ANSIBLE
Whether we are building an application or running complex infrastructure for a large corporation, we’ll eventually encounter tasks that need to be successfully repeated again and again. Many Linux/Unix admins had to turn to different tools to automate their configurations (Puppet, Chef, etc), still different tools to deploy their software (Fabric, Capistrano, etc), and yet other tools to run one-off tasks (Func, mcollective, etc) on all of their different machines. Further, nobody really seemed to handle multi-node deployment very well, and in the age of cloud and large web infrastructures, that’s one of the most interesting problems to solve.
And that’s where ansible comes into play!!
o Ansible is an open source infrastructure automation tool backed by Red Hat since 2015, which gives you the ability to control and configure multiple servers from one single location.
o It is a Simple, agentless, idempotent IT automation tool that anyone can use.
o Ansible is a declarative tool for configuration management.
- So, instead of having to go into each server and manually configuring them we can automate all of our tasks. For example ,if we have to configure apache web server, it will involve few steps and that would be :
1) Installation of the software
2) Putting webpages in folder /var/www/html
3) Start the services
- You can configure all those steps once in ansible and then we can run them countless times in exactly the same way.
BENEFITS:
1) Reduces human error: Once steps are configured, the system will run the same way, thus reducing the potential of human error.
2) Scales quickly for demand: Let’s you scale quickly to handle demands
3)Automates application Deployment : Automated deployment is a form of deployment where the defined steps for shipping code from a development environment to staging/production environment is a one-step procedure and fully or partially automated and all these are possible using ansible.
4) Free: Ansible is an open-source tool.
5) Very simple to set up and use: No special coding skills are necessary to use Ansible’s playbooks. In Ansible ,minimal learning is required. Playbooks use an easy and descriptive language based on YAML and Jinja templates. YAML (Yet another markup language) is a very easy language like simple plain English with ‘key-value’ pair concept.
6)Powerful: Ansible lets you model even highly complex IT workflows.
7)Flexible: You can orchestrate the entire application environment no matter where it is.
8)Agentless: You don’t need to install any other software or firewall ports on the client systems you want to automate. You also don’t have to set up a separate management structure.
9)Efficient: Because you don’t need to install any extra software, there’s more room for application resources on your server.
What makes Ansible so interesting?
- There are several different things that make it unique. First off, Ansible just works over SSH. It doesn’t require any software to be installed on the machines you are managing with it; it is entirely self-bootstrapping for remote machines. There are no databases, no backend services, and there’s only one configuration file on the control machine, which is just a list of managed hosts. You can point at some hosts that use SSH and immediately start managing them, because it will push modules out to them automatically. It’s really simple. Having no daemons should make it great for consultants and places where a new daemon with custom PKI infrastructure or crypto would require a major security audit…..
- Ansible is designed from the ground up for multi-node deployment operations, where you are trying to orchestrate a rollout of software in a multi-tier environment. Playbooks can target different sets of hosts in each play, and a playbook can contain more than one play. Because Ansible is push-based, it can easily represent these things, and the Playbook language helps because it’s really easy to see what’s going on in a very small number of files.
There’s a LOT more that you can do with ansible, including:
- Take machines in and out of load balancers and monitoring windows
- Have one server know the IP address of all the others using facts gathered about those particular servers — and use those to dynamically build out configuration files
- Set some variables and prompt for others, and set defaults for when they are not set
- Use the result of one command to decide whether to run another.
- Create iaas compute instances, object stores, or ephemeral resources.
- Provision virtual machines
- Create storage allocations
- Set firewall rules
- Configure highly available load balancers
- Create vlans
- Deploy container orchestration resources
- Create databases
ANSIBLE CAN DO THAT WHAT? AGAIN? NO WAY!!………………………
- Provisioning support for many iaas providers
- Amazon Web Services
- Apache cloudstack
- Centurylink Cloud
- Cloudscale
- Digital Ocean
- dimensiondata
- Google Cloud
- Linode
- Microsoft Azure
- openstack
- OVH
- Packet
- Profitbricks
- Rackspace Public Cloud
- Softlayer
- webfaction Datacenter and Virtualization
- Atomic Host
- libvirt resource management
- Joyent smartos Virt
- ovirt
- Red Hat Virtualization
- vmware (vsphere/esxi)
- Univention
OMG, THIS LIST JUST KEEPS GOING………🙃
- Networking
- A10 Networks
- Apstra AOS
- Arista EOS and Cloudvision
- Aruba
- Avi Networks
- bigswitch
- Cisco (ASA, ACI, IOS/IOS-XR, NX-OS, WLC)
- Cumulus Networks (Cumulus Linux)
- Dell EMC (OS6, OS9, and OS10)
- F5 bigip
- Fortios Firewall
- Huawei Cloudengine
- junos
- Lenovo CNOS
- Netscaler
- Netvisor
- Open vswitch
- Ordnance
- Palo Alto Networks PAN-OS
- Nokia SR OS
- vyos Databases
- influxdb
- Redis
- Riak
- MS-SQL
- mysql
- Postgresql
- Vertica
SERIOUSLY? MORE STUFF??????😱
- Infrastructure, Web, Clustering and Cloud
- Apache HTTPD (module and mod_proxy management)
- Atomic Host
- Consul
- Django Management
- ejabberd
- htpasswd
- HP ilo
- jboss
- Jenkins (Jobs, Plugin, and Jenkinsfile management) Jira
- Kubernetes
- Letsencrypt
- manageiq
- openshift
- Pacemaker
- Supervisord
- zookeeper Storage
- AIX LVM
- Gluster Volume
- Infinidat
- LVM2
- netapp
- Purestorage
-ZFS
✔Ansible includes hundreds of modules to support a wide variety of IT integrations, including:
“We chose Ansible as our first orchestration solution for its simplicity combined with power.”
-Jim Kleckner , VP Operations , Cloud Physics
We can sum up experience of AWS after implementing ansible by their statement as :
“Ansible automation can help you manage your AWS environment like a fleet of services instead of a collection of servers. Even the most complicated of AWS environments can be easily described in Ansible playbooks. Once your AWS-based application environments are described with Ansible, you can deploy them again and again, easily scaling out to 100s or 1000s of instances across multiple regions, with the same results each and every time.”
· Configuration systems play an important role in cloud management and automation and Ansible is a declarative tool for configuration management.
· Ansible also has over 1300+ additional modules to help you manage every aspect of your Linux, Windows, UNIX, network infrastructure, and applications — regardless of where they’re deployed. With Ansible, one common language can be used to describe everything deployed in your cloud (and your enterprise).
✔Ansible is used by thousands of organizations globally to help them automate IT tasks, such as configuration management, provisioning, workflow orchestration, application deployment and life cycle management.
- Ansible is easy to adopt across the entire enterprise — from networks, servers, security and compliance to cloud, infrastructure, and DevOps and CI/CD — all of which can benefit from the power of Ansible Automation.
1) CONFIGURATION MANAGEMENT
- A configuration management system like Ansible is made up of several components. The systems that are managed can include servers, storage, networking, and software. These are the targets of the configuration management system. The goal is to maintain these systems in known, determined states. Another aspect of a configuration management system is the description of the desired state for the system. The third major aspect of a configuration management system is automation software, which is responsible for making sure that the target systems and software are maintained in the desired state.
- Using Ansible significantly reduces configuration time and day 0 deployments. Ansible’s agentless and easy-to-learn approach to configuration management makes it a favorite of IT admins.
2) PROVISIONING
- Provisioning is the first step in an application’s deployment process. In a cloud environment, software can be run from a Docker container, virtual machine or bare metal, and Ansible can be used for provisioning such systems. Ansible can provision and manage the storage in your infrastructure. From software-defined storage, cloud based storage, or even hardware storage appliances, you can find a module to leverage Ansible’s common, powerful language.
3) WORKFLOW ORCHESTRATION
- Orchestration is about bringing together disparate things into a coherent whole. Orchestration is not just the simple blasting out of commands, or the ordering of what system runs a tool before another, but the definition of a flowchart. Ansible’s clear syntax and task-based nature makes orchestrating these tasks easy.
4) APPLICATION DEPLOYMENT
- Ansible is the simplest way to deploy your applications. It gives you the power to deploy multi-tier applications reliably and consistently, all from one common framework. You can configure needed services as well as push application artifacts from one common system. Rather than writing custom code to automate your systems, your team writes simple task descriptions that even the newest team member can understand on first read — saving not only up-front costs, but making it easier to react to change over time.
5)LIFE CYCLE MANAGEMENT.
- Ansible can orchestrate both simple and complex lifecycle management. Ansible seamlessly unites workflow orchestration with configuration management, provisioning, and application deployment in one easy-to-use and deploy platform.
6)CONTINUOUS DELIVERY
- Creating a CI/CD pipeline requires buy-in from numerous teams. You can’t do it without a simple automation platform that everyone in your organization can use. Ansible Playbooks keep your applications properly deployed (and managed) throughout their entire lifecycle.
- One common way to use Ansible is by calling it from a continuous integration (CI) system upon a successful application build:
1) The CI asks Ansible to run a playbook that deploys a staging environment with the application.
2) When the stage tests pass, it might then be asked to run a production deployment.
3) Ansible can check out your artifacts from version control on each machine, or pull artifacts from the CI server, or from a package mirror.
7) SECURITY AUTOMATION
- The need to respond to security attacks manually is daunting. With Red Hat Ansible Automation Platform you can automate and integrate different security solutions that can investigate and respond to threats across the enterprise in a coordinated, unified way using a curated collection of modules, roles and playbooks.
https://www.ansible.com/integrations/cloud/amazon-web-services
