Ansible Introduction And Case Study

Ansible is simple open source IT engine which automates application deployment, intra service orchestration, cloud provisioning and many other IT tools.

Ansible is easy to deploy because it does not use any agents or custom security infrastructure.

Ansible uses playbook to describe automation jobs, and playbook uses very simple language i.e. YAML (It’s a human-readable data serialization language & is commonly used for configuration files, but could be used in many applications where data is being stored)which is very easy for humans to understand, read and write. Hence the advantage is that even the IT infrastructure support guys can read and understand the playbook and debug if needed (YAML – It is in human readable form).

Ansible is designed for multi-tier deployment. Ansible does not manage one system at time, it models IT infrastructure by describing all of your systems are interrelated. Ansible is completely agentless which means Ansible works by connecting your nodes through ssh(by default). But if you want other method for connection like Kerberos, Ansible gives that option to you.

After connecting to your nodes, Ansible pushes small programs called as “Ansible Modules”. Ansible runs that modules on your nodes and removes them when finished. Ansible manages your inventory in simple text files (These are the hosts file). Ansible uses the hosts file where one can group the hosts and can control the actions on a specific group in the playbooks.

What is Configuration Management?

Configuration management in terms of Ansible means that it maintains configuration of the product performance by keeping a record and updating detailed information which describes an enterprise’s hardware and software.

Such information typically includes the exact versions and updates that have been applied to installed software packages and the locations and network addresses of hardware devices. For e.g. If you want to install the new version of WebLogic/WebSphere server on all of the machines present in your enterprise, it is not feasible for you to manually go and update each and every machine.

You can install WebLogic/WebSphere in one go on all of your machines with Ansible playbooks and inventory written in the most simple way. All you have to do is list out the IP addresses of your nodes in the inventory and write a playbook to install WebLogic/WebSphere. Run the playbook from your control machine & it will be installed on all your nodes.

Advantages of Ansible:

• Free: Ansible is an open-source tool.
• Very simple to set up and use: No special coding skills are necessary to use Ansible’s playbooks (more on playbooks later).
• Powerful: Ansible lets you model even highly complex IT workflows. 
• Flexible: You can orchestrate the entire application environment no matter where it’s deployed. You can also customize it based on your needs.
• Agentless: You don’t need to install any other software or firewall ports on the client systems you want to automate. You also don’t have to set up a separate management structure.
• Efficient: Because you don’t need to install any extra software, there’s more room for application resources on your server.

How Ansible Works?

Ansible works by connecting to your nodes and pushing out small programs, called "Ansible modules" to them. Ansible then executes these modules (over SSH by default), and removes them when finished. Your library of modules can reside on any machine, and there are no servers, daemons, or databases required.

The management node in the above picture is the controlling node (managing node) which controls the entire execution of the playbook. It’s the node from which you are running the installation. The inventory file provides the list of hosts where the Ansible modules needs to be run and the management node does a SSH connection and executes the small modules on the hosts machine and installs the product/software.

Case Study:

Binck (BinckBank) Ansible Case Study

About BinckBank:

BinckBank is an online bank for investors based in Amsterdam and is ranked among the top five investment banks in Europe and the market leader in the Netherlands and Belgium. BinckBank has more than 760,000 accounts with offices in the Netherlands, Belgium, France and Italy and 590 employees.

What is your business challenge?

Our problem was complexity in the datacenter. We wanted automation but we also wanted simplicity and to not have to send people to training in order to use the product. I’ve been dabbling with Ansible since before version 1.0. I remember showing my staff how we can roll out new users—20, 30 at a time within 10 minutes. They could understand what I was creating as a line of text—it is so easy to read it can be considered its own documentation.

How is BinckBank using Ansible?

We have 600 UNIX servers in house. We have a lot of specialty environments that we need to create while at the same time managing our production environment. Ansible is quite fun to use right away—as soon as you write five lines of code it works. SSH makes it all so easy because it is text-based, making it really powerful when combined with Ansible. With SSH and Ansible I can send commands to 500 servers without having even used the servers before.

We are experimenting with monitoring networks. We use NAGIOS. NAGIOS is an example of a technology doing something extremely well—monitoring networks—while leaving the fixing to Ansible. NAGIOS can see a server is busy in the middle of the night, send a message to Cobbler to create a few more servers on a virtual platform and then start Ansible to make servers into web servers, enhancing the capability of your website with more servers. You can literally wake up to more sales this way. Ansible is the glue that connects monitoring, scripting and server installation. Ansible glues it all together and now you have a self-healing network. You can link to NAGIOS so Ansible can check way more than what you can script. The whole fun of Unix is that the output of one command is the input for another.

What technology or products did you use in the past to solve this problem, if any?

In the past we did our own scripting for menial tasks over a lot of late nights of pizza that I am glad have come to an end. Ansible proves itself so fast we didn’t consider other automation products like Puppet or Chef at all—which are not meant to be easy to use. Before I found Ansible my options were Puppet, Chef and CFEngine but then someone tweeted me about Ansible saying that if you can’t figure out in 10 minutes how to use it you should not be in IT. With Ansible we do not have to install on the server and we can do what we want without disrupting anything—it will just stop executing demands.

What are your results with Ansible?

From an IT standpoint I can show other people that if we install a production and testing environment with Ansible it will be done right. Unless you do the work by hand there is always the question—did you install correctly? With Ansible you can be assured without a shadow of a doubt that an installation is correct. Ansible makes it easier to trust my own work and my servers’ work. Ansible gives me peace of mind on a much bigger scale.

What are your plans to grow your Ansible usage moving forward?

We are completely focused on automating as much as possible in our datacenter and going beyond Unix to create more stuff for more people to do be able to do more. Now it is just managing and band-aids but we will take that part of out of the equation. Who knows what we can come up?

Recently I purchased a license for Ansible Tower. I would like to give non-technical users access to it and open up the technical side to people who have no idea what I am talking about. With Tower, my Linux guys can access our templates without having to do any coding. Tower opens up Ansible to the rest of company.

Certain parts of BINCK are really complex. Imagine using a sophisticated IT automation solution and then leaving. You have to do some archeology to find out what is going on with those servers. With Ansible they can read playbooks and know that whatever they read is what they are using.

Ansible is a tool in my toolbox that I can use throughout my life. For example, I could walk into an enterprise environment I am unfamiliar with—fix something right away and walk out.

Thanks For Reading!!