Use Cases of Ansible

What is Ansible and how it works?

Ansible works by connecting to your nodes and pushing out small programs, called "Ansible modules" to them. Ansible then executes these modules (over SSH by default), and removes them when finished. Your library of modules can reside on any machine, and there are no servers, daemons, or databases required.

Several Use Cases of Ansible Today

1. Provisioning

Automate, manage and connect all stages of an application lifecycle

From traditional bare metal through to server less or function-as-a-service, automating the provisioning of any infrastructure is the first step in automating the operational life cycle of your applications. Ansible can provision the latest cloud platforms, virtualized hosts and hypervisors, network devices and bare-metal servers.

After bootstrapping, nodes can be connected to storage, added to a load balancer, security patched or any number of other operational tasks by separate teams. In essence Ansible becomes the connecting tool in any of your process pipelines – taking bare infrastructure right through to day to day management, automatically.

Provisioning with Ansible allows you to seamlessly transition into configuration management, orchestration and application deployment using the same simple, human readable, automation language.

2. Application Deployment

Deploying apps shouldn't be so hard

Ansible is the simplest way to deploy your applications. It gives you the power to deploy multi-tier applications reliably and consistently, all from one common framework. You can configure needed services as well as push application artifacts from one common system.

Rather than writing custom code to automate your systems, your team writes simple task descriptions that even the newest team member can understand on first read - saving not only up-front costs, but making it easier to react to change over time.

Power of the playbooks

REPEATABLE & RELIABLE

Ansible allows you to write 'Playbooks' that are descriptions of the desired state of your systems, which are usually kept in source control. Ansible then does the hard work of getting your systems to that state no matter what state they are currently in. Playbooks make your installations, upgrades and day-to-day management repeatable and reliable.

SIMPLE TO WRITE & MAINTAIN

Playbooks are simple to write and maintain. Most users become productive with Ansible after only a few hours. Ansible uses the same tools you likely already use on a daily basis and playbooks are written in a natural language so they are very easy to evolve and edit.

NO AGENT = MORE SECURE, MORE PERFORMANCE, LESS EFFORT

Thanks to its agentless design, Ansible can be introduced into your environment without any bootstrapping of remote systems or opening up additional ports. Not only does this eliminate "managing the management," but system resource utilization is also dramatically improved.

Zero downtime

As alluded to in the diagram above, Ansible can orchestrate zero downtime rolling updates trivially, ensuring you can update your applications in production without users noticing.

Super flexible

Downloading artifacts from servers and configuring the OS are just the basics. Talk to REST APIs, update a team chat server with a heads up, or send an email - Ansible can drive all kinds of workflows.

Cloud ready

Included modules manage not just the local computer system, but can interact with cloud services including Amazon AWS, Microsoft Azure, and more. And since all cloud APIs allow you to trivially inject SSH keys, you can start managing any cloud instance or network software without modifying the base image.

3. Configuration Management

Keep it simple

It's likely you currently manage your systems with a collection of scripts and ad-hoc practices curated by a talented team of administrators. Or perhaps you're using an automation framework that requires a bit too much of your time to maintain. Virtualization and cloud technology have increased the complexity and the number of systems to manage is only growing.

You need a consistent, reliable and secure way to manage the environment - but many solutions have gone way too far the other direction, actually adding complexity to an already complicated problem. You need a system that builds on existing concepts you already understand and doesn’t require a large team of developers to maintain.

Ansible makes IT automation accessible

Ansible is the simplest solution for configuration management available. It's designed to be minimal in nature, consistent, secure and highly reliable, with an extremely low learning curve for administrators, developers and IT managers.

Ansible configurations are simple data descriptions of your infrastructure (both human-readable and machine-parsable) - ensuring everyone on your team will be able to understand the meaning of each configuration task. New team members will be able to quickly dive in and make an impact. Existing team members can get work done faster - freeing up cycles to attend to more critical and strategic work instead of configuration management.

Ansible requires nothing more than a password or SSH key in order to start managing systems and can start managing them without installing any agent software, avoiding the problem of "managing the management" common in many automation systems. There's no more wondering why configuration management daemons are down, when to upgrade management agents, or when to patch security vulnerabilities in those agents.

Goal-oriented, not scripted

Ansible features an state-driven resource model that describes the desired state of computer systems and services, not the paths to get them to this state. No matter what state a system is in, Ansible understands how to transform it to the desired state (and also supports a "dry run" mode to preview needed changes). This allows reliable and repeatable IT infrastructure configuration, avoiding the potential failures from scripting and script-based solutions that describe explicit and often irreversible actions rather than the end goal.

Secure and agentless

Ansible relies on the most secure remote configuration management system available as its default transport layer: OpenSSH. OpenSSH is available for a wide variety of platforms, is very lightweight and when security issues in OpenSSH are discovered, they are patched quickly.

Further, Ansible does not require any remote agents. Ansible delivers all modules to remote systems and executes tasks, as needed, to enact the desired configuration. These modules run with user-supplied credentials, including support for sudo and even Kerberos and clean up after themselves when complete. Ansible does not require root login privileges, specific SSH keys, or dedicated users and respects the security model of the system under management.

As a result, Ansible has a very low attack surface area and is quite easy to deploy into new environments.

Some Major Integrations of Ansible with Other Tech Companies

Amazon

The Power of AWS Meets Ansible Simplicity

Using Ansible to automate your applications in AWS greatly increases the chances that your cloud initiative will be a success. The breadth of AWS capability enables IT organizations to dynamically provision entire workloads like never before. To harness this power, IT organizations must effectively answer:

• How can we control cloud deployments?
• How does devops work in the cloud?
• Will my deployments be secure?
• How can we migrate existing apps to the cloud?

The answer? Automate with Ansible.

Manage Cloud Like Cloud with Ansible

When you deploy an application into AWS, you will soon realize that the cloud is much more than a collection of servers in someone else's data center. You now have a fleet of services available to you to rapidly deploy and scale applications. However, if you continue to manage AWS like just a group of servers, you won’t see the full benefit of your migration to the cloud. Ansible automation can help you manage your AWS environment like a fleet of services instead of a collection of servers.

Ansible & AWS: Batteries included

From the beginning, Ansible has offered deep support for AWS. Ansible can be used to define, deploy, and manage a wide variety of AWS services. Even the most complicated of AWS environments can be easily described in Ansible playbooks. Once your AWS-based application environments are described with Ansible, you can deploy them again and again, easily scaling out to 100s or 1000s of instances across multiple regions, with the same results each and every time.

Out of the box, Ansible has nearly 100+ modules supporting AWS Compatibilities, including:

AMI Management

Autoscaling Groups

CloudFormation

CloudTrail

CloudWatch

DynamoDB

ElastiCache

Elastic Block Store (EBS)

Elastic Cloud Compute (EC2)

Elastic IPs (EIP)

Elastic Load Balancers (ELB)

Identity Access Manager (IAM)

Kinesis

Lambda

Relational Database Service

Route53

Security Groups

Security Token Service

Simple Storage Service (S3)

Virtual Private Cloud (VPC)

Ansible also has over 1,300+ modules to help you manage every aspect of your Linux, Windows, UNIX, network infrastructure, and applications - regardless of where they're deployed. With Ansible, one common language can be used to describe everything deployed in your cloud (and your enterprise).

Control Cloud Sprawl with Dynamic Inventory

Now that you have deployed applications into the cloud, how do you keep track of what you have? Keeping accurate track of deployed infrastructure is a critical part of ensuring security policies are always followed and systems are properly managed through their lifecycles. You don’t want to be paying for services you don’t need.

With Red Hat? Ansible? Tower's cloud inventory synchronization, you can know exactly what AWS instances you have no matter how they were launched. Simply enter your AWS credentials and your entire AWS infrastructure can be made available as resources to use in your Ansible automation jobs.

Safely Automating at the Speed of Business

When you only had one or two engineers working in AWS, everything seemed easy. Now that you’ve got ten or more, you need controls in place that restrict users’ ability to modify certain environments. Ansible Tower delivers with its extensive set of role-based access controls that ensures users will only have access to the AWS resources (networks, systems, security groups, etc.) that they require for their job. Plus, Ansible Tower encrypts credentials such as AWS and SSH keys so that you can delegate simple automation jobs to junior employees without giving out the keys.

Migrations Made Easy

Your CIO just mandated that you have to migrate dozens of workloads to AWS. With Ansible, you can use the same simple playbook language to manage your infrastructure and deploy your application. Use Ansible to define your application locally. Once you can repeatedly deploy that application locally, re-deploying it to a different infrastructure is as straightforward as defining your AWS environment, and then applying your application’s playbook. No more surprises.

Juniper

Juniper Networks is an industry leader in network innovation. Juniper creates innovative technologies that help customers connect their ideas, compete and thrive in an ever-changing world.

Integrated Solution

The combination of Ansible and Juniper’s automation and orchestration tools bring together the knowledge and expertise of experienced IT solutions developers, operators, and administrators across organizations.

The joint solution addresses the most common applications of automation and orchestration in the management and provisioning of IT resources, including:

• Configuration automation
• Test-driven networking
• Continuous compliance

The joint solution includes Ansible Modules developed specifically for Juniper Networks Junos OS.

*************************THANKS FOR READING*************************