation hub. See Creating a namespace in the Managing automation content guide.
  2. Optional: Add information to your namespace. See Adding additional information and resources to a namespace in the Managing automation content guide.
  3. Upload your roles collections tarballs to your namespace. See Uploading collections to your namespaces in the Managing automation content guide.
  4. Approve your collection for internal publication. See Uploading collections to your namespaces in the Managing automation content guide.

8.7.1. Using your collection in projects in Red Hat Ansible Automation Platform

To use your collection in automation controller, you must add your collection to an execution environment and push it to private automation hub.

The following procedure describes the workflow to add a collection to an execution environment. Refer to Customizing an existing automation executions environment image in the Creating and using execution environments guide for the commands to execute these steps.

  1. You can pull an execution environment base image from automation hub, or you can add your collection to your own custom execution environment.
  2. Add the collections that you want to include in the execution environment.
  3. Build the new execution environment.
  4. Verify that the collections are in the execution environment.
  5. Tag the image and push it to private automation hub.
  6. Pull your new image into your automation controller instance.
  7. The playbooks that use the roles in your collection must use the fully qualified domain name (FQDN) for the roles.

Legal Notice

Copyright © 2025 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.