The enterprise version of Ansible Lightspeed β IBM watsonx Code Assistant for Red Hat Ansible Automation Platform β is where things get serious. Custom model tuning on your playbooks, content attribution for compliance, and on-premises deployment for air-gapped environments.
I have deployed this for enterprise clients and here is what you need to know.
What Changes in Enterprise
| Feature | Community Lightspeed | Enterprise (watsonx) |
|---|---|---|
| AI suggestions | Basic | Advanced with context |
| FQCN enforcement | Yes | Yes + custom rules |
| Content attribution | No | Yes (license tracking) |
| Custom model tuning | No | Yes (your playbooks) |
| On-premises | No (cloud only) | Yes (OpenShift) |
| Audit trail | No | Full logging |
| Post-processing | No | Custom rules engine |
| Support | Community | Red Hat + IBM |
Architecture
βββββββββββββββββββββββββββββββββββββββββββββββββββ
β Your Environment β
β β
β βββββββββββ ββββββββββββββββββββββββββββββββ β
β β VS Code βββββΆβ Ansible Automation Platform β β
β β Extensionβ β ββββββββββββββββββββββββββ β β
β βββββββββββ β β watsonx Code Assistant β β β
β β β ββββββββββββββββββββ β β β
β β β β Granite Model β β β β
β β β β (Fine-tuned) β β β β
β β β ββββββββββββββββββββ β β β
β β ββββββββββββββββββββββββββ β β
β ββββββββββββββββββββββββββββββββ β
βββββββββββββββββββββββββββββββββββββββββββββββββββThe model runs inside your Ansible Automation Platform on OpenShift. No data leaves your network.
Deployment on OpenShift
Prerequisites
- OpenShift 4.14+
- Red Hat Ansible Automation Platform 2.4+
- NVIDIA GPU Operator installed (for GPU inference)
- watsonx Code Assistant subscription
Install the Operator
# Create namespace
oc new-project watsonx-code-assistant
# Install the operator via OperatorHub
# Navigate to: Operators β OperatorHub β search "watsonx Code Assistant"
# Click Install β select watsonx-code-assistant namespaceDeploy the Model Service
apiVersion: wca.ibm.com/v1
kind: WatsonxCodeAssistant
metadata:
name: ansible-lightspeed
namespace: watsonx-code-assistant
spec:
license:
accept: true
model:
name: granite-8b-code-instruct-ansible
resources:
limits:
nvidia.com/gpu: "1"
memory: "32Gi"
requests:
nvidia.com/gpu: "1"
memory: "24Gi"
storage:
size: 50Gi
storageClassName: gp3-csi
replicas: 2Connect to Ansible Automation Platform
# In the AAP configuration
ansible_lightspeed:
enabled: true
url: https://watsonx-code-assistant.apps.ocp.internal.com
model_name: granite-8b-code-instruct-ansible
auth:
type: service-account
secret: watsonx-sa-tokenCustom Model Tuning
The killer feature: train the model on YOUR organizationβs playbooks.
Prepare Training Data
# Export your best playbooks
find /path/to/ansible-repos -name "*.yml" -o -name "*.yaml" | \
grep -v "molecule\|tests\|.github" | \
head -5000 > training_files.txt
# The tuning pipeline expects:
# - Well-structured YAML
# - FQCN module names
# - Proper task naming
# - Consistent coding styleRun Tuning Job
apiVersion: wca.ibm.com/v1
kind: ModelTuningJob
metadata:
name: custom-ansible-model-v1
spec:
baseModel: granite-8b-code-instruct-ansible
trainingData:
source: pvc
pvcName: ansible-training-data
path: /data/playbooks/
hyperparameters:
epochs: 3
learningRate: 1e-5
batchSize: 8
output:
modelName: granite-8b-ansible-custom-v1
pvcName: custom-modelsResults I Have Seen
After tuning on 3,000 enterprise playbooks:
- Module accuracy: 92% β 97% (knows your custom collections)
- Variable naming: follows your conventions (company prefix, etc.)
- Role patterns: generates roles matching your directory structure
- Error handling: includes your standard retry/rescue patterns
Content Attribution
Enterprise compliance teams love this feature. Every suggestion shows which Ansible Galaxy content or documentation influenced it:
{
"suggestion": "ansible.builtin.dnf: name: nginx state: present",
"attributions": [
{
"source": "ansible.builtin",
"version": "2.16.0",
"license": "GPL-3.0",
"url": "https://galaxy.ansible.com/ansible/builtin"
}
],
"confidence": 0.94
}This helps with:
- License compliance β know what licenses your generated code carries
- Audit requirements β trace every suggestion to its source
- IP protection β ensure generated code does not contain proprietary content
Post-Processing Rules
Enforce your organizationβs standards automatically:
# watsonx-rules.yml
rules:
- name: enforce-fqcn
description: All modules must use FQCN
action: transform
- name: ban-command-module
description: Prefer specific modules over command/shell
pattern: "ansible.builtin.command"
action: warn
message: "Consider using a specific module instead of command"
- name: require-tags
description: All tasks must have tags
pattern: "missing:tags"
action: add
default_tag: "untagged"
- name: naming-convention
description: Task names must start with uppercase
pattern: "^- name: [a-z]"
action: transformGovernance Dashboard
The admin console provides:
- Usage metrics β suggestions generated, accepted, rejected per user/team
- Quality metrics β acceptance rate, edit distance after acceptance
- Compliance status β rule violations, attribution coverage
- Model performance β latency, accuracy trends over time
ROI Calculation
Based on enterprise deployments:
| Metric | Before Lightspeed | After Lightspeed |
|---|---|---|
| Playbook writing time | 45 min avg | 15 min avg |
| Code review iterations | 3.2 avg | 1.8 avg |
| FQCN compliance | 60% | 99% |
| Onboarding time (new engineers) | 3 months | 6 weeks |
For a 10-person platform team: ~$200K/year in productivity gains vs ~$50K subscription cost.
Related Resources
- Ansible Lightspeed tutorial
- Ansible Lightspeed vs GitHub Copilot
- Ansible Lightspeed AI automation 2026
- Red Hat Ansible Automation Platform
- Ansible tutorial for beginners
- Book a consultation
About the Author
I am Luca Berton, AI and Cloud Advisor. I deploy Ansible Automation Platform and watsonx Code Assistant for enterprise clients across Europe. Contact me to discuss your Ansible AI strategy.
