What is Ansible ❓
Ansible is an open-source IT Configuration Management, Deployment & Orchestration tool. It aims to provide large productivity gains to a wide variety of automation challenges. This tool is very simple to use yet powerful enough to automate complex multi-tier IT application environments.
Features of Ansible
- Simple: Ansible Playbooks provide human-readable automation. This means that playbooks are automation tools that are also easy for humans to read, comprehend, and change. No special coding skills are required to write to them.
- Powerful: You can use Ansible to deploy applications, for configuration management, workflow automation, and network automation. Ansible can be used to orchestrate the entire application life cycle.
- Agentless: Ansible is built around an agentless architecture. Ansible connects to the hosts it manages using OpenSSH or WinRM and runs tasks by pushing out small programs called Ansible modules to those hosts.
What Ansible can automate
You can use Ansible to automate many tasks, these are three tasks which are very common:
- Provisioning: Applications have to be deployed or installed on systems. Ansible and Red Hat Ansible Tower can help streamline the process of provisioning systems, whether you are PXE booting and kickstarting bare-metal servers or virtual machines, or creating virtual machines or cloud instances from templates.
- Configuration Management: Change the configuration of an application, OS, or device; start and stop services; install or update applications; implement a security policy; or perform a wide variety of other configuration tasks.
- Application Development: When you define your application with Ansible and manage the deployment with Red Hat Ansible Tower, teams can effectively manage the entire application life cycle from development to production.
Ansible Architecture :
In this section, we’ll see a really quick overview of how Ansible works.
- Control Node: A control node is a system where Ansible is installed and set up to connect to your server. You can have multiple control nodes.
- Managed Node: The systems you control using Ansible are called managed nodes. Ansible requires that managed nodes are reachable via SSH and have Python 2 (version 2.6 or higher) or Python 3 (version 3.5 or higher) installed.
- Modules: Ansible works by connecting to your nodes and pushing out scripts called “Ansible Modules” to them. Most modules accept parameters that describe the desired state of the system. Ansible then executes these modules (over SSH by default) and removes them when finished.
- Plugins: Plugins augment Ansible’s core functionality. While modules execute on the target system in separate processes, plugins execute on the control node within the /usr/bin/ansible process. Plugins offer options and extensions for the core features of Ansible.
- Inventory: An inventory file contains a list of the hosts you’ll manage using Ansible. Although Ansible typically creates a default inventory file when installed, you can use per-project inventories to have a better separation of your infrastructure.
- Playbook: A playbook contains an ordered list of tasks, and a few other directives to indicate which hosts are the target of that automation, Ansible executes tasks sequentially, and a full playbook execution is called a play. Playbooks are written in YAML format.
- APIs: APIs in Ansible are used as transport for Cloud services, public or private.
Red Hat Ansible Tower
Red Hat Ansible Tower is a web console and REST API for operationalizing Ansible across your team, organization, and enterprise. It’s designed to be the hub for all of your automation tasks.
The tower allows you to share the SSH credentials without exposing them, logs all the jobs, manage inventories graphically, and syncs them with a wide variety of cloud providers.
Some of the important features of Ansible Tower are listed below.
- Ansible Dashboard: The Ansible Tower dashboard displays everything going on in your Ansible environment.
- Real-Time Job Updates: Within Ansible Tower, the playbook runs stream by in real-time. As Ansible automates across your infrastructure, you’ll see plays and tasks complete, broken down by each machine, and each success or failure, complete with output.
- Multi-Playbook Workflows: It allows you to chain any number of playbooks, regardless of the usage of different inventories, utilizes various credentials, or runs different users.
- Job scheduling: Different kinds of jobs such as Playbook runs, cloud inventory updates and source control updates can be scheduled inside Ansible Tower to run according to the need.
Now let’s see how some of the government organizations like NASA, German Federal Office, British Army are using Ansible to solve their challenges.
NASA and Ansible Tower
NASA needed to move roughly 65 applications from a traditional hardware-based data center to a cloud-based environment for better agility and cost savings. The rapid timeline resulted in many applications being migrated ‘as-is’ to a cloud environment. This created an environment spanning multiple virtual private clouds (VPCs) and AWS accounts that could not be easily managed. Even simple things, like ensuring every system administrator had access to every server, or simple patching, were extremely burdensome.
NASA used the Ansible Tower to manage and schedule the cloud environment. As a result of implementing the Ansible Tower, NASA is better equipped to manage its AWS environment. Tower allowed NASA to provide better operations and security to its clients. It has also increased efficiency as a team. If we see by the numbers:
- Updating nasa.gov went from over 1 hour to under 5 minutes
- Patching updates went from a multi-day process to 45 minutes
- Achieving near real-time RAM and disk monitoring
- Provisioning OS Accounts across an entire environment in under 10 minutes
- Application stack set up from 1–2 hours to under 10 minutes per stack
“Ansible Tower has allowed us to provide better operations and security to our clients. It has also increased our efficiency as a team.”
German Federal Office and Ansible Tower
The German’s Federal Office for Agriculture and Food, Bundesanstalt für Landwirtschaft und Ernährung (BLE), works to strengthen sustainable agricultural, food, forestry, and fishery industries, as well as rural development. BLE also provides administrative and IT services to its parent organizations.
The department was running its main infrastructure on Debian and SUSE Linux, which required its teams to manually configure systems and writing scripts. To improve its IT performance and processes, BLE decided to migrate to Red Hat Enterprise Linux as its core operating system in BLE’s datacenter. Also, BLE uses Red Hat Satellite to manage the deployment and installation of new virtual machines (VMs) and Red Hat Ansible Tower to automate many daily management tasks, such as configuration changes.
“Ansible Tower is relatively simple compared to other tools and is very easy to understand, We have already replaced 99% of our scripts with Ansible Tower, and we are moving towards managing all of our applications this way. We save 50–60% of the time we previously spent on management and configuration,” said Fabian Seelbach, IT systems administrator at BLE.
BLE has now automated and simplified its manual configuration tasks and in-house scripts using Satellite and Ansible Tower is helping them in a number of ways. Some of them are listed:
- Efficient configuration and management
- Lower risk and easier completion
- Faster response to internal customers
“Red Hat Ansible Tower is relatively simple compared to other tools and is very easy to understand.”
— FABIAN SEELBACH I.T. SYSTEMS ADMINISTRATOR, BLE
British Army and Ansible Tower
The British Army’s Information Application Services (IAS) Branch delivers software applications, hosting, and web services to families, veterans, and personnel deployed around the world. Due to problems with support, performance, and availability, the British Army’s IAS Branch needed to migrate from its Oracle private cloud environment. The system caused unplanned downtime during upgrades, disrupted users, and slowed update deployment.
IAS decided to migrate from Oracle Linux to Red Hat Enterprise Linux, moving from physical infrastructure to a software-defined datacenter. IAS used Ansible Tower, to improve consistency, reduce manual errors, and support a DevOps delivery approach.
Now IAS gained easier, more accurate management, cutting patching time and significantly reducing launch errors and configuration issues. IAS is benefited from Ansible tower in a number of ways, some of them are:
- Simplified and automated management to improve consistency and reduce manual errors
- Accelerated deployment of critical patches from three days to three hours and reduce the delivery time by 75%
- Improved agility by enhancing the DevOps approach used to deliver services to users
“Rather than bulk delivery, we are able to deliver incrementally, and we no longer frustrate users with significant downtime during working hours.”
LT. COL. DORIAN SEABROOK
HEAD OF OPERATIONS,
SERVICES (IAS) BRANCH,