Product feature
Automation mesh
Scale your automation across diverse network topologies, platforms, and teams.
Overview
Ansible® Automation Platform’s automation mesh is designed to help you scale automation from on-premise environments, throughout hybrid clouds, to edge locations—all centrally managed via automation controller.
While isolated nodes can make it challenging to automate across remote regions and segmented networks, automation mesh allows you to localize automation and execute it closer to endpoint devices—and limit execution interruptions that can cause inconsistent states and downtime.
Wherever your enterprise grows, automation mesh will help you reliably deliver and manage automation across IT environments.
Features and benefits
Automate at the edge
Tailor your automation and control execution capacity independently with a bi-directional, multi-hopped overlay network that delivers workloads across constrained networks—such as DMZs and Virtual Private Clouds (VPCs)—to remote endpoints.
Scale reliably
Distribute automation to the locations where it's needed. Improve resiliency from network disruptions and latency. Introduce fault tolerance and redundancy with native peering capabilities and hop nodes, which you can use to connect control nodes and execution nodes.
Boost security
Take a security-first approach to scaling automation with Transport Layer Security (TLS) encryption. Gain access to more security features, such as Role Based Access Control (RBAC), by centrally managing automation mesh via automation controller.
Simplify operations
Localize automation with a distributed architecture to reduce the footprint and operational overhead associated with managing multiple, isolated platform clusters. Eliminate dependency on ancillary tools like jump hosts and SSH proxies.
How does automation mesh work?
Automation mesh is an overlay network intended to ease the distribution of automation across a collection of execution nodes using existing connectivity.
Execution nodes are where Ansible Playbooks are actually executed. A node will run an automation execution environment which will, in turn, run the Ansible Playbook.
Ansible Automation Platform’s previous architecture used isolated nodes—which relied on ancillary tools such as jump hosts—to run automation across dispersed geographies and complex networks. This made it sensitive to latency and network disruptions.
Automation mesh creates peer-to-peer connections between execution nodes that make your automation more resilient to latency and connection disruptions, support flexible architecture designs, and enable rapid, independent scaling of control and execution capacity.
Frequently asked questions
What are the different node types in automation mesh?
Control plane
The control plane consists of hybrid and control nodes. Instances in the control plane run persistent automation controller services such as the web server and task dispatcher, in addition to project updates and management jobs.
Hybrid nodes are the default node type for control plane nodes, responsible for automation controller runtime functions like project updates, management jobs, and ansible-runner task operations. Hybrid nodes are also used for automation execution.
Control nodes run project and inventory updates and system jobs, but not regular jobs. Execution capabilities are disabled on these nodes.
Execution plane
The execution plane consists of execution nodes that execute automation on behalf of the control plane and have no control functions. Nodes in the execution plane only run user-space jobs and may be geographically separated—with high latency—from the control plane.
Execution nodes run jobs under ansible-runner with Podman isolation. This node type is similar to isolated nodes. This is the default node type for execution plane nodes.
Similar to a jump host, hop nodes route traffic to other execution nodes. Hop nodes are optional and cannot execute automation.
What is the difference between automation mesh and isolated nodes?
Automation mesh replaces and enhances isolated nodes. Isolated nodes are susceptible to network latency and connection disruptions, and require ancillary tools—such as Secure Shell (SSH) proxies and jump hosts—to overcome networking constraints.
Can I define execution in host variables so that a single playbook is run over 2 different environments—like on-premise and cloud—hitting multiple locations at the same time?
Yes. Within automation mesh, you can define Instance Groups to use at various levels, including Inventory. By setting up your automation mesh so that it will route to the correct end locations, you can then assign the associated execution nodes to an Instance Group.
How can I verify and check my automation mesh configuration before installing it?
The installer performs standard checks on the automation mesh configuration and, if there are errors, will warn you before you deploy. Also, the installer can generate a GraphViz file providing a visual representation of your automation mesh topology. You can then review your mesh layout before continuing your installation.
Keep learning
Blog post
Peeling back the layers and understanding automation mesh
Get a more detailed guide to the technical implementation of automation mesh and how to make the most from its security features.
Interactive lab
Get started with automation mesh
Take this self-paced, interactive lab to learn about automation mesh features, perform basic configuration tasks, and use automation mesh to run a job template.
Video
Scaling your automation mesh when running Ansible Automation Platform on OpenShift
Learn how to dynamically add execution nodes to your Ansible Automation Platform cluster without needing to use the installer.