Ansible "one tool to control all" | Infrastructure as a code

Before I start explaining details about Ansible and Infrastructure as a code, let’s revisit software development cycle and why we need configuration tools or DevOps tools in our development cycle. We are all familiar with the list of software development models such as Waterfall, V-Model, Prototyping, Spiral, Iterative, Agile etc. However, the most famous among these models is Agile Model. Agile Methodology is a combination of incremental and iterative process models, in fact, it focuses more on user story and delivers the product rather than documentation. The whole process is divided into a set of tasks and testing which is derived at each iteration of a scrum which also known as sprint. Sprint backlog defines team work and progress.

Anyway, I believe you are familiar with these software development models and issues being faced during deployment. Deployment is the major headache after agile. So, here DevOps comes into picture to run the project in CICD (continues integration and continues development) mode with automation; now what if we have a fleet of servers to handle and due to agile method, the developer rapidly updates new versions which is really hard to manage for sysadmin. 

Now solution for this problem is to mange our fleet of servers with a configuration tool such as Ansible, Chef or Puppet. These DevOps tools help to manage your fleet to march with agile side by side. 

Choosing a configuration tool is like choosing a Pokemon from your pocket!Well, jokes aside, the point is to choose the one which you believe is more flexible, secure and achieves sure shot win. Ansible is my personal favourite because it doesn’t require any agent at client side to manage and we manage all systems from one machine by scripting its playbook.

Ok, let me get more honest. I never tried other configuration tools over Ansible. I had tried to use my Infrastructure as a code in Chef cookbook but I was so reluctant to install its agents in all existing and new servers. So basically, because of my laziness I have always chosen Ansible playbook as my Infrastructure as a code. It doesn’t mean that other tools like Chef and Puppet are not good. Just the thing is, I have never used them. I might learn them if the future offers me, though.

Let me explain more about Ansible. Why do we need Ansible? What is its role in DevOps?

In simple words, Ansible is an open-source configuration management tool which is responsible for Deployment and Orchestration of complex multi-tier applications to provide more edge on wide variety of automation challenges.

Now the next question is why we need Ansible. So, let's go with a scenario of primitive method - You have a fleet of servers and first you need to perform all system admin related stuff like networking, deploying services, managing server reliably, tweaking configuration and monitor services on individual servers. Gradually, your software development seems to get more pace and your data centre also grows.

 Now soon you realised that managing system manually is not possible. Moreover, it creates an obstruction in the pace of developers' work since the developers use the agile method and release the software rapidly; but the deployment team was spending more time in configuring the servers. To overcome such situation we need a configuration tool to manage our server from one single controller.

 Just like Lord of the rings' “one ring to rule all” our case will be “one tool to control all”!!!

Before I go further, let me familiarise you with some of its key components:

• Controller Machine: Master machine where Ansible is installed, responsible for Orchestration and provisioning of client servers.
• Inventory: Basic information about the client-server which the Ansible is going to manage.
• Playbook: Playbook is YAML file which is used to define tasks and modules you want to provision and automate.
• Task: The area where you define your package or service you need to execute. For example, Install Nginx package on web servers.
• Module: A module typically abstracts a system task, such as dealing with packages or creating and changing files. Ansible has an assembly of built-in modules, but one can also create the custom ones.
• Role: A predefined way for organizing playbooks and other files in order to facilitate sharing and reusing portions of provisioning.
• Play: A provisioning executed from start to finish is called a play. In simple words, execution of a playbook is called a play.
• Facts: Global variables containing information about the system, like network interfaces or operating system.
• Handlers: Used to trigger service status changes, like restarting or stopping a service.

Let me show a simple example playbook to configure a load balancer, web server and database in 3-tier architecture.

For load balancer

---

- hosts: load balancer

  become: true

  tasks:

   - name: install nginx

    apt: name=nginx state=present update_cache=yes

   - name: ensure nginx started

    service: name=nginx state=started enabled=yes

For web servers

---

- hosts: webserver

  become: true

  tasks:

   - name: install web components

    apt: name={{item}} state=present update_cache=yes # {{}} use to iteration in yml using jinja

    with_items:

     - apache2

     - libapache2-mod-wsgi

     - python-pip

     - python-virtualenv

For Database server 

---

- hosts: database

  become: true

  tasks:

   - name: install mysql-server

    apt: name=mysql-server state=present update_cache=yes

- name: ensure mysql started

    service: name=mysql state=started enabled=yes

In above example, “- - -” is the starting of yaml file, “- hosts” is the servers you targeting which is declared in inventory file, “become” where tells Ansible to acquire root privilege on client server, “tasks:” where you define to execute set or packages and services. 

Please read the following document to know more about playbook and its modules. 

https://docs.ansible.com/ansible/latest/user_guide/playbooks_intro.html#about-playbooks

Advantages of Ansible over its competitors:

 - It's a agent-less architecture (unlike Chef or Puppet)

 - Ansible access its client machine using SSH. So no custom security required.

 - Using YML format is helpful in Ansible as well as Docker compose, so it is easy to use. 

 - Ansible has a wide variety of in-built modules. In case if anything is missing, I can still use that by using shell script and import that script in Ansible simply using “- include ” or “ - script ” modules.

 - Easy interaction with client machine with playbacks or command line tools. 

 - Easy to create Infrastructure as a code.

Ansible provides a great IT automation and orchestration tool for the Cloud environment, and with so much portability in its command syntax, it is easy to create either playbooks or out-of-the-box modules.

**** import note: Ansible needs Python (at least of 2.7 version) in all master and client machines, as it uses python module to operate. 

To learn more about Ansible, please visit: https://docs.ansible.com/ and do not hesitate to ask any doubt as I will be happy to help.

To know installion of openstake with kolla-anisble please visit : https://www.dhirubhai.net/pulse/tailor-your-own-openstackiaas-on-premises-bibin-skaria/