Red Hat Ansible – Break Down Traditional IT Silos with Automation - PT1
YAML and Playbooks
The keystone of Ansible is YAML. So, what is YAML (aka YAML Ain’t Markup Language)? It is a human-readable data serialization language, and is commonly used for configuration files, but could be used in many applications where data is being stored (i.e. debugging output) or where data is transmitted. YAML is human readable to help with troubleshooting. YAML is used in Ansible to create Playbooks, which you could think of as to-do lists for hosts or network gear. In YAML, syntax is vital; So, even a misplaced space can have meaning. Since YAML is not the focus here today, to learn more about YAML, you can go to https://yaml.org. Playbooks alleviate enterprise complexity. Think of them like this… since, your original design was rolled out and has evolved, the design has a bevy of new components, which did not exist when the original design took place, resulting in more complexity than intended. This is normal IT life cycle growth.
Rapidly Deploy IT Automation
As your legacy IT environment morphs into a modern architecture, knowing full well this includes your data centers, you might find your requirement for multi-tier deployments growing or exploding. How are you planning to handle these complex rollouts? IT Automation is crucial to tackle complexities in single and multi-tier deployments, regardless if the deployments are on-premise or in the Cloud. Automation is also vital to ensure they go efficiently and are repeatable. To ease complexity and decrease human errors, you can leverage IT automation by using Red Hat Ansible. Human errors have accounted for up to 80% of all IT errors. To decrease the frequency of such errors, IT automation by Ansible should be leveraged to free you up from the mundane and difficult repeatable tasks, and to shift your focus onto architecting for new IT demands… not just keeping the lights on.
So, what types of IT can Ansible automate? I am glad you asked. Your enterprise can exploit automation to provision network gear from some of the following providers: Juniper, F5, Arista, Cisco (NX-OS, IOS-XR and IOS), Infoblox, VMware NSX, HPE Networking, HPE OneView, Aruba. This is not intended to be a comprehensive list. I’m sure you get the point. You can reduce the amount of errors when provisioning a greenfield site or replacing data center core gear. Or perhaps, your Dev/Ops team is garnering all the fanfare and budget allocation within your Enterprise. You can utilize Ansible to deploy Kubernetes or Docker clusters to help Dev/Ops efforts, as well as tracking all those coding changes going back and forth. Think about how you could improve release schedules using a tool like this.
Plausibly, the storage team could be struggling to keep up with all the new provisioning requests from your freshly-deployed Orchestration software package, and you want to know if it can provision storage? A resounding YES! In fact, each vendor is in a race to see who can push the most Ansible APIs; check the storage URL located below for your specific vendor, and then see how they already integrate with Ansible. So, if it provisions Storage, what about SAN (Storage Area Network)? Indeed, it does support both Brocade and Cisco, again reducing configuration tasks and errors.
One aspect of the modern data center that we see enterprises struggle with is how to modernize their backup and recovery environment. Are you wondering if your backup tool supports Ansible? If not, let’s talk about moving your enterprise backup to Cohesity or Actifio, both of which support Ansible. Perhaps you are more concerned about enterprise configuration management, as you know it requires a consistent, repeatable secure manner, and how IT automation can help your enterprise? Well, Ansible is the simplest by design… even IT managers can get this to work. It is goal oriented, not scripted; it comes with over 1,300 modules to help get you started day one, not day seven or even day 14. Does the agent-based automation tool you are evaluating react to unauthorized config changes? Ansible can react and put the approved config back, even for multi-tier changes. Yet, another use-case for Ansible would be to utilize it to speed your digital transformation journey.
How Ansible Works
How exactly does Ansible work? Ansible is agentless… thus no host impact, nor does it require Root access to run; further, it provides a smaller attack vector, for less risk and more acclaim for you, from your InfoSec team. Ansible has minimal server requirements (Control servers), and doesn’t require daemons, nor databases. Ansible communicates to network, hosts and end nodes via SSH or WinRM communications. All you need is SSH and passwords, and you are off and running gathering information. Essentially, there are 3-ways to run Ansible interactions. They are Ad-hoc or the passing of raw commands or modules; there are the Playbooks, which we briefly covered; and the most scalable option is via the Automation framework known as Ansible Tower.
Let’s dive deeper into Ansible Technical information.
From an operating system standpoint, it supports the following:
Red Hat or similar distro utilize yum install ansible
AWS install utilize sudo amazon-linux-extras install ansible2 (~9M download w/ 44M space)
Debian or Ubuntu utilize apt-get install ansible
Non-yum based distro utilize pip install ansible
You can install Ansible in under 30 minutes, and then begin to automate your mundane and difficult tasks by leveraging the 1,300+ modules. I recommend you join the Ansible Galaxy community for additional projects that others have already built and shared. Then, you can also share what you have built within the community, as a manner of giving back.
I will go deeper in my next post. Exciting times in IT.