ansible share image

This article demonstrates how to deploy gaming applications in a Kubernetes (K8s) cluster using Red Hat Ansible Automation Platform. The minikube cluster is the best single node cluster for a personal POC. For this article, we will use a minikube cluster and Ansible Automation Platform 2.3 and a restricted set of privileges in the cluster to deploy the application in Kubernetes. Automation and orchestration are a rock solid combination that yield more promising results.

How to start minikube

Make sure you have kubectl and minikube CLI installed before getting started with the Kubernetes cluster.

$ minikube start
😄  minikube v1.26.1 on Redhat 9.1
❗  Specified Kubernetes version 1.25.7 is newer than the newest supported version: v1.24.3. Use `minikube config defaults kubernetes-version` for details.
✨  Using the docker driver based on existing profile
👍  Starting control plane node minikube in cluster minikube
🚜  Pulling base image...
🔄  Restarting existing docker container for "minikube"...
🐳  Preparing Kubernetes v1.25.7 on Docker 20.10.17...
🔎  Verifying Kubernetes components...
    ▪ Using image
    ▪ Using image kubernetesui/dashboard:v2.6.0
    ▪ Using image kubernetesui/metrics-scraper:v1.0.8
🌟  Enabled addons: storage-provisioner, default-storageclass, dashboard
🏄  Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default

Check to see if the cluster is up and running, as follows:

$ kubectl get nodes
NAME       STATUS   ROLES           AGE    VERSION
minikube   Ready    control-plane   2d5h   v1.25.7

Install and configure Ansible Automation Platform

First, install the Ansible Automation Platform on your server or system.

Then, go to http://localhost in your browser to access the Ansible Automation Platform console.

5 steps to interact with Kubernetes cluster

Step 1: Set up Kubernetes cluster credentials

Credentials are utilized for authentication when launching jobs against machines, synchronizing with inventory sources, and importing project content from a version control system.

  • From the Ansible Automation Platform console left menu, select Credentials (Figure 1).
  • Click on Add and enter a name for the credentials.
A screenshot of the credential page of Ansible.
Figure 1: Adding the Kubernetes cluster credentials.
  • For the credential type (1), select Kubernetes or Kubernetes API Bearer Token.
  • Select your organization.
  • Enter the OpenShift or Kubernetes API Endpoint (2):

Provide the endpoint of the minikube cluster to which you want to deploy the application.

$ minikube ip

The minikube cluster endpoint:
  • For the token and certificate fields, we need to create a ServiceAccount, Role, RoleBinding and Secret. Please apply the following context in your Kubernetes cluster.

Note: Make sure you have a cluster admin access.

cat <<EOF | kubectl apply -f -

apiVersion: v1
kind: Namespace
  name: dev-game-app

  apiVersion: v1
  kind: ServiceAccount
      name: containergroup-service-account
      namespace: dev-game-app

  kind: Role
    name: role-containergroup-service-account
    namespace: dev-game-app
  - apiGroups: ["*"]
    resources: ["*"]
    verbs: ["*"]
  kind: RoleBinding
    name: role-containergroup-service-account-binding
    namespace: dev-game-app
  - kind: ServiceAccount
    name: containergroup-service-account
    kind: Role
    name: role-containergroup-service-account

apiVersion: v1
kind: Secret
  name: cicd
  namespace: dev-game-app
  annotations: "containergroup-service-account"
  • Enter the API authentication bearer token (3):
$ kubectl get secret cicd -n dev-game-app -o json | jq '.data.token' | xargs | base64 --decode > containergroup-sa.token

This command creates a file named containergroup-sa.token. Copy the token context and paste it in the Ansible Automation Platform console.

  • Enter the Certificate Authority data (4).

Extract the certificate from the cluster by using the following command:

$ kubectl get secret cicd -n dev-game-app -o json | jq '.data["ca.crt"]' | xargs | base64 --decode > containergroup-ca.crt

This creates a file named containergroup-ca.crt which you must copy and paste into the Ansible Automation Platform console and then save it.

Step 2: Configure the container and instance groups

To configure the instance group, navigate to the instance group and create a Container group, as shown in Figure 2.

  • Provide a name for the container group and select recently created credentials.
  • Select the recently created credentials (1).
  • Tick the box for the Customize pod specification under options (2).
  • Click the Expand button (3).
Adding the instance group for the execution pod.
Figure 2: Adding the instance group for the execution pod.

We have already created the resources in the cluster in the credentials section, so we just need to update it as follows (Figure 3):

  • Update the name of namespace (3.1).
  • Update the serviceAccountName (3.2).
  • The imagePullSecrets is not part of the default context (3.3).
A screenshot of the pod manifest.
Figure 3: Updating the Namespace, ServiceAccount, and ImangePullSecrets.
  • Create the imagePullSecrets we defined in (3.3). Make sure you have an account on Using the following command, you can create a secret easily in the Kubernetes cluster:
$ kubectl create secret docker-registry regcred --docker-username='' --docker-password='123@Redhat' -n dev-game-app

Step 3: Add inventories

An inventory is a collection of hosts against which jobs can be launched, the same as an Ansible inventory file.

  • From the left menu, select Inventories (Figure 4).
  • Click on Add button and select Add Inventories.
  • Enter a name to the inventory.
  • Next, add the host to the inventory. We are using localhost. Copy and paste the following context in variable section:
{'ansible_host': '', 'ansible_connection': 'local'}
A screenshot of the inventory page in Ansible.
Figure 4: Adding the host in inventories.
  • Finally, test the connectivity with the Kubernetes cluster using the ping module by clicking the Run Command button.
  • Select the Run Command first.
  • Select the ping module from the dropdown and choose Demo Credentials
  • Keep the rest of the details as default (you can change the settings per your environment requirement).
  • Click Launch.

The job results are as follows:

kube-deploy-host | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    "changed": false,
    "ping": "pong"

This validates that the cluster details, such as the endpoints and credentials, are correct.

Step 4: Create a project

A project is a logical collection of Ansible Playbooks, represented in the automation controller. You can manage playbooks and playbook directories by either placing them manually under the project base path on your controller server, or by placing your playbooks into a source code management (SCM) system supported by the automation controller, including Git, Subversion, and Mercurial.

You can use this repo as well:

  • Create a new project for our Git repository from the left menu.
  • Click on the + icon from the right corner.
  • Give project a name.
  • Select your organization.
  • Select the SCM TYPE (GIT, in our case).
    • 5.4.1. SCM URL.
    • 5.4.2. SCM BRANCH.
    • 5.4.3. SCM CREDENTIAL.
      • Click on + it to create new credentials.
      • Give credentials a name.
      • Select organization.
      • Select the credentials type and file accordingly.
    • 5.4.4. Save it.

Step 5:  Create job templates

A job template is a definition and set of parameters for running an Ansible job. Job templates are useful to execute the same job many times. Job templates also encourage the reuse of Ansible Playbook content and collaboration between teams.

Create a template that will execute the job for us.

  • From the left menu, select templates and create a new template (Figure 5).
  • Click on + icon from the right corner and select the Job template.
  • Give the template a name (1).
  • Select the inventory (2).
  • Select a Project (3).
  • Choose the playbook you want to run in the template. GiHub repository (4).
  • Choose Credentials (5).
  • Select Instance group (6).
A screenshot of the templates page in Ansible.
Figure 5: Creating a template with all dependencies.


- hosts: all
- hosts: localhost

  - kubernetes.core

  - name: Get a list of all pods from any namespace
      kind: Pod
      namespace: ansible-automation-platform
    register: pod_list

- name: create k8s pod
      src: deployment.yaml
      namespace: dev-game-app
      state: present

- name: service create
      src: service.yaml
      namespace: dev-game-app
      state: present
  • Finally, run the template and verify the result in the cluster.
$ kubectl get pods -n dev-game-app -w
automation-job-267-wvsbx      0/1     Pending             0          0s
automation-job-267-wvsbx      0/1     Pending             0          0s
automation-job-267-wvsbx      0/1     ContainerCreating   0          0s
automation-job-267-wvsbx      1/1     Running             0          10s
automation-job-267-wvsbx      1/1     Terminating         0          11s
automation-job-267-wvsbx      0/1     Terminating         0          12s
automation-job-267-wvsbx      0/1     Terminating         0          13s
racing-game-fd795c897-82w87   1/1     Running             0          21s
  • Do the port-forwarding to test the application.
$ kubectl port-forward pod/racing-game-fd795c897-82w87 8080:8080 -n dev-game-app
Forwarding from -> 8080
Handling connection for 8080
Handling connection for 8080

Open up the browser and enter localhost:8080 to get a glimpse of the gaming application.

Continue your automation journey

The goal of this article was to demonstrate how Ansible Automation Platform can be used to deploy gaming applications into Kubernetes clusters. It’s a one-time set up. You can also use the same solution for the managed Kubernetes cloud services like EKS, AKS, GKE, and many more. 

Get started with the Ansible Automation Platform by exploring interactive labs. Ansible Automation Platform is also available as a managed offering on Microsoft Azure and as a self-managed offering on AWSGet started with OpenShift by visiting the Developer Sandbox for Red Hat OpenShift. Microsoft Azure and Amazon Web Services also offer OpenShift managed services. Explore interactive lessons to begin your OpenShift learning journey.

Last updated: September 21, 2023