Chapter 1. Introduction
Ansible Automation Platform from GCP Marketplace is an offering that you can deploy from the GCP Marketplace portal. Ansible Automation Platform from GCP Marketplace provides access to a library of Ansible content collections, and is integrated with key GCP services, so you can start automating the deployment, configuration, and management of infrastructure and applications quickly.
The following Red Hat Ansible Automation Platform components are available on Ansible Automation Platform from GCP Marketplace:
Automation mesh is not available on Ansible Automation Platform from GCP Marketplace at this time.
1.1. Application architecture
Red Hat Ansible Automation Platform from GCP Marketplace is installed into infrastructure resources running within your GCP account.

Ansible Automation Platform from GCP Marketplace is designed to be private, with no public access allowed by default.
This requires customers to expose the deployed Internal Load Balancers (ILBs) themselves pursuant to their own network requirements and security practices. Some potential ways to expose the ILBs include VPC Peering, Transit Gateway, VPN, External Load Balancers, amongst others.
All cloud infrastructure components are deployed in a Virtual Private Cloud (VPC).
Customers can choose between deploying into an existing VPC, or to have the product deploy a new VPC for them. All VM instances and Cloud infrastructure have private IP addresses (allocation determined by the VPC and subnetworks specified at deployment time) by default.
All internal traffic is encrypted using self-signed certificates generated at deployment time (external traffic can also be encrypted by deploying your own certificate on the Internal Load Balancers deployed by the product).
The Ansible Automation Platform software runs as containers on the deployed VM instances.
Managed instance groups (MIGs) manage VM instance lifecycles and monitor the health of each service running on the VM instances, automatically cycling the VM instances down and replacing them with new VM instances if the health check fails to respond, ensuring that the Ansible Automation Platform services stays up and available to process requests.
The VM instances run a customized RedHat Enterprise Linux (RHEL) Google Cloud Machine Image as their base image. This Google Cloud Machine Image is preloaded with all the required container images and packages to run the Ansible Automation Platform (automation hub, automation controller, and Execution Node components).
A shared Google File Store (GFS) volume is mounted into each VM instance provisioned by the product and is used for shared access to common files and resources.
A Google Cloud SQL Service is provisioned by the product at deployment time and contains databases for both the automation controller and automation hub.

The Foundation product includes two Execution Nodes running on the same VM instances as the automation controller components (this is called a Hybrid Node configuration in Ansible Automation Platform). Additional Execution Node offerings can be purchased to increase the scale (total number of managed nodes) the Ansible Automation Platform deployment is licensed to automate. When deploying the Execution Node offerings into an existing Ansible Automation Platform Foundation deployment, additional Execution Node VM instances can be deployed and automatically connected to the automation controller of the Foundation deployment where they immediately begin processing automation tasks.
Ansible Automation Platform components are run as containers using the Podman container runtime on the VM instances. The Podman runtime configuration is managed as a system service using systemd to ensure uptime and availability, and restarting any failed containers automatically.
SELinux is enabled on the VM instances and is supported down to the container level.
Additional operational automations are provided by the offering, available as a separate docker container for download from registry.redhat.io. These additional operational automations include backup, restore, and upgrade.
Any Common Vulnerabilities and Exposures (CVEs) found in the RHEL OS base image, the Ansible Automation Platform containers, or any included packages are addressed during upgrade of the Ansible Automation Platform offering by swapping out the base RHEL Google Cloud Machine Image with a newer version including all required software, packages, and containers.
This is done automatically for you through the use of the included upgrade automation.
Customers can take advantage of these operational automations to simplify the operational readiness of Ansible Automation Platform within their own corporate standards freeing themselves up to focus on developing Ansible Automation to manage their own infrastructure and applications rather than spending time developing automations to manage Ansible Automation Platform.
1.2. Service descriptions
| Service Name | Description |
|---|---|
| Compute Engine | GCP VM compute platform |
| Cloud SQL | GCP database service |
| Filestore | GCP file storage service |
| Virtual Private Cloud (VPC) | GCP networking service |
| Cloud Monitoring | GCP metrics collector |
| Cloud Logging | GCP log management Service |