Automating with Ansible

Ansible is an open source application deployment and configuration management tool used to automate your Layer7 Gateway upgrade. You set up the Ansible controller, configure the inventories with your Gateway environment information, then execute the Ansible playbooks which perform migration tasks to upgrade your Gateway to version 10.x.
The Ansible playbooks can be easily extended.  To learn how to write tasks, plays, and playbooks, see the Ansible User Guide.
GitHub Repository
Files required to perform the steps within the automated expedited upgrade are available from the following GitHub repository:
The repository includes README.md files that explain the contents of each playbook and role in detail.   
Best Practices
  • Use a dedicated computer as the Ansible controller. It should be locked down/hardened. The computer must run Linux or macOS. Microsoft Windows is not supported.
  • Install the latest version of Ansible. Do not install Ansible on the Gateway.
  • Each administrator should use their own account when using Ansible to upgrade the Gateways. This will make audit records more meaningful. Any passwords should not be shared between users.
Upgrade Scenarios
As mentioned previously, there are two scenarios covered by the automated expedited upgrade procedure:
Create New and Migrate
Steps
Notes
Perform a pre-upgrade check
Run the pre-upgrade analyzer on the source Gateways.
After reading the resulting pre-upgrade analyzer report, you can decide to extend the automation (customize the playbooks), to better fit your upgrade requirements. 
Running mySQL Checker requires mysql8 shell installed.
Related Playbook:
gateway_preupgrade_analyzer
Backup the Gateway configuration and assertions
Back up the Gateway and Linux configuration files, plus Gateway assertions using ssgbackup.
Related Playbook:
gateway_basic_backup
Export the database
Back up and export the source Gateway's database and OTK database (if co-located).
Related Playbook:
gateway_export_database
Backup PAPIM configuration
Back up the PAPIM configuration files.
Solution kit files are backed up by the gateway_export_database role.
Related Playbook:
gateway_papim_backup
Auto-provision the new Gateway
Run the auto-provision playbook on all nodes.
Use the same passwords as the source Gateway.
Related Playbooks:
gateway-autoprivision-nodes
Import the database and upgrade the database schema
Import the exported source Gateway database and OTK database into the target.
If the OTK database is co-located, uncomment the file to grant mysql permission. 
Related Playbook:
gateway_import_database
Install the Gateway license
Run the Gateway license installer. Create new SSL certificates with the new hostname.
Related Playbooks:
gateway_common, gateway_install_license
Install and Restore PAPIM
Installs PAPIM then restores the previously backed up configuration files.
Related Playbooks:
gateway_papim_install, gateway_papim_restore_backup
Configure Database Replication
Configure replication for the primary gateway MySQL 8 database to provide failover.
Related Playbook:
gateway_replicate_database
Validate the installation
A manual step. Follow the standard validation instructions.
Cleanup Backup Files on Controller
Used after each cluster upgrade before starting the next. Deletes the backup files to make space on the Controller.
Related Playbook:
gateway_controller_cleanup
Re-image an Existing VM Instance or Hardware Appliance
Steps
Notes
Perform a pre-upgrade check
Run the pre-upgrade analyzer on the source Gateways.
After reading the resulting pre-upgrade analyzer report, you can decide to extend the automation (customize the playbooks), to better fit your upgrade requirements. 
Running mySQL Checker requires mysql8 shell.
Related Playbook:
gateway_preupgrade_analyzer
Export the database
Backup and export the source Gateway's database and OTK database (if co-located).
Related Playbook:
gateway_export_database
Re-image the Gateway VM
Use ISO to rebuild the VM.
Auto-provision the  new Gateway
Run the auto-provision playbook on all nodes.
Use the same passwords as the source Gateway.
Related Playbooks:
gateway_common, gateway_primary_db, gateway_primary_db_node, gateway_processing_node
Import the database and upgrade the database schema
Import the exported source Gateway database and OTK database into the target.
If the OTK database is co-located, uncomment the file to grant mysql permission. 
Related Playbook:
gateway_import_database
Install the Gateway license
Run the Gateway license installer. Create new SSL certificates with the new hostname.
Related Playbooks:
gateway-install-license
Install and Restore PAPIM
Installs PAPIM then restores the previously backed up configuration files.
Related Playbooks:
gateway_papim_install, gateway_papim_restore_backup
Configure Database Replication
Configure replication for the primary gateway MySQL 8 database to provide failover.
Related Playbook:
gateway_replicate_database
Validate the installation
Follow the standard installation validation instructions.
Cleanup Backup Files on Controller
Used after each cluster upgrade before starting the next. Deletes the backup files to make space on the Controller.
Related Playbook:
gateway_controller_cleanup