validatedpatterns · kquinn1204 · Mar 12, 2025 · Feb 25, 2025 · Feb 26, 2025 · Feb 26, 2025
diff --git a/content/patterns/ansible-edge-gitops/_index.adoc b/content/patterns/ansible-edge-gitops/_index.adoc
@@ -0,0 +1,81 @@
+---
+title: Ansible Edge GitOps
+date: 2022-06-08
+tier: maintained
+summary: This pattern uses OpenShift Virtualization to simulate an edge environment for VMs.
+rh_products:
+- Red Hat OpenShift Container Platform
+- Red Hat Ansible Automation Platform
+- Red Hat OpenShift Virtualization
+- Red Hat Enterprise Linux
+- Red Hat OpenShift Data Foundation
+industries:
+- Chemical
+aliases: /ansible-edge-gitops/
+pattern_logo: ansible-edge.png
+links:
+  install: getting-started
+  help: https://groups.google.com/g/validatedpatterns
+  bugs: https://github.com/validatedpatterns/ansible-edge-gitops/issues
+ci: aegitops
+---
+
+:toc:
+:imagesdir: /images
+:_content-type: ASSEMBLY
+include::modules/comm-attributes.adoc[]
+
+== Ansible Edge GitOps
+
+=== Background
+
+Organizations are interested in accelerating their deployment speeds and improving delivery quality in their Edge environments, where many
+devices may not fully or even partially embrace the GitOps philosophy. Further, there are VMs and other devices that can and should be managed
+with Ansible. This pattern explores some of the possibilities of using an OpenShift-based Ansible Automated Platform deployment and managing
+Edge devices, based on work done with a partner in the chemical space.
+
+This pattern uses OpenShift Virtualization (the productization of Kubevirt) to simulate the Edge environment for VMs.
+
+==== Solution elements
+
+* How to use a GitOps approach to manage virtual machines, either in public clouds (limited to AWS for technical reasons) or on-prem
+OpenShift installations
+* How to integrate AAP into OpenShift
+* How to manage Edge devices using AAP hosted in OpenShift
+
+==== Red Hat Technologies
+
+* Red Hat OpenShift Container Platform (Kubernetes)
+* Red Hat Ansible Automation Platform (formerly known as "`Ansible
+Tower`")
+* Red Hat OpenShift GitOps (ArgoCD)
+* OpenShift Virtualization (Kubevirt)
+* Red Hat Enterprise Linux 8
+
+==== Other technologies this pattern Uses
+
+* Hashicorp Vault
+* External Secrets Operator
+* Inductive Automation Ignition
+
+=== Architecture
+
+Similar to other patterns, this pattern starts with a central management hub, which hosts the AAP and Vault components.
+
+==== Logical architecture
+
+.Ansible-Edge-Gitops-Architecture
+image::/images/ansible-edge-gitops/ansible-edge-gitops-arch.png[Ansible-Edge-Gitops-Architecture]
+
+==== Physical architecture
+
+.Ansible-Edge-GitOps-Physical-Architecture
+image::/images/ansible-edge-gitops/aeg-arch-schematic.png[Ansible-Edge-GitOps-Physical-Architecture]
+
+=== Other presentations featuring this pattern
+
+==== Registration required
+
+https://tracks.redhat.com/c/validated-patterns_i?x=5wCWYS&lx=lT1ZfK[image:/images/ansible-edge-gitops/automates-june-2022-deck-thumb.png[Ansible-Automates-June-2022-Deck]]
+
+https://tracks.redhat.com/c/preview-42?x=5wCWYS&lx=lT1ZfK[image:/images/ansible-edge-gitops/automates-june-2022-video-thumb.png[Ansible-Automates-June-2022-Video]]
diff --git a/content/patterns/ansible-edge-gitops/_index.md b/content/patterns/ansible-edge-gitops/_index.md
diff --git a/content/patterns/ansible-edge-gitops/ansible-automation-platform.adoc b/content/patterns/ansible-edge-gitops/ansible-automation-platform.adoc
@@ -0,0 +1,109 @@
+---
+title: Ansible Automation Platform
+weight: 30
+aliases: /ansible-edge-gitops/ansible-automation-platform/
+---
+
+:toc: 
+:imagesdir: /images
+:_content-type: ASSEMBLY
+include::modules/comm-attributes.adoc[]
+
+[id="ansible-automation-pattern"]
+== Logging in to the Ansible Automation Platform
+
+The default login user for the AAP interface is `admin`, and the password is randomly generated during installation. This password is required to access the interface.
+However, logging into the interface is not necessary, as the pattern automatically configures the AAP instance. The pattern retrieves the password by using the same method as the `ansible_get_credentials.sh` script (described below).
+
+If you need to inspect the AAP instance or change its configuration, there are two ways to log in. Both methods give access to the same instance using the same password.
+
+[id="logging-in-using-a-secret-retrieved-from-the-openshift-console"]
+=== Logging in using a secret retrieved from the OpenShift Console
+
+Follow these steps to log in to the Ansible Automation Platform using the OpenShift console:
+
+. In the OpenShift console, go to *Workloads* > *Secrets* and select the `ansible-automation-platform` project if you want to limit the number of secrets you can see.
++
+.AAP secret
+image::/images/ansible-edge-gitops/ocp-console-secrets-aap-admin-password-v1.png[ansible-edge-observability-operators,title="AAP secret"]
+
+.. Select the `aap-admin-password`. 
+
+.. In the *Data* field click *Reveal values* to display the password. 
++
+.AAP secret detail
+image::/images/ansible-edge-gitops/ocp-console-aap-admin-password-detail-v1.png[ansible-edge-observability-operators,title="AAP secret details"]
+
+. Under *Networking* > *Routes*, click the URL for the `aap` route to open the Ansible Automation Platform interface. 
+
+.. Log in using the `admin` user and the password you retrieved from the `aap-admin-password` secret. A screen similar to the following appears:
++
+.AAP login
+image::/images/ansible-edge-gitops/aap-login-v1.png[ansible-edge-observability-operators,title="AAP login"]
+
+[id="logging-in-using-secret-retrieved-using-script-ansible_get_credentials"]
+=== Logging in using a secret retrieved with ansible_get_credentials.sh
+
+Follow this procedure to log in to the Ansible Automation Platform using the `ansible_get_credentials.sh` script:
+
+. From the top-level pattern directory (ensuring you have set `KUBECONFIG`), run the following command:
++
+[source,terminal]
+----
+$ ./pattern.sh ./scripts/ansible_get_credentials.sh
+----
++
+This script retrieves the URL for your Ansible Automation Platform instance and the password for its `admin` user. The password is auto-generated by the AAP operator by default. The output of the command looks like this (your password will be different):
++
+[source,text]
+----
+[WARNING]: No inventory was parsed, only implicit localhost is available
+
+PLAY [Retrieve Credentials for AAP on OpenShift] *******************************************************************
+
+TASK [Retrieve API hostname for AAP] *******************************************************************
+ok: [localhost]
+
+TASK [Set ansible_host] *****************************************************************
+ok: [localhost]
+
+TASK [Retrieve admin password for AAP] *****************************************************************************
+ok: [localhost]
+
+TASK [Set admin_password fact] ****************************************************************************************
+ok: [localhost]
+
+TASK [Report AAP Endpoint] *****************************************************************************************
+ok: [localhost] => {
+    "msg": "AAP Endpoint: https://aap-ansible-automation-platform.apps.kevstestcluster.aws.validatedpatterns.io"
+}
+
+TASK [Report AAP User] ******************************************************************************
+ok: [localhost] => {
+    "msg": "AAP Admin User: admin"
+}
+
+TASK [Report AAP Admin Password] *******************************************************************
+ok: [localhost] => {
+    "msg": "AAP Admin Password: XoQ2MoU88ibAwUZI8tHu194DP304UEqz"
+}
+
+PLAY RECAP *******************************************************************************
+localhost                  : ok=7    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
+----
+
+== Pattern AAP Configuration Details
+
+In this section, we describe the details of the AAP configuration we apply as part of installing the pattern. All of the configuration discussed in this section is applied by the
+https://github.com/validatedpatterns/ansible-edge-gitops/blob/main/scripts/ansible_load_controller.sh[ansible_load_controller.sh]
+script.
+
+The `ansible_load_controller.sh` script automates the configuration of the Ansible Automation Platform (AAP) by executing a series of Ansible playbooks. These playbooks perform tasks such as retrieving credentials, parsing secrets, and configuring the AAP instance.
+
+Key components of the configuration process:
+
+* Retrieving AAP Credentials: The script runs the `ansible_get_credentials.yml` playbook to obtain necessary credentials for accessing and managing the AAP instance.
+
+* Parsing Secrets: It then executes the `parse_secrets_from_values_secret.yml` playbook to extract and process sensitive information stored in the `values_secret.yaml` file, which includes passwords, tokens, or other confidential data required for configuration.
+
+* Configuring the AAP Instance: Finally, the script runs the `ansible_configure_controller.yml` playbook to set up and configure the AAP controller based on the retrieved credentials and parsed secrets.