The Ansible cookie: Magic in the middle

March 9, 2022 by Nuno Martins

If Ansible Automation Platform was compared to the crunchy goodness of a cookie, private automation hub would be the sweet center bringing it all together and making your mouth water!

Private automation hub provides organizations with a central location for their automation resources. Ansible automation hub is part of the hosted services from This hosted offering provides automation adepts access to Red Hat Ansible Certified Content Collections for several industry-leading technologies and partners.

Private automation hub brings this functionality on-premises and allows for users to curate their custom automation content with not only Red Hat Ansible Certified Content but with community content from Ansible Galaxy. Private automation hub also acts as a container registry where we can store and distribute the automation execution environments needed for Ansible Automation Platform 2. 

How do we get started with building our own private automation hub and use it in our enterprise? How do automation controller and private automation hub interact?

Let’s get cooking and build our mouthwatering automating platform! 

To deploy the “magic in the middle,” we are going to use the Ansible Automation Platform installer from our automation controller node. Since we are installing a private automation hub, we should remove the controller hostname from the inventory file. 

Our inventory file should contain the relevant information for the private automation hub node.





With these details in place we can now trigger the setup script for Ansible Automation Platform and watch the wizardry. 

If we have run the installer from the hub node itself, we might find that the private automation hub is not connected to our automation controller. If this is the case, we correct this by editing the following file:



Once we have edited the configuration we can restart the pulpcore services. 

systemctl restart pulpcore*


Connecting to Ansible automation hub:

With the automation controller and private automation hub now deployed, we can start configuring our content for our automation platform. 

For us to synchronize our Red Hat Ansible Certified Content, we need to go to and login with our Red Hat account. Under Ansible Automation Platform we will have access to the Ansible automation hub. Under “Automation Hub”, select “Connect to Hub”, where we are presented with the information we need to put into our private automation hub so we can synchronize the collections we want to curate for our organization. 

Moving back to our private automation hub, we can navigate to our repository management under the Collections section and select “Remote”. We are presented with two repositories ready to be configured.

community: Ansible Galaxy community collections and content.

rh-certified: Red Hat certified collections and content

To edit the rh-certified configuration, we will use the token and information provided by the hosted automation hub. 

Token: Our token from Automation Hub

Username/Password: Our credentials

Once configured, we can now sync the certified content back to our private automation hub. 

The community remote repository allows us to configure Ansible Galaxy using a curated requirements.yml file as well as our credentials for Ansible Galaxy. We will now be able to synchronize the collections and content from our requirement file from Ansible Galaxy.

We are now able to see the synchronized collections in our private automation hub.


Centralizing and managing automation execution environments

Private automation hub allows us to store, manage and push our automation execution environments to our automation controller. We can connect to external container registries and pull the execution environments we want on our platform. 

Private automation hub should have the default execution environments, which are deployed in the automation controller when it is installed. If we want to add execution environments from remote repositories, we need to configure the repository first. To configure a remote repository, navigate to “Remote Registries” found under the execution environments menu and select “add remote registry”.

Using Red Hay as an example, we have configured the remote registry details and credentials. 

We will now be able to add the execution environments we have stored in Quay into the platform. 

In addition, we can add as a remote registry and have private automation hub index the images available.

With the registry configured we can now add execution environments that are hosted by the registry. 

Select execution environments and click on “Add execution environment”. 

We need to specify the upstream name would typically be the project ID and the name of the execution environment. 

We can specify tags if we are looking for a specific version of the image. Lastly, we can allocate the user group for access to the execution environment. 

Once we have completed adding the execution environment, we can select the ellipsis and select “sync from the registry”. 

This will pull the container image for your execution environment into your private automation hub. 

Selecting the execution environment allows you to see the image file as well as the generated podman command. 


Now that we have our execution environment, we can send it to our automation controller. Selecting the ellipsis and choosing “Use in Controller”. Here, we can see all the relevant information regarding our execution environment and select which automation controller to push it to. Once you select your controller you will be redirected to your automation controller to add the execution environment.

Now we have our automation cookie up and running, it's time to indulge in our sweet automation! 

Additional resources



private automation hub


Nuno Martins

Nuno is a Technical Marketing Manager for the Ansible Automation Platform. He is a Red Hat Certified Architect and a Certified Instructor with over 15 years of experience in multiple technologies. Currently based in South Africa, he has international experience with having worked all over Europe and Africa.

rss-icon  RSS Feed