Search
SupportConsoleDevelopersStart a trialContact

Tested deployment models

download PDF
Red Hat Ansible Automation Platform 2.5

Plan your deployment of Ansible Automation Platform

Red Hat Customer Content Services

Abstract

This guide provides the Red Hat tested and supported toplogies for Red Hat Ansible Automation Platform.

Providing feedback on Red Hat documentation

If you have a suggestion to improve this documentation, or find an error, you can contact technical support at https://access.redhat.com to open a request.

Chapter 1. Overview of tested deployment models

Red Hat tests Ansible Automation Platform 2.5 with a defined set of topologies to give you opinionated deployment options. While it is possible to install the Ansible Automation Platform on different infrastructure topologies and with different environment configurations, Red Hat provides full support for the topologies outlined in this document.

1.1. Installation and deployment models

The following table outlines the different ways to install or deploy Ansible Automation Platform:

Table 1.1. Ansible Automation Platform installation and deployment models
ModeInfrastructureDescriptionTested topologies

RPM

Virtual machines and bare metal

The RPM installer deploys Ansible Automation Platform on Red Hat Enterprise Linux by using RPMs to install the platform on host machines. Customers manage the product and infrastructure lifecycle.

Containers

Virtual machines and bare metal

The containerized installer deploys Ansible Automation Platform on Red Hat Enterprise Linux by using Podman which runs the platform in containers on host machines. Customers manage the product and infrastructure lifecycle.

Operator

Red Hat OpenShift

The Operator uses Red Hat OpenShift Operators to deploy Ansible Automation Platform within Red Hat OpenShift. Customers manage the product and infrastructure lifecycle.

Chapter 2. RPM topologies

The RPM installer deploys Ansible Automation Platform on Red Hat Enterprise Linux by using RPMs to install the platform on host machines. Customers manage the product and infrastructure lifecycle.

2.1. RPM enterprise topology

The enterprise topology is intended for organizations that require Ansible Automation Platform to be deployed with redundancy or higher compute for large volumes of automation.

2.1.1. Infrastructure topology

The following diagram outlines the infrastructure topology that Red Hat has tested with this deployment model that customers can use when self-managing Ansible Automation Platform:

Figure 2.1. Infrastructure topology diagram

RPM enterprise topology diagram

Each virtual machine (VM) has been tested with the following component requirements: 16 GB RAM, 4 CPUs, 60 GB local disk, and 3000 IOPS.

Table 2.1. Infrastructure topology
VM countPurposeExample VM group names

2

Platform gateway

automationgateway

2

Automation controller

automationcontroller

2

Private automation hub

automationhub

2

Event-Driven Ansible

automationedacontroller

1

Automation mesh hop node

execution_nodes

2

Automation mesh execution node

execution_nodes

1

Redis

N/A

1

Externally managed database service

N/A

1

HAProxy load balancer in front of platform gateway (externally managed)

N/A

2.1.2. Tested system configurations

Red Hat has tested the following configurations to install and run Red Hat Ansible Automation Platform:

Table 2.2. Tested system configurations
TypeDescription

Subscription

Valid Red Hat Ansible Automation Platform subscription

Operating system

Red Hat Enterprise Linux 9.2 or later x86_64 and AArch64

Ansible-core

Ansible-core version 2.15 or later

Browser

A currently supported version of Mozilla Firefox or Google Chrome

Database

PostgreSQL version 15

2.1.3. Network ports

Red Hat Ansible Automation Platform uses several ports to communicate with its services. These ports must be open and available for incoming connections to the Red Hat Ansible Automation Platform server in order for it to work. Ensure that these ports are available and are not blocked by the server firewall.

Table 2.3. Network ports and protocols
Port numberProtocolServiceSourceDestination

80/443

TCP

HTTP/HTTPS

Event-Driven Ansible

Automation hub

80/443

TCP

HTTP/HTTPS

Event-Driven Ansible

Automation controller

80/443

TCP

HTTP/HTTPS

Automation controller

Automation hub

443

TCP

HTTPS

HAProxy load balancer

Platform gateway

443

TCP

HTTPS

Platform gateway

Automation controller

443

TCP

HTTPS

Platform gateway

Automation hub

443

TCP

HTTPS

Platform gateway

Event-Driven Ansible

5432

TCP

PostgreSQL

Event-Driven Ansible

External database

5432

TCP

PostgreSQL

Platform gateway

External database

5432

TCP

PostgreSQL

Automation hub

External database

5432

TCP

PostgreSQL

Automation controller

External database

27199

TCP

Receptor

Automation controller

Hop node and execution node

27199

TCP

Receptor

Hop node

Execution node

6379

TCP

Redis

Event-Driven Ansible

Redis node

6379

TCP

Redis

Platform gateway

Redis node

8443

TCP

HTTPS

Platform gateway

Platform gateway

50051

TCP

gRPC

Platform gateway

Platform gateway

2.1.4. Example enterprise inventory file

Use the following example inventory file to perform an installation for this topology: 

# This is the enterprise installer inventory file
# Please consult the docs if you are unsure what to add
# For all optional variables please consult the Red Hat documentation:
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation

# This section is for your platform gateway hosts
# -----------------------------------------------------
[automationgateway]
gateway1.example.org
gateway2.example.org

# This section is for your automation controller hosts
# -----------------------------------------------------
[automationcontroller]
controller1.example.org
controller2.example.org

[automationcontroller:vars]
peers=execution_nodes

# This section is for your Ansible Automation Platform execution hosts
# -----------------------------------------------------
[execution_nodes]
hop1.example.org node_type='hop'
exec1.example.org
exec2.example.org

# This section is for your automation hub hosts
# -----------------------------------------------------
[automationhub]
hub1.example.org
hub2.example.org

# This section is for your Event-Driven Ansible controller hosts
# -----------------------------------------------------
[automationedacontroller]
eda1.example.org
eda2.example.org

[all:vars]

# Common variables
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-general-inventory-variables
# -----------------------------------------------------
registry_username=<your RHN username>
registry_password=<your RHN password>

# Platform gateway
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-gateway-variables
# -----------------------------------------------------
automationgateway_admin_password=<set your own>
automationgateway_pg_host=<set your own>
automationgateway_pg_database=<set your own>
automationgateway_pg_username=<set your own>
automationgateway_pg_password=<set your own>

# Automation controller
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-controller-variables
# -----------------------------------------------------
admin_password=<set your own>
pg_host=<set your own>
pg_database=<set your own>
pg_username=<set your own>
pg_password=<set your own>

# Automation hub
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-hub-variables
# -----------------------------------------------------
automationhub_admin_password=<set your own>
automationhub_pg_host=<set your own>
automationhub_pg_database=<set your own>
automationhub_pg_username=<set your own>
automationhub_pg_password=<set your own>

# Event-Driven Ansible controller
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#event-driven-ansible-controller
# -----------------------------------------------------
automationedacontroller_admin_password=<set your own>
automationedacontroller_pg_host=<set your own>
automationedacontroller_pg_database=<set your own>
automationedacontroller_pg_username=<set your own>
automationedacontroller_pg_password=<set your own>

2.2. RPM mixed enterprise topology

The enterprise topology is intended for organizations that require Ansible Automation Platform to be deployed with redundancy or higher compute for large volumes of automation. The mixed topology has different versions of Ansible Automation Platform intended for configuring a new installation of Event-Driven Ansible controller 1.1 with automation controller 4.4 or 4.5.

2.2.1. Infrastructure topology

The following diagram outlines the infrastructure topology that Red Hat has tested with this deployment model that customers can use when self-managing Ansible Automation Platform:

Figure 2.2. Infrastructure topology diagram

RPM mixed enterprise topology diagram

Each VM has been tested with the following component requirements: 16 GB RAM, 4 CPUs, 60 GB local disk, and 3000 IOPS.

Table 2.4. Infrastructure topology
VM countPurposeAnsible Automation Platform versionExample VM group names

2

Platform gateway

2.5

automationgateway

2

Automation controller

2.4

automationcontroller

2

Private automation hub

2.4

automationhub

2

Event-Driven Ansible

2.5

automationedacontroller

1

Automation mesh hop node

2.4

execution_nodes

2

Automation mesh execution node

2.4

execution_nodes

1

Redis

N/A

N/A

1

Externally managed database service

N/A

N/A

1

HAProxy load balancer in front of platform gateway (externally managed)

N/A

N/A

2.2.2. Tested system configurations

Red Hat has tested the following configurations to install and run Red Hat Ansible Automation Platform:

Table 2.5. Tested system configurations
TypeDescription

Subscription

Valid Red Hat Ansible Automation Platform subscription

Operating system

Red Hat Enterprise Linux 9.2 or later x86_64 and AArch64

Ansible-core

Ansible-core version 2.15 or later

Browser

A currently supported version of Mozilla Firefox or Google Chrome

Database

PostgreSQL version 15

2.2.3. Network ports

Red Hat Ansible Automation Platform uses several ports to communicate with its services. These ports must be open and available for incoming connections to the Red Hat Ansible Automation Platform server in order for it to work. Ensure that these ports are available and are not blocked by the server firewall.

Table 2.6. Network ports and protocols
Port numberProtocolServiceSourceDestination

80/443

TCP

HTTP/HTTPS

Event-Driven Ansible

Automation hub

80/443

TCP

HTTP/HTTPS

Event-Driven Ansible

Automation controller

80/443

TCP

HTTP/HTTPS

Automation controller

Automation hub

443

TCP

HTTPS

HAProxy load balancer

Platform gateway

443

TCP

HTTPS

Platform gateway

Automation controller

443

TCP

HTTPS

Platform gateway

Automation hub

443

TCP

HTTPS

Platform gateway

Event-Driven Ansible

5432

TCP

PostgreSQL

Event-Driven Ansible

External database

5432

TCP

PostgreSQL

Platform gateway

External database

5432

TCP

PostgreSQL

Automation hub

External database

5432

TCP

PostgreSQL

Automation controller

External database

27199

TCP

Receptor

Automation controller

Hop node and Execution node

27199

TCP

Receptor

Hop node

Execution node

6379

TCP

Redis

Event-Driven Ansible

Redis node

6379

TCP

Redis

Platform gateway

Redis node

8443

TCP

HTTPS

Platform gateway

Platform gateway

50051

TCP

gRPC

Platform gateway

Platform gateway

2.2.4. Example enterprise inventory file

Use the following example inventory file to perform an installation for this topology: 

# This is the enterprise installer inventory file
# Please consult the docs if you are unsure what to add
# For all optional variables please consult the Red Hat documentation:
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation

# This section is for your platform gateway hosts
# -----------------------------------------------------
[automationgateway]
gateway1.example.org
gateway2.example.org

# This section is for your Event-Driven Ansible controller hosts
# -----------------------------------------------------
[automationedacontroller]
eda1.example.org
eda2.example.org

[all:vars]
# Common variables
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-general-inventory-variables
# -----------------------------------------------------
registry_username=<your RHN username>
registry_password=<your RHN password>

# Platform gateway
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-gateway-variables
# -----------------------------------------------------
automationgateway_admin_password=<set your own>
automationgateway_pg_host=<set your own>
automationgateway_pg_database=<set your own>
automationgateway_pg_username=<set your own>
automationgateway_pg_password=<set your own>

# Event-Driven Ansible controller
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#event-driven-ansible-controller
# -----------------------------------------------------
automationedacontroller_admin_password=<set your own>
automationedacontroller_pg_host=<set your own>
automationedacontroller_pg_database=<set your own>
automationedacontroller_pg_username=<set your own>
automationedacontroller_pg_password=<set your own>

Chapter 3. Container topologies

The containerized installer deploys Ansible Automation Platform on Red Hat Enterprise Linux by using Podman which runs the platform in containers on host machines. Customers manage the product and infrastructure lifecycle.

3.1. Container growth topology

The growth topology is intended for organizations that do not require Ansible Automation Platform 2.5 to be deployed with redundancy or higher compute for large volumes of automation.

3.1.1. Infrastructure topology

The following diagram outlines the infrastructure topology that Red Hat has tested with this deployment model that customers can use when self-managing Ansible Automation Platform:

Figure 3.1. Infrastructure topology diagram

Container growth topology diagram

A single VM has been tested with the following component requirements: 16 GB RAM, 4 CPUs, 60 GB local disk, and 3000 IOPS. Resources, such as storage, can be increased based on the needs of the deployment.

Table 3.1. Infrastructure topology
PurposeExample group names

All Ansible Automation Platform components

  • automationgateway
  • automationcontroller
  • automationhub
  • automationeda
  • database

3.1.2. Tested system configurations

Red Hat has tested the following configurations to install and run Red Hat Ansible Automation Platform:

Table 3.2. Tested system configurations
TypeDescription

Subscription

  • Valid Red Hat Ansible Automation Platform subscription
  • Valid Red Hat Enterprise Linux subscription (to consume the BaseOS and AppStream repositories)

Operating system

Red Hat Enterprise Linux 9.2 or later x86_64

Ansible-core

Ansible-core version 2.15 or later

Browser

A currently supported version of Mozilla Firefox or Google Chrome

Database

PostgreSQL version 15

3.1.3. Network ports

Red Hat Ansible Automation Platform uses several ports to communicate with its services. These ports must be open and available for incoming connections to the Red Hat Ansible Automation Platform server in order for it to work. Ensure that these ports are available and are not blocked by the server firewall.

Table 3.3. Network ports and protocols
Port numberProtocolServiceSourceDestination

80/443

TCP

HTTP/HTTPS

Event-Driven Ansible

Automation hub

80/443

TCP

HTTP/HTTPS

Event-Driven Ansible

Automation controller

80/443

TCP

HTTP/HTTPS

Automation controller

Automation hub

443

TCP

HTTPS

Platform gateway

Automation controller

443

TCP

HTTPS

Platform gateway

Automation hub

443

TCP

HTTPS

Platform gateway

Event-Driven Ansible

5432

TCP

PostgreSQL

Event-Driven Ansible

External database

5432

TCP

PostgreSQL

Platform gateway

External database

5432

TCP

PostgreSQL

Automation hub

External database

5432

TCP

PostgreSQL

Automation controller

External database

8433

TCP

HTTPS

Platform gateway

Platform gateway

50051

TCP

gRPC

Platform gateway

Platform gateway

3.1.4. Example growth inventory file

Use the following example inventory file to perform an installation for this topology: 

# This is the growth installer inventory file
# Please consult the docs if you are unsure what to add
# For all optional variables please consult the included README.md
# or the Red Hat documentation:
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation

# This section is for your platform gateway hosts
# -----------------------------------------------------
[automationgateway]
aap.example.org

# This section is for your automation controller hosts
# -------------------------------------------------
[automationcontroller]
aap.example.org

# This section is for your automation hub hosts
# -----------------------------------------------------
[automationhub]
aap.example.org

# This section is for your Event-Driven Ansible controller hosts
# -----------------------------------------------------
[automationeda]
aap.example.org

# This section is for the Ansible Automation Platform database
# --------------------------------------
[database]
aap.example.org

[all:vars]

# Common variables
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-general-inventory-variables
# -----------------------------------------------------
postgresql_admin_username=postgres
postgresql_admin_password=<set your own>

registry_username=<your RHN username>
registry_password=<your RHN password>

redis_mode=standalone

# Platform gateway
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-gateway-variables
# -----------------------------------------------------
gateway_admin_password=<set your own>
gateway_pg_host=aap.example.org
gateway_pg_password=<set your own>

# Automation controller
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-controller-variables
# -----------------------------------------------------
controller_admin_password=<set your own>
controller_pg_host=aap.example.org
controller_pg_password=<set your own>

# Automation hub
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-hub-variables
# -----------------------------------------------------
hub_admin_password=<set your own>
hub_pg_host=aap.example.org
hub_pg_password=<set your own>

# Event-Driven Ansible controller
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#event-driven-ansible-controller
# -----------------------------------------------------
eda_admin_password=<set your own>
eda_pg_host=aap.example.org
eda_pg_password=<set your own>

3.2. Container enterprise topology

The enterprise topology is intended for organizations that require Ansible Automation Platform to be deployed with redundancy or higher compute for large volumes of automation.

3.2.1. Infrastructure topology

The following diagram outlines the infrastructure topology that Red Hat has tested with this deployment model that customers can use when self-managing Ansible Automation Platform:

Figure 3.2. Infrastructure topology diagram

Container enterprise topology diagram

Each VM has been tested with the following component requirements: 16 GB RAM, 4 CPUs, 60 GB local disk, and 3000 IOPS.

Table 3.4. Infrastructure topology
VM countPurposeExample VM group names

2

Platform gateway with Redis

automationgateway

2

Automation controller

automationcontroller

2

Private automation hub with Redis

automationhub

2

Event-Driven Ansible with Redis

automationeda

1

Automation mesh hop node

execution_nodes

2

Automation mesh execution node

execution_nodes

1

Externally managed database service

N/A

1

HAProxy load balancer in front of platform gateway (externally managed)

N/A

3.2.2. Tested system configurations

Red Hat has tested the following configurations to install and run Red Hat Ansible Automation Platform:

Table 3.5. Tested system configurations
TypeDescription

Subscription

  • Valid Red Hat Ansible Automation Platform subscription
  • Valid Red Hat Enterprise Linux subscription (to consume the BaseOS and AppStream repositories)

Operating system

Red Hat Enterprise Linux 9.2 or later x86_64 and AArch64

Ansible-core

Ansible-core version 2.15 or later

Browser

A currently supported version of Mozilla Firefox or Google Chrome.

Database

PostgreSQL version 15

3.2.3. Network ports

Red Hat Ansible Automation Platform uses several ports to communicate with its services. These ports must be open and available for incoming connections to the Red Hat Ansible Automation Platform server in order for it to work. Ensure that these ports are available and are not blocked by the server firewall.

Table 3.6. Network ports and protocols
Port numberProtocolServiceSourceDestination

80/443

TCP

HTTP/HTTPS

Event-Driven Ansible

Automation hub

80/443

TCP

HTTP/HTTPS

Event-Driven Ansible

Automation controller

80/443

TCP

HTTP/HTTPS

Automation controller

Automation hub

443

TCP

HTTPS

HAProxy load balancer

Platform gateway

443

TCP

HTTPS

Platform gateway

Automation controller

443

TCP

HTTPS

Platform gateway

Automation hub

443

TCP

HTTPS

Platform gateway

Event-Driven Ansible

5432

TCP

PostgreSQL

Event-Driven Ansible

External database

5432

TCP

PostgreSQL

Platform gateway

External database

5432

TCP

PostgreSQL

Automation hub

External database

5432

TCP

PostgreSQL

Automation controller

External database

27199

TCP

Receptor

Automation controller

Hop node and execution node

27199

TCP

Receptor

Hop node

Execution node

6379

TCP

Redis

Event-Driven Ansible

Redis node

6379

TCP

Redis

Platform gateway

Redis node

16379

TCP

Redis

Redis

Redis cluster node

8433

TCP

HTTPS

Platform gateway

Platform gateway

50051

TCP

gRPC

Platform gateway

Platform gateway

3.2.4. Example enterprise inventory file

Use the following example inventory file to perform an installation for this topology: 

# This is the enterprise installer inventory file
# Please consult the docs if you are unsure what to add
# For all optional variables please consult the included README.md
# or the Red Hat documentation:
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation

# This section is for your platform gateway hosts
# -----------------------------------------------------
[automationgateway]
gateway1.example.org
gateway2.example.org

# This section is for your automation controller hosts
# -----------------------------------------------------
[automationcontroller]
controller1.example.org
controller2.example.org

# This section is for your Ansible Automation Platform execution hosts
# -----------------------------------------------------
[execution_nodes]
hop1.example.org receptor_type='hop'
exec1.example.org
exec2.example.org

# This section is for your automation hub hosts
# -----------------------------------------------------
[automationhub]
hub1.example.org
hub2.example.org

# This section is for your Event-Driven Ansible controller hosts
# -----------------------------------------------------
[automationeda]
eda1.example.org
eda2.example.org

[redis]
gateway1.example.org
gateway2.example.org
hub1.example.org
hub2.example.org
eda1.example.org
eda2.example.org

[all:vars]

# Common variables
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-general-inventory-variables
# -----------------------------------------------------
registry_username=<your RHN username>
registry_password=<your RHN password>

# Platform gateway
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-gateway-variables
# -----------------------------------------------------
gateway_admin_password=<set your own>
gateway_pg_host=externaldb.example.org
gateway_pg_database=<set your own>
gateway_pg_username=<set your own>
gateway_pg_password=<set your own>

# Automation controller
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-controller-variables
# -----------------------------------------------------
controller_admin_password=<set your own>
controller_pg_host=externaldb.example.org
controller_pg_database=<set your own>
controller_pg_username=<set your own>
controller_pg_password=<set your own>

# Automation hub
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-hub-variables
# -----------------------------------------------------
hub_admin_password=<set your own>
hub_pg_host=externaldb.example.org
hub_pg_database=<set your own>
hub_pg_username=<set your own>
hub_pg_password=<set your own>

# Event-Driven Ansible controller
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#event-driven-ansible-controller
# -----------------------------------------------------
eda_admin_password=<set your own>
eda_pg_host=externaldb.example.org
eda_pg_database=<set your own>
eda_pg_username=<set your own>
eda_pg_password=<set your own>

3.2.5. Storage requirements

  • Execution environments are pulled into automation controller hybrid nodes and execution nodes that run jobs. The size of these containers influences the storage requirements for $PATH_WHERE_PODMAN_PUTS_CONTAINER_IMAGES.

  • The primary determining factors for the size of the database and its storage volume, which defaults to $POSTGRES_DEFAULT_DATA_DIR, are:

    • The quantity of job events (lines of output from automation controller jobs)
    • The quantity of days of job data that are retained
  • On execution nodes and automation controller control and hybrid nodes, job output is buffered to the disk in $NAME_OF_RECEPTOR_DIR_VAR, which defaults to /tmp.
  • The size and quantity of collections synced to automation hub influence the storage requirements of $PATH_WHERE_PULP_STORES_COLLECTIONS.

Chapter 4. Operator topologies

The Ansible Automation Platform Operator uses Red Hat OpenShift operators to deploy Ansible Automation Platform within Red Hat OpenShift. Customers manage the product and infrastructure lifecycle.

4.1. Operator growth topology

The growth topology is intended for organizations that do not require Ansible Automation Platform to be deployed with redundancy or higher compute for large volumes of automation.

4.1.1. Infrastructure topology

The following diagram outlines the infrastructure topology that Red Hat has tested with the respective deployment model that customers may use when self-managing Ansible Automation Platform:

Figure 4.1. Infrastructure topology diagram

Operator growth topology diagram

A Single Node OpenShift (SNO) cluster has been tested with the following requirements: 32 GB RAM, 16 CPUs, 128 GB local disk, and 3000 IOPS.

Table 4.1. Infrastructure topology
CountComponent

1

Automation controller web Pod

1

Automation controller task Pod

1

Automation hub API Pod

2

Automation hub content Pod

2

Automation hub worker Pod

1

Automation hub redis Pod

1

Event-Driven Ansible API Pod

1

Event-Driven Ansible activation worker Pod

1

Event-Driven Ansible default worker Pod

1

Event-Driven Ansible event stream Pod

1

Event-Driven Ansible scheduler Pod

1

Platform gateway Pod

1

Database Pod

1

Redis Pod

4.1.2. Tested system configurations

Red Hat has tested the following configurations to install and run Red Hat Ansible Automation Platform:

Table 4.2. Tested system configurations
TypeDescription

Subscription

Valid Red Hat Ansible Automation Platform subscription

Operating system

Red Hat Enterprise Linux 9.2 or later x86_64 and AArch64

Red Hat OpenShift

  • Version: 4.14
  • num_of_control_nodes: 1
  • num_of_worker_nodes: 1

Ansible-core

Ansible-core version 2.15 or later

Browser

A currently supported version of Mozilla Firefox or Google Chrome.

Database

PostgreSQL version 15

4.1.3. Example custom resource file

Use the following example custom resource (CR) to add your Ansible Automation Platform instance to your project: 

apiVersion: aap.ansible.com/v1alpha1
kind: AnsibleAutomationPlatform
metadata:
  name: <aap instance name>
spec:
  eda:
    automation_server_ssl_verify: 'no'
  hub:
    storage_type: 's3'
    object_storage_s3_secret: '<name of the Secret resource holding s3 configuration>'

4.1.4. Nonfunctional requirements

Ansible Automation Platform’s performance characteristics and capacity are impacted by its resource allocation and configuration. With OpenShift, each Ansible Automation Platform component is deployed as a pod. You can specify resource requests and limits for each pod.

The Ansible Automation Platform custom resource allows you to configure resource allocation for OpenShift installations. Each configurable item has default settings. These settings are the minimum requirements for an installation, but may not meet your production workload needs.

By default, each component’s deployments are set for minimum resource requests but no resource limits. OpenShift only schedules the pods with available resource requests, but the pods are allowed to consume unlimited RAM or CPU as long as the OpenShift worker node itself is not under node pressure.

In the reference topology provided in this document, Ansible Automation Platform is deployed on a Single Node OpenShift (SNO) with 32 GB RAM, 16 CPUs, 128 GB Local disk, and 3000 IOPS. This is not a shared environment, so Ansible Automation Platform pods have full access to all of the compute resources of the OpenShift SNO. In this scenario, the capacity calculation for the automation controller task pods is derived from the underlying OCP node that runs the pod. It does not have access to the entire node. This capacity calculation influences how many concurrent jobs automation controller can run.

OpenShift manages storage distinctly from VMs. This impacts how automation hub stores its artifacts. In the reference topology provided in this document, we use s3 storage because automation hub requires a ReadWriteMany type storage, which is not a default storage type in OpenShift.

4.1.5. Network ports

Red Hat Ansible Automation Platform uses several ports to communicate with its services. These ports must be open and available for incoming connections to the Red Hat Ansible Automation Platform server in order for it to work. Ensure that these ports are available and are not blocked by the server firewall.

Table 4.3. Network ports and protocols
Port numberProtocolServiceSourceDestination

27199

TCP

Receptor

OCP cluster

Execution node

27199

TCP

Receptor

OCP cluster

Hop node

443

HTTPS

Receptor

Execution node

OCP ingress

443

HTTPS

Receptor

Hop node

OCP ingress

443

HTTPS

Platform

Customer clients

OCP ingress

4.2. Operator enterprise topology

The enterprise topology is intended for organizations that require Ansible Automation Platform to be deployed with redundancy or higher compute for large volumes of automation.

4.2.1. Infrastructure topology

The following diagram outlines the infrastructure topology that Red Hat has tested with the respective deployment model that customers may use when self-managing Ansible Automation Platform:

Figure 4.2. Infrastructure topology diagram

Operator enterprise topology diagram

The following infrastructure topology describes an OpenShift Cluster with 3 master nodes and 2 worker nodes.

Each OpenShift Worker node has been tested with the following component requirements: 16 GB RAM, 4 CPUs, 128 GB local disk, and 3000 IOPS.

Table 4.4. Infrastructure topology
CountComponent

1

Automation controller web Pod

1

Automation controller task Pod

1

Automation hub API Pod

2

Automation hub content Pod

2

Automation hub worker Pod

1

Automation hub redis Pod

1

Event-Driven Ansible API Pod

2

Event-Driven Ansible activation worker Pod

2

Event-Driven Ansible default worker Pod

2

Event-Driven Ansible event stream Pod

1

Event-Driven Ansible scheduler Pod

1

Platform gateway Pod

2

Mesh Ingress Pod

N/A

Externally managed database service

N/A

Externally managed redis

N/A

Externally managed object storage service (for automation hub)

4.2.2. Tested system configurations

Red Hat has tested the following configurations to install and run Red Hat Ansible Automation Platform:

Table 4.5. Tested system configurations
TypeDescription

Subscription

Valid Red Hat Ansible Automation Platform subscription

Red Hat OpenShift

  • Red Hat OpenShift on AWS Hosted Control Planes 4.15.16

    • 2 worker nodes in different AZs at t3.xlarge

Ansible-core

Ansible-core version 2.15 or later

Browser

A currently supported version of Mozilla Firefox or Google Chrome.

AWS RDS PostgreSQL service

  • engine: “postgres”
  • engine_version: “15”
  • parameter_group_name: “default.postgres15”
  • allocated_storage: 20
  • max_allocated_storage: 1000
  • storage_type: “gp2”
  • storage_encrypted: true
  • instance_class: “db.t4g.small”
  • multi_az: true
  • backup_retention_period: 5

AWS Memcached Service

  • engine: “redis”
  • engine_version: “6.2”
  • auto_minor_version_upgrade: “false”
  • node_type: “cache.t3.micro”
  • parameter_group_name: “default.redis6.x.cluster.on”
  • transit_encryption_enabled: “true”
  • num_node_groups: 2
  • replicas_per_node_group: 1
  • automatic_failover_enabled: true

s3 storage

HTTPS only accessible through AWS Role assigned to automation hub SA at runtime using AWS Pod Identity

4.2.3. Nonfunctional requirements

Ansible Automation Platform’s performance characteristics and capacity are impacted by its resource allocation and configuration. With OpenShift, each Ansible Automation Platform component is deployed as a pod. You can specify resource requests and limits for each pod.

The Ansible Automation Platform custom resource allows you to configure resource allocation for OpenShift installations. Each configurable item has default settings. These settings are the exact configuration used within the context of this reference deployment architecture and presumes that the environment is being deployed and managed by an Enterprise IT organization for production purposes.

By default, each component’s deployments are set for minimum resource requests but no resource limits. OpenShift only schedules the pods with available resource requests, but the pods are allowed to consume unlimited RAM or CPU as long as the OpenShift worker node itself is not under node pressure.

In the reference topology provided in this document, Ansible Automation Platform is deployed on a Red Hat OpenShift on AWS (ROSA) Hosted Control Plane (HCP) cluster with 2 t3.xlarge worker nodes spread across 2 AZs within a single AWS Region. This is not a shared environment, so Ansible Automation Platform pods have full access to all of the compute resources of the ROSA HCP cluster. In this scenario, the capacity calculation for the automation controller task pods is derived from the underlying HCP worker node that runs the pod. It does not have access to the cpu/memory resources of the entire node. This capacity calculation influences how many concurrent jobs automation controller can run.

OpenShift manages storage distinctly from VMs. This impacts how automation hub stores its artifacts. In the reference topology provided in this document, we use s3 storage because automation hub requires a ReadWriteMany type storage, which is not a default storage type in OpenShift. Externally provided Redis, Posgres, and object storage for automation hub are specified. This provides the Ansible Automation Platform deployment with additional scalability and reliability features, including specialized backup, restore, and replication services as well as scalable storage.

4.2.4. Network ports

Red Hat Ansible Automation Platform uses several ports to communicate with its services. These ports must be open and available for incoming connections to the Red Hat Ansible Automation Platform server in order for it to work. Ensure that these ports are available and are not blocked by the server firewall.

Table 4.6. Network ports and protocols
Port numberProtocolServiceSourceDestination

5432

TCP

PostgreSQL

OCP cluster

External database service

6379

TCP

Redis

OCP cluster

External redis service

443

HTTPS

Object storage

OCP cluster

External object storage service

27199

TCP

Receptor

OCP cluster

Execution node

27199

TCP

Receptor

OCP cluster

Hop node

443

HTTPS

Receptor

Execution node

OCP ingress

443

HTTPS

Receptor

Hop node

OCP ingress

Chapter 5. Automation mesh nodes

Automation mesh is an overlay network intended to ease the distribution of work across a large and dispersed collection of workers. This is done through nodes that establish peer-to-peer connections with each other by using existing networks.

5.1. Tested system configurations

Each automation mesh VM has been tested with the following component requirements: 16 GB RAM, 4 CPUs, 60 GB local disk, and 3000 IOPS.

5.2. Network ports

Automation mesh uses several ports to communicate with its services. These ports must be open and available for incoming connections to the Red Hat Ansible Automation Platform server in order for it to work. Ensure that these ports are available and are not blocked by the server firewall.

Table 5.1. Network ports and protocols
Port numberProtocolServiceSourceDestination

27199

TCP

Receptor

OpenShift Container Platform cluster

Execution node

27199

TCP

Receptor

OpenShift Container Platform cluster

Hop node

443

HTTPS

Receptor

Execution node

OpenShift Container Platform mesh ingress

443

HTTPS

Receptor

Hop node

OpenShift Container Platform mesh ingress

Note

For additional information about each of the tested topologies described in this document, see the test-topologies GitHub repo.

Legal Notice

Copyright © 2024 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.