This repository contains the code to showcase a demo of Ansible Automation Platform on the following topics:

• Config as Code AAP management
• ServiceNow CMDB Dynamic inventory
• Event Driven Ansible and self Remediation
• ServiceNow ITSM integration

You can install a Containerized Automation Platform and EDA controller

This demo contains a simple containerized Alertmanager that you can execute with podman play kube

1. Configure the Alertmanager istance: within the alertmanager configuration file utils/alermanager/alertmanager/alertmanager.yml you can set the webhook_configs url with the EDA Alertmanager receiver

2. Start the containerized instance

$ cd utils/alermanager/
$ podman play kube alertmanager-pod.yaml --start
$ podman logs -f alertmanager-alertmanager

The instance can be stopped with podman play kube alertmanager-pod.yaml --down

You can easily sign-up for a developer instance on https://developer.servicenow.com/

Before executing the demo you have to create a var file based on the config-as-code/vars-empty.yml file.

In order to connect AAP and the EDA controller you have to:

1. Generate a Token in AAP ( Access / Users -> admin -> token -> Add) with write scope
2. Import the Token into the EDA Controller (Access / Users -> admin -> token -> Create Controller Token)

Alternatively you can configure the token with the provided playbook:

$ cd config-as-code
$ ansible-playbook create_token.yml -e @var.yml

Once the token is configured you can deploy the configuration just executing the aap_configuration.yml playbook:

$ ansible-playbook aap_configuration.yml -e @var.yml

This playbook creates all the needed resources in AAP:

• Job template Setup AAP EDA Demo triggering the aap_configuration.yml playbook
• Job templates Demo EDA Webhook handler and Demo EDA Alertmanager handler to handle the EDA events
• servicenow.itsm new credential type
• Automation Hub, Controller and Service Now credentials
• Service Now execution environment for the Dynamic inventory
• An inventory with an inventory source integrating the Service Now CMDB

The demo needs an Execution Environment (EE) containing the Ansible servicenow.itsm collection. The demo is using the existing EE from quay.io/pbertera/snow_ee:latest.

Optionally you can build your own EE following the next steps.

• Get an offline token from https://console.redhat.com/ansible/automation-hub/token
• Add to /etc/ansible/ansible.cfg the automation hub and the token

[galaxy]
server_list = automation_hub

[galaxy_server.automation_hub]
url=https://console.redhat.com/api/automation-hub/content/published/
auth_url=https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token
token=$TOKEN

More info on the Automation Hub documentation

1. Login on registry.redhat.io

$ podman login --log-level debug registry.redhat.io

2. Create the Containerfile into the context dir

$ cd ee
$ ansible-builder create -v 3

3. Build the EE

$ podman build -f context/Containerfile context --no-cache -t quay.io/pbertera/snow_ee:latest

4. Tag the image and push it to quay.io (or another registry)

$ podman login quay.io
$ podman push quay.io/pbertera/snow_ee:latest
$ cd ..

5. Configure the the aap2_controller_execution_environment_image variable into the vars file pointing to the right image

The playbook aap_configuration.yml configures the Dynamic inventory sync creating a new Inventory with a dynamic source pointing to the scm_url repository. The file now.yml contains the sync configuration. For more information please consult the upstream documentation.

To demonstrate the Inventory Sync you can modify the hosts from the CMDB and trigger a new Ansible Inventory source synchronization.

The playbook aap_configuration.yml creates a RuleBook activation on EDA listening on port 5000. The activation executes the rulebooks/eda-rulebook-webhook.yml rulebook triggering the webhook-handler.yml playbook on AAP.

You can trigger the rulebook with the following curl request:

$ curl -X POST http://aap.demo.lab:5000 -d '{"name":"greeting","message":"hello test"}' -v

The playbook aap_configuration.yml creates a RuleBook activation on EDA listening on port 5001. The activation executes the rulebooks/eda-rulebook-alertmanager.yml rulebook triggering the alertmanager-handler.yml playbook on AAP.

The playbook creates a ticket when the alert is firing and closes the ticket when the alert is resolved.

You can fire and resolve the alert with the utils/fire-alert.sh $ALERTMANAGER_URL script

This demo is mainly inspired by the great kubealex work on another EDA demo