Chapter 3. Container topologies
The containerized installer deploys Ansible Automation Platform on Red Hat Enterprise Linux by using Podman which runs the platform in containers on host machines. Customers manage the product and infrastructure lifecycle.
3.1. Container growth topology
The growth topology is intended for organizations that are getting started with Ansible Automation Platform and do not require redundancy or higher compute for large volumes of automation. This topology allows for smaller footprint deployments.
3.1.1. Infrastructure topology
The following diagram outlines the infrastructure topology that Red Hat has tested with this deployment model that customers can use when self-managing Ansible Automation Platform:
Figure 3.1. Infrastructure topology diagram
A single VM has been tested with the following component requirements: 16 GB RAM, 4 CPUs, 60 GB local disk, and 3000 IOPS. Resources, such as storage, can be increased based on the needs of the deployment.
| Purpose | Example group names |
|---|---|
| All Ansible Automation Platform components |
|
3.1.2. Tested system configurations
Red Hat has tested the following configurations to install and run Red Hat Ansible Automation Platform:
| Type | Description |
|---|---|
| Subscription |
|
| Operating system | Red Hat Enterprise Linux 9.2 or later x86_64 and AArch64 |
| Ansible-core | Ansible-core version 2.16 or later |
| Browser | A currently supported version of Mozilla Firefox or Google Chrome |
| Database | PostgreSQL 15 |
3.1.3. Network ports
Red Hat Ansible Automation Platform uses several ports to communicate with its services. These ports must be open and available for incoming connections to the Red Hat Ansible Automation Platform server for it to work. Ensure that these ports are available and are not blocked by the server firewall.
| Port number | Protocol | Service | Source | Destination |
|---|---|---|---|---|
| 80/443 | TCP | HTTP/HTTPS | Event-Driven Ansible | Automation hub |
| 80/443 | TCP | HTTP/HTTPS | Event-Driven Ansible | Automation controller |
| 80/443 | TCP | HTTP/HTTPS | Automation controller | Automation hub |
| 443 | TCP | HTTPS | Platform gateway | Automation controller |
| 443 | TCP | HTTPS | Platform gateway | Automation hub |
| 443 | TCP | HTTPS | Platform gateway | Event-Driven Ansible |
| 5432 | TCP | PostgreSQL | Event-Driven Ansible | External database |
| 5432 | TCP | PostgreSQL | Platform gateway | External database |
| 5432 | TCP | PostgreSQL | Automation hub | External database |
| 5432 | TCP | PostgreSQL | Automation controller | External database |
| 27199 | TCP | Receptor | Automation controller | Execution container |
| 6379 | TCP | Redis | Event-Driven Ansible | Redis container |
| 6379 | TCP | Redis | Platform gateway | Redis container |
| 8433 | TCP | HTTPS | Platform gateway | Platform gateway |
| 50051 | TCP | gRPC | Platform gateway | Platform gateway |
3.1.4. Example growth inventory file
Use the example inventory file to perform an installation for this topology:
# This is the growth installer inventory file # Please consult the docs if you are unsure what to add # For all optional variables please consult the included README.md # or the Red Hat documentation: # https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation # This section is for your platform gateway hosts # ----------------------------------------------------- [automationgateway] aap.example.org # This section is for your automation controller hosts # ------------------------------------------------- [automationcontroller] aap.example.org # This section is for your automation hub hosts # ----------------------------------------------------- [automationhub] aap.example.org # This section is for your Event-Driven Ansible controller hosts # ----------------------------------------------------- [automationeda] aap.example.org # This section is for the Ansible Automation Platform database # -------------------------------------- [database] aap.example.org [all:vars] # Ansible ansible_connection=local # Common variables # https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-general-inventory-variables # ----------------------------------------------------- postgresql_admin_username=postgres postgresql_admin_password=<set your own> registry_username=<your RHN username> registry_password=<your RHN password> redis_mode=standalone # Platform gateway # https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-gateway-variables # ----------------------------------------------------- gateway_admin_password=<set your own> gateway_pg_host=aap.example.org gateway_pg_password=<set your own> # Automation controller # https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-controller-variables # ----------------------------------------------------- controller_admin_password=<set your own> controller_pg_host=aap.example.org controller_pg_password=<set your own> # Automation hub # https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-hub-variables # ----------------------------------------------------- hub_admin_password=<set your own> hub_pg_host=aap.example.org hub_pg_password=<set your own> # Event-Driven Ansible controller # https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#event-driven-ansible-controller # ----------------------------------------------------- eda_admin_password=<set your own> eda_pg_host=aap.example.org eda_pg_password=<set your own>
SSH keys are only required when installing on remote hosts. If doing a self contained local VM based installation, you can use ansible_connection=local.
3.2. Container enterprise topology
The enterprise topology is intended for organizations that require Ansible Automation Platform to be deployed with redundancy or higher compute for large volumes of automation.
3.2.1. Infrastructure topology
The following diagram outlines the infrastructure topology that Red Hat has tested with this deployment model that customers can use when self-managing Ansible Automation Platform:
Figure 3.2. Infrastructure topology diagram
Each VM has been tested with the following component requirements: 16 GB RAM, 4 CPUs, 60 GB local disk, and 3000 IOPS.
| VM count | Purpose | Example VM group names |
|---|---|---|
| 2 | Platform gateway with colocated Redis |
|
| 2 | Automation controller |
|
| 2 | Private automation hub with colocated Redis |
|
| 2 | Event-Driven Ansible with colocated Redis |
|
| 1 | Automation mesh hop node |
|
| 2 | Automation mesh execution node |
|
| 1 | Externally managed database service | N/A |
| 1 | HAProxy load balancer in front of platform gateway (externally managed) | N/A |
6 VMs are required for a Redis high availability (HA) compatible deployment. Redis can be colocated on each Ansible Automation Platform component VM except for automation controller, execution nodes, or the PostgreSQL database.
3.2.2. Tested system configurations
Red Hat has tested the following configurations to install and run Red Hat Ansible Automation Platform:
| Type | Description |
|---|---|
| Subscription |
|
| Operating system | Red Hat Enterprise Linux 9.2 or later x86_64 and AArch64 |
| Ansible-core | Ansible-core version 2.16 or later |
| Browser | A currently supported version of Mozilla Firefox or Google Chrome. |
| Database | PostgreSQL 15 |
3.2.3. Network ports
Red Hat Ansible Automation Platform uses several ports to communicate with its services. These ports must be open and available for incoming connections to the Red Hat Ansible Automation Platform server for it to work. Ensure that these ports are available and are not blocked by the server firewall.
| Port number | Protocol | Service | Source | Destination |
|---|---|---|---|---|
| 80/443 | TCP | HTTP/HTTPS | Event-Driven Ansible | Automation hub |
| 80/443 | TCP | HTTP/HTTPS | Event-Driven Ansible | Automation controller |
| 80/443 | TCP | HTTP/HTTPS | Automation controller | Automation hub |
| 443 | TCP | HTTPS | HAProxy load balancer | Platform gateway |
| 443 | TCP | HTTPS | Platform gateway | Automation controller |
| 443 | TCP | HTTPS | Platform gateway | Automation hub |
| 443 | TCP | HTTPS | Platform gateway | Event-Driven Ansible |
| 5432 | TCP | PostgreSQL | Event-Driven Ansible | External database |
| 5432 | TCP | PostgreSQL | Platform gateway | External database |
| 5432 | TCP | PostgreSQL | Automation hub | External database |
| 5432 | TCP | PostgreSQL | Automation controller | External database |
| 27199 | TCP | Receptor | Automation controller | Hop node and execution node |
| 27199 | TCP | Receptor | Hop node | Execution node |
| 6379 | TCP | Redis | Event-Driven Ansible | Redis node |
| 6379 | TCP | Redis | Platform gateway | Redis node |
| 16379 | TCP | Redis | Redis node | Redis node |
| 8433 | TCP | HTTPS | Platform gateway | Platform gateway |
| 50051 | TCP | gRPC | Platform gateway | Platform gateway |
3.2.4. Example enterprise inventory file
Use the example inventory file to perform an installation for this topology:
# This is the enterprise installer inventory file # Please consult the docs if you are unsure what to add # For all optional variables please consult the included README.md # or the Red Hat documentation: # https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation # This section is for your platform gateway hosts # ----------------------------------------------------- [automationgateway] gateway1.example.org gateway2.example.org # This section is for your automation controller hosts # ----------------------------------------------------- [automationcontroller] controller1.example.org controller2.example.org # This section is for your Ansible Automation Platform execution hosts # ----------------------------------------------------- [execution_nodes] hop1.example.org receptor_type='hop' exec1.example.org exec2.example.org # This section is for your automation hub hosts # ----------------------------------------------------- [automationhub] hub1.example.org hub2.example.org # This section is for your Event-Driven Ansible controller hosts # ----------------------------------------------------- [automationeda] eda1.example.org eda2.example.org [redis] gateway1.example.org gateway2.example.org hub1.example.org hub2.example.org eda1.example.org eda2.example.org [all:vars] # Common variables # https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-general-inventory-variables # ----------------------------------------------------- postgresql_admin_username=<set your own> postgresql_admin_password=<set your own> registry_username=<your RHN username> registry_password=<your RHN password> # Platform gateway # https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-gateway-variables # ----------------------------------------------------- gateway_admin_password=<set your own> gateway_pg_host=externaldb.example.org gateway_pg_database=<set your own> gateway_pg_username=<set your own> gateway_pg_password=<set your own> # Automation controller # https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-controller-variables # ----------------------------------------------------- controller_admin_password=<set your own> controller_pg_host=externaldb.example.org controller_pg_database=<set your own> controller_pg_username=<set your own> controller_pg_password=<set your own> # Automation hub # https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#ref-hub-variables # ----------------------------------------------------- hub_admin_password=<set your own> hub_pg_host=externaldb.example.org hub_pg_database=<set your own> hub_pg_username=<set your own> hub_pg_password=<set your own> # Event-Driven Ansible controller # https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/containerized_installation/appendix-inventory-files-vars#event-driven-ansible-controller # ----------------------------------------------------- eda_admin_password=<set your own> eda_pg_host=externaldb.example.org eda_pg_database=<set your own> eda_pg_username=<set your own> eda_pg_password=<set your own>
3.2.5. Storage requirements
-
Execution environments are pulled into automation controller hybrid nodes and execution nodes that run jobs. The size of these containers influences the storage requirements for
$PATH_WHERE_PODMAN_PUTS_CONTAINER_IMAGES. The primary determining factors for the size of the database and its storage volume, which defaults to
$POSTGRES_DEFAULT_DATA_DIR, are:- The quantity of job events (lines of output from automation controller jobs)
- The quantity of days of job data that are retained
-
On execution nodes and automation controller control and hybrid nodes, job output is buffered to the disk in
$NAME_OF_RECEPTOR_DIR_VAR, which defaults to/tmp. -
The size and quantity of collections synced to automation hub influence the storage requirements of
$PATH_WHERE_PULP_STORES_COLLECTIONS.
