Working in IT in current times is really exciting. The time we used to deliver one or two servers to install a single application is over. Instead, we are now leveraging distributed infrastructure to deploy highly-available applications in a set of computing resources that may even communicate using different networking protocols. We are not talking about stand-alone applications anymore, as we do need applications that may scale-out easily and automatically as per the requirements.
In nowadays, a typical application can include several tiers and layers like web servers, application servers, memory-based caching systems, load balancers, …etc. Furthermore, we need to make sure that our application is deployed, highly available and ready to handle any scheduled or unscheduled increasing load during peak hours or holiday periods.
Consequently, managing a computing infrastructure efficiently in recent times has become a real challenge from operations perspective, as the corporate IT environment is becoming more and more complex, where you have to manage and maintain several set of servers with different configurations settings by doing it either manually, which is time consuming and very hard to achieve, or by using tools that helps you run easily and automatically the repetitive tasks that you have to do on your servers. This is commonly known as Configuration Management.
What is Configuration Management?
In a nutshell, Configuration Management is a process to manage and maintain consistency and changes by configuring and deploying a state of description for your servers, then using a tool to enforce that the servers are actually in that state. In Configuration Management, you will define a desired state for a target servers, and if the current state of these server change, you will just re-apply the desired state.
Here are some use cases for using a Configuration Management tool:
- Installing or updating an Apache Web server farm and making sure the Apache configuration is the same in all Web servers.
- Scheduling weekly or monthly system reboot after server patching.
- Enforcing security rules on newly deployed servers. Example of this would be disabling SSH for root user or disabling IPv6.
There are several Configuration Management tool available out there to help achieve the kind of tasks listed below. Chef, Puppet and Salt are the most common ones, but these tools are less flexible in terms of installation, management and upgrade. Ansible is by far the easiest one among all of them to use and administer but still a very robust and flexible tool to manage and automate any large IT infrastructure.
What is Ansible?
Ansible is an Open Source Configuration Management and automation tool supported by Red Hat, that helps to deliver and automate repetitive system administration tasks, thus, improving the scalability and reliability of your IT environment.
Ansible is typically used to automate the following use cases types:
- Configuration Management. Such changing the configuration of an application or an OS, or implementing a security policy to make a server compliant.
- Server Provisioning. Like installing and setting up new servers needed in the on-premise environment. And when it comes to public cloud, Ansible gets you covered by providing several modules for spinning up new instances in cloud environment like AWS, Azure, or Google Cloud Engine.
- Application Deployment. Which is the process of deploying application binaries to remote servers and starting up the necessary services.
- Orchestration of deployment. This is where a set of tasks are configured to run in a specific order. For instance, bringing up a database before bringing up web servers, or taking out a specific server from the load balancer before patching it in order to avoid any downtime.
Why Choose Ansible?
Ansible offer many advantages compared to other Configuration Management tools:
- Free, Open Source and supported by Red Hat.
- Easy to manage. Ansible uses the YAML, which is a data format language that was designed to be easy to read for humans.
- Agent-less. Unlike other Configuration Management tools, Ansible does not need any agent to be installed on the managed servers.
- Modular. Ansible ships with a rich collection of built-in modules to run the most common tasks such as installing a packages, restating a service, or copying or modifying a configuration file.
How Ansible Works?
Ansible performs a single task against a set of hosts. To perform more than one task, Ansible uses a playbook to run those specifc tasks against the hosts. The playbook is a script file written in YAML, so having a .yml extension. It contains the remote servers that are to be configured and the actual list of tasks to be run on those hosts. The tasks are ordered in a way to be performed one after one.
Let’s say we want to execute a playbook called webservers.yml on three servers called web1, web2 and web3 to install Apache server and start then enable the httpd service.
The tasks described in the playbook will be similar to below:
- First Task: Install Apache web server.
- Second Task: Start the httpd service.
- Third Task: Enable the httpd service.
To perform the first task, Ansible will generate a Python script that installs the Apache package, copy it to both servers then execute it, and finally wait for the script to complete execution on the other hosts. It will then jump to the second task and execute the same steps.
The important thing to note is that Ansible runs each task in parallel across all hosts in the order specified, and waits until it is finished before moving on to the next task.
Red Hat Ansible and Red Hat Ansible Tower
Ansible was initially developed, maintained and supported by the company which has the same name. Ansible, the company was then acquired by Red Hat in 2015.
Because Ansible can only be managed by text based tools through command line. A web-based solution called Ansible Tower (formerly known as AWX) has been develloped to make the administration of Ansible tasks even easier by providing a visual dashboard, role-based access control, job scheduling, and many other features.
Both Ansible and Ansible Tower are now maintained and supported by Red Hat.
In the upcoming posts, we will see the Ansible installation, configuration and some advanced administration topics. This guide is for the impatient beginners that want to get quickly operative in Ansible.