Ansible: Introduction and case studies

✒ Introduction to Ansible

Ansible is an open-source automation tool, or platform, used for IT tasks such as configuration management, application deployment, intraservice orchestration, provisioning, network automation, and security automation. Automation is crucial these days, with IT environments that are too complex and often need to scale too quickly for system administrators and developers to keep up if they had to do everything manually.

✒ Why Ansible?

Ansible automates and simplifies repetitive, complex, and tedious operations. Everybody likes it because it brings huge time savings when we install packages or configure large numbers of servers.

Its architecture is simple and effective. It works by connecting to your nodes and pushing small programs to them. These programs make the system comply with a desired state, and, when they have finished their tasks, they are deleted.

Ansible works over SSH and doesn’t require any daemons, special servers, or libraries to work. A text editor and a command line tool are usually enough to get your work done.

✒ How Ansible works?

Ansible works by connecting to your nodes and pushing out small programs, called “Ansible modules” to them. These programs are written to be resource models of the desired state of the system. Ansible then executes these modules (over SSH by default), and removes them when finished.

It uses no agents and no additional custom security infrastructure, so it’s easy to deploy and most importantly, it uses a very simple language (YAML, in the form of Ansible Playbooks) that allow you to describe your automation jobs in a way that approaches plain English.

Ansible management node is the controlling node, which controls the entire execution of the Playbook. It’s the node from which you are running the installation, and the inventory file provides the list of the host where the modules need to be run. The management node makes ssh connection, and then it executes the modules on the host machines and installs the product. It removes the modules once they are installed. So that’s how ansible works.

✒ Advantages of Ansible

In my experience there are at least three advantages that make Ansible my favorite automation tool.

1. It is agentless. You do not need to install additional software on your server nodes. This helps keep the installation clean while ensuring that there are no conflicts with our software.
2. Playbooks are easy to read and edit. They are mostly written in YAML, and this is a great advantage when compared to other solutions, such as Puppet.
3. It is written in Python, a very popular programming language that is familiar to all engineers, making it easy to extend.

There is actually a 4th reason: it is open source. But this is a pretty common characteristic for this type of tool, so it is not a major differentiator.

When compared with similar tools, Ansible offers one more great benefit. It is declarative and not procedural. In simple terms, when using imperative language we have to specify 2 things: WHAT TO DO? and HOW TO DO? But Ansible is based on Declarative language in which we only have to tell or declare WHAT TO DO? This means that you write a description of the final state of the machine, and it takes all the necessary steps to fulfill that description. By working this way, playbooks can be applied several times and only necessary steps are applied, with no side effects.

✒ How Ansible is solving Industry Challenges?

Let’s have a look at how big organizations are using Ansible and solving challenges.

1. NASA

BUSINESS CHALLENGE:

NASA needed to move roughly 65 applications from a traditional hardware based data center to a cloud-based environment for better agility and cost savings. The rapid timeline resulted in many applications being migrated ‘as-is’ to a cloud environment. This created an environment spanning multiple virtual private clouds (VPCs) and AWS accounts that could not be easily managed. Even simple things, like ensuring every system administrator had access to every server, or simple patching, were extremely burdensome.

SOLUTION:

Leverage Ansible Tower to manage and schedule the cloud environment.

RESULT:

As a result of implementing Ansible Tower, NASA is better equipped to manage its AWS environment. Tower allowed NASA to provide better operations and security to its clients. It has also increased efficiency as a team. By the numbers:

• Updating nasa.gov went from over 1 hour to under 5 minutes.
• Patching updates went from a multi-day process to 45 minutes.
• Achieving near real-time RAM and disk monitoring (accomplished without agents).
• Provisioning OS Accounts across entire environment in under 10 minutes.
• Baselining standard AMIs went from 1 hour of manual configuration to becoming an invisible and seamless background process.
• Application stack set up from 1–2 hours to under 10 minutes per stack.

“Ansible Tower has allowed us to provide better operations and security to our clients. It has also increased our efficiency as a team.” - Nasa

2. NetApp

NetApp got its start way back in 1992, when using the internet meant dialing up and hearing beeps, crackles, and eeps. By tech company standards we’ve seen it all, and we’ve not only survived, we’ve thrived. That’s because we’ve kept our focus on one thing — the data. Continuously improving how it’s managed, stored, analyzed, protected, and moved.

Keeping up with the pace of business can bring several challenges; delivering infrastructure resources should not be one of them. When using Ansible on any NetApp platform, the provisioning of resources becomes simple, automated, and repeatable from day 1. You can automate time-consuming IT tasks and drive a collaborative culture to support DevOps initiatives.

With the addition of more than 60 new modules to the Ansible library, NetApp delivers the most robust integration with Ansible of any storage vendor on the market. With this extensive library of modules, Ansible users can easily develop and deploy playbooks to automate storage tasks without needing to learn the nuances of the specific NetApp product.

An Ansible Playbook is basically a definition of what your end environment should look like. On the other hand, an Ansible module takes care of HOW Ansible parses your desired state and relays it to the target environment. As an end-user, you will only need to be concerned with writing Playbooks in YAML.

The modules for the E-Series platform have been part of the official Ansible project for a few months. The ONTAP and Solid Fire modules are now part of the Ansible project as well.

3. HootSuite

HootSuite is a social media management system for businesses and organizations to collaboratively execute campaigns across multiple social networks from one secure, web-based dashboard. More than 75% of Fortune 1000 companies now use HootSuite for social media management, social marketing, social customer service, and social selling. Customers include PepsiCo, Virgin, FOX, Sony Music, and WWF.

THE PROBLEM:

The infrastructure is not scripted, repeatable or immutable. Rebuilding a server relies on limited documentation and mostly memory. Lack of repeatability made automating the infrastructure and application deployment difficult.

THE FIX:

They mostly use Ansible core at this time. They currently are applying Ansible to all of their servers, in order to build any server from scratch and repeat this as many times as one wants to. Their future plan is to use Ansible for app deployment, and maybe even ad hoc production server management.

BENEFITS ACHIEVED BY USING ANSIBLE:

• Ops and devs both feel safer, literally. Before they were always worried about ‘what if the server dies’. They aren’t worried about this anymore after all servers are properly ‘Ansiblized’.

• With the help of Vagrant we can test server builds locally as many times as we want until it works, instead of testing it on EC2 cloud which is remote and always slow.

• Ansible makes engineers more productive because lots of system libraries and packages are shared among different server types, and as we take advantage of Ansible’s ‘shared’ Playbook they don’t have to repeat the same lib/package install over and over again.

4. Lifesum

About Lifesum

Lifesum is a Stockholm-based digital health startup that off ers its users a fl exible platform to support and encourage a healthy, balanced lifestyle. Having already achieved over 6.5 million downloads across Europe, the Lifesum app is available on Android and iOS, and can be tailored by users and adapted to specifi c goals and aims, off ering guidance based on individual data. Lifesum’s vision is to make people healthier and happier by helping users to forge good habits on their journey towards a better lifestyle, as well as an improved overall quality of life.

What is your business challenge?

The Lifesum platform consists of applications for iOS, Android and web, and a joint backend API that supports them. The infrastructure is hosted on Amazon Web Services primarily using Ubuntu 12.04 LTS on application servers. We needed a simple and powerful tool for confi guration management, application deployment and server provisioning. Prior to this we used another tool and various bash scripts to manage app deployments and remote commands execution. It was defi nitely a big problem provisioning and managing multiple environments and the diff erences between them.

How is Lifesum using Ansible?

We started using Ansible in February 2014. Shortly aft er that every back-end and frontend engineer at Lifesum was using Ansible playbooks to automatically spin up virtual development machines with Vagrant. Our goal was to ensure that everyone had exactly the same working environment as we deploy our applications regularly. Three months later all our environments, from developer’s laptops to production instances on Amazon, were fully Ansible managed. We use AWS Auto Scaling and pre-bake Amazon AMI images with Ansible provisioning playbooks. When EC2 instances are launched by Auto Scaling, Ansible, triggered by cloud-init, runs provisioning playbooks, once again ensuring up to date confi guration changes are applied, and pulling the latest applications versions from repositories. Ansible has helped us to automate, signifi cantly simplify and speed up the process of dynamic resources scaling. We also make use of a limited set of tasks, from provisioning playbooks, to power one command application deployments. Ansible roles and playbooks are reused in various scenarios. Ansible has also aided us in ad-hoc remote commands, both across the whole infrastructure, and in specifi c environments, such as minor confi guration changes and services administration.

THANKS FOR READING !