Creating Insights Maintenance Plans with Ansible Playbook Integration

Red Hat Insights 1.0

The Guide to Generating Ansible Playbooks to Implement Insights Maintenance Plans

Red Hat Insights Documentation Team

Abstract

Ansible Playbook integration with Red Hat Insights can help system administrators save time, be more productive, eliminate repetitive tasks, and reduce or eliminate errors. Red Hat Insights adds the ability to integrate Ansible Playbooks into Insights maintenance plans. This document will help Red Hat Insights users to build maintenance plans that leverage all of the benefits of Ansible Playbooks from the Insights UI in the Red Hat Customer Portal.

Chapter 1. Getting Started

1.1. Introduction

Red Hat Insights has the ability to integrate Ansible Playbooks into Insights maintenance plans. This document will help Red Hat Insights users to create maintenance plans and playbooks using the Insights UI in the Red Hat Customer Portal. Ansible Playbook integration with Insights can help system administrators save time, be more productive, eliminate repetitive tasks, and reduce or eliminate errors.

Limitations

The following limitations or restrictions apply to Ansible integration with Red Hat Insights:

  • Currently, Ansible Playbook capability is available exclusively through the Customer Portal and, as such, is unavailable via Satellite and CloudForms integrations. Satellite users can use it via the Customer Portal UI.
  • If you change a system’s hostname when registering that system in Insights, the same name must be used in the Ansible inventory or the generated playbook will not run.
  • There may not be a playbook for every rule. We’re currently expanding our offering; however, only those rules showing an Ansible icon have a playbook currently available.

Prerequisites

These instructions assume that system administrators have met the following prerequisites:

  • Set up Red Hat Insights. Refer to the instructions for your environment on the Insights Get Started page.
  • Install Ansible 2.2.0 or later.

  • Set up Ansible.

  • Verify connectivity to all inventory hosts.

Chapter 2. Creating a Plan

2.1. Creating an Insights Maintenance Plan

From within the Insights UI, there are multiple paths to create a maintenance plan with playbook integration. Included below are routes by way of the Inventory tab (a systems-centric approach) and through the Actions tab (a rule-centric approach).

2.1.1. Create a Maintenance Plan from the UI Inventory Tab

From the Insights UI, you can select the system or systems for which to resolve vulnerabilities, then drill down into the rules affecting those systems.

  1. Navigate to the Inventory tab of the Insights UI in the Customer Portal.

  2. Select the systems you want to include in your maintenance plan.

    View all of your systems by default, or filter the visible systems using the Group, System Status, or System Health dropdown menus.

  3. Click the Actions dropdown list located above the systems list and select Create a New Plan/Playbook or Add to Existing Plan/Playbook.
  4. In the dialog box, enter a plan name if creating a new plan, or if adding systems to an existing plan, select that plan from the dropdown menu.

  5. Select the vulnerabilities you want this maintenance plan to resolve by clicking the checkboxes next to each action and click Save.

    The plan is now visible at the bottom of the list of plans in the Planner view. Note the plan number.

  6. Carefully review each vulnerability and the systems affected.

    For each vulnerability, you can add or remove systems by clicking Edit.

  7. Click Download Playbook.

2.1.2. Create a Maintenance Plan from the UI Actions Tab

From the Insights UI, you can select individual rules or from rule types—​Availability, Stability, Performance, and Security—​and repair systems affected by those rules.

  1. Navigate to the Actions tab of the Insights UI in the Customer Portal.

  2. Select a category for the type of issues you want to address.

    Scroll down to view the rules within this category that affect your systems.

  3. Click on the rule you want to address.
  4. Following the rule description, scroll down to view the systems affected by this rule.
  5. Select all systems or individual systems that you want to repair.
  6. Click the Actions dropdown menu above the listed systems and choose whether to Create a new Plan/Playbook or Add to an existing Plan/Playbook.
  7. In the dialog box, enter a plan name if creating a new plan or, if adding systems to an existing plan, select that plan from the dropdown menu.

  8. Click Save.

    Below the plan name, in the Actions tab (shown by default), you can add more rules/actions that affect the selected systems. Or you can click the Systems tab and add more systems affected by the rule.

  9. Click Download Playbook.

Chapter 3. Running a Playbook

3.1. Running Ansible Playbooks in Insights

After you create a maintenance plan in the Insights UI, run the plan as a playbook from the command line.

Note

As of the current release, playbooks are available for most—​but not all—​rule vulnerabilities. Maintenance plans that include rules for which there is no playbook will show the Download Playbook button grayed out. For playbook integration, look for the blue Ansible icon next to the rule.

3.1.1. Generate an Ansible Playbook from the Insights UI

Ansible Playbooks are generated at the time the maintenance plan is created, or can be generated later, from the maintenance plan list in the Planner tab of the Insights UI.

  1. Navigate to the Planner tab of the Insights UI in the Customer Portal.
  2. Select a plan.
  3. Click Download Playbook, located in the bottom right corner of the plan card.
  4. Save the .yml file in an appropriate directory.

3.1.2. Run an Ansible Playbook

To run an Ansible Playbook, open a terminal and execute

# ansible-playbook <playbook>.yml

3.1.2.1. View Results in Planner

After you run the playbook, go to the the UI Planner and view the issues that have been remediated.

Revised on 2018-09-24 19:10:13 UTC

Legal Notice

Copyright © 2018 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat Software Collections is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.