Ansible is an open-source software provisioning, configuration management, and application-deployment tool enabling infrastructure as code. It runs on many Unix-like systems and can configure both Unix-like systems as well as Microsoft Windows. It includes its own declarative language to describe system configuration. Ansible was written by Michael DeHaan and acquired by Red Hat in 2015. Ansible is agentless, temporarily connecting remotely via SSH or Windows Remote Management (allowing remote PowerShell execution) to do its tasks.
Ansible is an open-source IT automation engine, which can remove drudgery from your work life, and will also dramatically improve the scalability, consistency, and reliability of your IT environment. We’ll start to explore how to automate repetitive system administration tasks using Ansible, and if you want to learn more, you can go much deeper into how to use Ansible with Cloud Academy’s new Introduction to Ansible learning path.
What is Ansible and what can it automate?
You can use Ansible to automate three types of tasks:
- Provisioning: Set up the various servers you need in your infrastructure.
- Configuration management: Change the configuration of an application, OS, or device; start and stop services; install or update applications; implement a security policy; or perform a wide variety of other configuration tasks.
- Application deployment: Make DevOps easier by automating the deployment of internally developed applications to your production systems.
Ansible can automate IT environments whether they are hosted on traditional bare metal servers, virtualization platforms, or in the cloud. It can also automate the configuration of a wide range of systems and devices such as databases, storage devices, networks, firewalls, and many others.
The best part is that you don’t even need to know the commands used to accomplish a particular task. You just need to specify what state you want the system to be in and Ansible will take care of it. For example, to ensure that your web servers are running the latest version of Apache, you could use a playbook similar to the following and Ansible would handle the details.
The line in the above playbook that actually installs or updates Apache is “yum: name=httpd state=latest”. You just specify the name of the software package (httpd) and the desired state (latest) and Ansible does the rest. The other tasks in the playbook update the Apache config file, restart Apache, and enabled Apache to run at boot time. Take a read at one of our previous blog posts on how to build Ansible playbooks.
8 Use Cases for Modernizing and Automating Workflows
Managing an organization’s many tools and business processes are becoming increasingly complicated as technology expands. Whether your teams are performing their weekly system reboot or looking to configure instances to the desired state, it’s no secret that automation is critical to increasing speed, efficiency, productivity, and accuracy. Listed below are several instances1 where automation can help across your enterprise.
- Weekly system reboot: There’s nothing worse than doing the same thing for 8 hours a day! Eliminate repetitive, manual processes with automation.
- Enforce security guidelines: Rules are rules. It’s best to automate in an effort to achieve strict security standards.
- Monitor configuration drift: Use check mode with Ansible tasks to enforce desired settings and see if your configuration has drifted.
- Disaster recovery: Disaster recovery can involve a wide range of components. Act across different variables of the technology stack to identify problems and eliminate cross-team dependencies.
- Command blaster: Remarkably easy to write, you can run commands across your environment for any number of servers.
- Database binary patching: Several databases use outdated binary sets. Patch the binaries in accordance with the release of the latest patch.
- Instance provisioning: Use modules for several cloud providers to create new instances and tailor their configuration.
- Service license agreements: Mistakes cost time and money. Eliminate errors that can crop up in detailed software contracts.
Industry use case application of Ansible
The Power of AWS Meets Ansible Simplicity
Using Ansible to automate your applications in AWS greatly increases the chances that your cloud initiative will be a success. The breadth of AWS capability enables IT organizations to dynamically provision entire workloads like never before. To harness this power, IT organizations must effectively answer:
- How can we control cloud deployments?
- How does devops work in the cloud?
- Will my deployments be secure?
- How can we migrate existing apps to the cloud?
The answer? Automate with Ansible.
Manage Cloud Like Cloud with Ansible
When you deploy an application into AWS, you will soon realize that the cloud is much more than a collection of servers in someone else’s data center. You now have a fleet of services available to you to rapidly deploy and scale applications. However, if you continue to manage AWS like just a group of servers, you won’t see the full benefit of your migration to the cloud. Ansible automation can help you manage your AWS environment like a fleet of services instead of a collection of servers.
Ansible & AWS: Batteries included
From the beginning, Ansible has offered deep support for AWS. Ansible can be used to define, deploy, and manage a wide variety of AWS services. Even the most complicated of AWS environments can be easily described in Ansible playbooks. Once your AWS-based application environments are described with Ansible, you can deploy them again and again, easily scaling out to 100s or 1000s of instances across multiple regions, with the same results each and every time.
Out of the box, Ansible has nearly 100 modules supporting AWS capabilities, including:
Elastic Block Store (EBS)
Elastic Cloud Compute (EC2)
Elastic IPs (EIP)
Elastic Load Balancers (ELB)
Identity Access Manager (IAM)
Relational Database Service
Security Token Service
Simple Storage Service (S3)
Virtual Private Cloud (VPC)
Ansible also has over 1,300+ additional modules to help you manage every aspect of your Linux, Windows, UNIX, network infrastructure, and applications — regardless of where they’re deployed. With Ansible, one common language can be used to describe everything deployed in your cloud (and your enterprise).
Control Cloud Sprawl with Dynamic Inventory
Now that you have deployed applications into the cloud, how do you keep track of what you have? Keeping accurate track of deployed infrastructure is a critical part of ensuring security policies are always followed and systems are properly managed through their lifecycles. You don’t want to be paying for services you don’t need.
With Red Hat Ansible Tower’s cloud inventory synchronization, you can know exactly what AWS instances you have no matter how they were launched. Simply enter your AWS credentials and your entire AWS infrastructure can be made available as resources to use in your Ansible automation jobs.
Safely Automating at the Speed of Business
When you only had one or two engineers working in AWS, everything seemed easy. Now that you’ve got ten or more, you need controls in place that restrict users’ ability to modify certain environments. Ansible Tower delivers with its extensive set of role-based access controls that ensures users will only have access to the AWS resources (networks, systems, security groups, etc.) that they require for their job. Plus, Ansible Tower encrypts credentials such as AWS and SSH keys so that you can delegate simple automation jobs to junior employees without giving out the keys.
Migrations Made Easy
Your CIO just mandated that you have to migrate dozens of workloads to AWS. With Ansible, you can use the same simple playbook language to manage your infrastructure and deploy your application. Use Ansible to define your application locally. Once you can repeatedly deploy that application locally, re-deploying it to a different infrastructure is as straightforward as defining your AWS environment, and then applying your application’s playbook. No more surprises.
There are many other IT automation tools available, including more mature ones like Puppet and Chef, so why would you choose Ansible? The main reason is simplicity. Michael DeHaan, the creator of Ansible, already had a lot of experience with other configuration management tools when he decided to develop a new one. He said that he wanted “a tool that you could not use for six months, come back to, and still remember.”
Whether you need to make your life easier by automating your administration tasks or you’re interested in becoming a DevOps professional, Ansible is a good place to start. Learn how to streamline your IT operations with Introduction to Ansible.