Ansible and Industries

 Ansible and Industries

Ansible is an open-source software provisioning, configuration management, and application-deployment tool enabling infrastructure as code. It runs on many Unix-like systems, and can configure both Unix-like systems as well as Microsoft Windows. It includes its own declarative language to describe system configuration. Ansible was written by Michael DeHaan and acquired by Red Hat in 2015. Ansible is agentless, temporarily connecting remotely via SSH or Windows Remote Management (allowing remote PowerShell execution) to do its tasks.

Architecture

Unlike most configuration-management software, Ansible does not require a single controlling machine where orchestration begins. Ansible works against multiple systems in your infrastructure by selecting portions of Ansible's inventory, stored as edit-able, version-able ASCII text files. Not only is this inventory configurable, but you can also use multiple inventory files at the same time and pull inventory from dynamic or cloud sources or different formats (YAML, INI, etc.). Any machine with Ansible utilities installed can leverage a set of files/directories to orchestrate other nodes. The absence of a central-server requirement greatly simplifies disaster-recovery planning. Nodes are managed by this controlling machine – typically over SSH. The controlling machine describes the location of nodes through its inventory. Sensitive data can be stored in encrypted files using Ansible Vault since 2014. In contrast with other popular configuration-management software — such as Chef, Puppet, and CFEngine — Ansible uses an agentless architecture, with Ansible software not normally running or even installed on the controlled node. Instead, Ansible orchestrates a node by installing and running modules on the node temporarily via SSH. For the duration of an orchestration task, a process running the module communicates with the controlling machine with a JSON-based protocol via its standard input and output. When Ansible is not managing a node, it does not consume resources on the node because no daemons are executing or software installed.

Goals

• Minimal in nature. Management systems should not impose additional dependencies on the environment.
• Consistent. With Ansible one should be able to create consistent environments.
• Secure. Ansible does not deploy agents to nodes. Only OpenSSH and Python are required on the managed nodes.
• Highly reliable. When carefully written, an Ansible playbook can be idempotent, to prevent unexpected side-effects on the managed systems. It is entirely possible to have a poorly written playbook that is not idempotent.
• Minimal learning required. Playbooks use an easy and descriptive language based on YAML and Jinja templates.

Modules

Modules are mostly standalone and can be written in a standard scripting language (such as Python, Perl, Ruby, Bash, etc.). One of the guiding properties of modules is idempotency, which means that even if an operation is repeated multiple times (e.g., upon recovery from an outage), it will always place the system into the same state.

Playbooks

Playbooks are YAML files that express configurations, deployment, and orchestration in Ansible, and allow Ansible to perform operations on managed nodes. Each Playbook maps a group of hosts to a set of roles. Each role is represented by calls to Ansible tasks.

Ansible Tower

Ansible Tower is a REST API, web service, and web-based console designed to make Ansible more usable for IT teams with members of different technical proficiencies and skill sets. It is a hub for automation tasks. Tower is a commercial product supported by Red Hat, Inc. but derived from AWX upstream project, which is open source since September 2017. There was also another open source alternative to Tower, Semaphore, written in Go but not maintained.

Why Ansible?

Ansible automates and simplifies repetitive, complex, and tedious operations. Everybody likes it because it brings huge time savings when we install packages or configure large numbers of servers. Its architecture is simple and effective. It works by connecting to your nodes and pushing small programs to them.

Key Terms of Ansible:

• Controller Node: This is where Ansible gets installed. The controller machine helps in enabling provisioning on servers we manage.
• Managed Node: This is nodes where the task is executed by the controller node.
• Inventory: This is basically an initializing file that contains information about the servers that we are managing.
• Modules: These are little programs that act as building blocks encapsulating common tasks such as using yum to install packages or ping to test the connection to a remote host.
• Playbook: It is an organized unit of scripts defining an automated work for the configuration management of our server.
• Task: A task block defines a single procedure to be executed on the server like installing packages.

8 Use Cases for Modernizing and Automating Workflows

Managing an organization’s many tools and business processes is becoming increasingly complicated as technology expands. Whether your teams are performing their weekly system reboot, or looking to configure instances to a desired state, it’s no secret that automation is critical to increase speed, efficiency, productivity, and accuracy. Listed below are several instances1 where automation can help across your enterprise.

• Weekly system reboot: There’s nothing worse than doing the same thing for 8 hours a day! Eliminate repetitive, manual processes with automation.

• Enforce security guidelines: Rules are rules. It’s best to automate in an effort to achieve strict security standards.

• Monitor configuration drift: Use check mode with Ansible tasks to enforce desired settings and see if your configuration has drifted.

• Disaster recovery: Disaster recovery can involve a wide range of components. Act across different variables of the technology stack to identify problems and eliminate cross team dependencies.

• Command blaster: Remarkably easy to write, you can run commands across your environment for any number of servers.

• Database binary patching: Several databases use outdated binary sets. Patch the binaries in accordance with the release of the latest patch.

• Instance provisioning: Use modules for several cloud providers to create new instances and tailor their configuration.

• Service license agreements: Mistakes cost time and money. Eliminate errors that can crop up in detailed software contracts.

Advantages of Ansible

With so many simplifications, Ansible can surely present many advantages. Let us have a closer look!

• Simple to Learn

The foremost mention among advantages of Ansible refers to its simplicity. The simplicity is not only meant for professionals but also for beginners. It is easy to learn, and so, users could learn to use Ansible quickly along with better productivity. Ansible receives the support of comprehensive and easily interpretable documentation.

Therefore, you can learn the logic of Ansible operations and the workflow in a limited period. The lack of a dependency system could imply that Ansible tasks execute sequentially and stop when identifying an error. As a result, troubleshooting becomes a lot easier, even in the initial stages of learning about ansible.

• Easily Understandable Python Language

One of the prominent advantages of Ansible also refers to the language in which it is written. Python is a human-readable language and serves as the basis for Ansible. It provides better facilities for getting up Ansible and running it due to the presence of Python libraries on the majority of Linux distributions by default.

Python is a highly ideal alternative for administration and scripting tasks implying higher popularity among engineers and system administrators. Another interesting aspect of Ansible is the facility of Ansible modules that can improve its functionality. The Ansible modules can be written in any language. However, the important concern, in this case, is that the module should return data in JSON format.

• No Dependency on Agents

The next important addition among the benefits of Ansible refers to its agentless nature. Ansible manages all the master-agent communications through Standard SSH or Paramiko module. The Paramiko module is a Python implementation of SSH2 and is crucial for managing nodes. Therefore, Ansible does not require any form of agents installed on remote systems for ensuring management. As a result, maintenance overheads and performance degradations reduce considerably by huge margins with Ansible.

• Playbooks are written in YAML

The use of Playbooks in Ansible is also another reason for the major advantages of Ansible. Playbooks are Ansible configuration files, and the language for writing them is YAML. The interesting factor, in this case, is that YAML is a better alternative for configuration management and automation.

The superiority of YAML over other formats like JSON makes Ansible better configuration management and automation tool. Ansible makes it easy to read and supports comments. Most important of all, it also includes the use of anchors to reference other items.

• Ansible Galaxy

Another notable entry among advantages of Ansible refers to the Ansible Galaxy. Ansible Galaxy is a portal that acts as the central repository for locating, reusing, and sharing Ansible-related content. The best advantage of Ansible Galaxy is in the example of downloading reusable Roles for installing application or server configuration. The downloads are ideal for use in a particular user’s playbooks and can contribute substantially to an increase in deployment speed.

Disadvantages of Ansible

After a clear reflection on different advantages of Ansible, let us focus on the setbacks you can encounter with it.

• Insufficient User Interface

The first entry in the disadvantages of Ansible is the crude user interface. Ansible was initially a command-line only tool. The first effort of Ansible at making a user interface was with AWX graphical user interface. The other component in the UI was the REST endpoint that is meant for easier infrastructure management.

Subsequently, the AWX turned into the Ansible Tower, which is a web management UI. Ansible Tower offers visual management features and a team-based workflow instrument. However, the Ansible Tower requires considerable improvements. For example, almost 85% of tasks that could be completed through the command line can be achieved through the UI.

You could also come across another mention of Ansible disadvantages arising from its UI. The failure of synchronization between the GUI and the command line can lead to conflicting query results. On a general basis, Ansible Tower is still in the development stages and could not do everything like a command-line interface.

• Lack of any Notion of State

Another prominent mention among the disadvantages of Ansible is the lack of any notion of state. Ansible does not have any notion of state like other automation tools such as Puppet. Ansible does not track dependencies and simply executes sequential tasks and stops when tasks finish, fail, or any error comes.

These traits are not ideal for users who want the automation tool to maintain a detailed catalog for ordering. The catalog can help in reaching a specific state without any influence of changes in environmental conditions. However, Ansible lacks it and presents a formidable disadvantage.

• Limited Windows Support

The next prominent mention among Ansible disadvantages is the half-built Windows support. Ansible version 1.7 supports Windows as well as Linux/Unix nodes. In the case of Windows, Ansible employs a native PowerShell remoting rather than SSH. As a result, a Linux control machine is mandatory for the management of Windows hosts. The limited support for Windows in Ansible presents one of the formidable setbacks with the configuration management and automation tool.

• Ansible does not have Experience

The lack of enterprise support experience also draws down the appeal of Ansible. Ansible does not have a full-fledged working experience with large enterprises like its competitors, such as Puppet and Chef. Even though Ansible claims the facility of enterprise-grade extended support options, limited practical experience reduces the accountability of Ansible.

• Ansible is New to the Market

Finally, you can note one of the most common entries in Ansible advantages and disadvantages as a prominent setback of Ansible. Ansible is new to the market, unlike its renowned competitors. As a result, it does not have a large developer or user community. Furthermore, the new presence of Ansible on the market implies the possibilities of undiscovered bugs, software issues, and edge scenarios.

CONCLUSION

On a final note, we can conclude that Ansible provides a simple and powerful package for configuration management and automation. However, Ansible is new to the market now and has to deal with competition from renowned sources. The limited amount of documentation related to Ansible can create formidable setbacks for learning Ansible.

On the other hand, the growing interest in Ansible due to the adoption of Ansible by renowned agencies such as NASA can also turn the tables. The diverse functionalities of Ansible, such as provisioning, orchestration, application deployment, and security and compliance, show its potential. These capabilities of Ansible can translate effectively into a comprehensive DevOps tool. The future course for Ansible would depend on strengthening the advantages of Ansible while working on the setbacks.