Red Hat Summit Red Hat SummitApoyoConsolaDesarrolladoresIniciar una pruebaContacto

Este contenido no está disponible en el idioma seleccionado.

Chapter 3. Installing Ansible development tools

You have two options for installing Ansible development tools, so that you can choose the installation method that best suits your preferred operating system and development environment.

Red Hat provides two options for installing Ansible development tools.

  • Installation on a RHEL container running inside VS Code. You can install this option on MacOS, Windows, and Linux systems.

  • Installation on your local RHEL 8 or RHEL 9 system using an RPM (Red Hat Package Manager) package.

    Note

    RPM installation is not supported on RHEL 10.

3.1. Requirements
Copiar enlace

To install and use Ansible development tools, you must meet the following requirements. Extra requirements for Windows installations and containerized installations are indicated in the procedures.

3.1.1. Requirements for Ansible development tools on Windows
Copiar enlace

If you are installing Ansible development tools on a container in VS Code on Windows, there are extra requirements:

  • Windows Subsystem for Linux(WSL2)
  • Podman Desktop

Procedure

  1. Install WSL2 without a distribution: 

    $ wsl --install --no-distribution
    Copy to Clipboard Toggle word wrap

  2. Use cgroupsv2 by disabling cgroupsv1 for WSL2:

    Edit the %USERPROFILE%/wsl.conf file and add the following lines to force cgroupv2 usage: 

    [wsl2]
kernelCommandLine = cgroup_no_v1="all"
    Copy to Clipboard Toggle word wrap

  3. Install Podman Desktop. Follow the instructions in Installing Podman Desktop and Podman on Windows in the Podman Desktop documentation.

    You do not need to change the default settings in the set-up wizard.

  4. Ensure the podman machine is using cgroupsv2: 

    $ podman info | findstr cgroup
    Copy to Clipboard Toggle word wrap

  5. Test Podman Desktop: 

    $ podman run hello
    Copy to Clipboard Toggle word wrap

  6. Configure the settings for Podman Desktop. Add a %USERPROFILE%\bin\docker.bat file with the following content: 

    @echo off
podman %*
    Copy to Clipboard Toggle word wrap

    This avoids having to install Docker as required by the VS Code Dev Container extension.

  7. Add the %USERPROFILE%\bin directory to the PATH:

    1. Select Settings and search for "Edit environment variables for your account" to display all of the user environment variables.
    2. Highlight "Path" in the top user variables box, click Edit and add the path.
    3. Click Save to set the path for any new console that you open.

3.1.2. Authenticating with the Red Hat container registry
Copiar enlace

All container images available through the Red Hat container catalog are hosted on an image registry, registry.redhat.io. The registry requires authentication for access to images.

Note

If you are planning to install the Ansible development tools on a container inside VS Code, you must log in to registry.redhat.io before launching VS Code so that VS Code can pull the devtools container from registry.redhat.io.

If you are running Ansible development tools on a container inside VS Code and you want to pull execution environments or the devcontainer to use as an execution environment, you must log in from a terminal prompt within the devcontainer from a terminal inside VS Code.

Prerequisites

  • You have a Red Hat login. It is the same account that you use to log in to the Red Hat Customer Portal (access.redhat.com) and manage your Red Hat subscriptions.

Procedure

  1. Check whether you are already logged in to the registry.redhat.io registry: 

    $ podman login --get-login registry.redhat.io
    Copy to Clipboard Toggle word wrap

    The command output displays your Red Hat login if you are logged in to registry.redhat.io.

  2. If you are not logged in to registry.redhat.io, use the podman login command with your credentials to access content on the registry. 

    $ podman login registry.redhat.io
Username: my_redhat_username
Password: ***********
    Copy to Clipboard Toggle word wrap

3.1.3. Installing VS Code
Copiar enlace

Install VS Code by following the instructions found on the Download Visual Studio Code page in the official documentation.

Procedure

3.1.4. Installing the VS Code Ansible extension
Copiar enlace

The Ansible extension adds language support for Ansible to VS Code. It incorporates Ansible development tools to facilitate creating and running automation content.

For a full description of the Ansible extension, see the Visual Studio Code Marketplace.

Procedure

  1. Open VS Code.
  2. Click the Extensions ( Extensions ) icon in the Activity Bar, or click View Extensions, to display the Extensions view.
  3. In the search field in the Extensions view, type Ansible Red Hat.
  4. Select the Ansible extension and click Install.

Verification

When the language for a file is recognized as Ansible, the Ansible extension provides features such as auto-completion, hover, diagnostics, and goto. The language identified for a file is displayed in the Status bar at the bottom of the VS Code window.

The following files are assigned the Ansible language:

  • YAML files in a /playbooks directory
  • Files with the following double extension: .ansible.yml or .ansible.yaml
  • Certain YAML names recognized by Ansible, for example site.yml or site.yaml
  • YAML files whose filename contains "playbook": playbook.yml or playbook.yaml

Troubleshooting

If the extension does not identify the language for your playbook files as Ansible, follow the procedure in Associating the Ansible language to YAML files.

3.1.5. Configuring Ansible extension settings
Copiar enlace

The Ansible extension supports multiple configuration options.

You can configure the settings for the extension on a user level, on a workspace level, or for a particular directory. User-based settings are applied globally for any instance of VS Code that is opened. A VS Code workspace is a collection of one or more folders that you can open in a single VS Code window. Workspace settings are stored within your workspace and only apply when the current workspace is opened.

It is useful to configure settings for your workspace for the following reasons:

  • If you define and maintain configurations specific to your playbook project, you can customize your Ansible development environment for individual projects without altering your preferred setup for other work. You can have different settings for a Python project, an Ansible project, and a C++ project, each optimized for the respective stack without the need to manually reconfigure settings each time you switch projects.
  • If you include workspace settings when setting up version control for a project you want to share with your team, everyone uses the same configuration for that project.

Prerequisites

  • Open a workspace or folder, or create a new folder, in VS Code using the File Open Folder menu. This is necessary because the file that stores settings preferences for workspaces is specific to a folder or workspace.

Procedure

  1. Open the Ansible extension settings:

    1. Click the Extensions Extensions icon in the activity bar.

    2. Select the Ansible extension, and click the 'gear' icon and then Extension Settings to display the extension settings.

      • Alternatively, click Code Settings Settings to open the Settings page.
    3. Enter Ansible in the search bar to display the settings for the extension.

  2. Select the Workspace tab to configure your settings for the current VS Code workspace.

    • If the Workspace tab is not displayed, open a folder or create a new folder using the File Open Folder menu.

  3. The Ansible extension settings are pre-populated. Modify the settings to suit your requirements:

    • Check the Ansible Validation Lint: Enabled box to enable ansible-lint.
    • Check the Ansible Execution Environment: Enabled box to use an execution environment.
    • Specify the execution environment image you want to use in the Ansible > Execution Environment: image field.
    • To use Red Hat Ansible Lightspeed, check the Ansible > Lightspeed: Enabled box, and enter the URL for Lightspeed.

3.1.6. Installing and configuring the Dev Containers extension
Copiar enlace

If you are installing the containerized version of Ansible development tools, you must install the Microsoft Dev Containers extension in VS Code.

Procedure

  1. Open VS Code.
  2. Click the Extensions ( Extensions ) icon in the Activity Bar, or click View Extensions, to display the Extensions view.
  3. In the search field in the Extensions view, type Dev Containers.

  4. Select the Dev Containers extension from Microsoft and click Install.

    If you are using Podman or Podman Desktop as your containerization platform, you must modify the default settings in the Dev Containers extension.

  5. Replace docker with podman in the Dev Containers extension settings:

    1. In VS Code, open the settings editor.

    2. Search for @ext:ms-vscode-remote.remote-containers.

      Alternatively, click the Extensions icon in the activity bar and click the gear icon for the Dev Containers extension.

  6. Set Dev > Containers:Docker Path to podman.
  7. Set Dev > Containers:Docker Compose Path to podman-compose.

The Dev Containers VS Code extension requires a .devcontainer file to store settings for your dev containers. You must use the Ansible extension to scaffold a config file for your dev container, and reopen your directory in a container in VS Code.

Prerequisites

  • You have installed a containerization platform, for example Podman, Podman Desktop, Docker, or Docker Desktop.
  • You have a Red Hat login and you have logged in to the Red Hat registry at registry.redhat.io. For information about logging in to registry.redhat.io, see Authenticating with the Red Hat container registry.
  • You have installed VS Code.
  • You have installed the Ansible extension in VS Code.
  • You have installed the Microsoft Dev Containers extension in VS Code.
  • If you are installing Ansible development tools on Windows, launch VS Code and connect to the WSL machine. Click the Remote( Remote ) icon. In the dropdown menu that appears, select the option to connect to the WSL machine.

Procedure

  1. In VS Code, navigate to your project directory.
  2. Click the Ansible icon in the VS Code activity bar to open the Ansible extension.
  3. In the Ansible Development Tools section of the Ansible extension, scroll down to the ADD option and select Devcontainer.

  4. In the Create a devcontainer page, select the Downstream container image from the Container image options.

    This action adds devcontainer.json files for both Podman and Docker in a .devcontainer directory.

  5. Reopen or reload the project directory:

    • If VS Code detects that your directory contains a devcontainer.json file, the following notification appears:

      Reopen in container
      View larger image
      Reopen in container

      Click Reopen in Container.

    • If the notification does not appear, click the Remote ( Remote ) icon. In the dropdown menu that appears, select Reopen in Container.

  6. Select the dev container for Podman or Docker according to the containerization platform you are using.

    The Remote () status in the VS Code Status bar displays opening Remote and a notification indicates the progress in opening the container.

Verification

When the directory reopens in a container, the Remote () status displays Dev Container: ansible-dev-container.

Note

The base image for the container is a Universal Base Image Minimal (UBI Minimal) image that uses microdnf as a package manager. The dnf and yum package managers are not available in the container.

For information about using microdnf in containers based on UBI Minimal images, see Adding software in a minimal UBI container in the Red Hat Enterprise Linux Building, running, and managing containers guide.

3.3. Installing Ansible development tools from a package on RHEL
Copiar enlace

Ansible development tools are bundled in the Ansible Automation Platform RPM (Red Hat Package Manager) package. Refer to the RPM installation documentation for information on installing Ansible Automation Platform.

Prerequisites

  • You have installed RHEL 8 or RHEL 9.

    Note

    RPM installation is not supported on RHEL 10.

  • You have registered your system with Red Hat Subscription Manager.
  • You have installed a containerization platform, for example Podman or Docker.

Procedure

  1. Run the following command to check whether Simple Content Access (SCA) is enabled: 

    $ sudo subscription-manager status
    Copy to Clipboard Toggle word wrap

    If Simple Content Access is enabled, the output contains the following message: 

    Content Access Mode is set to Simple Content Access.
    Copy to Clipboard Toggle word wrap

    1. If Simple Content Access is not enabled, attach the Red Hat Ansible Automation Platform SKU: 

      $ sudo subscription-manager attach --pool=<sku-pool-id>
      Copy to Clipboard Toggle word wrap

  2. Install Ansible development tools with the following command: 

    $ sudo dnf install --enablerepo=ansible-automation-platform-2.6-for-rhel-8-x86_64-rpms ansible-dev-tools
    Copy to Clipboard Toggle word wrap 
    $ sudo dnf install --enablerepo=ansible-automation-platform-2.6-for-rhel-9-x86_64-rpms ansible-dev-tools
    Copy to Clipboard Toggle word wrap

Verification

  1. Verify that the Ansible development tools components have been installed: 

    $ rpm -aq | grep ansible
ansible-collection-redhat-rhel_mgmt-1.1.0-2.el9.noarch
ansible-collection-microsoft-sql-2.5.2-1.el9.noarch
ansible-core-2.16.14-2.el9ap.noarch
python3.11-ansible-compat-25.8.1-1.el9ap.noarch
python3.11-ansible-runner-2.4.1-1.el9ap.noarch
ansible-runner-2.4.1-1.el9ap.noarch
ansible-builder-3.1.0-1.el9ap.noarch
ansible-lint-25.8.2-1.el9ap.noarch
ansible-navigator-25.8.0-1.el9ap.noarch
ansible-sign-0.1.2-1.el9ap.noarch
python3.11-pytest-ansible-25.8.0-1.el9ap.noarch
ansible-dev-environment-25.8.0-1.el9ap.noarch
ansible-creator-25.8.0-1.el9ap.noarch
python3.11-tox-ansible-25.8.0-1.el9ap.noarch
ansible-dev-tools-25.8.3-1.el9ap.noarch
    Copy to Clipboard Toggle word wrap

  2. On successful installation, you can view the help documentation for the ansible-creator utility: 

    $ ansible-creator --help

usage: ansible-creator [-h] [--version] command ...

The fastest way to generate all your ansible content.

Positional arguments:
 command
  add           Add resources to an existing Ansible project.
  init          Initialize a new Ansible project.

Options:
 --version      Print ansible-creator version and exit.
 -h     --help  Show this help message and exit
    Copy to Clipboard Toggle word wrap

3.4. MCP server integration
Copiar enlace

An MCP server implements Model Context Protocol (MCP) for a specific backend such as REST API, various services, databases, and other external systems. The MCP server then exposes its operations as discoverable tools that AI agents or large language models (LLMs) can call.

MCP servers are integrated into Execution Environments (EEs) using a robust Ansible plugin framework. This setup allows Ansible playbooks to call MCP servers directly. A crucial design strategy is the ephemeral nature of these servers, meaning they exist only for the duration of the job execution.

The core requirement for enabling MCP support involves securely installing the required MCP server software into the Execution Environment during the build process, typically using the ansible-builder command.

You can configure MCP servers in two ways:

  • For embedded (local) MCP servers: The EE image must explicitly include the MCP server binaries or libraries installed on the image path. This setup enables the Execution Environment to discover and start the specific embedded server required for the job.

  • For remote (external) MCP servers: The EE build process facilitates defining remote connection details in a manifest file contained within the EE. This manifest informs the core MCP collection plugin on how to connect, typically pointing to a specific remote URL using an HTTP connection.

    Supported MCP servers

    To use MCP servers, you must specify the required MCP support information in your EE definitions. This configuration pulls the necessary dependencies into your EE YAML file. The following MCP servers are currently targeted for support:

    • AWS Core MCP: Serves as a starting point for working across Amazon MCPs
    • AWS Cloud Control API MCP: Provides the execution layer for AWS resource management
    • GitHub MCP: Used for testing and validation, often targeting remote server connections
    Dependencies
    Dependencies are incorporated into the EE YAML when you create the definition files. For example, the demonstration jobs target scenarios like AWS EC2 and VPC management, GitHub repository, and Pull Request operations.

3.5. Implementing automation content for ephemeral MCP agents
Copiar enlace

You can create an Ansible playbook leveraging the Execution Environment (EE) setup so that ephemeral MCP servers are provisioned during Ansible Automation Platform (AAP) controller job creation. This way you can safely use AI as an operational assistant, which can take assigned actions in your enterprise platform.

Prerequisites

  • You must securely store all access credentials necessary for MCP plugin use exclusively within AAP credential store.
  • The Execution Environment (EE) image must be configured to include the necessary MCP server component, which is typically accomplished by selecting a collection with specialized roles during the EE build process.

Procedure

  1. Create the execution-environment.yml definition file, which specifies a step to install the MCP server components: 

    ---
version: 3

images:
  base_image:
    name: ansible-automation-platform-25/ee-minimal-rhel9:latest
dependencies:
  galaxy: requirements.yml

options:
  package_manager_path: /usr/bin/microdnf

additional_build_steps:
  append_final: |
    RUN ansible-playbook ansible.mcp_builder.install_mcp -e mcp_servers=github_mcp -e github_mcp_mode=remote
    Copy to Clipboard Toggle word wrap

    The example definition file above specifies the required MCP server, so that the necessary dependencies are pulled into the file.

    During the EE build process the MCP server software is installed into the EE.

    For embedded servers, include the MCP server binaries or libraries explicitly on the EE image path.

    For remote servers, define remote connection details in a manifest file within the EE.

  2. Write custom Ansible content: 

    ---
- name: Example Github MCP server interaction
  hosts: github_mcp
  tasks:
    - name: Create a Github repository
      ansible.mcp.run_tool:
        name: create_repository
        args:
          name: my-github-repository
          autoInit: true
    Copy to Clipboard Toggle word wrap

    The playbook syntax for invoking MCP plugins is intuitive and aligns with existing Ansible module patterns.

    Important

    You must configure the ansible.mcp.mcp connection plugin to use the ansible.mcp collection. For example, you should set the ansible_mcp_server_name custom-defined configuration variable to the name of a server in the mcpserver.json manifest file. Your playbook might use inventory variables, such as setting the connection plugin to ansible_connection: ansible.mcp.mcp, along with required timeout values like ansible_connect_timeout: 30 and ansible_command_timeout: 30.

  3. Create and configure credentials in AAP:

    The required credentials vary based on which MCP server you are using. For example, the Github MCP server requires a Github Personal Access Token, which should be set in the MCP_BEARER_TOKEN environment variable.

    1. To do this, first create a custom credential type in AAP:

      Create credential type
      View larger image
      Create credential type

    2. Create a new credential and use the custom credential type you just created:

      Create credential
      View larger image
      Create credential

      The examples above show how to set up the required credential structures in the AAP credential store. This includes defining the relevant fields and the injector configuration needed to pass the secret as an environment variable (for example, MCP_BEARER_TOKEN: “{{ token }}”).

  4. Create a new host and configure the connection variables:

    Create a host
    View larger image
    Create a host
  5. Launch the relevant job in the AAP controller GUI.

Troubleshooting

To manage the health of the MCP servers, the AAP environment emphasizes governance and auditability, allowing you to trace workflow success and failures.

All MCP plugin invocations and credential usage events are logged and auditable through AAP audit trail systems, including the job ID, user, and timestamp, along with Ansible eventstream data. This tracking supports governance requirements for enterprise compliance.

The system ensures that secrets are never hardcoded into playbooks or visible in execution logs; they are masked automatically. This robust auditing assists in identifying security issues or operational problems during task execution.

A successful operation relies on the strict, controlled lifecycle of the MCP agents. This ensures that upon job failure or completion, there are no residual data, services, or security artifacts remaining.

Volver arriba
Red Hat logoGithubredditYoutubeTwitter

Aprender

Pruebe, compre y venda

Comunidades

Acerca de la documentación de Red Hat

Ayudamos a los usuarios de Red Hat a innovar y alcanzar sus objetivos con nuestros productos y servicios con contenido en el que pueden confiar. Explore nuestras recientes actualizaciones.

Hacer que el código abierto sea más inclusivo

Red Hat se compromete a reemplazar el lenguaje problemático en nuestro código, documentación y propiedades web. Para más detalles, consulte el Blog de Red Hat.

Acerca de Red Hat

Ofrecemos soluciones reforzadas que facilitan a las empresas trabajar en plataformas y entornos, desde el centro de datos central hasta el perímetro de la red.

Theme

© 2026 Red Hat