29. Setting up Insights Remediations

Automation controller supports integration with Red Hat Insights. Once a host is registered with Insights, it will be continually scanned for vulnerabilities and known configuration conflicts. Each of the found problems may have an associated fix in the form of an Ansible playbook. Insights users create a maintenance plan to group the fixes and, ultimately, create a playbook to mitigate the problems. Automation controller tracks the maintenance plan playbooks via an Insights project. Authentication to Insights via Basic Auth is backed by a special Insights Credential, which must first be established in automation controller. To ultimately run an Insights Maintenance Plan, you need an Insights project, and an Insights inventory.

29.1. 创建 Insights 凭证

要创建用于 Insights 的新凭证,请执行以下操作:

  1. 点左侧导航栏中的 Credentials 访问 Credentials 页面。

  2. Click the Add button located in the upper right corner of the Credentials screen.

  3. Name 字段中输入要使用的凭证名称。

  4. Description 字段输入此凭证的描述。

  5. Organization 字段中输入与凭证关联的可选机构名称,或者点击 search 按钮并从弹出窗口中选择它。

  1. Credential Type 字段中,输入 Insights 或者点击 search 按钮并从凭证类型弹出窗口中选择它。

  1. UsernamePassword 字段中输入一个有效的 Insights 凭证。Insights 凭证是用户的 Red Hat Customer Portal 帐户用户名和密码。

Credentials - create with demo insights credentials

  1. 完成后请点击 Save

29.2. 创建 Insights 项目

要创建新 Insights 项目,请执行以下操作:

  1. 点左侧导航栏中的 Projects 访问 Projects 页面。

  2. Click the Add button located in the upper right corner of the Projects screen.

  3. 至少在必填字段中输入相关详情。请注意以下字段需要特定的 Insights 相关条目:

  • Name:输入 Insights 项目的名称。

  • Organization:输入与这个项目关联的机构名称,或者点击 search 按钮并从弹出窗口中选择它。

  • SCM Type:选择 Red Hat Insights

  • 选择 SCM 类型后,Source Details 字段会展开。

  1. Credential 字段已预先填充您之前创建的 Insights 凭证。如果没有预先填充,请输入凭证,或者点击 search 按钮并从弹出窗口中选择它。

  2. 点击以从 Options 字段中选择此项目的更新选项,并提供任何其他值(如果适用)。有关每个选项的信息,请点击选项旁边的提示 tooltip 按钮。

Insights - create demo insights project form

  1. 完成后请点击 Save

所有 SCM/项目同步都会在您第一次保存新项目时自动进行。但是,如果您希望将其更新为 Insights 中当前的内容,请点击项目可用 Actions 下的 update 按钮手动更新基于 SCM 的项目。

此过程会将 Insights 项目与 Insights 帐户解决方案同步。请注意,当同步运行后,项目名称旁的状态点会更新。

Insights - demo insights project success

29.3. 创建 Insights 清单

The Insights playbook contains a hosts: line where the value is the hostname that Insights itself knows about, which may be different than the hostname that Tower knows about. To use an Insights playbook, you will need an Insights inventory.

To create a new inventory for use with Insights, see Red Hat Insights:

29.4. 修复 Insights 清单

Remediation of an Insights inventory allows Tower to run Insights playbooks with a single click. This is done by creating a Job Template to run the Insights remediation.

  1. Click Job Templates from the left navigation bar to access the Job Templates page.

  2. Create a new Job Template, with the appropriate details into the required fields, at minimum. Note the following fields requiring specific Insights-related entries:

  • Name:输入维护计划的名称。

  • Job Type:如果还没有填充,请从下拉菜单中选择 Run

  • Inventory: Select the Insights Inventory you previously created.

  • Project: Select the Insights project you previously created.

  • Playbook:从下拉菜单中选择一个与您要运行的维护计划关联的 playbook。

  • Credential:输入要用于这个项目的凭证,或者点击 search 按钮并从弹出窗口中选择它。凭证不必是 Insights 凭证。

  • Verbosity:保持默认设置,或者从下拉菜单中选择所需详细程度。

Insights - maintenance plan template filled

  1. 完成后请点击 Save

  2. 点击 launch 图标启动作业模板。

完成后,作业结果会显示在 Job Details 页面中。