Ansible for DevOps

Ansible is a powerful IT automation and configuration management tool. In terms of DevOps,

Ansible can be considered to target four main automation areas, in dev, ops, security and QA, and
business.

DevOps Challenges

First, let's consider some DevOps challenges. So for those in dev, the focus is on results. And they
have to be careful not to spend too much time on the tooling required to deliver the product or
service. And they need to respond and scale as demand requires, otherwise you have business
risk. For operations or ops, this requires cross-organizational technologies. And operations must
be able to centrally govern and monitor systems and workloads.

And these systems and workloads are disparate systems and workloads. Meaning that they can
vary amongst different technologies and deployments and so on. For security and QA, this
requires the ability to monitor and track changes, obviously, and further to that, where and when
those changes were made. For security and QA, the emphasis is to reduce risk associated with
human error. For business, the goal is to go to market as quickly as possible. And consistently
perform activities that are going to generate competitive advantages and focus on growth.

Ansible Addresses Development Challenges

So Ansible addresses development challenges by first creating a feedback loop. So you can think of
it as an accelerated evaluation of products and services emanating from development. In addition,
bugs are discovered earlier in the development lifecycle. Which means that addressing those bugs
is easier, less risky as well as less costly.

Ansible can help reduce the risk of tribal knowledge. And this is knowledge about products,
customers, and processes that only certain employees understand. And it's a major problem and
one that many companies are either unaware of or aren't concerned about. Automation via
Ansible at the dev level means quicker, more predictable, and more reliable deployments.

Ansible Addresses Operations Challenges

With respect to ops challenges, Ansible automation helps streamline and simplify deployments.
Meaning, deployment times are often reduced, it helps mitigate what's known as shadow IT. And
this refers to information technology systems and solutions that are built and used inside
organizations. Without the organization's explicit approval or knowledge.

Ansible makes the provisioning of systems quicker and easier through automation. And here again
with ops, Ansible reduces the risk of tribal knowledge. And finally with respect to ops challenges,
Ansible automation also makes it possible to automate patching. Which results in potentially huge
time and cost savings as well as risk reduction.

Ansible Addresses Security and QA Challenges

With respect to security and QA, Ansible automation can serve to establish a security baseline
from which to start and proceed. With Ansible, establishing identical development, production,
and QA environments is not only possible, but it is significantly simplified. Ansible can ensure
compliance requirements are documented and that those requirements are visible and accurate.
And finally, as a result, Ansible provides what's known as living documentation. And what this
means is that as systems evolve, so does the documentation.

Ansible Addresses Business Challenges

From a business level, using Ansible means that business and IT are aligned. And this is acutely
important today as virtually every business is essentially a digital business. It alleviates the
business from having to perform repetitive, complicated, and risky infrastructure and
configuration tasks. Liberating time for important activities, like innovation, strategy, and growth.

Due to its existence as living documentation and easily understood and managed infrastructure
and configuration. Ansible automation simplifies on-boarding for new team members. As a result,
Ansible is truly built for DevOps because it effectively improves the collaboration capability across
diverse teams within the enterprise.

Why Ansible for DevOps?

Repetitive tasks that have to be figured out every time, are just huge time and money wasters.
With Ansible, IT problems are solved once, then that solution is automated. The automated
solution is then applied and the resultant simplification of infrastructure and configuration
effectively accelerates DevOps initiatives.

Consider that Ansible IT automation simplifies the complex. So, it reduces, for example, manual
effort, which also serves to reduce the potential for human error. It also simplifies complicated
interdependencies between systems and components, which typically consume a lot of time and
resources. And are much harder to innovate and locate bottlenecks or errors within. This serves to
deliver solutions faster, and of course, faster to market in business leads to success. It also saves
time, and that time that's saved can be allocated to other important tasks.

Ansible IT Automation Accelerates Business

Ansible IT automation also accelerates business. So looking at it from the team perspective, it
saves time and enhances productivity. Because it simplifies and eliminates repetition, it reduces
the propensity for mistakes and errors. And improves the ability for the team members to
collaborate. For the enterprise, it reduces overall complexity, frees time for important activities
like innovation, and improves compliance and accountability.

Ansible IT Automation is for Everyone

Ansible IT automation is considered to be for everyone, that is, everyone in the enterprise.
Because it's simple, easy to read, easy to learn, it frees time for both dev and ops in terms of
DevOps. And it's somewhat self-documenting because it's so easy to read and is considered living
documentation.

It's also readable across the enterprise, again, simple. And one of the rationales for developing
Ansible was the fact that those configuration management tools of the time were based on Ruby.
And you had to be a Ruby programmer really to understand and read. So it certainly wasn't for
everyone across the enterprise.
Ansible IT Automation Benefits

Now let's look at some Ansible IT automation benefits. First, simplicity. Easily human readable, and
because tasks are executed in order, this enhances simplicity. There's no special coding knowledge
required and it enhances productivity. Because it uses an agentless architecture and uses
OpenSSH, it can communicate with Linux devices, with networking devices, and so on. It uses Win
Remote Management or WinRM, for Windows management, and it's also secure. There's no agent
to exploit, and it's predictable and reliable.

In fact, there's no agent to update. So, you know that the system is simple and ready to
communicate with those managed nodes. It's powerful for configuration management, it can also
deploy apps. It can orchestrate diverse workflows, as well as the entire application lifecycle. And
it's provided with community support, it's in fact the most popular open source automation tool
on GitHub. There's over 3,500 contributors and that number is growing. And currently sits with
over 250,000, a quarter million downloads per month.

Ansible Advantages

Ansible has a number of advantages. This includes its agentless architecture, security, simplicity,
it's extensible. It's considered a comprehensive tool, whereas other tools in the space may require
a number of different tools to be integrated together. It can perform network automation because
of its simple agentless architecture. And it's also capable of cloud and local infrastructure
integration.

Ansible Advantages (2)

Let's look at these advantages a little bit closer. So its agentless architecture means that no special
software is required on remote machines, the managed nodes.

This means that setup is significantly easier than most of its competitors. It's also very secure.
There is no dedicated or special users or credentials required to run Ansible on the remote nodes.
It, in fact, respects existing credentials. Its simplicity is one of its major strengths. So for example,
playbooks are written in a human readable YAML format. And it can also encapsulate playbook
tasks into a combination of tasks called roles. Ansible is extensible by virtue of the fact that it uses
modules and plugins.

Ansible Advantages (3)

It's considered a unified or comprehensive tool, so task-based function is applicable across a

diverse range of use cases.

And you don't have to orchestrate a combination of different tools together. It's considered a
unified tool. It also lends itself well to network automation because of its simple agentless
architecture and its task-based functionality. So it also supports major network vendors like Cisco,
HP, Juniper, Cumulus as well as others. And Ansible is also capable of integrating both on-prem
and remote cloud technology and infrastructure with local infrastructure.

Ansible Prerequisites
One of Ansible's strengths is that it's so simple to use. You can get up and running with Ansible
very quickly. And with very few requirements for installation on either a control machine or
managed nodes or target machines. Let's consider the prerequisites for both. First control
machine requirements. For the operating system for the control machine, virtually every major
Linux distribution is supported as well as Mac OS. Windows, however, is not supported as the
operating system for a control machine.

The current version of Ansible just requires any supported operating system and Python 2, version
2.7, or Python 3, version 3.5 and up. So you'll typically see Ansible on Red Hat, CentOS, Debian and
Ubuntu as well as Mac OS and BSD variants. One note about Mac OS, by default Mac OS is
configured for a limited number of file handles. And if you work with a large number of file
handles like when you're using Ansible for a control machine, you may see too many open file
errors. And if that's the case, you can easily increase the limit with one launch control command

Command Line Tools

• ansible (It is an extra-simple tool/framework/API for doing ‘remote things’. this command
allows you to define and run a single task ‘playbook’ against a set of hosts)

• ansible-playbook (It’s the tool to run Ansible playbooks, which are a configuration and
multinode deployment system. See the project home page (https://docs.ansible.com) for
more information)

• ansible-vault (can encrypt any structured data file used by Ansible. This can
include group_vars/ or host_vars/ inventory variables, variables loaded
by include_vars or vars_files, or variable files passed on the ansible-playbook command
line with -e @file.yml or -e @file.json. Role variables and defaults are also included!)

• ansible-galaxy (It’s command to manage Ansible roles in shared repostories, the default of
which is Ansible Galaxy https://galaxy.ansible.com.)

• ansible-console (a REPL -Read-Eval-Print-Loop- that allows for running ad-hoc tasks against
a chosen inventory (based on dominis’ ansible-shell).)

• ansible-config (Config command line class)

• ansible-doc (displays information on modules installed in Ansible libraries. It displays a

terse listing of plugins and their short descriptions, provides a printout of their
DOCUMENTATION strings, and it can create a short “snippet” which can be pasted into a
playbook.)

• ansible-inventory (It’s used to display or dump the configured inventory as Ansible sees it)

• ansible-pull (It’sis used to up a remote copy of ansible on each managed node, each set to
run via cron and update playbook source via a source repository. This inverts the
default push architecture of ansible into a pull architecture, which has near-limitless
scaling potential.)