Ansible Case Study And Use Cases !!
Sheetal Agarwal
AWS Community Builder | 4X GCP Certified | 3X AWS Certified | 1X Azure Certified | DevOps Engineer | Cloud Engineer | SRE | Kubernetes | Jenkins | Terraform | Ansible
What is Ansible ?
Ansible is open-source configuration management, software provisioning, application-deployment tool enabling infrastructure as a code. It can run over UNIX, LINUX, MACOS, and WINDOWS. It is written in Python.
Ansible is a radically simple IT automation engine that automates cloud provisioning, configuration management, application deployment, intra-service orchestration, and many other IT needs. Designed for multi-tier deployments since day one, Ansible models your IT infrastructure by describing how all of your systems inter-relate, rather than just managing one system at a time.
Ansible Terms -
- Controller Machine: The machine where Ansible is installed, responsible for running the provisioning on the servers you are managing.
- Inventory: An initialization file that contains information about the servers you are managing.
- Playbook: The entry point for Ansible provisioning, where the automation is defined through tasks using YAML format.
- Task: A block that defines a single procedure to be executed, e.g. Install a package.
- Module: A module typically abstracts a system task, like dealing with packages or creating and changing files. Ansible has a multitude of built-in modules, but you can also create custom ones.
- Role: A pre-defined way for organizing playbooks and other files in order to facilitate sharing and reusing portions of a provisioning.
- Play: A provisioning executed from start to finish is called a play. In simple words, execution of a playbook is called a play.
- Facts: Global variables containing information about the system, like network interfaces or operating system.
- Handlers: Used to trigger service status changes, like restarting or stopping a service.
How Ansible work ?
In Ansible, there are two categories of computers: the control node and managed nodes. The control node is a computer that runs Ansible. There must be at least one control node, although a backup control node may also exist. A managed node is any device being managed by the control node.
Ansible works by connecting to nodes (clients, servers, or whatever you’re configuring) on a network, and then sending a small program called an Ansible module to that node. Ansible executes these modules over SSH and removes them when finished. The only requirement for this interaction is that your Ansible control node has login access to the managed nodes. SSH Keys are the most common way to provide access, but other forms of authentication are also supported.
- Inventories - All the machines you’re using with Ansible (the control machine plus nodes) are listed in a single simple file, along with their IP addresses, databases, servers, and so on. Once you register the inventory, you can assign variables to any of the hosts using a simple text file. You can also pull inventory from sources like EC2 (Amazon Elastic Compute Cloud).
- Modules - Modules are like small programs that Ansible pushes out from a control machine to all the nodes or remote hosts. The modules are executed using playbooks (see below), and they control things such as services, packages, and files. Ansible executes all the modules for installing updates or whatever the required task is, and then removes them when finished. Ansible provides more than 450 modules for everyday tasks.
- Plugins - As you probably already know from many other tools and platforms, plugins are extra pieces of code that augment functionality. Ansible comes with a number of its plugins, but you can write your own as well. Action, cache, and callback plugins are three examples.
- Playbooks - Ansible playbooks are like instruction manuals for tasks. They are simple files written in YAML, which stands for YAML Ain’t Markup Language, a human-readable data serialization language. Playbooks are really at the heart of what makes Ansible so popular is because they describe the tasks to be done quickly and without the need for the user to know or remember any particular syntax. Not only can they declare configurations, but they can orchestrate the steps of any manually ordered task, and can execute tasks at the same time or at different times. Each playbook is composed of one or multiple plays, and the goal of a play is to map a group of hosts to well-defined roles, represented by tasks.
- APIs - Various APIs (application programming interfaces) are available so you can extend Ansible’s connection types (meaning more than just SSH for transport), callbacks, and more.
Features Of Ansible -
- Free: Ansible is an open-source tool.
- Very simple to set up and use: No special coding skills are necessary to use Ansible’s playbooks (more on playbooks later).
- Powerful: Ansible lets you model even highly complex IT workflows.
- Flexible: You can orchestrate the entire application environment no matter where it’s deployed. You can also customize it based on your needs.
- Agentless: You don’t need to install any other software or firewall ports on the client systems you want to automate. You also don’t have to set up a separate management structure.
- Efficient: Because you don’t need to install any extra software, there’s more room for application resources on your server.
Ansible actually grew from 36% in 2018 to 41% in 2019, overtaking Chef which only grew from 36% to 37%, similar tools. Above shows the statistics from the year 2019 for Top Configuration Management tools.
Ansible With AWS -
From the beginning, Ansible has offered deep support for AWS. Ansible can be used to define, deploy, and manage a wide variety of AWS services. Even the most complicated of AWS environments can be easily described in Ansible playbooks. Once your AWS-based application environments are described with Ansible, you can deploy them again and again, easily scaling out to 100s or 1000s of instances across multiple regions, with the same results each and every time.
Ansible also has over 1,300+ additional modules to help you manage every aspect of your Linux, Windows, UNIX, network infrastructure, and applications - regardless of where they're deployed. With Ansible, one common language can be used to describe everything deployed in your cloud (and your enterprise).
Why Use Ansible For AWS?
Now that we’ve gone through the benefits of using a Cloud Platform like AWS and unique features of Ansible, let’s have a look at the magic created by integrating these two legends.
1. Cloud As Group Of Services
Cloud is not just a group of servers on someone else’s data center but much more than that. You’ll realize that once you’ve deployed your services on it. There are many services available that let you rapidly deploy and scale your applications. Ansible automation helps you manage your AWS environment like a group of services rather than using them as a group of servers.
2. Ansible Modules Supporting AWS
Ansible is used to define, deploy and manage a wide variety of services. Most complicated AWS environments can be provisioned very easily using a playbook. The best feature is, you create a server-host connection and then run the playbook on just one system and provision multiple other systems with an option to scale up and scale down as per requirement.
Ansible has hundreds of modules supporting AWS and some of them include:
- Autoscaling groups
- CloudFormation
- CloudTrail
- CloudWatch
- DynamoDB
- ElastiCache
- Elastic Cloud Compute (EC2)
- Identity Access Manager (IAM)
- Lambda
- Relational Database Service (RDS)
- Route53
- Security Groups
- Simple Storage Service (S3)
- Virtual Private Cloud (VPC)
- And many more
3. Dynamic Inventory
In a development environment, hosts keep spinning up and shutting down with diverse business requirements. In such a case, using static inventory might not be sufficient. Such situations call for using Dynamic Inventory. This lets you map hosts based on groups provided by inventory scripts, unlike normal inventory which forces you to map hosts manually which is very tedious.
4. Safe Automation
Assume that you have a team of 5 people and each of them has two subordinates under them who are not completely skilled. You wouldn’t want to give them complete access to the entire deployment process. That’s when you realize the need for restricting the authorization.
Ansible Tower delivers this feature to restrict authorizations. So basically, you chose who can do what, which makes it easier to moderate. Also, Ansible Tower encrypts credentials and other sensitive data and you only give the subordinates access to relevant resources while restricting their access to irrelevant ones.
Conclusion -
Ansible and AWS can work together and especially how well it integrates with Amazon's EC2. Ansible provides a great IT automation and orchestration tool for the cloud environment, and with so much portability in its command syntax, it’s easy to create either playbooks or out-of-the-box modules.
Thank You For Reading the Article !!
Learning Enthusiast let's Connect...
4 年Insightful...