What is Ansible?
Ansible is a popular IT automation engine that automates operations like configuration management, cloud provisioning, software deployment, and intra-service orchestration that are either challenging, repetitive, or complex.
When we have certain types of tasks that are repetitive by nature like deploying an application, configuring an application, installing it on remote hosts, etc. we try to use shell scripts, python scripts or maybe some other scripting language in order to automate these things.
Ansible takes these tasks to the next level.
The first advantage of Ansible over the other tools like Chef or Puppet is that Ansible is agentless. When we’re using Ansible we have control nodes and managed nodes. The control node is the one where Ansible is installed and it’s the place from where the Ansible commands will be executed. The managed nodes, as the name implies, are the nodes we’re managing and controlling from the main or control node. Software like Chef or Puppet needs to have agents installed on the managed nodes. On the other side, Ansible is not relying on an agent and is known as “agentless”, using SSH to push changes from a single source to multiple remote resources or taking facts from those resources in real-time and perform some functions on top of that. There is no need to store those facts in some database which eliminates the possibility of stealing them or maybe making certain bottlenecks in the system.
Another example is the process of installing packages on a remote host. Ansible will first check if the package is already installed there and execute the installation process only when it is not part of the remote system.
But, how do we do that across many hosts?
If this operation should be executed on thousands of hosts at the time when the network goes down, Ansible will know on which nodes the package was installed and how many of them were left unconfigured. Gathering the node’s facts in real-time, Ansible has info on which node the operation failed and starts from it next time. We don’t have to maintain the state of the machines, Ansible takes care of that for us.
Based on that, Ansible is a server orchestration tool appropriate for managing all environments, from small setups with a handful of instances to enterprise environments with many thousands of instances. In the case of complex architecture (web hosts, database hosts, load balancers etc.) the order through which some changes are applied to these different tiers really matters. Ansible can orchestrate these kinds of things and even more advanced IT tasks such as continuous deployments or zero downtime rolling updates.
It aims to be clear, fast, complete, secure and efficient. Because it uses simple syntax (YAML, in the form of Ansible Playbooks), it’s easy for any tech person to understand it. APIs are simple and sensible, too. Since it can be set up quickly, it’s also easy to learn, especially considering there’s no need to install extra agents or daemons. With Ansible, you have everything in one complete package because it does 3-things-in-1 in an efficient way. Ansible uses SSH and requires no extra open ports on potentially vulnerable daemons on your infrastructure.
Ansible was created by Michael DeHaan in 2012 and is written in Python and Powershell.
Why use Ansible for DevOps?
With ever-increasing complex IT environments that often need maintenance, updates, scaling-up activities, keeping up-to-date of everything manually is a burden and a daunting task. The automation simplifies complex tasks using tools like Ansible, allowing developers, operations people, and system admins to concentrate on the tasks that add value to the organization.
Ansible is the right choice for many reasons and processes, starting with configuration management, application deployment, orchestration, provisioning, security and compliance. Using Ansible, applications can be defined and managed from the development stage to production. It supports DevOps teams in managing the infrastructure and interaction of configurations and it helps to automate and manage processes.
Here are two examples where using Ansible can be of great help:
Provisioning & Application Deployment: Your applications have to live on a certain machine, whether it’s a bare-metal or Virtual machine, and maybe part of a cloud or on-premises cluster. This is when Ansible makes sure that the required packages are downloaded and installed in order to provision your application.
When you define your application with Ansible, and manage the deployment with (or without) Ansible Tower, teams are able to effectively manage the entire application life cycle from development to production. In the image below you can find a number of steps that need to be undergone in case, you need to prepare the environment and configure both web and database servers needed for running a Python application.
Why worry about performing these steps one by one when we have a tool like Ansible. All you need to do is list these tasks in your Ansible playbooks and sit back watching Ansible executing them in order.
Orchestration: As the name suggests, orchestration involves bringing different elements into a beautifully run whole operation—similar to the way a musical conductor brings the notes produced by all the different instruments into a cohesive artistic work. As we saw, with application deployment, you need to manage not just the front-end and backend services but the databases, networks, storage, and so on. You also need to make sure that all the tasks are handled in the proper order. Ansible uses automated workflows, provisioning, and more to make orchestrating tasks easy. And once you’ve defined your infrastructure using the Ansible playbooks, you can use that same orchestration wherever you need to, thanks to the portability of Ansible playbooks.
For example, consider the situation where you want to deploy a new website in place of the existing one. For that, you will remove the existing website, deploy the new one, and restart the load balancer or the web cluster if needed. Now, if you just did something like this, users would notice downtime because you have not removed the live traffic going to these machines via the load balancer. So, you need some type of pre-task, where you tell the load balancer to put this webserver into maintenance mode so that you can temporarily disable traffic from going to it, as it gets upgraded.
So, this is the pre-task, where you disable traffic, then down there, you upgrade the node using these various tasks. Finally, you need some type of post-task, which will enable traffic to this web node again, by taking it out of maintenance mode. These tasks can be written in Ansible playbooks and hence it helps to orchestrate the environment.
Why choose Ansible?
There are many use cases of Ansible, but the top ones include: infrastructure provisioning and orchestration, configuration management, IT automation, continuous deployment, application development, and network and security automation. Ansible is quite handy and well appreciated in everyday work when, for instance, there are four or five web servers to be configured and deployed, as well as more than four database servers to configure and install. The web servers have applications that connect to the database servers in the backend. Additionally, these servers will receive numerous application upgrades. Typically this situation would now require these servers to be configured and operated independently.
Even a system administrator will be overwhelmed if there are more servers with different settings. These operations are challenging to do and maintain due to a large number of servers, necessitating a lot of effort from system administrators as well as developers working on the apps. This is the point where Ansible takes hold. Ansible can help with infrastructure automation and orchestration, handling and administering all of the related servers in one go.
What is your experience with Ansible? Let me know in the comments below.