As part of Bittnet’s Decoding DevOps series, we recently hosted a webinar on using Ansible for provisioning infrastructures. The more than 350 registrants to the webinar had a chance to learn more about Ansible in general, and then witness firsthand just a few of its capabilities, in a live demo presented by our expert engineer Bogdan Sass. If you were not able to attend the webinar, here’s a summary of what Ansible can do for provisioning infrastructure, securing it, and deploying an application cluster on top of that infrastructure.
What does DevOps really mean?
To understand where Ansible fits in the greater DevOps story, we began with an overview of DevOps as a methodology. There’s been a lot of discussion in recent years about what DevOps is and what is should be, but, at its core, DevOps is first and foremost a way of bringing together Development teams, who plan and build code, with Operations teams, who must release and deploy that code, while making sure everything works as it should. If those teams work together, with shared and efficient practices and tools, they can deliver projects and then ensure their continuous operation much faster and with much better accuracy than if they were working in silos, each with separate goals and ways of doing things.
However, achieving the DevOps ideal requires team members to become truly multidisciplinary in their knowledge and skills, and collaborate using a very wide palette of tools. IT pros who want to work in DevOps environments must learn to work with the DevOps tools that matter, like Docker, Chef, Kubernetes and many others.
What is Ansible, and why should DevOps practitioners care?
One such important tool, which has been gaining prominence in recent years, is Ansible. You may know it as a configuration management tool for existing Linux servers. Nevertheless, nowadays its capabilities are much more extensive than that, enabling the configuration of network devices, application deployment and even provisioning cloud-based infrastructures.
The most frequent use case for Ansible today is automation, which saves time, eliminates errors due to manual changes, and ensures compliance. Ansible is also a stepping stone on the way to Infrastructure as Code (IaC), as it allows you to create virtual machines, describe how they should be configured and what actions should be taken on them.
What are the benefits of using Ansible?
The features and syntax are some of the most compelling arguments for giving Ansible a try. Its YAML syntax is very simple, and Ansible is written in Python – but you don’t need to know Python at all, in order to use it. At the same time, its features enable the modelling of very complex IT workflows.
Furthermore, Ansible does not require the installation of any agents or extra firewall ports on client systems, which means you will be able to dedicate more server resources to applications.
In the DevOps cycle, Ansible is typically employed in the Deployment and Continuous Management stages. It is used to create the infrastructure necessary for the code to run, deploy the application and then make sure its configuration is maintained as intended.
How does Ansible work?
Ansible’s Automation Engine uses static or dynamic inventories – these are lists of hosts (servers) that need to be managed and that Ansible can configure and run commands on. Dynamic inventories can be defined to collect lists of servers that are constantly changing – as in the case of cloud infrastructure.
The way Ansible interacts with remote hosts is through modules and tasks. A module is usually Python code that is executed directly on a host, through a task, which defines certain parameters for running the code in the module. Modules can manage system resources or carry out system commands. Together, modules and tasks enable the sys admin to manage almost everything that has an API, CLI, or other configuration file that can be interacted with – network devices, containers, container orchestrators and so forth.
Ansible can also be used to orchestrate complex tasks and workflows, using playbooks. These are files written in the YAML format which describe the ordered sequence of configuration tasks that need to be applied to the target environment. Playbooks enable the orchestration of any manual ordered process.
What can you actually do with Ansible?
As mentioned earlier, Ansible can be used to configure existing servers – install packages, create configuration files, start services, and so on. Yet, its configuration management features allow it to also be used for configuring network devices (such as switches, firewalls or routers), storage devices and many others.
However, the most interesting use case today is provisioning infrastructure, when there are no pre-existing servers. This means the creation of virtual machines or cloud instances, configuring them, deploying packages and installing applications and so on – Ansible can run the entire infrastructure provisioning workflow very efficiently.
Whether you choose to use Ansible or another tool (ex. Terraform / etc.) for provisioning will depend on the type of environment and other factors as well. To show what you can do only with Ansible, though, the webinar then included a live demo on provisioning infrastructure and bootstrapping a basic Kubernetes cluster using Ansible’s capabilities (without GKE):
- Creating and configuring cloud VM instances for Kubernetes deployment
- Securing the created VM instances
- Deploying Kubernetes on top of those machines (master and worker nodes)
All of this done from Ansible, all of it by running a single command!
If you want to find out more about DevOps and its various tools and practices, also check out DevOps Artisan, the latest Bittnet training project for all those interested in the DevOps ecosystem.