Tested deployment models

Chapter 1. Overview of tested deployment models

Red Hat tests Ansible Automation Platform 2.5 with a defined set of topologies to give you opinionated deployment options. Deploy all components of Ansible Automation Platform so that all features and capabilities are available for use without the need to take further action.

Red Hat tests the installation of Ansible Automation Platform 2.5 based on a defined set of infrastructure topologies or reference architectures. Enterprise organizations can use one of the enterprise topologies for production deployments to ensure the highest level of uptime, performance, and continued scalability. Organizations or deployments that are resource constrained can use a "growth" topology.

It is possible to install the Ansible Automation Platform on different infrastructure topologies and with different environment configurations. Red Hat does not fully test topologies outside of published reference architectures. Use a tested topology for all new deployments.

1.1. Installation and deployment models

The following table outlines the different ways to install or deploy Ansible Automation Platform:

Table 1.1. Ansible Automation Platform installation and deployment models
Mode	Infrastructure	Description	Tested topologies
RPM	Virtual machines and bare metal	The RPM installer deploys Ansible Automation Platform on Red Hat Enterprise Linux by using RPMs to install the platform on host machines. Customers manage the product and infrastructure lifecycle.	RPM growth topology RPM mixed growth topology RPM enterprise topology RPM mixed enterprise topology
Containers	Virtual machines and bare metal	The containerized installer deploys Ansible Automation Platform on Red Hat Enterprise Linux by using Podman which runs the platform in containers on host machines. Customers manage the product and infrastructure lifecycle.	Container growth topology Container enterprise topology
Operator	Red Hat OpenShift	The Operator uses Red Hat OpenShift Operators to deploy Ansible Automation Platform within Red Hat OpenShift. Customers manage the product and infrastructure lifecycle.	Operator growth topology Operator enterprise topology

Chapter 2. RPM topologies

The RPM installer deploys Ansible Automation Platform on Red Hat Enterprise Linux by using RPMs to install the platform on host machines. Customers manage the product and infrastructure lifecycle.

2.1. RPM growth topology

The growth topology is intended for organizations that are getting started with Ansible Automation Platform and do not require redundancy or higher compute for large volumes of automation. This topology allows for smaller footprint deployments.

2.1.1. Infrastructure topology

The following diagram outlines the infrastructure topology that Red Hat has tested with this deployment model that customers can use when self-managing Ansible Automation Platform:

Figure 2.1. Infrastructure topology diagram

Each virtual machine (VM) has been tested with the following component requirements: 16 GB RAM, 4 CPUs, 60 GB local disk, and 3000 IOPS.

Table 2.1. Infrastructure topology
VM count	Purpose	Example VM group names
1	Platform gateway with colocated Redis	`automationgateway`
1	Automation controller	`automationcontroller`
1	Private automation hub	`automationhub`
1	Event-Driven Ansible	`automationedacontroller`
1	Automation mesh execution node	`execution_nodes`
1	Database	`database`

2.1.2. Tested system configurations

Red Hat has tested the following configurations to install and run Red Hat Ansible Automation Platform:

Table 2.2. Tested system configurations
Type	Description
Subscription	Valid Red Hat Ansible Automation Platform subscription
Operating system	Red Hat Enterprise Linux 9.2 or later x86_64 and AArch64
Ansible-core	Ansible-core version 2.16 or later
Browser	A currently supported version of Mozilla Firefox or Google Chrome
Database	PostgreSQL 15

2.1.3. Network ports

Red Hat Ansible Automation Platform uses several ports to communicate with its services. These ports must be open and available for incoming connections to the Red Hat Ansible Automation Platform server for it to work. Ensure that these ports are available and are not blocked by the server firewall.

Table 2.3. Network ports and protocols
Port number	Protocol	Service	Source	Destination
80/443	TCP	HTTP/HTTPS	Event-Driven Ansible	Automation hub
80/443	TCP	HTTP/HTTPS	Event-Driven Ansible	Automation controller
80/443	TCP	HTTP/HTTPS	Automation controller	Automation hub
443	TCP	HTTPS	Platform gateway	Automation controller
443	TCP	HTTPS	Platform gateway	Automation hub
443	TCP	HTTPS	Platform gateway	Event-Driven Ansible
5432	TCP	PostgreSQL	Event-Driven Ansible	Database
5432	TCP	PostgreSQL	Platform gateway	Database
5432	TCP	PostgreSQL	Automation hub	Database
5432	TCP	PostgreSQL	Automation controller	Database
27199	TCP	Receptor	Automation controller	Execution node
6379	TCP	Redis	Event-Driven Ansible	Redis node
6379	TCP	Redis	Platform gateway	Redis node
8443	TCP	HTTPS	Platform gateway	Platform gateway
50051	TCP	gRPC	Platform gateway	Platform gateway

2.1.4. Example growth inventory file

Use the example inventory file to perform an installation for this topology:

# This is the growth installer inventory file
# Please consult the docs if you are unsure what to add
# For all optional variables please consult the Red Hat documentation:
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation

# This section is for your platform gateway hosts
# -----------------------------------------------------
[automationgateway]
gateway.example.org

# This section is for your automation controller hosts
# -----------------------------------------------------
[automationcontroller]
controller.example.org

[automationcontroller:vars]
peers=execution_nodes

# This section is for your Ansible Automation Platform execution hosts
# -----------------------------------------------------
[execution_nodes]
exec.example.org

# This section is for your automation hub hosts
# -----------------------------------------------------
[automationhub]
hub.example.org

# This section is for your Event-Driven Ansible controller hosts
# -----------------------------------------------------
[automationedacontroller]
eda.example.org

# This section is for the Ansible Automation Platform database
# -----------------------------------------------------
[database]
db.example.org

[all:vars]

# Common variables
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-general-inventory-variables
# -----------------------------------------------------
registry_username=<your RHN username>
registry_password=<your RHN password>

redis_mode=standalone

# Platform gateway
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-gateway-variables
# -----------------------------------------------------
automationgateway_admin_password=<set your own>
automationgateway_pg_host=db.example.org
automationgateway_pg_password=<set your own>

# Automation controller
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-controller-variables
# -----------------------------------------------------
admin_password=<set your own>
pg_host=db.example.org
pg_password=<set your own>

# Automation hub
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-hub-variables
# -----------------------------------------------------
automationhub_admin_password=<set your own>
automationhub_pg_host=db.example.org
automationhub_pg_password=<set your own>

# Event-Driven Ansible controller
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#event-driven-ansible-controller
# -----------------------------------------------------
automationedacontroller_admin_password=<set your own>
automationedacontroller_pg_host=db.example.org
automationedacontroller_pg_password=<set your own>

2.2. RPM mixed growth topology

The growth topology is intended for organizations that are getting started with Ansible Automation Platform and do not require redundancy or higher compute for large volumes of automation. This topology allows for smaller footprint deployments. The mixed topology has different versions of Ansible Automation Platform intended for configuring a new installation of Event-Driven Ansible controller 1.1 with automation controller 4.4 or 4.5.

2.2.1. Infrastructure topology

The following diagram outlines the infrastructure topology that Red Hat has tested with this deployment model that customers can use when self-managing Ansible Automation Platform:

Figure 2.2. Infrastructure topology diagram

Each virtual machine (VM) has been tested with the following component requirements: 16 GB RAM, 4 CPUs, 60 GB local disk, and 3000 IOPS.

Table 2.4. Infrastructure topology
VM count	Purpose	Ansible Automation Platform version	Example VM group names
1	Platform gateway with colocated Redis	2.5	`automationgateway`
1	Automation controller	2.4	`automationcontroller`
1	Private automation hub	2.4	`automationhub`
1	Event-Driven Ansible	2.5	`automationedacontroller`
1	Automation mesh execution node	2.4	`execution_nodes`
1	Database	2.4	`database`

2.2.2. Tested system configurations

Red Hat has tested the following configurations to install and run Red Hat Ansible Automation Platform:

Table 2.5. Tested system configurations
Type	Description
Subscription	Valid Red Hat Ansible Automation Platform subscription
Operating system	Red Hat Enterprise Linux 9.2 or later x86_64 and AArch64
Ansible-core	Ansible-core version 2.16 or later
Browser	A currently supported version of Mozilla Firefox or Google Chrome
Database	PostgreSQL 15

2.2.3. Network ports

Red Hat Ansible Automation Platform uses several ports to communicate with its services. These ports must be open and available for incoming connections to the Red Hat Ansible Automation Platform server for it to work. Ensure that these ports are available and are not blocked by the server firewall.

Table 2.6. Network ports and protocols
Port number	Protocol	Service	Source	Destination
80/443	TCP	HTTP/HTTPS	Event-Driven Ansible	Automation hub
80/443	TCP	HTTP/HTTPS	Event-Driven Ansible	Automation controller
80/443	TCP	HTTP/HTTPS	Automation controller	Automation hub
443	TCP	HTTPS	Platform gateway	Automation controller
443	TCP	HTTPS	Platform gateway	Automation hub
443	TCP	HTTPS	Platform gateway	Event-Driven Ansible
5432	TCP	PostgreSQL	Event-Driven Ansible	Database
5432	TCP	PostgreSQL	Platform gateway	Database
5432	TCP	PostgreSQL	Automation hub	Database
5432	TCP	PostgreSQL	Automation controller	Database
27199	TCP	Receptor	Automation controller	Execution node
6379	TCP	Redis	Event-Driven Ansible	Redis node
6379	TCP	Redis	Platform gateway	Redis node
8443	TCP	HTTPS	Platform gateway	Platform gateway
50051	TCP	gRPC	Platform gateway	Platform gateway

2.2.4. Example mixed growth inventory file

Use the example inventory file to perform an installation for this topology:

# This is the mixed growth installer inventory file
# Please consult the docs if you are unsure what to add
# For all optional variables please consult the Red Hat documentation:
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation

# This section is for your platform gateway hosts
# -----------------------------------------------------
[automationgateway]
gateway.example.org

# This section is for your Event-Driven Ansible controller hosts
# -----------------------------------------------------
[automationedacontroller]
eda.example.org

[all:vars]

# Common variables
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-general-inventory-variables
# -----------------------------------------------------
registry_username=<your RHN username>
registry_password=<your RHN password>

redis_mode=standalone

# Platform gateway
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-gateway-variables
# -----------------------------------------------------
automationgateway_admin_password=<set your own>
automationgateway_pg_host=db.example.org
automationgateway_pg_password=<set your own>

# Event-Driven Ansible controller
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#event-driven-ansible-controller
# -----------------------------------------------------
automationedacontroller_admin_password=<set your own>
automationedacontroller_pg_host=db.example.org
automationedacontroller_pg_password=<set your own>

2.3. RPM enterprise topology

The enterprise topology is intended for organizations that require Ansible Automation Platform to be deployed with redundancy or higher compute for large volumes of automation.

2.3.1. Infrastructure topology

The following diagram outlines the infrastructure topology that Red Hat has tested with this deployment model that customers can use when self-managing Ansible Automation Platform:

Figure 2.3. Infrastructure topology diagram

Each virtual machine (VM) has been tested with the following component requirements: 16 GB RAM, 4 CPUs, 60 GB local disk, and 3000 IOPS.

Table 2.7. Infrastructure topology
VM count	Purpose	Example VM group names
2	Platform gateway with colocated Redis	`automationgateway`
2	Automation controller	`automationcontroller`
2	Private automation hub with colocated Redis	`automationhub`
2	Event-Driven Ansible with colocated Redis	`automationedacontroller`
1	Automation mesh hop node	`execution_nodes`
2	Automation mesh execution node	`execution_nodes`
1	Externally managed database service	N/A
1	HAProxy load balancer in front of platform gateway (externally managed)	N/A

Note

6 VMs are required for a Redis high availability (HA) compatible deployment. Redis can be colocated on each Ansible Automation Platform component VM except for automation controller, execution nodes, or the PostgreSQL database.

2.3.2. Tested system configurations

Red Hat has tested the following configurations to install and run Red Hat Ansible Automation Platform:

Table 2.8. Tested system configurations
Type	Description
Subscription	Valid Red Hat Ansible Automation Platform subscription
Operating system	Red Hat Enterprise Linux 9.2 or later x86_64 and AArch64
Ansible-core	Ansible-core version 2.16 or later
Browser	A currently supported version of Mozilla Firefox or Google Chrome
Database	PostgreSQL 15

2.3.3. Network ports

Red Hat Ansible Automation Platform uses several ports to communicate with its services. These ports must be open and available for incoming connections to the Red Hat Ansible Automation Platform server for it to work. Ensure that these ports are available and are not blocked by the server firewall.

Table 2.9. Network ports and protocols
Port number	Protocol	Service	Source	Destination
80/443	TCP	HTTP/HTTPS	Event-Driven Ansible	Automation hub
80/443	TCP	HTTP/HTTPS	Event-Driven Ansible	Automation controller
80/443	TCP	HTTP/HTTPS	Automation controller	Automation hub
443	TCP	HTTPS	HAProxy load balancer	Platform gateway
443	TCP	HTTPS	Platform gateway	Automation controller
443	TCP	HTTPS	Platform gateway	Automation hub
443	TCP	HTTPS	Platform gateway	Event-Driven Ansible
5432	TCP	PostgreSQL	Event-Driven Ansible	External database
5432	TCP	PostgreSQL	Platform gateway	External database
5432	TCP	PostgreSQL	Automation hub	External database
5432	TCP	PostgreSQL	Automation controller	External database
27199	TCP	Receptor	Automation controller	Hop node and execution node
27199	TCP	Receptor	Hop node	Execution node
6379	TCP	Redis	Event-Driven Ansible	Redis node
6379	TCP	Redis	Platform gateway	Redis node
16379	TCP	Redis	Redis node	Redis node
8443	TCP	HTTPS	Platform gateway	Platform gateway
50051	TCP	gRPC	Platform gateway	Platform gateway

2.3.4. Example enterprise inventory file

Use the example inventory file to perform an installation for this topology:

# This is the enterprise installer inventory file
# Please consult the docs if you are unsure what to add
# For all optional variables please consult the Red Hat documentation:
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation

# This section is for your platform gateway hosts
# -----------------------------------------------------
[automationgateway]
gateway1.example.org
gateway2.example.org

# This section is for your automation controller hosts
# -----------------------------------------------------
[automationcontroller]
controller1.example.org
controller2.example.org

[automationcontroller:vars]
peers=execution_nodes

# This section is for your Ansible Automation Platform execution hosts
# -----------------------------------------------------
[execution_nodes]
hop1.example.org node_type='hop'
exec1.example.org
exec2.example.org

# This section is for your automation hub hosts
# -----------------------------------------------------
[automationhub]
hub1.example.org
hub2.example.org

# This section is for your Event-Driven Ansible controller hosts
# -----------------------------------------------------
[automationedacontroller]
eda1.example.org
eda2.example.org

[redis]
gateway1.example.org
gateway2.example.org
hub1.example.org
hub2.example.org
eda1.example.org
eda2.example.org

[all:vars]
# Common variables
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-general-inventory-variables
# -----------------------------------------------------
registry_username=<your RHN username>
registry_password=<your RHN password>

# Platform gateway
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-gateway-variables
# -----------------------------------------------------
automationgateway_admin_password=<set your own>
automationgateway_pg_host=<set your own>
automationgateway_pg_database=<set your own>
automationgateway_pg_username=<set your own>
automationgateway_pg_password=<set your own>

# Automation controller
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-controller-variables
# -----------------------------------------------------
admin_password=<set your own>
pg_host=<set your own>
pg_database=<set your own>
pg_username=<set your own>
pg_password=<set your own>

# Automation hub
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-hub-variables
# -----------------------------------------------------
automationhub_admin_password=<set your own>
automationhub_pg_host=<set your own>
automationhub_pg_database=<set your own>
automationhub_pg_username=<set your own>
automationhub_pg_password=<set your own>

# Event-Driven Ansible controller
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#event-driven-ansible-controller
# -----------------------------------------------------
automationedacontroller_admin_password=<set your own>
automationedacontroller_pg_host=<set your own>
automationedacontroller_pg_database=<set your own>
automationedacontroller_pg_username=<set your own>
automationedacontroller_pg_password=<set your own>

2.4. RPM mixed enterprise topology

The enterprise topology is intended for organizations that require Ansible Automation Platform to be deployed with redundancy or higher compute for large volumes of automation. The mixed topology has different versions of Ansible Automation Platform intended for configuring a new installation of Event-Driven Ansible controller 1.1 with automation controller 4.4 or 4.5.

2.4.1. Infrastructure topology

The following diagram outlines the infrastructure topology that Red Hat has tested with this deployment model that customers can use when self-managing Ansible Automation Platform:

Figure 2.4. Infrastructure topology diagram

Each VM has been tested with the following component requirements: 16 GB RAM, 4 CPUs, 60 GB local disk, and 3000 IOPS.

Table 2.10. Infrastructure topology
VM count	Purpose	Ansible Automation Platform version	Example VM group names
3	Platform gateway with colocated Redis	2.5	`automationgateway`
2	Automation controller	2.4	`automationcontroller`
2	Private automation hub	2.4	`automationhub`
3	Event-Driven Ansible with colocated Redis	2.5	`automationedacontroller`
1	Automation mesh hop node	2.4	`execution_nodes`
2	Automation mesh execution node	2.4	`execution_nodes`
1	Externally managed database service	N/A	N/A
1	HAProxy load balancer in front of platform gateway (externally managed)	N/A	N/A

Note

6 VMs are required for a Redis high availability (HA) compatible deployment. Redis can be colocated on each Ansible Automation Platform 2.5 component VM except for automation controller, execution nodes, or the PostgreSQL database.

2.4.2. Tested system configurations

Red Hat has tested the following configurations to install and run Red Hat Ansible Automation Platform:

Table 2.11. Tested system configurations
Type	Description
Subscription	Valid Red Hat Ansible Automation Platform subscription
Operating system	Red Hat Enterprise Linux 9.2 or later x86_64 and AArch64
Ansible-core	Ansible-core version 2.16 or later
Browser	A currently supported version of Mozilla Firefox or Google Chrome
Database	PostgreSQL 15

2.4.3. Network ports

Red Hat Ansible Automation Platform uses several ports to communicate with its services. These ports must be open and available for incoming connections to the Red Hat Ansible Automation Platform server for it to work. Ensure that these ports are available and are not blocked by the server firewall.

Table 2.12. Network ports and protocols
Port number	Protocol	Service	Source	Destination
80/443	TCP	HTTP/HTTPS	Event-Driven Ansible	Automation hub
80/443	TCP	HTTP/HTTPS	Event-Driven Ansible	Automation controller
80/443	TCP	HTTP/HTTPS	Automation controller	Automation hub
443	TCP	HTTPS	HAProxy load balancer	Platform gateway
443	TCP	HTTPS	Platform gateway	Automation controller
443	TCP	HTTPS	Platform gateway	Automation hub
443	TCP	HTTPS	Platform gateway	Event-Driven Ansible
5432	TCP	PostgreSQL	Event-Driven Ansible	External database
5432	TCP	PostgreSQL	Platform gateway	External database
5432	TCP	PostgreSQL	Automation hub	External database
5432	TCP	PostgreSQL	Automation controller	External database
27199	TCP	Receptor	Automation controller	Hop node and execution node
27199	TCP	Receptor	Hop node	Execution node
6379	TCP	Redis	Event-Driven Ansible	Redis node
6379	TCP	Redis	Platform gateway	Redis node
16379	TCP	Redis	Redis node	Redis node
8443	TCP	HTTPS	Platform gateway	Platform gateway
50051	TCP	gRPC	Platform gateway	Platform gateway

2.4.4. Example mixed enterprise inventory file

Use the example inventory file to perform an installation for this topology:

# This is the mixed enterprise installer inventory file
# Please consult the docs if you are unsure what to add
# For all optional variables please consult the Red Hat documentation:
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation

# This section is for your platform gateway hosts
# -----------------------------------------------------
[automationgateway]
gateway1.example.org
gateway2.example.org
gateway3.example.org

# This section is for your Event-Driven Ansible controller hosts
# -----------------------------------------------------
[automationedacontroller]
eda1.example.org
eda2.example.org
eda3.example.org

[redis]
gateway1.example.org
gateway2.example.org
gateway3.example.org
eda1.example.org
eda2.example.org
eda3.example.org

[all:vars]
# Common variables
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-general-inventory-variables
# -----------------------------------------------------
registry_username=<your RHN username>
registry_password=<your RHN password>

# Platform gateway
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#ref-gateway-variables
# -----------------------------------------------------
automationgateway_admin_password=<set your own>
automationgateway_pg_host=<set your own>
automationgateway_pg_database=<set your own>
automationgateway_pg_username=<set your own>
automationgateway_pg_password=<set your own>

# Event-Driven Ansible controller
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/rpm_installation/appendix-inventory-files-vars#event-driven-ansible-controller
# -----------------------------------------------------
automationedacontroller_admin_password=<set your own>
automationedacontroller_pg_host=<set your own>
automationedacontroller_pg_database=<set your own>
automationedacontroller_pg_username=<set your own>
automationedacontroller_pg_password=<set your own>

Chapter 3. Container topologies

The containerized installer deploys Ansible Automation Platform on Red Hat Enterprise Linux by using Podman which runs the platform in containers on host machines. Customers manage the product and infrastructure lifecycle.

3.1. Container growth topology

The growth topology is intended for organizations that are getting started with Ansible Automation Platform and do not require redundancy or higher compute for large volumes of automation. This topology allows for smaller footprint deployments.

3.1.1. Infrastructure topology

The following diagram outlines the infrastructure topology that Red Hat has tested with this deployment model that customers can use when self-managing Ansible Automation Platform:

Figure 3.1. Infrastructure topology diagram

A single VM has been tested with the following component requirements: 16 GB RAM, 4 CPUs, 60 GB local disk, and 3000 IOPS. Resources, such as storage, can be increased based on the needs of the deployment.

Table 3.1. Infrastructure topology
Purpose	Example group names
All Ansible Automation Platform components	`automationgateway` `automationcontroller` `automationhub` `automationeda` `database`

3.1.2. Tested system configurations

Red Hat has tested the following configurations to install and run Red Hat Ansible Automation Platform:

Table 3.2. Tested system configurations
Type	Description
Subscription	Valid Red Hat Ansible Automation Platform subscription Valid Red Hat Enterprise Linux subscription (to consume the BaseOS and AppStream repositories)
Operating system	Red Hat Enterprise Linux 9.2 or later x86_64 and AArch64
Ansible-core	Ansible-core version 2.16 or later
Browser	A currently supported version of Mozilla Firefox or Google Chrome
Database	PostgreSQL 15

3.1.3. Network ports

Red Hat Ansible Automation Platform uses several ports to communicate with its services. These ports must be open and available for incoming connections to the Red Hat Ansible Automation Platform server for it to work. Ensure that these ports are available and are not blocked by the server firewall.

Table 3.3. Network ports and protocols
Port number	Protocol	Service	Source	Destination
80/443	TCP	HTTP/HTTPS	Event-Driven Ansible	Automation hub
80/443	TCP	HTTP/HTTPS	Event-Driven Ansible	Automation controller
80/443	TCP	HTTP/HTTPS	Automation controller	Automation hub
443	TCP	HTTPS	Platform gateway	Automation controller
443	TCP	HTTPS	Platform gateway	Automation hub
443	TCP	HTTPS	Platform gateway	Event-Driven Ansible
5432	TCP	PostgreSQL	Event-Driven Ansible	External database
5432	TCP	PostgreSQL	Platform gateway	External database
5432	TCP	PostgreSQL	Automation hub	External database
5432	TCP	PostgreSQL	Automation controller	External database
27199	TCP	Receptor	Automation controller	Execution container
6379	TCP	Redis	Event-Driven Ansible	Redis container
6379	TCP	Redis	Platform gateway	Redis container
8433	TCP	HTTPS	Platform gateway	Platform gateway
50051	TCP	gRPC	Platform gateway	Platform gateway

3.1.4. Example growth inventory file

Use the example inventory file to perform an installation for this topology:

# This is the growth installer inventory file
# Please consult the docs if you are unsure what to add
# For all optional variables please consult the included README.md
# or the Red Hat documentation:
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation

# This section is for your platform gateway hosts
# -----------------------------------------------------
[automationgateway]
aap.example.org

# This section is for your automation controller hosts
# -------------------------------------------------
[automationcontroller]
aap.example.org

# This section is for your automation hub hosts
# -----------------------------------------------------
[automationhub]
aap.example.org

# This section is for your Event-Driven Ansible controller hosts
# -----------------------------------------------------
[automationeda]
aap.example.org

# This section is for the Ansible Automation Platform database
# --------------------------------------
[database]
aap.example.org

[all:vars]
# Ansible
ansible_connection=local

# Common variables
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-general-inventory-variables
# -----------------------------------------------------
postgresql_admin_username=postgres
postgresql_admin_password=<set your own>

registry_username=<your RHN username>
registry_password=<your RHN password>

redis_mode=standalone

# Platform gateway
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-gateway-variables
# -----------------------------------------------------
gateway_admin_password=<set your own>
gateway_pg_host=aap.example.org
gateway_pg_password=<set your own>

# Automation controller
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-controller-variables
# -----------------------------------------------------
controller_admin_password=<set your own>
controller_pg_host=aap.example.org
controller_pg_password=<set your own>

# Automation hub
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-hub-variables
# -----------------------------------------------------
hub_admin_password=<set your own>
hub_pg_host=aap.example.org
hub_pg_password=<set your own>

# Event-Driven Ansible controller
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#event-driven-ansible-controller
# -----------------------------------------------------
eda_admin_password=<set your own>
eda_pg_host=aap.example.org
eda_pg_password=<set your own>

Note

SSH keys are only required when installing on remote hosts. If doing a self contained local VM based installation, you can use ansible_connection=local.

3.2. Container enterprise topology

The enterprise topology is intended for organizations that require Ansible Automation Platform to be deployed with redundancy or higher compute for large volumes of automation.

3.2.1. Infrastructure topology

The following diagram outlines the infrastructure topology that Red Hat has tested with this deployment model that customers can use when self-managing Ansible Automation Platform:

Figure 3.2. Infrastructure topology diagram

Each VM has been tested with the following component requirements: 16 GB RAM, 4 CPUs, 60 GB local disk, and 3000 IOPS.

Table 3.4. Infrastructure topology
VM count	Purpose	Example VM group names
2	Platform gateway with colocated Redis	`automationgateway`
2	Automation controller	`automationcontroller`
2	Private automation hub with colocated Redis	`automationhub`
2	Event-Driven Ansible with colocated Redis	`automationeda`
1	Automation mesh hop node	`execution_nodes`
2	Automation mesh execution node	`execution_nodes`
1	Externally managed database service	N/A
1	HAProxy load balancer in front of platform gateway (externally managed)	N/A

Note

6 VMs are required for a Redis high availability (HA) compatible deployment. Redis can be colocated on each Ansible Automation Platform component VM except for automation controller, execution nodes, or the PostgreSQL database.

3.2.2. Tested system configurations

Red Hat has tested the following configurations to install and run Red Hat Ansible Automation Platform:

Table 3.5. Tested system configurations
Type	Description
Subscription	Valid Red Hat Ansible Automation Platform subscription Valid Red Hat Enterprise Linux subscription (to consume the BaseOS and AppStream repositories)
Operating system	Red Hat Enterprise Linux 9.2 or later x86_64 and AArch64
Ansible-core	Ansible-core version 2.16 or later
Browser	A currently supported version of Mozilla Firefox or Google Chrome.
Database	PostgreSQL 15

3.2.3. Network ports

Red Hat Ansible Automation Platform uses several ports to communicate with its services. These ports must be open and available for incoming connections to the Red Hat Ansible Automation Platform server for it to work. Ensure that these ports are available and are not blocked by the server firewall.

Table 3.6. Network ports and protocols
Port number	Protocol	Service	Source	Destination
80/443	TCP	HTTP/HTTPS	Event-Driven Ansible	Automation hub
80/443	TCP	HTTP/HTTPS	Event-Driven Ansible	Automation controller
80/443	TCP	HTTP/HTTPS	Automation controller	Automation hub
443	TCP	HTTPS	HAProxy load balancer	Platform gateway
443	TCP	HTTPS	Platform gateway	Automation controller
443	TCP	HTTPS	Platform gateway	Automation hub
443	TCP	HTTPS	Platform gateway	Event-Driven Ansible
5432	TCP	PostgreSQL	Event-Driven Ansible	External database
5432	TCP	PostgreSQL	Platform gateway	External database
5432	TCP	PostgreSQL	Automation hub	External database
5432	TCP	PostgreSQL	Automation controller	External database
27199	TCP	Receptor	Automation controller	Hop node and execution node
27199	TCP	Receptor	Hop node	Execution node
6379	TCP	Redis	Event-Driven Ansible	Redis node
6379	TCP	Redis	Platform gateway	Redis node
16379	TCP	Redis	Redis node	Redis node
8433	TCP	HTTPS	Platform gateway	Platform gateway
50051	TCP	gRPC	Platform gateway	Platform gateway

3.2.4. Example enterprise inventory file

Use the example inventory file to perform an installation for this topology:

# This is the enterprise installer inventory file
# Please consult the docs if you are unsure what to add
# For all optional variables please consult the included README.md
# or the Red Hat documentation:
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation

# This section is for your platform gateway hosts
# -----------------------------------------------------
[automationgateway]
gateway1.example.org
gateway2.example.org

# This section is for your automation controller hosts
# -----------------------------------------------------
[automationcontroller]
controller1.example.org
controller2.example.org

# This section is for your Ansible Automation Platform execution hosts
# -----------------------------------------------------
[execution_nodes]
hop1.example.org receptor_type='hop'
exec1.example.org
exec2.example.org

# This section is for your automation hub hosts
# -----------------------------------------------------
[automationhub]
hub1.example.org
hub2.example.org

# This section is for your Event-Driven Ansible controller hosts
# -----------------------------------------------------
[automationeda]
eda1.example.org
eda2.example.org

[redis]
gateway1.example.org
gateway2.example.org
hub1.example.org
hub2.example.org
eda1.example.org
eda2.example.org

[all:vars]

# Common variables
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-general-inventory-variables
# -----------------------------------------------------
postgresql_admin_username=<set your own>
postgresql_admin_password=<set your own>
registry_username=<your RHN username>
registry_password=<your RHN password>

# Platform gateway
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-gateway-variables
# -----------------------------------------------------
gateway_admin_password=<set your own>
gateway_pg_host=externaldb.example.org
gateway_pg_database=<set your own>
gateway_pg_username=<set your own>
gateway_pg_password=<set your own>

# Automation controller
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-controller-variables
# -----------------------------------------------------
controller_admin_password=<set your own>
controller_pg_host=externaldb.example.org
controller_pg_database=<set your own>
controller_pg_username=<set your own>
controller_pg_password=<set your own>

# Automation hub
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-hub-variables
# -----------------------------------------------------
hub_admin_password=<set your own>
hub_pg_host=externaldb.example.org
hub_pg_database=<set your own>
hub_pg_username=<set your own>
hub_pg_password=<set your own>

# Event-Driven Ansible controller
# https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#event-driven-ansible-controller
# -----------------------------------------------------
eda_admin_password=<set your own>
eda_pg_host=externaldb.example.org
eda_pg_database=<set your own>
eda_pg_username=<set your own>
eda_pg_password=<set your own>

3.2.5. Storage requirements

Execution environments are pulled into automation controller hybrid nodes and execution nodes that run jobs. The size of these containers influences the storage requirements for $PATH_WHERE_PODMAN_PUTS_CONTAINER_IMAGES.
The primary determining factors for the size of the database and its storage volume, which defaults to $POSTGRES_DEFAULT_DATA_DIR, are:
- The quantity of job events (lines of output from automation controller jobs)
- The quantity of days of job data that are retained
On execution nodes and automation controller control and hybrid nodes, job output is buffered to the disk in $NAME_OF_RECEPTOR_DIR_VAR, which defaults to /tmp.
The size and quantity of collections synced to automation hub influence the storage requirements of $PATH_WHERE_PULP_STORES_COLLECTIONS.

Chapter 4. Operator topologies

The Ansible Automation Platform Operator uses Red Hat OpenShift Operators to deploy Ansible Automation Platform within Red Hat OpenShift. Customers manage the product and infrastructure lifecycle.

Important

You can only install a single instance of the Ansible Automation Platform Operator into a single namespace. Installing multiple instances in the same namespace can lead to improper operation for both Operator instances.

4.1. Operator growth topology

The growth topology is intended for organizations that are getting started with Ansible Automation Platform and do not require redundancy or higher compute for large volumes of automation. This topology allows for smaller footprint deployments.

4.1.1. Infrastructure topology

The following diagram outlines the infrastructure topology that Red Hat has tested with this deployment model that customers can use when self-managing Ansible Automation Platform:

Figure 4.1. Infrastructure topology diagram

A Single Node OpenShift (SNO) cluster has been tested with the following requirements: 32 GB RAM, 16 CPUs, 128 GB local disk, and 3000 IOPS.

Table 4.1. Infrastructure topology
Count	Component
1	Automation controller web pod
1	Automation controller task pod
1	Automation hub API pod
2	Automation hub content pod
2	Automation hub worker pod
1	Automation hub Redis pod
1	Event-Driven Ansible API pod
1	Event-Driven Ansible activation worker pod
1	Event-Driven Ansible default worker pod
1	Event-Driven Ansible event stream pod
1	Event-Driven Ansible scheduler pod
1	Platform gateway pod
1	Database pod
1	Redis pod

4.1.2. Tested system configurations

Red Hat has tested the following configurations to install and run Red Hat Ansible Automation Platform:

Table 4.2. Tested system configurations
Type	Description
Subscription	Valid Red Hat Ansible Automation Platform subscription
Operating system	Red Hat Enterprise Linux 9.2 or later x86_64 and AArch64
Red Hat OpenShift	Version: 4.14 num_of_control_nodes: 1 num_of_worker_nodes: 1
Ansible-core	Ansible-core version 2.16 or later
Browser	A currently supported version of Mozilla Firefox or Google Chrome.
Database	PostgreSQL 15

4.1.3. Example custom resource file

Use the following example custom resource (CR) to add your Ansible Automation Platform instance to your project:

apiVersion: aap.ansible.com/v1alpha1
kind: AnsibleAutomationPlatform
metadata:
  name: <aap instance name>
spec:
  eda:
    automation_server_ssl_verify: 'no'
  hub:
    storage_type: 's3'
    object_storage_s3_secret: '<name of the Secret resource holding s3 configuration>'

4.1.4. Nonfunctional requirements

Ansible Automation Platform’s performance characteristics and capacity are impacted by its resource allocation and configuration. With OpenShift, each Ansible Automation Platform component is deployed as a pod. You can specify resource requests and limits for each pod.

Use the Ansible Automation Platform Custom Resource (CR) to configure resource allocation for OpenShift installations. Each configurable item has default settings. These settings are the minimum requirements for an installation, but might not meet your production workload needs.

By default, each component’s deployments are set for minimum resource requests but no resource limits. OpenShift only schedules the pods with available resource requests, but the pods are allowed to consume unlimited RAM or CPU provided that the OpenShift worker node itself is not under node pressure.

In the Operator growth topology, Ansible Automation Platform is deployed on a Single Node OpenShift (SNO) with 32 GB RAM, 16 CPUs, 128 GB Local disk, and 3000 IOPS. This is not a shared environment, so Ansible Automation Platform pods have full access to all of the compute resources of the OpenShift SNO. In this scenario, the capacity calculation for the automation controller task pods is derived from the underlying OpenShift Container Platform node that runs the pod. It does not have access to the entire node. This capacity calculation influences how many concurrent jobs automation controller can run.

OpenShift manages storage distinctly from VMs. This impacts how automation hub stores its artifacts. In the Operator growth topology, we use S3 storage because automation hub requires a ReadWriteMany type storage, which is not a default storage type in OpenShift.

4.1.5. Network ports

Red Hat Ansible Automation Platform uses several ports to communicate with its services. These ports must be open and available for incoming connections to the Red Hat Ansible Automation Platform server for it to work. Ensure that these ports are available and are not blocked by the server firewall.

Table 4.3. Network ports and protocols
Port number	Protocol	Service	Source	Destination
27199	TCP	Receptor	OpenShift Container Platform cluster	Execution node
27199	TCP	Receptor	OpenShift Container Platform cluster	Hop node
443	HTTPS	Receptor	Execution node	OpenShift Container Platform ingress
443	HTTPS	Receptor	Hop node	OpenShift Container Platform ingress
443	HTTPS	Platform	Customer clients	OpenShift Container Platform ingress

4.2. Operator enterprise topology

The enterprise topology is intended for organizations that require Ansible Automation Platform to be deployed with redundancy or higher compute for large volumes of automation.

4.2.1. Infrastructure topology

The following diagram outlines the infrastructure topology that Red Hat has tested with this deployment model that customers can use when self-managing Ansible Automation Platform:

Figure 4.2. Infrastructure topology diagram

The following infrastructure topology describes an OpenShift Cluster with 3 master nodes and 2 worker nodes.

Each OpenShift Worker node has been tested with the following component requirements: 16 GB RAM, 4 CPUs, 128 GB local disk, and 3000 IOPS.

Table 4.4. Infrastructure topology
Count	Component
1	Automation controller web pod
1	Automation controller task pod
1	Automation hub API pod
2	Automation hub content pod
2	Automation hub worker pod
1	Automation hub Redis pod
1	Event-Driven Ansible API pod
2	Event-Driven Ansible activation worker pod
2	Event-Driven Ansible default worker pod
2	Event-Driven Ansible event stream pod
1	Event-Driven Ansible scheduler pod
1	Platform gateway pod
2	Mesh ingress pod
N/A	Externally managed database service
N/A	Externally managed Redis
N/A	Externally managed object storage service (for automation hub)

4.2.2. Tested system configurations

Red Hat has tested the following configurations to install and run Red Hat Ansible Automation Platform:

Table 4.5. Tested system configurations
Type	Description
Subscription	Valid Red Hat Ansible Automation Platform subscription
Red Hat OpenShift	Red Hat OpenShift on AWS Hosted Control Planes 4.15.16 2 worker nodes in different availability zones (AZs) at t3.xlarge
Ansible-core	Ansible-core version 2.16 or later
Browser	A currently supported version of Mozilla Firefox or Google Chrome.
AWS RDS PostgreSQL service	engine: "postgres" engine_version: 15" parameter_group_name: "default.postgres15" allocated_storage: 20 max_allocated_storage: 1000 storage_type: "gp2" storage_encrypted: true instance_class: "db.t4g.small" multi_az: true backup_retention_period: 5
AWS Memcached Service	engine: "redis" engine_version: "6.2" auto_minor_version_upgrade: "false" node_type: "cache.t3.micro" parameter_group_name: "default.redis6.x.cluster.on" transit_encryption_enabled: "true" num_node_groups: 2 replicas_per_node_group: 1 automatic_failover_enabled: true
s3 storage	HTTPS only accessible through AWS Role assigned to automation hub SA at runtime by using AWS Pod Identity

4.2.3. Nonfunctional requirements

Ansible Automation Platform’s performance characteristics and capacity are impacted by its resource allocation and configuration. With OpenShift, each Ansible Automation Platform component is deployed as a pod. You can specify resource requests and limits for each pod.

Use the Ansible Automation Platform custom resource to configure resource allocation for OpenShift installations. Each configurable item has default settings. These settings are the exact configuration used within the context of this reference deployment architecture and presumes that the environment is being deployed and managed by an Enterprise IT organization for production purposes.

By default, each component’s deployments are set for minimum resource requests but no resource limits. OpenShift only schedules the pods with available resource requests, but the pods are allowed to consume unlimited RAM or CPU provided that the OpenShift worker node itself is not under node pressure.

In the Operator enterprise topology, Ansible Automation Platform is deployed on a Red Hat OpenShift on AWS (ROSA) Hosted Control Plane (HCP) cluster with 2 t3.xlarge worker nodes spread across 2 AZs within a single AWS Region. This is not a shared environment, so Ansible Automation Platform pods have full access to all of the compute resources of the ROSA HCP cluster. In this scenario, the capacity calculation for the automation controller task pods is derived from the underlying HCP worker node that runs the pod. It does not have access to the CPU or memory resources of the entire node. This capacity calculation influences how many concurrent jobs automation controller can run.

OpenShift manages storage distinctly from VMs. This impacts how automation hub stores its artifacts. In the Operator enterprise topology, we use S3 storage because automation hub requires a ReadWriteMany type storage, which is not a default storage type in OpenShift. Externally provided Redis, PostgreSQL, and object storage for automation hub are specified. This provides the Ansible Automation Platform deployment with additional scalability and reliability features, including specialized backup, restore, and replication services and scalable storage.

4.2.4. Network ports

Red Hat Ansible Automation Platform uses several ports to communicate with its services. These ports must be open and available for incoming connections to the Red Hat Ansible Automation Platform server for it to work. Ensure that these ports are available and are not blocked by the server firewall.

Table 4.6. Network ports and protocols
Port number	Protocol	Service	Source	Destination
5432	TCP	PostgreSQL	OpenShift Container Platform cluster	External database service
6379	TCP	Redis	OpenShift Container Platform cluster	External Redis service
443	HTTPS	Object storage	OpenShift Container Platform cluster	External object storage service
27199	TCP	Receptor	OpenShift Container Platform cluster	Execution node
27199	TCP	Receptor	OpenShift Container Platform cluster	Hop node
443	HTTPS	Receptor	Execution node	OpenShift Container Platform ingress
443	HTTPS	Receptor	Hop node	OpenShift Container Platform ingress

Chapter 5. Automation mesh nodes

Automation mesh is an overlay network intended to ease the distribution of work across a large and dispersed collection of workers. This is done through nodes that establish peer-to-peer connections with each other by using existing networks.

5.1. Tested system configurations

Each automation mesh VM has been tested with the following component requirements: 16 GB RAM, 4 CPUs, 60 GB local disk, and 3000 IOPS.

5.2. Network ports

Automation mesh uses several ports to communicate with its services. These ports must be open and available for incoming connections to the Red Hat Ansible Automation Platform server for it to work. Ensure that these ports are available and are not blocked by the server firewall.

Table 5.1. Network ports and protocols
Port number	Protocol	Service	Source	Destination
27199	TCP	Receptor	OpenShift Container Platform cluster	Execution node
27199	TCP	Receptor	OpenShift Container Platform cluster	Hop node
443	HTTPS	Receptor	Execution node	OpenShift Container Platform mesh ingress
443	HTTPS	Receptor	Hop node	OpenShift Container Platform mesh ingress

Note

For additional information about each of the tested topologies described in this document, see the test-topologies GitHub repo.

Plan your deployment of Ansible Automation Platform

Providing feedback on Red Hat documentation

Chapter 1. Overview of tested deployment models

1.1. Installation and deployment models

Chapter 2. RPM topologies

2.1. RPM growth topology

2.1.1. Infrastructure topology

2.1.2. Tested system configurations

2.1.3. Network ports

2.1.4. Example growth inventory file

2.2. RPM mixed growth topology

2.2.1. Infrastructure topology

2.2.2. Tested system configurations

2.2.3. Network ports

2.2.4. Example mixed growth inventory file

2.3. RPM enterprise topology

2.3.1. Infrastructure topology

2.3.2. Tested system configurations

2.3.3. Network ports

2.3.4. Example enterprise inventory file

2.4. RPM mixed enterprise topology

2.4.1. Infrastructure topology

2.4.2. Tested system configurations

2.4.3. Network ports

2.4.4. Example mixed enterprise inventory file

Chapter 3. Container topologies

3.1. Container growth topology

3.1.1. Infrastructure topology

3.1.2. Tested system configurations

3.1.3. Network ports

3.1.4. Example growth inventory file

3.2. Container enterprise topology

3.2.1. Infrastructure topology

3.2.2. Tested system configurations

3.2.3. Network ports

3.2.4. Example enterprise inventory file

3.2.5. Storage requirements

Chapter 4. Operator topologies

4.1. Operator growth topology

4.1.1. Infrastructure topology

4.1.2. Tested system configurations

4.1.3. Example custom resource file

4.1.4. Nonfunctional requirements

4.1.5. Network ports

4.2. Operator enterprise topology

4.2.1. Infrastructure topology

4.2.2. Tested system configurations

4.2.3. Nonfunctional requirements

4.2.4. Network ports

Chapter 5. Automation mesh nodes

5.1. Tested system configurations

5.2. Network ports

Legal Notice

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

Making open source more inclusive

About Red Hat

Red Hat legal and privacy links

Red Hat legal and privacy links