Getting started with automation hub
Configuring Red Hat Automation Hub as your default server for Ansible collections content
saas-docs@redhat.com
Abstract
Preface
Red Hat Ansible automation hub provides a place for Red Hat subscribers to quickly find and use content that is supported by Red Hat and our technology partners to deliver additional reassurance for the most demanding environments.
The Ansible Galaxy client, ansible-galaxy
, manages roles and collections from the command line. To ensure that the ansible-galaxy
client uses certified, supported Ansible collections whenever possible, you should update your ansible.cfg
file to use Red Hat automation hub as your primary source of Ansible collections.
This guide walks you through the steps required to configure your ansible.cfg
file to use Red Hat automation hub as the default source for certified Ansible collections content.
Making open source more inclusive
Red Hat is committed to replacing problematic language in our code, documentation, and web properties. We are beginning with these four terms: master, slave, blacklist, and whitelist. Because of the enormity of this endeavor, these changes will be implemented gradually over several upcoming releases. For more details, see our CTO Chris Wright’s message.
Chapter 1. Creating the Red Hat automation hub API token
Before you can interact with automation hub by uploading or downloading collections, you need to create an API token. The automation hub API token authenticates your ansible-galaxy
client to the Red Hat automation hub server.
You can create an API token using automation hub Token management.
Prerequisites
- Valid subscription credentials for Red Hat Ansible Automation Platform.
Procedure
- Navigate to https://cloud.redhat.com/ansible/automation-hub/token/.
- Click Load Token.
- Click copy icon to copy the API token to the clipboard.
- Paste the API token into a file and store in a secure location.
The API token is a secret token used to protect your content. Store your API token in a secure location.
The API token is now available for configuring automation hub as your default collections server or uploading collections using the ansible-galaxy
command line tool.
1.1. Keeping your offline token active
Keeping an offline token active is useful when an application needs to perform action on behalf of the user, even when the user is offline. For example, a routine data backup.
Offline tokens expire after 30 days of inactivity. You can keep your offline token from expiring by periodically refreshing your offline token.
Once your offline token expires, you must request a new one.
Run the following command periodically to prevent your token from expiring:
curl https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token -d grant_type=refresh_token -d client_id="cloud-services" -d refresh_token="{{ user_token }}" --fail --silent --show-error --output /dev/null
Chapter 2. Configuring Red Hat automation hub as the primary source for content
Configure Red Hat automation hub as your primary source of content to access Ansible Certified Content Collections. You can configure automation hub in the command-line interface (CLI) or the web console.
2.1. Configuring Red Hat automation hub as the primary source for content using the CLI
Configure Red Hat automation hub as your primary source of content by using the CLI. To configure automation hub, you must modify the ansible.cfg
configuration file. With automation hub, you have access to certified, supported collections.
Prerequisites
- You have obtained the API token for the automation hub server. See Creating the Red Hat automation hub API token for more information.
Creating a new token revokes any previous tokens generated for Private Automation Hub. Ensure that you update any Controller or scripts that you created with the previous token.
Procedure
-
Add the
server_list
option under the[galaxy]
section and provide one or more server names. Create a new section for each server name:
[galaxy_server._<server_name>_]
Set the
url
option for each server name. You must include theapi/galaxy/
subdirectory in the server URL:https://<server_fully_qualified_domain_name>/api/galaxy/
-
Optional: Set the
auth_url
option. The community Ansible Galaxy does not require anauth_url
. - Set the API token for the automation hub server.
The following ansible.cfg
configuration file example shows how to configure multiple servers in prioritized order, with automation hub configured as your primary source and an Ansible Galaxy server as a secondary source:
ansible.cfg
[galaxy] server_list = automation_hub, my_org_hub [galaxy_server.automation_hub] url=https://cloud.redhat.com/api/automation-hub/api/galaxy/ 1 2 auth_url=https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token token=my_ah_token [galaxy_server.my_org_hub] url=https://automation.my_org/api/galaxy/ 3 username=my_user password=my_pass
All API URLs must end with a trailing slash / in order to prevent receiving a 301 redirect.
You have now configured automation hub as your primary server using CLI, and can proceed to download and install supported collections.
Additional resources
For more information on server list configuration options and using Ansible Galaxy as an Ansible content source, see the Ansible Galaxy User Guide.
2.2. Configuring Red Hat automation hub as the primary source for content using the web console
Configure Red Hat automation hub as your primary source of content by using the web console. To configure automation hub, you must create a credential and add it to the Organization’s Galaxy Credentials field. With automation hub, you have access to certified, supported collections.
Prerequisites
- You have obtained the API token for the automation hub server. See Creating the Red Hat automation hub API token for more information.
Creating a new token revokes any previous tokens generated for Private Automation Hub. Ensure that you update any Controller or scripts that you created with the previous token.
Procedure
- Navigate to your Automation Controller.
Create a new credential.
- Click Add from the Credentials screen.
- Enter the name for your new credential in the Name field.
- Optional: Enter a description and enter or select the name of the organization with which the credential is associated.
- Under Organization, select the organization that you would like to use the credential for.
- Select Ansible Galaxy/Automation Hub API Token as the credential type.
- Under Type Details, enter the Galaxy Server URL, Authentication Server URL, and API Token created in the Prerequisite.
- Click Save.
Select the credential you created from the Organization’s Galaxy Credentials field.
- Navigate to Access → Organizations.
- Select the organization where you’d like to add your Galaxy credentials.
- Click Edit.
- Under Galaxy Credentials, click the Search icon.
- Select the credential you created for automation hub, and place it at the beginning of the list.
- Optional: If you have a secondary source of content, such as Ansible Galaxy, place this credential after the credential you created for automation hub.
- Click Select.
- Click Save.
Verification
To validate the credential, update an existing source control management (SCM)-based project by selecting the project and clicking the Refresh icon.
- Navigate to your project repository.
-
Select a project that uses a
collections/requirements.yml
file. - Update the project by clicking the refresh icon [refresh icon].
If the status of the project is Successful, then the credential is valid.
You have now configured automation hub as your primary server using the web console, and you can proceed to download and install supported collections.
Additional resources
- For more information on server list configuration options and using Ansible Galaxy as an Ansible content source, see the Ansible Galaxy User Guide.
- For more information on creating and using credentials, see the Credentials section of Automation Controller User Guide v4.2.1.