ANSIBLE Automation Real World Use Cases

In this article, we will discuss what is ansible in DevOps and its use cases? If anyone asks you about ansible you can say simply this is an automation tool. But he/she can ask again there is a lot of automation tools like Jenkins, Nagios, Docker, Kubernetes so what is new in ansible? Simply you can say that all these tools are also automation tools, but it’s depended on you what kind of automation you want to achieve like if you want to automate your monitoring then use Nagios. If you want to automate your deployment and testing, then use Jenkins. Similarly, if you want to automate your configuration level task then use ansible.

What is Ansible?

Ansible is a software tool that provides simple but powerful automation for cross-platform computer support. It is primarily intended for IT professionals, who use it for application deployment, updates on workstations and servers, cloud provisioning, configuration management, intra-service orchestration, and nearly anything a systems administrator does on a weekly or daily basis. Ansible doesn't depend on agent software and has no additional security infrastructure, so it's easy to deploy.

Why Ansible?

Working in IT, you're likely doing the same tasks over and over. What if you could solve problems once and then automate your solutions going forward?

Ansible is here to help.

Every business is a digital business. Technology is your innovation engine, and delivering your applications faster helps you win. Historically, that required a lot of manual effort and complicated coordination. But today, there is Ansible - the simple, yet powerful IT automation engine that thousands of companies are using to drive complexity out of their environments and accelerate DevOps initiatives.

How Ansible Works?

Ansible works by connecting to nodes and pushing out small programs called as ansible modules. Ansible then executes these modules over SSH by default and then remove them when finished.

The Ansible management node is the controlling node, which controls the entire execution of the Playbook. It’s the node from which you are running the installation, and the inventory file provides the list of the host where the modules need to be run. The management node makes ssh connection, and then it executes the modules on the host machines and installs the product. It removes the modules once they are installed. So that’s how ansible works.

Advantage of using ansible

• Ansible uses a simple syntax written in YAML called playbooks. YAML is a human-readable data serialization language. It is extraordinarily simple. So, no special coding skills are required and even people in your IT organization, who do not know what is Ansible can likely read a playbook and understand what is happening. 
• Finally, Ansible is completely agentless. There are no agents/software or additional firewall ports that you need to install on the client systems or hosts that you want to automate. You do not have to separately set up a management infrastructure which includes managing your entire systems, network, and storage. Ansible further reduces the effort required for your team to start automating right away.

• Ansible has powerful features that can enable you to model even the most complex IT workflows. In this aspect, Ansible’s batteries included approach (This philosophy means that something is self-sufficient, comes out-of-the-box ready to use, with everything that is needed) can manage the infrastructure, networks, operating systems, and services that you are already using, as Ansible provides you with hundreds of modules to manage them. Together Ansible’s capabilities allow you to orchestrate the entire application environment regardless of where it is deployed.

Disadvantage of ansible

• Open Source. In many ways, this is a good thing, but it also means support is limited to community forums and such. So many people use it that it hasn't been an issue for us, but it means researching your own answer instead of just calling support
• Since Ansible runs each task individually over SSH if you have a playbook with a large number of tasks to perform it can be a lengthier process due to some significant wait time between tasks. A simple solution is obviously to eliminate as many of these tasks as possible or break them up into separate playbooks.

USE CASES OF ANSIBLE ARE:

• Configuration Management

Ansible is designed to be very simple, reliable, and consistent for configuration management. If you’re already in IT, you can get up and running with it very quickly. Ansible configurations are simple data descriptions of infrastructure and are both readable by humans and parsable by machines. All you need to start managing systems is a password or an SSH (Secure Socket Shell, a network protocol) key. An example of how easy Ansible makes configuration management: If you want to install an updated version of a specific type of software on all the machines in your enterprise, all you have to do is write out all the IP addresses of the nodes (also called remote hosts) and write an Ansible playbook to install it on all the nodes, then run the playbook from your control machine.

• Application Deployment

Ansible lets you quickly and easily deploy multitier apps. You won’t need to write custom code to automate your systems; you list the tasks required to be done by writing a playbook, and Ansible will figure out how to get your systems to the state you want them to be in. In other words, you won’t have to configure the applications on every machine manually. When you run a playbook from your control machine, Ansible uses SSH to communicate with the remote hosts and run all the commands (tasks).

• Orchestration

As the name suggests, orchestration involves bringing different elements into a beautifully run whole operation—similar to the way a musical conductor brings the notes produced by all the different instruments into a cohesive artistic work. For example, with application deployment, you need to manage not just the front-end and backend services but the databases, networks, storage, and so on. You also need to make sure that all the tasks are handled in the proper order. Ansible uses automated workflows, provisioning, and more to make orchestrating tasks easy. And once you’ve defined your infrastructure using the Ansible playbooks, you can use that same orchestration wherever you need to, thanks to the portability of Ansible playbooks.

NASA using Ansible

“ As a result of implementing Ansible we are better equipped to manage our environment. Ansible has allowed us to provide better operations and security to our clients. It has also increased our efficiency as a team.” – Jonathan Davila DevOps Lead, InfoZen

The Challenge Before Ansible

• Migrating 110 websites & apps to Amazon in 22 weeks. 
•  Everything was manual, following tasks documents. With time – started using shell scripts. Simple things were extremely burdensome.
• NASA WESTPRIME’s initial focus was to move roughly 65 applications from a traditional hardware based data center in a rapid timeline to a cloud-based environment. The rapid timeline resulted in many applications being migrated ‘as-is’ to a cloud environment. This allowed NASA to gain significant cost savings from the change in infrastructure but did not allow for immediate cloud optimization of the applications and sites. As a result of the rapid migration requirement, we had an environment spanning multiple virtual private clouds (VPCs) and AWS accounts that could not be easily managed. This resulted in scenarios where even simple things, like ensuring every system administrator had access to every server or simple patching, were extremely burdensome.

How NASA is using Ansible?

To solve the problems that we had with a lack of centralized management and a diverse environment, they evaluated multiple solutions and decided on the implementation of Ansible Tower. They are now leveraging Ansible Tower to manage their environment in a very organized and scheduled way. As a result of their Ansible Tower implementation they achieved the following efficiencies:

? NASA web app servers are being patched routinely and automatically through Ansible Tower with a very simple 10-line Ansible playbook.

? Ansible is also being used to remediate security issues and was leveraged to re-mediate both OpenSSL issues earlier this year. This not only saved their time but allowed them to quickly re-mediate a very daunting security issue.

? Every single week both the full and mobile versions of www.nasa.gov are updated via Ansible, generally only taking about 5 minutes to do.

Results after Ansible

As a result of implementing Ansible is better equipped to manage their environment. Ansible has allowed them to provide better operations and security to their clients. It increased their efficiency as a team.

? www.nasa.gov update window reduced from over 1 hour to 5 minutes or less

? Patching updates reduced from a multi-day process to a 45-minute process

? Near real-time RAM and Disk monitoring accomplished without agents

? OS Account provisioning across the entire environment in less than 10 minutes

? Baselining our standard AMI’s went from 1 hour of manual configuration to becoming an invisible background process

? Application Stacks went from 1-2 hours to set up, to about 10 minutes per stack