In the next few weeks, and with the goal of better aligning this content with the upstream ManageIQ, we will migrate all relevant content to the upstream blog before shutting down this blog platform. You’ll be able to find all your favorite tips and tricks at (<manageiq.org/blog/>)
As a CloudForms user, do you ever get frustrated, wondering which button to click on or how to get to your selected location?
If your answer to any of these or similar questions is yes, then let me tell you that your life is going to get easier. Why does CloudForms need to be that complicated? The truth is that it doesn’t and we (with your help) are working on it. Have you already noticed any design changes in CloudForms? Has your menu changed or some reports make more sense now? Sometimes small and at first sight irrelevant changes can bring you peace of mind without you even noticing it. We are working on getting rid of all the unnecessary steps in your workflow to let you just focus on your tasks. We are eliminating painful illogical constraints, unnecessary information inputs and more, to reduce questions like which button to click on. Our job may be invisible but that means that we are doing it right.
Who are we?
Red Hat CloudForms allows users to put both VM provisioning and Ansible Tower jobs in the same catalog bundle, with the intention of having that tower job of customizing the VM that was just provisioned. However, it’s not as simple as adding a VM catalog item, and then an Ansible Tower catalog item. This post will guide you through the nuances of utilizing Tower jobs in CloudForms step by step.
Why can’t I just use Update on Launch when CloudForms is a source in Red Hat Tower’s inventory?
You can, as long as you don’t mind the jobs not being concurrent for that inventory. If you have this option checked, then whatever concurrent jobs you have, will wait, since Tower does not update the inventory while a job is being executed.
However, if you wish to have concurrent jobs utilizing CloudForms, please continue reading this blog post. This is the most efficient method utilizing CloudForms I’ve run across and we are currently using this in our lab environment for reproducers in North America for CloudForms CEE team. A caveat of this is that you cannot have 2 VMs of the same name in your CloudForms environment, if you do, the limit will potentially be set to all of the VMs that match that name.
So how do I update the inventory for the newly provisioned host to Tower if we’re not updating on launch?
We will be utilizing an ansible playbook to use an API call to ad hoc add a host to the CloudForms inventory in Ansible Tower
What roles do I need to have enabled on the worker appliance for this to work?
- Embedded Ansible
- Provider Inventory
- Provider Operations
You will also need to add the appropriate VM provider and Ansible Tower provider
Setting up the repository for embedded ansible
Go to Automation > Ansible > Repositories > Add New Repository, and use the following URL:
Ansible continues to grow and is the strategic automation engine for Red Hat’s business. Having a solid and constantly improving integration with Ansible is key for CloudForms’ future success.
Ansible Tower Workflows are widely used in by the industry to orchestrate and govern interactions between different playbooks. CloudForms has been able to run Ansible Tower Jobs since its 4.1 release. Starting with CloudForms 4.7, we will expand this support and will be able to utilize Workflows from the Service Catalog.
Red Hat Cloudforms provides several ways to customize virtual machine provisioning, the out-of-the-box VM Provisioning State Machine has multiple steps through which VM provisioning request crawl, among them one of the step is PostProvison, this step is used to perform post-provisioning activities on the provisioned virtual system. In this article, I will explain how to customize PostProvison method using an example of ‘add an additional disk to the VM’ use case.
We cannot be more excited!!! Peter just finished work on an addendum to the ‘Mastering Automation’ book, to bring it up to date with some of the great new automate features in CloudForms 4.5 & 4.6.
Based on the previous article, I´ve created this video to illustrate what we covered
Whether you operate a single standalone CloudForms appliance or multiple multizone regions geographically dispersed with a global master region, effective management makes all the difference.
CloudForms 4.6 provided the ability to run embedded Ansible playbooks as methods, and it can be useful to include such a playbook in an existing workflow such as the VM Provision state machine.
This is a follow up on our series Infrastructure Tour Italy. In this part we will show Ansible Tower, Drift Analysis and OpenShift Integration
Here is the video of the live demo Maxim Burgerhout and myself performed at Red Hat Summit in San Francisco 2018.
This part will focus on how to create the Custom Button using an Ansible playbook.
This year, we will be showing features, you’ve dreamed of for quite a while. We are, therefore releasing this Red Hat Summit Sneak Peak video to give you some appetite.
One of the exciting new features in CloudForms 4.6 within Automate is Embedded Methods. That is, one can store reusable, directly callable, ruby code within Automate and access from other Automate Methods.
For the last few posts Laurent Domb has been explaining how to squeeze CloudForms and AWS integration by teaching you how to:
If you want to use IAM authentication for CloudForms so that IAM users can authenticate with CFME you need to do the following.
In this post of our series, we will demonstrate what we did in the previous sections in which we configured AWS and CloudForms, to run a SmartStaty analysis to automatically resolve a vulnerability in Java
This part of the CloudForms in AWS blog series will walk you through how to make sure that CloudForms reaches its full potential in AWS.
Ever wondered what CloudForms can do for you in AWS? The next few blog posts will walk you through step by step how to upload the CloudForms image to AWS, how to assign the correct policies and roles and how to configure it correctly so it can discover your environment. Part 1 is dedicated to the import and configuration of the CloudForms image.
In this article, we describe how High Availability (HA) works natively in Red Hat CloudForms. The mechanism uses PostgreSQL feature, and does not require external tools like Virtual IP (VIP), HAProxy, or Load Balancer. We will use a two-node active/passive architecture as an example to investigate what is happening when failover occurs.
This video demonstrates how you can take manual tasks and processes and turn them into automation workflows. In this video we utilize Red Hat CloudForms and Ansible Tower to provide an underlying automation and orchestration framework to deliver automation to your IT organization.
Red Hat CloudForms ships as an appliance to simplify deployment as much as possible – a Red Hat Enterprise Linux server with the appropriate software loaded, ready to be configured with a few basic configuration options. Traditionally, these servers are configured using the command line tool appliance_console. This is a simple, menu-based interface that allows you to configure the core functionality of the appliance and makes it exceptionally easy to do so. Unfortunately, menu-based interfaces don’t lend themselves to being automated easily. However, there is a solution!
All CloudForms appliances ship with another tool called appliance_console_cli. We can combine this tool with an Ansible playbook to automate the configuration of our appliance(s).
In this blog post, I am going to share my experience on how I made my first contribution to ManageIQ, the upstream open source project for Red Hat CloudForms. The post explains how I encountered and investigated an issue, and finally fixed it thereby sending my first “Pull Request” to ManageIQ repository.
This article is a follow up on our previous blog post VMware provisioning example] using Ansible, where we deployed a simple virtual machine on VMware using Ansible from the CloudForms service catalog. In this week’s demonstration, we go a step further and provision a multi-tier application on Amazon Web Services (AWS). Once provisioned, the application lifecycle, as well as all day 2 operations are performed from Red Hat CloudForms.
Christian Jung recently posted another interesting article as a follow-up on Best Practice Recommendations for Automate. This time, he focuses on setting up Continuous Integration for Red Hat CloudForms.
In his blog post, Christian discusses how to use common development tools like GIT and Travis in conjunction with CloudForms to configure a datastore pointing to a git repository and set a Continuous Integration/Continuous Delivery (CI/CD) environment. This feature is available in CloudForms since CloudForms 4.2.
A few days ago, Michele Naldini posted a series on the [Red Hat Developer Blog] [https://developers.redhat.com] about how to build a Software Defined Data Center (SDDC) using Red Hat CloudForms and Red Hat OpenStack Platform.
Red Hat CloudForms allows to more quickly deploy and scale Red Hat OpenStack Platform (also known as OSP) private clouds, combine existing IT infrastructure investments, and federate public cloud deployments. This series includes both background information and hands-on tips to implement a full SDDC in practice.
The first part of the series covers the introduction, the goals, some key information about OSP and more specifically Heat, OSP configuration, and pre-requisites. It also illustrates how to start working with OSP in order to spin a new operating service based on a 3 tier deployment (2 web servers, 2 app servers, and 1 database) using 2 load balancers (1 for the web servers and 1 for the app servers).
The second part focuses on CloudForms, where it shows how to create a service based on Heat templates, using service dialog, and how to restrict services to a set of users. Both Operator UI and the Self-Service UI are used in the exercise. The blog series also contains a summary video that covers all steps explained as part of the deployment. Read more on the Red Hat Developer Blog:
Service catalog bundles are a really useful CloudForms feature that enable us to mix and match various existing service catalog items together to form bundles of tasks.
One of the more useful examples of a bundle is to create a new VM, and then run an Ansible Tower job template on the resulting VM to configure it with an application role. If we have an Ansible Tower server added to our CloudForms installation as an automation provider, this is quite simple. We described the procedure to configure an Ansible Tower provider in CloudForms as part of our previous series on Ansible Tower integration in CloudForms 4.1.
In this example we’ll combine two existing service catalog items. The first creates a new CentOS 7 virtual machine in a Red Hat Virtualization provider, and the second installs a simple LAMP stack using a job template defined in an Ansible Tower server, attached to CloudForms as an automation provider.
Each standalone catalog item has its own service dialog. The dialog for the VM provision service simply prompts for the service name and VM name, as follows:
Few days ago one of our fellows, Christian Jung, published a very good article explaining best practices while coding Ruby code inside Red Hat CloudForms. The post does not claim to be exhaustive, but establishes guidelines about coding, naming conventions and rules to follow in order to make the code cleaner, easier to understand, and more consumable by others.
In the article, several key topics are discussed, such as:
This blog is part 5 of our series on Container Management with CloudForms].
In this last post, we focus on financial management of container environments for both chargeback and for optimizing infrastructure resource usage and spending.
This blog is part 4 of our series on Container Management with CloudForms.
This blog post focuses on the security and compliance aspects of managing containerized environments. In a container based infrastructure, the container software is often built directly by developers, usually via continuous integration (CI/CD). Once it comes to deploying this software in production, we need to make sure it is securely validated.
Another challenge is the source of those containers. Developers can use any base images for their builds, including insecure container images downloaded from the Internet. On the other hand, Enterprise IT needs to ensure all containers running in production are built based on trusted and approved sources.
And finally, it is also important to validate that all containers images, as well as containers instantiated from those images, are up to date with respect to security fixes.
CloudForms provides specific capabilities for managing security and compliance for container based infrastructures.
It can enforce policies for container hosts, and marks the nodes that are not compliant (e.g. outdated versions, configuration issues, security risks, etc). Those policies take into account information about the container host itself, but also about any resources that are connected to this host. If needed, it can trigger an action to start automatic remediation. We could for example automatically trigger an update of a package when a new security fix is available.
CloudForms also provides reporting for container sources. For example, it can identify containers that come from untrusted registries.
Finally it can scan the content of container images using OpenSCAP for standardized security checks. When an image is identified as non-compliant, all running containers instantiated from this image can be flagged automatically.
The following video demonstration highlights these capabilities in CloudForms:
Most systems use Access Control Lists (ACL’s) to manage user’s access to objects. Common examples are ACL’s for file systems, LDAP, Web Servers and many more. Anyone who has had to create ACL rules and maintain them knows how complicated this can be. To make access control easy again, CloudForms uses tags. If the group a user belongs to has the same tag as the accessed object, access is granted, if not, access is denied.
This blog is part 3 of our series on Container Management with CloudForms.
A second area of concern identified when managing a containerized environment is service health. We need to operate our containers with good performance, reliability, and ensure high enough utilization ratios. In this post, we focus on the container based infrastructure, its on-going resource consumption, and how we can monitor and optimize its health.
This blog is part 2 of our series on Container Management with CloudForms.
First let’s talk about Remote Session vs Remote Console, they are often confused.
One of the challenges of deploying CloudForms to manage a large environment is knowing how to tune it – what knobs to turn and dials to watch for.
Keeping the whole IT team informed about events or actions in your IT infrastructure can be challenging. Many IT teams have turned to team messaging applications, like Slack, to improve internal team communications. CloudForms, with its flexible integration capabilities, can be connected to Slack to notify the team whenever important events happen.
I was presenting the CloudForms service catalog and self service capabilities to a customer, when the head of operations says: “This looks great, but there is no way we are going to use this. The tool we use for everything from service desk to request tracking to service management is ServiceNow. Can you integrate your service catalog into ServiceNow?”
One side effect of quick and easy provisioning of virtual machines (VMs) is VM sprawl. To keep the number of VMs manageable, administrators set retirement dates to automatically retire the VM and free the hardware resources.
With this short video, we continue our series based on Red Hat Knowledge Base articles exploring how to take advantage of Ansible Automation inside Red Hat CloudForms. This post is a follow-up of our previous My First Ansible Service article.
This is part 5, the last post of our series on Ansible Tower Integration in Red Hat CloudForms.
This is part 4 of our series on Ansible Tower Integration in Red Hat CloudForms.
This is part 2 of our series on Ansible Tower Integration in Red Hat CloudForms.
In this post, we speak with Peter McGowan, author of Mastering CloudForms Automation, to find out about his interest in CloudForms automation and the process behind bringing his book to reality. You can download an electronic copy of the book from the Red Hat Customer Portal. (Addendum for CloudForms 4.5 & 4.6)
OpenStack Management with CloudForms
This is pretty simple but very useful. I have done a little research and whilst inspect is a way of seeing inside of an object its also hard to read and not very re-usable. Being somewhat old now (crazy thought) XML used to be the way we described things. Yes I know yaml, json etc have come to replace XML in languages such as Ruby, but I cannot get away from XML is far easier to read and self describing than the aforementioned.