How industries are solving challenges using Ansible.

ARTH - Task 11 👨🏻‍💻

Task Description📄

🔰 11.2 Create a Article, blog or Video on how industries are solving challenges using Ansible.

Lets first know about some concepts of Ansible.

What is Ansible?

📝Ansible is an open-source automation tool, or platform, used for IT tasks such as configuration management, application deployment, intracervical orchestration, and provisioning. Automation is crucial these days, with IT environments that are too complex and often need to scale too quickly for system administrators and developers to keep up if they had to do everything manually. Automation simplifies complex tasks, not just making developers’ jobs more manageable but allowing them to focus attention on other tasks that add value to an organization. In other words, it frees up time and increases efficiency. And Ansible, as noted above, is rapidly rising to the top in the world of automation tools. Let’s look at some of the reasons for Ansible’s popularity.

Why Do We Need Ansible?

📝Well before I tell you what is Ansible, it is of utmost importance to understand the problems that were faced before Ansible. 

Let us take a little flashback to the beginning of networked computing when deploying and managing servers reliably and efficiently has been a challenge. Previously, system administrators managed servers by hand, installing software, changing configurations, and administering services on individual servers.

As data centers grew, and hosted applications became more complex, administrators realized they couldn’t scale their manual systems management as fast as the applications they were enabling. It also hampered the velocity of the work of the developers since the development team was agile and releasing software frequently, but IT operations were spending more time configuring the systems. That’s why server provisioning and configuration management tools came to flourish.

Consider the tedious routine of administering a server fleet. We always need to keep updating, pushing changes, copying files on them etc. These tasks make things very complicated and time consuming.

But let me tell you that there is a solution to the above stated problem. The solution is – Ansible.

But before I go ahead to explain you all about Ansible, let me get you familiarized with few Ansible terminologies:

📝Ansible Terminologies:

• Controller Machine: The machine where Ansible is installed, responsible for running the provisioning on the servers you are managing.
• Inventory: An initialization file that contains information about the servers you are managing.
• Playbook: The entry point for Ansible provisioning, where the automation is defined through tasks using YAML format.
• Task: A block that defines a single procedure to be executed, e.g. Install a package.
• Module: A module typically abstracts a system task, like dealing with packages or creating and changing files. Ansible has a multitude of built-in modules, but you can also create custom ones.
• Role: A pre-defined way for organizing playbooks and other files in order to facilitate sharing and reusing portions of a provisioning.
• Play: A provisioning executed from start to finish is called a play. In simple words, execution of a playbook is called a play.
• Facts: Global variables containing information about the system, like network interfaces or operating system.
• Handlers: Used to trigger service status changes, like restarting or stopping a service.

Ansible is a helpful tool that allows you to create groups of machines, describe how these machines should be configured or what actions should be taken on them. Ansible issues all commands from a central location to perform these tasks.

No other client software is installed on the node machines. It uses SSH to connect to the nodes. Ansible only needs to be installed on the control machine (the machine from which you will be running commands) which can even be your laptop. It is a simple solution to a complicated problem. 

What is Ansible Architecture?

📝Ansible architecture is fairly straightforward. Refer to the diagram below to understand the Ansible architecture:

As you can see, in the diagram above, the Ansible automation engine has a direct interaction with the users who write playbooks to execute the Ansible Automation engine. It also interacts with cloud services and Configuration Management Database (CMDB).

The Ansible Automation engine consists of:

• Inventories: Ansible inventories are lists of hosts (nodes) along with their IP addresses, servers, databases etc. which needs to be managed. Ansible then takes action via a transport – SSH for UNIX, Linux or Networking devices and WinRM for Windows system. 
• APIs: APIs in Ansible are used as transport for Cloud services, public or private.
• Modules: Modules are executed directly on remote hosts through playbooks. The modules can control system resources, like services, packages, or files (anything really), or execute system commands. Modules do it by acting on system files, installing packages or making API calls to the service network. There are over 450 Ansible-provided modules that automate nearly every part of your environment. For e.g.
• Cloud Modules like cloudformation which creates or deletes an AWS cloud formation stack;
• Database modules like mssql_db which removes MYSQL databases from remote hosts.
• Plugins: Plugins allows to execute Ansible tasks as a job build step. Plugins are pieces of code that augment Ansible’s core functionality. Ansible ships with a number of handy plugins, and you can easily write your own. For example, 
• Action plugins are front ends to modules and can execute tasks on the controller before calling the modules themselves. 
• Cache plugins are used to keep a cache of ‘facts’ to avoid costly fact-gathering operations. 
• Callback plugins enable you to hook into Ansible events for display or logging purposes.

There are a few more components in Ansible Architecture which are explained below:

• Networking: Ansible can also be used to automate different networks. Ansible uses the same simple, powerful, and the agentless automation framework IT operations and development are already using. It uses a data model (a playbook or role) that is separate from the Ansible automation engine that easily spans different network hardware.
• Hosts: The hosts in the Ansible architecture are just node systems which are getting automated by Ansible. It can be any kind of machine – Windows, Linux, RedHat etc.
• Playbooks: Playbooks are simple files written in YAML format which describes the tasks to be executed by Ansible. Playbooks can declare configurations, but they can also orchestrate the steps of any manual ordered process, even if it contains jump statements. They can launch tasks synchronously or asynchronously.
• CMDB : It is a repository that acts as a data warehouse for IT installations. It holds data relating to a collection of IT assets (commonly referred to as configuration items (CI)), as well as to describe relationships between such assets.
• Cloud: It is a network of remote servers hosted on the Internet to store, manage, and process data, rather than a local server. You can launch your resources and instances on cloud and connect to your servers.

Ansible’s Features and Capabilities:

1. Configuration Management: Ansible is designed to be very simple, reliable, and consistent for configuration management. If you’re already in IT, you can get up and running with it very quickly. Ansible configurations are simple data descriptions of infrastructure and are both readable by humans and parsable by machines. All you need to start managing systems is a password or an SSH (Secure Socket Shell, a network protocol) key. An example of how easy Ansible makes configuration management: If you want to install an updated version of a specific type of software on all the machines in your enterprise, all you have to do is write out all the IP addresses of the nodes (also called remote hosts) and write an Ansible playbook to install it on all the nodes, then run the playbook from your control machine.

2. Application Deployment: Ansible lets you quickly and easily deploy multitier apps. You won’t need to write custom code to automate your systems; you list the tasks required to be done by writing a playbook, and Ansible will figure out how to get your systems to the state you want them to be in. In other words, you won’t have to configure the applications on every machine manually. When you run a playbook from your control machine, Ansible uses SSH to communicate with the remote hosts and run all the commands (tasks).

3. Orchestration: As the name suggests, orchestration involves bringing different elements into a beautifully run whole operation—similar to the way a musical conductor brings the notes produced by all the different instruments into a cohesive artistic work. For example, with application deployment, you need to manage not just the front-end and backend services but the databases, networks, storage, and so on. You also need to make sure that all the tasks are handled in the proper order. Ansible uses automated workflows, provisioning, and more to make orchestrating tasks easy. And once you’ve defined your infrastructure using the Ansible playbooks, you can use that same orchestration wherever you need to, thanks to the portability of Ansible playbooks.

4. Security and Compliance: As with application deployment, sitewide security policies (such as firewall rules or locking down users) can be implemented along with other automated processes. If you configure the security details on the control machine and run the associated playbook, all the remote hosts will automatically be updated with those details. That means you won’t need to monitor each machine for security compliance continually manually. And for extra security, an admin’s user ID and password aren’t retrievable in plain text on Ansible.

5. Cloud Provisioning: The first step in automating your applications’ life cycle is automating the provisioning of your infrastructure. With Ansible, you can provision cloud platforms, virtualized hosts, network devices, and bare-metal servers.

Advantages Of Ansible:

• Free: Ansible is an open-source tool.
• Very simple to set up and use: No special coding skills are necessary to use Ansible’s playbooks (more on playbooks later).
• Powerful: Ansible lets you model even highly complex IT workflows. 
• Flexible: You can orchestrate the entire application environment no matter where it’s deployed. You can also customize it based on your needs.
• Agentless: You don’t need to install any other software or firewall ports on the client systems you want to automate. You also don’t have to set up a separate management structure.
• Efficient: Because you don’t need to install any extra software, there’s more room for application resources on your server.

What is Ansible in DevOps?

📝In DevOps, as we know development and operations work is integrated. This integration is very important for modern test-driven application design. Hence, Ansible integrates this by providing a stable environment to both development and operations resulting in smooth orchestration. Refer to the image below to see how Ansible fits into DevOps:

Let us discuss now how Ansible manages the entire DevOps infrastructure. When developers begin to think of infrastructure as part of their application i.e as Infrastructure as code (IaC), stability and performance become normative. Infrastructure as Code is the process of managing and provisioning computing infrastructure (processes, bare-metal servers, virtual servers, etc.) and their configuration through machine-processable definition files, rather than physical hardware configuration or the use of interactive configuration tools. This is where Ansible automation plays a major role and stands out among its peers.

In DevOps, Sysadmins work tightly with developers, development velocity is improved, and more time is spent doing activities like performance tuning, experimenting, and getting things done, and less time is spent fixing problems. Refer to the diagram below to understand how the tasks of sysadmins and other users are simplified by Ansible. 

At this point you know how beneficial using Ansible is. So, now let us see a real life example of how NASA has benefited through Ansible.

Ansible Case Study – A Real Life Usage by NASA :

Let us consider the business challenge that was faced by NASA. 

📝NASA needed to move 65 applications from a traditional hardware based data center to a cloud-based environment for better agility and cost savings. The rapid timeline resulted in many applications being migrated ‘as it is’ to a cloud environment. This created an environment which spanned multiple virtual private clouds (VPCs) and AWS accounts that could not be managed easily. Even simple things, like ensuring every system administrator had access to every server, or simple security patching, were extremely cumbersome. 

The solution was to leverage Ansible Tower to manage and schedule the cloud environment.

Hence, to solve the problems that NASA had with lack of centralized management and a diverse environment, they evaluated multiple solutions and decided on an implementation of Ansible Tower. NASA is now leveraging Ansible Tower to manage their environment in a very organized and scheduled way.

How NASA is using Ansible:

📝Ansible Tower provided with a dashboard which provided the status summary of all hosts and jobs which allowed NASA to group all contents and manage access permissions across different departments. It also helped to split up the organization by associating content and control permission for groups as well.

Ansible Tower is a web-based interface for managing Ansible. One of the top items in Ansible users’ wishlists was an easy-to-use UI for managing quick deployments and monitoring one’s configurations. Ansible management came up with Ansible Tower in response.

Further, Ansible divided the tasks among teams by assigning various roles. It managed the clean up of old job history, activity streams, data marked for deletion and system tracking info. Refer to the diagram below to understand how Ansible has simplified the work of NASA.

As a result, NASA has achieved the following efficiencies:

• NASA web app servers are being patched routinely and automatically through Ansible Tower with a very simple 10-line Ansible playbook.
• Ansible is also being used to re-mediate security issues and was leveraged to re-mediate OpenSSL issues. This not only saved time but allowed to quickly re-mediate a very daunting security issue.
• Every single week, both the full and mobile versions of www.nasa.gov are updated via Ansible, generally only taking about 5 minutes to do. 
• OS level user accounts for mission critical staff are continually checked and created if missing. Now, everyone who needs access has access, even if that means adding or removing a user almost instantly from all servers.
• NASA has also integrated Ansible facts into their CMDB, CloudAware, for better management visibility of entire AWS inventory. As a result, it became possible to organize the inventory of AWS resources in a very granular way that was not possible before.
• Ansible is also used to ensure that the environment is compliant with necessary Federal security standards as outlined by FedRAMP and other regulatory requirements.

What is Ansible Tower?

📝Ansible Tower is Red Hat’s commercial web-based solution for managing Ansible. Its best-known feature is an easy-to-use UI (user interface) for managing configurations and deployments, which is a significant improvement over the original UI. Ansible Tower contains the essential features of Ansible, especially those that are easier to see in a graphical format rather than a text-based format. It is free for up to 10 nodes. 

THERE ARE SUCCESS STORIES ON HOW COMPANIES USE ANSIBLE:

📝The ongoing digital transformation coupled with the growing popularity of cloud means companies are now more dependent on dynamic, all-in-one tools that can solve multiple problems across a host of platforms.

Further, today’s organizations are looking for ways to ease into automation while also striving toward higher levels of customer satisfaction. For many organizations, the open source platform Ansible is the answer to these modern-day challenges. Here are a few examples of companies successfully implementing an Ansible migration.

HOOTSUITE:

📝Hootsuite is a social media management system used by businesses and organizations. It allows the execution of social media campaigns on a variety of networks from a secure dashboard. Hootsuite is popular among Fortune 1000 companies.

The main challenge facing Hootsuite was the lack of repeatability. This made automating Hootsuite’s infrastructure a challenge, and Hootsuite were also facing difficulties in application deployment.

To resolve this, Hootsuite introduced Ansible core. This allowed Hootsuite to build servers from scratch and enabled repeatability. In the future, Hootsuite plans to implement an Ansible migration of its app deployment and possibly in ad hoc production server management.

Since performing their Ansible migration, Hootsuite says ops and devs ‘feel safer’. Additionally, Ansible allows developers to repeatedly test server builds on a local level until the team can be sure they work.

Hootsuite intends to use Ansible in many other ways, and as Beier Cai, Director of Technology, Hootsuite Media Inc., explains, “In the beginning I didn’t realize Ansible is good for orchestration as well but found it out quickly and I really loved it as it beats competitors right there.”

AMELCO:

📝Amelco is a UK-based company that develops software solutions for the betting industry and financial betting markets. The business was looking for a way to deploy its applications efficiently across its hundreds of different environments, and it also sought to limit downtime. To do this, Amelco performed an Ansible migration to an agentless automation framework. This reduced the complexities it faced with the deployment, operations and the upgrade of applications over a range of contrasting locations, while also using one simplified language.

In addition, by introducing Ansible and Ansible Tower, Amelco has successfully automated its application deployments. Other benefits include reduced complexity and continuous delivery, along with speed solution delivery.

Further benefits include:

•  “Faster time to deployment for its bespoke and modular client solutions, resulting in speedier time to market and higher customer satisfaction”.
•  “A simplified and repeatable deployment process, leveraging true multi-tier, multi-step orchestration that minimized the complex dependencies of heterogeneous environments,”.

LIFESUM:

📝Based in Stockholm, Lifesum is a digital health platform that encourages users to lead a healthier, more balanced lifestyle. Lifesum has proved hugely successful throughout Europe, reaching over 6 million downloads so far.

Lifesum’s platform uses a host of applications, in addition to a joint back end API, and it bases its infrastructure on AWS. Lifesum was looking for a simplified yet robust tool to allow configuration management, application deployment, and server provisioning.

Prior to introducing Ansible, Lifesum had used another tool but found provisioning and managing different environments a challenge.

Lifesum started their Ansible migration in 2014. It started implementing Ansible straight away and has used it in several major areas. First, Lifesum used Ansible playbooks “to automatically spin up virtual development machines with Vagrant”.

In the case study, Michal Gasek, SYSOPS Engineer/DBA at Lifesum also notes that Lifesum’s goal, “[is] to ensure that everyone had exactly the same working environment as we deploy our applications regularly. Three months later all our environments, from developer’s laptops to production instances on Amazon, [are] fully Ansible managed.”

Gasek continues, “We use AWS Auto Scaling and pre-bake Amazon AMI images with Ansible provisioning playbooks. When EC2 instances are launched by Auto Scaling, Ansible, triggered by cloud-init, runs provisioning playbooks, once again ensuring up-to-date configuration changes are applied, and pulling the latest applications versions from repositories. Ansible has helped us to automate, significantly simplify and speed up the process of dynamic resources scaling”.

Gasek adds that Ansible stood out because of its ‘power and simplicity’. Gasek also highlights how Ansible has enabled developers to concentrate on building ‘great product features’, rather than solving common problems like inconsistencies and misconfiguration.

Conclusion:

📝On a final note, we can conclude that Ansible provides a simple and powerful package for configuration management and automation. However, Ansible is new to the market now and has to deal with competition from renowned sources. The limited amount of documentation related to Ansible can create formidable setbacks for learning Ansible.

On the other hand, the growing interest in Ansible due to the adoption of Ansible by renowned agencies such as NASA can also turn the tables. The diverse functionalities of Ansible, such as provisioning, orchestration, application deployment, and security and compliance, show its potential. These capabilities of Ansible can translate effectively into a comprehensive DevOps tool. The future course for Ansible would depend on strengthening the advantages of Ansible while working on the setbacks.   

Thank You for Reading the Article. 😊🤗