Arth-Task-11.2(Study on Ansible Tool)

In this artical or blog we discuss some basic concepts of Ansible and basic industry use case on Ansible.

Ansible is a software tool that provides simple but powerful automation for cross-platform computer support. It is primarily intended for IT professionals, who use it for application deployment, updates on workstations and servers, cloud provisioning, configuration management, intra-service orchestration, and nearly anything a systems administrator does on a weekly or daily basis. Ansible doesn’t depend on agent software and has no additional security infrastructure, so it’s easy to deploy.

Because Ansible is all about automation, it requires instructions to accomplish each job. With everything written down in simple script form, it’s easy to do version control. The practical result of this is a major contribution to the “infrastructure as code” movement in IT: the idea that the maintenance of server and client infrastructure can and should be treated the same as software development, with repositories of self-documenting, proven, and executable solutions capable of running an organization regardless of staff changes.

While Ansible may be at the forefront of automation, systems administration, and DevOps, it’s also useful to everyday users. Ansible allows you to configure not just one computer, but potentially a whole network of computers at once, and using it requires no programming skills. Instructions written for Ansible are human-readable. Whether you’re entirely new to computers or an expert, Ansible files are easy to understand.

Advantages of Ansible

• Free: Ansible is an open-source tool.
• Very simple to set up and use: No special coding skills are necessary to use Ansible’s playbooks (more on playbooks later).
• Powerful: Ansible lets you model even highly complex IT workflows.
• Flexible: You can orchestrate the entire application environment no matter where it’s deployed. You can also customize it based on your needs.
• Agentless: You don’t need to install any other software or firewall ports on the client systems you want to automate. You also don’t have to set up a separate management structure.
• Efficient: Because you don’t need to install any extra software, there’s more room for application resources on your server.

How Ansible works?

In Ansible, there are two categories of computers: the control node and managed nodes. The control node is a computer that runs Ansible. There must be at least one control node, although a backup control node may also exist. A managed node is any device being managed by the control node.

Ansible works by connecting to nodes (clients, servers, or whatever you’re configuring) on a network, and then sending a small program called an Ansible module to that node. Ansible executes these modules over SSH and removes them when finished. The only requirement for this interaction is that your Ansible control node has login access to the managed nodes. SSH keys are the most common way to provide access, but other forms of authentication are also supported.

What Ansible does

The term Ansible modules sounds complex, but most of the complexity is handled by Ansible and not the user. An Ansible module is written to be a model of the desired state of a system, meaning that each module defines what should be true on any given managed node.

Ansible’s Features and Capabilities…..

1. Configuration Management:- Ansible is designed to be very simple, reliable, and consistent for configuration management.If you want to install an updated version of a specific type of software on all the machines in your enterprise, all you have to do is write out all the IP addresses of the nodes (also called remote hosts) and write an Ansible playbook to install it on all the nodes, then run the playbook from your control machine.

2. Application Deployment:- Ansible lets you quickly and easily deploy multitier apps. You won’t need to write custom code to automate your systems; you list the tasks required to be done by writing a playbook, and Ansible will figure out how to get your systems to the state you want them to be in.

3. Orchestration:- As the name suggests, orchestration involves bringing different elements into a beautifully run whole operation — similar to the way a musical conductor brings the notes produced by all the different instruments into a cohesive artistic work. For example, with application deployment, you need to manage not just the front-end and backend services but the databases, networks, storage, and so on.

4. Security and Compliance:- As with application deployment, sitewide security policies (such as firewall rules or locking down users) can be implemented along with other automated processes. If you configure the security details on the control machine and run the associated playbook, all the remote hosts will automatically be updated with those details.

5. Cloud Provisioning:- The first step in automating your applications’ life cycle is automating the provisioning of your infrastructure. With Ansible, you can provision cloud platforms, virtualized hosts, network devices, and bare-metal servers.

Ansible Architecture:-

1. Modules

Modules are like small programs that Ansible pushes out from a control machine to all the nodes or remote hosts. The modules are executed using playbooks (see below), and they control things such as services, packages, and files. Ansible executes all the modules for installing updates or whatever the required task is, and then removes them when finished. Ansible provides more than 450 modules for everyday tasks.

2. Plugins

As you probably already know from many other tools and platforms, plugins are extra pieces of code that augment functionality. Ansible comes with a number of its plugins, but you can write your own as well. Action, cache, and callback plugins are three examples.

3. Inventories

All the machines you’re using with Ansible (the control machine plus nodes) are listed in a single simple file, along with their IP addresses, databases, servers, and so on. Once you register the inventory, you can assign variables to any of the hosts using a simple text file. You can also pull inventory from sources like EC2 (Amazon Elastic Compute Cloud).

4. Playbooks

Ansible playbooks are like instruction manuals for tasks. They are simple files written in YAML, which stands for YAML Ain’t Markup Language, a human-readable data serialization language. Playbooks are really at the heart of what makes Ansible so popular is because they describe the tasks to be done quickly and without the need for the user to know or remember any particular syntax. Not only can they declare configurations, but they can orchestrate the steps of any manually ordered task, and can execute tasks at the same time or at different times.

5. APIs

Various APIs (application programming interfaces) are available so you can extend Ansible’s connection types (meaning more than just SSH for transport), callbacks, and more.

What is Ansible Tower?

Ansible Tower is Red Hat’s commercial web-based solution for managing Ansible. Its best-known feature is an easy-to-use UI (user interface) for managing configurations and deployments, which is a significant improvement over the original UI. Ansible Tower contains the essential features of Ansible, especially those that are easier to see in a graphical format rather than a text-based format. It is free for up to 10 nodes.

Managing an organization’s many tools and business processes is becoming increasingly complicated as technology expands. Whether your teams are performing their weekly system reboot, or looking to configure instances to a desired state, it’s no secret that automation is critical to increase speed, efficiency, productivity, and accuracy. Listed below are several instances1 where automation can help across your enterprise.

• Weekly system reboot: There’s nothing worse than doing the same thing for 8 hours a day! Eliminate repetitive, manual processes with automation.
• Enforce security guidelines: Rules are rules. It’s best to automate in an effort to achieve strict security standards.
• Monitor configuration drift: Use check mode with Ansible tasks to enforce desired settings and see if your configuration has drifted.
• Disaster recovery: Disaster recovery can involve a wide range of components. Act across different variables of the technology stack to identify problems and eliminate cross team dependencies.
• Command blaster: Remarkably easy to write, you can run commands across your environment for any number of servers.
• Database binary patching: Several databases use outdated binary sets. Patch the binaries in accordance with the release of the latest patch.
• Instance provisioning: Use modules for several cloud providers to create new instances and tailor their configuration.
• Service license agreements: Mistakes cost time and money. Eliminate errors that can crop up in detailed software contracts.

Some use cases……….

1- Integration Ansible and AWS………….

The Power of AWS Meets Ansible Simplicity

Using Ansible to automate your applications in AWS greatly increases the chances that your cloud initiative will be a success. The breadth of AWS capability enables IT organizations to dynamically provision entire workloads like never before. To harness this power, IT organizations must effectively answer:

• How can we control cloud deployments?
• How does devops work in the cloud?
• Will my deployments be secure?
• How can we migrate existing apps to the cloud?

The answer? Automate with Ansible.

Manage Cloud Like Cloud with Ansible

When you deploy an application into AWS, you will soon realize that the cloud is much more than a collection of servers in someone else’s data center. You now have a fleet of services available to you to rapidly deploy and scale applications. However, if you continue to manage AWS like just a group of servers, you won’t see the full benefit of your migration to the cloud. Ansible automation can help you manage your AWS environment like a fleet of services instead of a collection of servers.

Ansible & AWS: Batteries included

From the beginning, Ansible has offered deep support for AWS. Ansible can be used to define, deploy, and manage a wide variety of AWS services. Even the most complicated of AWS environments can be easily described in Ansible playbooks. Once your AWS-based application environments are described with Ansible, you can deploy them again and again, easily scaling out to 100s or 1000s of instances across multiple regions, with the same results each and every time.

AMI Management
Autoscaling Groups
CloudFormation
CloudTrail
CloudWatch
DynamoDB
ElastiCache
Elastic Block Store (EBS)
Elastic Cloud Compute (EC2)
Elastic IPs (EIP)
Elastic Load Balancers (ELB)
Identity Access Manager (IAM)
Kinesis
Lambda
Relational Database Service
Route53
Security Groups
Security Token Service
Simple Storage Service (S3)
Virtual Private Cloud (VPC)

Ansible also has over 1,300+ additional modules to help you manage every aspect of your Linux, Windows, UNIX, network infrastructure, and applications — regardless of where they’re deployed. With Ansible, one common language can be used to describe everything deployed in your cloud (and your enterprise).

2- INTEGRATION: Ansible AND Windows

SIMPLICITY ACROSS YOUR INFRASTRUCTURE

It’s hard to find a homogeneous IT stack nowadays. You may have a Linux server farm, but an AD cluster providing identity. Or you have a cross-platform build environment that builds your software for multiple different targets.

Your management and automation tools need to be able to handle multiple, vastly different targets — Linux, Unix, networking, cloud services… and Windows.

ANSIBLE: LINUX LIKE LINUX, WINDOWS LIKE WINDOWS.

Users and customers love Ansible’s simple, agentless, powerful automation that allows them to model and deliver any configuration, any deployment, any environment across their IT infrastructure.

Ansible knew that the key was to bring the same simple, agentless paradigm to managing Windows, while still feeling native to Windows administrators. Ansible’s native Windows support uses Windows PowerShell remoting to manage Windows like Windows in the same Ansible agentless way that Ansible manages Linux like Linux.

With Ansible’s native Windows support, you can, out of the box:

• Gather facts on Windows hosts
• Install and uninstall MSIs
• Enable and disable Windows Features
• Start, stop, and manage Windows services
• Create and manage local users and groups
• Manage Windows packages via the Chocolatey package manager
• Manage and install Windows updates
• Fetch files from remote sites
• Push and execute any PowerShell scripts you write

You can connect to and automate Windows using local or domain users, and soon you’ll be able to use Windows ‘runas’ support to execute actions as the Administrator, just as you would use ‘sudo’ or ‘su’ on Linux.

Plus, with Ansible’s easy extensibility, you can write your own modules in PowerShell and extend Ansible for whatever other functionality you need. Ansible users have written modules for managing filesystem ACLs, managing Windows Firewall, and managing hostname and domain membership, and more.

And when you need to roll this out across your team, Red Hat® Ansible® Tower works out of the box with Ansible’s Windows support.

3- CERTIFIED INTEGRATION: Ansible and Microsoft Azure

Ansible puts Google Technology at Your Fingertips

Google Cloud Platform (GCP) provides scalable infrastructure and solutions to meet the needs of your organization. GCP offers on-demand instances, software-defined networking, storage and databases, and big data solutions — and they’re all available at your fingertips. GCP enables your applications to take advantage of Google’s significant infrastructure, utilizing their best-of-breed technology and innovation, and only pay for what you need when you need it.

Ansible and Google Native Integration

The Ansible/GCP integration gives you everything you need to manage your IT infrastructure. From provisioning instances and autoscaling, custom networks and load balancing, and even managing DNS and cloud storage, it’s all provided. Use the Ansible/GCP tutorial and examples in your Playbooks.

Solutions That grow with Your Organization

Take advantage of GCP, the way you want to:

Testing/Continuous Integration

• Use Ansible to launch instances in any GCP Zone, configure networking setups to accurately simulate real-world scenarios
• Deploy your code how you want: private disk images, startup scripts pointing to your own package repository and more — all within your native Ansible Playbooks
• Tear-down instances when you’re done: right after a test or after a review with the team and even keep a snapshot of the disk

Production Deployment

• Use GCP Managed Instance Groups (Playbook example) and autoscaling to ensure your application can meet the needs of its users
• Easily use Cross-Region Load Balancing to have your application served by the closest-available zone
• Enable Service Accounts with specific access, enabling only those who need it to run your playbooks in production

Leverage Containers Without the Hassle

• Easily deploy containers in Google’s managed container environment (Container Engine)
• Store and access your container images in our Container Registry
• Autoscaling, advanced networking and Logging giving you full control to understand and tune your cluster

Summary:-

In this artical we learn some basic introduction of Ansibel and some basic case industry case study.

Thanks vimal sir give task to research some on Ansile.