How are Industries solving their challenges using Ansible Automation Engine?

What is Ansible?

Ansible is a super-simple automation platform that is agentless and extensible.

Ansible is one of the newer IT automation and configuration management platforms that exist in the open-source world. It’s often compared to other tools such as Puppet, Chef, and SaltStack. Ansible emerged on the scene in 2012 as an open-source project created by Michael DeHaan, who also created Cobbler and cocreated Func, both of which are very popular in the open-source community. Less than 18 months after the Ansible open source project started, Ansible Inc. was formed and received $6 million in Series A funding. It became and is still the number one contributor to and supporter of the Ansible open source project. In October 2015, Red Hat acquired Ansible Inc.

It is an open-source automation tool, or platform, for IT tasks such as configuration management, application deployment, orchestration, and provisioning. Automation is crucial these days, with IT environments that are too complex and often need to scale too quickly for system administrators and developers to keep up if they had to do everything manually. Automation simplifies complex tasks, allowing developers to focus more on other tasks that add value to an organization. In other words, it frees up time and increases efficiency.

Benefits of Ansible

• Free: Ansible is an open-source tool.
• Very simple to set up and use: No special coding skills are necessary to use Ansible’s playbooks (more on playbooks later).
• Powerful: Ansible lets you model even highly complex IT workflows.
• Flexible: You can orchestrate the entire application environment no matter where it’s deployed. You can also customize it based on your needs.
• Agentless: You don’t need to install any other software or firewall ports on the client systems you want to automate. You also don’t have to set up a separate management structure.
• Efficient: Because you don’t need to install any extra software, there’s more room for your server's application resources.

Tasks Ansible can Automate

Ansible can be used to automate three types of tasks:

• Provisioning: Set up the various servers you need in your infrastructure.
• Configuration management: Change the configuration of an application, OS, or device; start and stop services; install or update applications; implement a security policy; or perform a wide variety of other configuration tasks.
• Application deployment: Make DevOps easier by automating the deployment of internally developed applications to your production systems.

Ansible can automate IT environments, whether they are hosted on traditional bare metal servers, virtualization platforms, or the cloud. It can also automate the configuration of a wide range of systems and devices such as databases, storage devices, networks, firewalls, and many others.

The best part is that you don’t even need to know the commands used to accomplish a particular task. You need to specify what state you want the system to be in, and Ansible will take care of it.

Why is Ansible so Popular?

There are many other IT automation tools available, including more mature ones like Puppet and Chef, so why would you choose Ansible? The main reason is simplicity. Michael DeHaan, the creator of Ansible, already had a lot of experience with other configuration management tools when he decided to develop a new one. He said that he wanted “a tool that you could not use for six months, come back to, and still remember.”

DeHaan accomplished this by using YAML, a simple configuration language. Puppet and Chef, on the other hand, use Ruby, which is more difficult to learn. This makes Ansible especially appealing to system administrators.

DeHaan also simplified Ansible deployment by making it agentless. That is, instead of having to install an agent on every system you want to manage (as you have to do with Puppet and Chef), Ansible requires that systems have Python (on Linux servers) or PowerShell (on Windows servers) and SSH.

six reasons to use Ansible for network automation

1. Agentless
2. Free and Open- Source Software (FOSS)
3. Extensible
4. Integrating into existing DevOps workflows
5. Idempotency
6. Network-wide and Ad-hoc changes

Use Cases of Ansible

Stages of an Application Lifecycle

1. Provisioning: The first step in automating any applications’ life cycle is automating infrastructure provisioning. With Ansible, we can provision cloud platforms, virtualized hosts, network devices, and bare-metal servers. Provisioning with Ansible allows you to seamlessly transition into configuration management, orchestration, and application deployment using the same simple, human-readable, automation language.
2. Configuration Management: Ansible is designed to be very simple, reliable, and consistent for configuration management. Ansible configurations are simple data descriptions of infrastructure and are both readable by humans and parsable by machines. All you need to start managing systems is a password or an SSH (Secure Socket Shell, a network protocol) key. An example of how easy Ansible makes configuration management: If you want to install an updated version of a specific type of software on all the machines in your enterprise, all you have to do is write out all the IP addresses of the nodes (also called remote hosts) and write an Ansible playbook to install it on all the nodes, then run the playbook from your control machine
3. Application Deployment: Ansible lets you quickly and easily deploy multitier apps. You won’t need to write custom code to automate your systems; you list the tasks required to be done by writing a playbook, and Ansible will figure out how to get your systems to the state you want them to be in. In other words, you won’t have to configure the applications on every machine manually. When you run a playbook from your control machine, Ansible uses SSH to communicate with the remote hosts and run all the commands (tasks).
4. Orchestration: As the name suggests, orchestration involves bringing different elements into a beautifully run whole operation — similar to the way a musical conductor brings the notes produced by all the different instruments into a cohesive artistic work. For example, with application deployment, we need to manage everything, not just the front-end and back-end, but also the databases, networks, storage, etc. You also need to make sure that all the tasks are handled in the proper order. Ansible uses automated workflows, provisioning, and more to make orchestrating tasks easy. And once you’ve defined your infrastructure using the Ansible playbooks, you can use that same orchestration wherever you need to, thanks to the portability of Ansible playbooks.
5. Security and Compliance: As with application deployment, sitewide security policies (such as firewall rules or locking down users) can be implemented along with other automated processes. If you configure the control machine's security details and run the associated playbook, all the remote hosts will automatically be updated with those details. That means you won’t need to monitor each machine for security compliance continually manually. And for extra security, an admin’s user ID and password aren’t retrievable in plain text on Ansible.

Ansible Architecture

Architecture of Ansible

Let us start with the Public/Private Cloud, which is the Linux server. It can also act as a repository for all IT installation and configurations.

The above architecture has many host machines to which the ansible server connects and pushes the playbooks through SSH.

It has an Ansible automation engine using which users can directly run a playbook deployed on the hosts. There are multiple components in the Ansible automation engine. The first is a host inventory. It’s a list of all the IP addresses of all the hosts.

Next, there are modules. Ansible comes with hundreds of inbuilt modules, and modules are those pieces of code that get executed when you run a playbook. A playbook contains plays, a play contains different tasks, and a task includes modules.

When you run a playbook, it’s the modules that get executed on your hosts, and these modules contain action in them. So, when you run a playbook, those action takes place on your host machines. You can make your custom modules also. All you must do is write a few code lines and make it your module, and you can run it anytime you want.

Then the architecture has playbooks. Playbooks are used to define workflow, and whatever tasks that write in a playbook gets executed in the same order as it is written in them. For example, if you have written that install a package first and then start, it’ll do the same. Playbooks are very simple to write YAML code. YAML code is a straightforward data serialization language; it’s pretty much like English.

Next, in the architecture, are plugins. Plugins here are special kinds of modules. These plugins get executed before a module is getting executed on the nodes. Plugins get executed on the main control machine for logging purposes. You’ve got call-back plugins because this enables you to hook into different ansible events for display and logging purposes. Cache plugins are used to keep a cache of facts to avoid costly fact-gathering operations. Ansible also has action plugins, which are front-end modules, and they can execute tasks on the controller machine before calling the modules themselves.

The architecture has connection plugins. It is not always needed to use an SSH for connecting with your host machines; you can also use a connection plug-in. For example, Ansible provides you with a docker container connection plugin. Using that connection plug-in, you can easily connect to all your Docker containers and start configuring them right away.

How does Ansible work?

Ansible consists of 3 main components.

1. Controller Node
2. Inventory
3. Playbook

Controller Node: It manages the execution of the Playbook. It can be installed on your local machine or on any machine on the internet.

Inventory: IAll the machines you’re using with Ansible (the control machine plus nodes) are listed in a single simple file, along with their IP addresses, databases, servers, and so on. Once you register the inventory, you can assign variables to any of the hosts using a simple text file.

Playbook: Ansible playbooks are like instruction manuals for tasks. They are simple files written in YAML, which stands for YAML Ain’t Markup Language, a human-readable data serialization language. Playbooks are really at the heart of what makes Ansible so popular is because they describe the tasks to be done quickly and without the need for the user to know or remember any particular syntax. Not only can they declare configurations, but they can orchestrate the steps of any manually ordered task, and can execute tasks at the same time or at different times.

Common Ansible Terms are:

• Controller Machine: The machine where Ansible is installed and responsible for running the provisioning on the servers you are managing.
• Inventory: An initialization file that contains information about the servers you are managing.
• Playbook: The entry point for Ansible provisioning, where the automation is defined through tasks using YAML format.
• Task: A block that defines a single procedure to be executed, e.g., Install a package.
• Module: A module typically abstracts a system task, like dealing with packages or creating and changing files. Ansible has a multitude of built-in modules, but you can also create custom ones.
• Role: A pre-defined way for organizing playbooks and other files to facilitate sharing and reusing portions of provisioning.
• Play: A provisioning executed from start to finish is called a play. In simple words, the execution of a playbook is called a play.
• Facts: Global variables containing information about the system, like network interfaces or operating system.
• Handlers: Used to trigger service status changes, like restarting or stopping a service.

Ansible Case Study — NETAPP Automates I.T. Tasks for Faster Application Delivery With Ansible.

NetApp, a data management technology company, sought to improve the speed and efficiency of its IT service delivery. The company automated manual, repetitive management processes, and streamlined storage provisioning using Red Hat Ansible Automation and Red Hat OpenShift Container Platform. As a result, NetApp has dramatically reduced delays and human errors — eliminating hundreds of manual work hours — and accelerated application delivery times from weeks to minutes.

Improving Service Efficiency

NetApp delivers data management solutions that help organizations use the information to its full potential. The company’s globally distributed corporate IT environment includes four data centers with 58PB of storage, production footprints in both Amazon Web Services (AWS) and Microsoft Azure, more than 5,300 servers—75% virtualized—and 560 enterprise applications. To meet a strategic directive to make the enterprise more lean and agile, NetApp’s corporate IT team continuously seeks to improve the efficiency of IT services and application delivery—for example, by adopting a DevOps software delivery approach and a hybrid cloud approach to infrastructure services. However, this team faced significant challenges, such as the high level of time and effort required to manage infrastructure and delays in application delivery due to a lack of dynamic storage provisioning. Similar to other IT organizations, NetApp was also hindered by repetitive manual processes. For example, updating the network time protocol (NTP) clients of NetApp’s thousands of servers manually took about 5 minutes per machine or 25,000 total minutes. Traditional approaches, such as using scripts to iterate across servers with a stream editor, could not effectively account for high variations in configurations. As a result, this simple maintenance task would require 415 employee hours, or 52 8-hour workdays, with a high inconsistency risk. Manual provisioning of persistent storage also prevented NetApp from achieving its goal of delivering software using a container and microservices-based approach. To overcome these challenges, NetApp needed a dynamic provisioning solution to support its in-house storage technologies and a fully supported and integrated container platform.

Automating Infrastructure and Processes

As an active open source participant and a long-time user of Red Hat software, NetApp decided to pilot Red Hat Ansible Engine, part of Red Hat Ansible Automation, in its NTP update project eliminate repetitive manual tasks in configuration management. Ansible Engine is an agentless automation platform based on a powerful yet human-readable language that communicates with existing systems, applications, and tools. NetApp’s corporate IT team has used Ansible Engine to automate dozens of previously manual processes and continue to streamline its processes. To address its dynamic storage provisioning challenge, NetApp combined Trident, an open-source project it hosts and leads, with Red Hat OpenShift Container Platform, a solution for advanced application creation and delivery automation across private, public, and hybrid infrastructures. Trident lets applications provisioned and managed using the Kubernetes container orchestration engine — included in OpenShift — use storage resources on demand.

With Ansible NetApp accomplishes:

1. Accelerated infrastructure maintenance: NetApp streamlined the iterative configuration file changes required for the NTP project with Ansible Engine, cutting the work from weeks to days. “This project had occupied dozens of staff for weeks, with many more weeks to go,” said Fox. “With Ansible, we completed it in two days: one day to write the new template and playbook, then one day to run it and restart the services. If we need to make standardized changes in our IT environment, we use Ansible to save hundreds of work hours.” Ansible Engine also eliminates the human errors that inevitably occur in highly iterative manual tasks
2. Reduced delivery time from weeks to minutes: Eliminating the bottleneck created by manual processes for persistent storage provisioning has helped NetApp dramatically accelerate application delivery.
3. Gained support for business evolution: Over the past five years, NetApp’s IT team has been on a journey to evolve their as-a-service delivery methods and shift to become more business- and service-focused. Automation and containerized applications play a key role in redirecting the resources reclaimed due to these efforts to more proactive, strategic IT initiatives.