DevOps.com

  • Latest
    • Articles
    • Features
    • Most Read
    • News
    • News Releases
  • Topics
    • AI
    • Continuous Delivery
    • Continuous Testing
    • Cloud
    • Culture
    • DevSecOps
    • Enterprise DevOps
    • Leadership Suite
    • DevOps Practice
    • ROELBOB
    • DevOps Toolbox
    • IT as Code
  • Videos/Podcasts
    • DevOps Chats
    • DevOps Unbound
  • Webinars
    • Upcoming
    • On-Demand Webinars
  • Library
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Communities
    • AWS Community Hub
    • CloudBees
    • IT as Code
    • Rocket on DevOps.com
    • Traceable on DevOps.com
    • Quali on DevOps.com
  • Related Sites
    • Techstrong Group
    • Container Journal
    • Security Boulevard
    • Techstrong Research
    • DevOps Chat
    • DevOps Dozen
    • DevOps TV
    • Digital Anarchist
  • Media Kit
  • About
  • AI
  • Cloud
  • Continuous Delivery
  • Continuous Testing
  • DevSecOps
  • DevOps Onramp
  • Practices
  • ROELBOB
  • Low-Code/No-Code
  • IT as Code
  • More
    • Application Performance Management/Monitoring
    • Culture
    • Enterprise DevOps

Home » Blogs » DevOps Toolbox » Ansible Best Practices : Automation, Provisioning and Configuration Management

Ansible Best Practices : Automation, Provisioning and Configuration Management

By: Sudhi Seshachala on May 19, 2015 4 Comments

What is Ansible?

Recent Posts By Sudhi Seshachala
  • Best Practices for User Management Models in AWS
  • Useful Big Data Terminologies, Part 1
  • Financial Drivers for Cloud Migration in Enterprise
More from Sudhi Seshachala
Related Posts
  • Ansible Best Practices : Automation, Provisioning and Configuration Management
  • Configuration Management vs. Application Release Automation
  • Ansible Tower in the Software Development Lifecycle
    Related Categories
  • Blogs
  • DevOps Toolbox
    Related Topics
  • ansible
  • Configuration Management
Show more
Show less

Ansible is an IT automation engine, and a trouble-free model-driven configuration management and command execution framework. Made for multi-tier deployments, it designs your IT infrastructure by describing how all of your systems are interrelated instead of just managing one system at a time. Written in Python, Ansible does not use any agent. It makes uses the SSH server on the target, and no additional custom security infrastructure is required, making it easy to deploy.

Ansible comes up with following uses:

1). Normal configuration management

  • Creates system files through the medium of templates
  • Manages software installation with the help of yum, apt, gem, or the like
  • Manages services or daemons such as start, stop, enable, disable

2). Orchestration tasks

  • Removing server from load balancers
  • Disabling monitoring or altering
  • Perform deployment of your code by git

3). Continuous integration

  • Deploy code to QA servers
  • Run tests and promote software to production if tests pass

How is it different?

Ansible is a configuration management, deployment and an ad-hoc task execution tool, all in one. It does not require daemons or any other software to start the remote machines’ management. Since it uses the SSH, it easily passes a security audit, and can be used in places resistant to run a root-level daemon with a custom PKI infrastructure.

The Ansible modules can be written not only in Ruby or Python, but in any language efficient enough of returning JSON or key. In this way, Ansible manages to sidestep the popular Python vs Ruby language war, and is of interest to people who like both or neither of them.

Ansible Architecture:

ansiblenew

Coming with a simple framework, Ansible connects with your nodes and pushes out small program termed as Ansible Modules, which are considered to be the workhorse of the system and are responsible for performing all heavy liftings. These programs are written to be resource models of the anticipated position of the system. Thereafter, Ansible carries out these modules upon the SSH by default and eliminate them when finished.

Without using servers, daemons and databases, your library related to modules can be inherited in any machine, thus giving the advantage of working with your favorite terminal program, a text editor, and most likely a version control system to keep a track of alteration to your content.

 

SSH keys your biggest companion

Though passwords are supported, the finest method to practice it is by using the SSH keys along with SSH-agent. The root logins are not required; you can login as any user. Ansible ‘authorised-key’ module helps in controlling which machines can access or which hosts. You can also use other available options like Kerberos or identity management systems.

Management of your inventory in simple text files

Ansible by default uses an INI file to represent the machines being managed. These files help in placing all of your managed machines in groups of your own choosing. In order to add up new machines, you do not require any additional SSL signing server. So by no means, there will be a problem in deciding about why a particular machine didn’t get linked up due to obscure NTP or DNS issues.

Ansible can also be plugged into another source of truth, if available in your infrastructure like drawing inventory, group, and sources suchlike EC2, Rackspace, OpenStack, etc,. As soon as the inventory hosts are listed, variables can be assigned to them in simple text files in a subdirectory called ‘group_vars/’ or ‘host_vars/’ or directly in the inventory file or, as already mentioned, you can use the dynamic inventory to pull inventory from the data sources like EC2, Rackspace, and OpenStack.

Playbooks, a simple and powerful automation language

Playbooks are Ansible’s configuration, deployment and orchestration language. They can explain a course of action you want the remote system to apply, or a set of steps in a general IT process.

At a fundamental stage, playbooks can be used to manage configurations and for deployments of the remote machines. At a more advanced level, they can sequence multi-tier rollouts involving rolling updates, and can delegate actions to other hosts, interacting with monitoring servers and load balancers along the way. Most importantly, the language remains readable, transparent and is developed in a basic text language. You don’t need to declare explicit ordering relationships or write code in a programming language. There are ample of ways to organise playbooks and the files they include.

Widen up Ansible: Modules, Plugins and API

Ansible modules can be written in any language that can return JSON, such as Ruby, Python, Bash, etc,. The inventory can also plug into any data source by writing a programme that speaks to that data source and returns JSON. There are multiple Python APIs for spreading Ansible’s connection types callbacks — SSH is not the only transport possible — and even for adding new server side behaviours.

AnsibleWorks (AWX)

AnsibleWorks, which also sponsors the Ansible community, also produces the AWX. It is a web-based solution to make Ansible simpler, and to provide a trouble-free usage for the IT companies. It is also designed to be complete all kinds of automation tasks.

AWX permits you to regulate the access and even allows sharing of SSH credentials, without someone being able to transfer those credentials. Inventory can either be graphically managed or synced with a wide variety of cloud sources. It keeps log of all your jobs and integrate them with LDAP. It also has an amazing browsable REST API. If required, the command line tools are also available for easy integration with Jenkins.

Conclusion

Ansible’s simplicity and ability to decrease the complexity of other tools has made it a reliable applicant for your environment. Its foremost concern is on security and reliability. It uses OpenSSH for transportation, and the language is designed around auditability by even those who are not familiar with the program. Ansible is suitable enough for managing both small setups with a handful of instances as well as the enterprise environments.

Filed Under: Blogs, DevOps Toolbox Tagged With: ansible, Configuration Management

Sponsored Content
Featured eBook
The State of Open Source Vulnerabilities 2020

The State of Open Source Vulnerabilities 2020

Open source components have become an integral part of today’s software applications — it’s impossible to keep up with the hectic pace of release cycles without them. As open source usage continues to grow, so does the number of eyes focused on open source security research, resulting in a record-breaking ... Read More
« Release Management, a catalyst for DevOps
Lean Value Stream Mapping for DevOps »

TechStrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Bring Your Mission-Critical Data to Your Cloud Apps and Analytics
Tuesday, August 16, 2022 - 11:00 am EDT
Mistakes You Are Probably Making in Kubernetes
Tuesday, August 16, 2022 - 1:00 pm EDT
Taking Your SRE Team to the Next Level
Tuesday, August 16, 2022 - 3:00 pm EDT

Latest from DevOps.com

Techstrong TV: Scratching the Surface of Testing Through AI
August 12, 2022 | Alan Shimel
Next-Level Tech: DevOps Meets CSOps
August 12, 2022 | Jonathan Rende
The Benefits of a Distributed Cloud
August 12, 2022 | Jonathan Seelig
Cycode Expands Scope of AppDev Security Platform
August 11, 2022 | Mike Vizard
Techstrong TV: The Use of AI in Low-Code
August 11, 2022 | Charlene O'Hanlon

Get The Top Stories of the Week

  • View DevOps.com Privacy Policy
  • This field is for validation purposes and should be left unchanged.

Download Free eBook

The State of Open Source Vulnerabilities 2020
The State of Open Source Vulnerabilities 2020

Most Read on DevOps.com

MLOps Vs. DevOps: What’s the Difference?
August 10, 2022 | Gilad David Maayan
CREST Defines Quality Verification Standard for AppSec Testi...
August 9, 2022 | Mike Vizard
We Must Kill ‘Dinosaur’ JavaScript | Microsoft Open Sources ...
August 11, 2022 | Richi Jennings
Leverage Empirical Data to Avoid DevOps Burnout
August 8, 2022 | Bill Doerrfeld
GitHub Brings 2FA to JavaScript Package Manager
August 9, 2022 | Mike Vizard

On-Demand Webinars

DevOps.com Webinar ReplaysDevOps.com Webinar Replays
  • Home
  • About DevOps.com
  • Meet our Authors
  • Write for DevOps.com
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • Privacy Policy

Powered by Techstrong Group, Inc.

© 2022 ·Techstrong Group, Inc.All rights reserved.