A detailed architectural guide for running Ansible Automation Platform automations in a hybrid cloud environment where a cloud-hosted management cluster controls on-premise OpenShift Virtualization clusters. The pattern eliminates the need for SSH from cloud to on-premise by scheduling execution environment pods directly on the target cluster, within the same namespace and network as the VMs. Step-by-step setup covers namespace creation, ServiceAccount/RBAC, NetworkAttachmentDefinition with whereabouts IPAM, VM provisioning via KubeVirt, and Ansible container group configuration. The result is reduced latency, smaller attack surface, and a cloud-native execution model that separates control and execution planes.
Table of contents
Lab networking considerationsWorking on OpenShift Virtualization (managed cluster) {#working-on-openshift-virtualization-(managed-cluster)}Working on Ansible (management cluster)Launching the jobNetworking model and execution flowEnterprise network topologyConclusionSort: