Ansible Automation Platform integrations
You can create an integration to Ansbile Automation Platform. Red Hat Ansible Automation Platform provides tools for building and operating automation.
IBM supports Ansible as part of the Ansible Automation Platform. For more information about this platform, see Red Hat Ansible Automation Platform.
Note: You can create only one Ansible Automation Platform controller integration. Also, you must have an account with administrator role to create, edit, view, or delete an Ansible Automation Platform integration.
For more information about HTTP headers for the various credential types, see HTTP headers for credential types.
Creating Ansible Automation Platform integrations
Complete the following steps to create an integration to an Ansible Automation Platform controller server.
-
Log in to IBM Cloud Pak for AIOps console.
-
Expand the navigation menu (four horizontal bars), then click Define > Integrations.
-
On the Integrations page, click Add integration.
-
From the list of available integrations, find and click the Ansible Automation Controller tile.
Note: If you do not immediately see the integration that you want to create, you can filter the tiles by type of integration. Click the type of integration that you want in the Category section.
-
On the side-panel, review the instructions and when ready to continue, click Get started.
-
Enter the base URL of your Ansible Automation Platform controller server. This URL must contain the protocol, for example:
https://ansible.mycompany.com:443
. -
Choose an authentication type. You can select User ID/Password to connect with username and password, or API Token to use a bearer token, previously created with Write Scope in the Ansible.
-
Enter the chosen authentication information.
-
Optional: Enter the Ansible Automation Platform controller server certificate or certificate chain.
On Linux systems, enter the following command to receive the certificate or certificate chain:
echo -n | openssl s_client -servername <ANSIBLE_TOWER_HOSTNAME> -connect <ANSIBLE_TOWER_HOSTNAME>:<ANSIBLE_TOWER_PORT> -showcerts | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > file.cert
If the command does not work in your environment, use the following variant of the command:
ex +'g/BEGIN CERTIFICATE/,/END CERTIFICATE/p' <(echo | openssl s_client -showcerts -servername <ANSIBLE_TOWER_HOSTNAME> -connect <ANSIBLE_TOWER_HOSTNAME>:<ANSIBLE_TOWER_PORT>) -scq > file.cert
If errors occur, make sure your exported certificate that is stored in
file.cert
contains a full and valid certificate. Errors likeverify error:num=20:unable to get local issuer certificate
occur due to a missing CA root certificate for the DigiCert CA.The resulting file.cert might contain one or more certificates and each certificate begins and ends as follows:
-----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----
On Windows systems, use your preferred browser to export the certificate or certificate chain.
-
Click Done to complete the Ansible Automation Platform integration.
If you have performed the steps that are described in Enabling secure communications within the RBA service, then it is mandatory to specify the certificate of the Ansible Automation Platform controller server (or the certificate of the CA, respectively).
Note: When using the standard Ansible Automation Platform installation a self-signed certificate that is issued for CN localhost might be generated. Make sure to replace that certificate with a certificate that is issued for the actual domain name you are using. Otherwise, the integration might not work.