Ansible
What is Ansible?
Ansible is an open-source IT Configuration Management, Deployment and Orchestration tool. It aims to improve the scalability, consistency, and reliability of your IT environment. It is simple to use yet powerful enough to automate complex multi-tier IT application environments.
Ansible can also automate the configuration of a wide range of systems and devices such as databases, storage devices, networks, firewalls, and many others. It makes sure that all the necessary packages and all other software are consistent on the server to run the application. The best part is that you don’t even need to know the commands used to accomplish a particular task. You just need to specify what state you want the system to be in and Ansible will take care of it.
It allows you to create groups of machines, describe how these machines should be configured or what actions should be taken on them. Ansible issues all commands from a central location to perform these tasks. It uses the playbook to describe automation jobs, and which uses a very simple language YAML.
Flow of working with Ansible:
1). Create playbook and inventory in local machine.
2). Create SSH to the target nodes.
3). Ansible Server gathers the facts of the target nodes to get the indication of the target nodes.
4). Playbook are sent to nodes.
5). Playbook are executed in the nodes.
Important terms used in Ansible:
- Ansible server: The machine where Ansible is installed and from which all tasks and playbooks will be ran.
- Module: Basically, a module is a command or set of similar commands meant to be executed on the client-side.
- Task: A task is a section that consists of a single procedure to be completed.
- Role: A way of organizing tasks and related files to be later called in a playbook.
- Fact: Information fetched from the client system from the global variables with the gather-facts operation.
- Inventory: File containing data about the ansible client servers.
- Play: Execution of a playbook.
Handler: Task which is called only if a notifier is present.
- Notifier: Section attributed to a task which calls a handler if the output is changed
- Tag: Name set to a task which can be used later on to issue just that specific task or group of tasks.
Common Ansible Features
1). Configuration Management: Ansible is designed to be very simple, reliable, and consistent for configuration management. For example, change the configuration of an application, OS, or device; start and stop services; install or update applications; implement a security policy; or perform a wide variety of other configuration tasks.
2). Application Deployment: Ansible makes DevOps process easier by automating the deployment of internally developed applications to your environment systems. Ansible lets you quickly and easily deploy multi-tier apps. You won’t need to write custom code to automate your systems; you list the tasks required to be done by writing a playbook, and Ansible will figure out how to get your systems to the state you want them to be in. In other words, you won’t have to configure the applications on every machine manually.
3). Orchestration: With application deployment, you need to manage front-end, back-end services, databases, networks, storage, and so on. Also, you need to make sure that all the tasks are handled in the proper order.
Ansible uses automated workflows, provisioning, and more to make orchestrating tasks easy. Once you’ve defined your infrastructure using the Ansible playbooks, you can use that same orchestration wherever you need to.
4). Security and Compliance: As with application deployment, site-wide security policies (e.g. firewall rules) can be implemented along with other automated processes. If you configure the security details on the control machine and run the associated playbook, all the remote hosts will automatically be updated with those details. That means you won’t need to monitor each machine for security compliance continually manually.
5). Cloud Provisioning: With Ansible, you can provision cloud platforms, virtualized hosts, network devices, and bare-metal servers.
Benefits of Ansible
The main benefit of Ansible is simplicity.
1). Simple Setup: A minimal requirement and configuration needed to get it to work.
2). Simple to use: No special coding skills are necessary to use Ansible’s playbooks. Ansible is easier to learn than many of the other IT automation engines.
3). Agentless: Ansible is completely agentless. No need to install any software or any agent on the client systems you want to automate. Ansible only needs to be installed on the control machine which can be your PC.
4). Flexible: You can orchestrate the entire application environment no matter where it’s deployed. You can also customize it based on your needs.
5). Efficient: Because you don’t need to install any extra software, there’s more room for application resources on your server.
6). Powerful: Ansible lets you model even highly complex IT workflows.
7). Fast: Built on top of python, which is fast and one of the robust programming languages in today’s world.
8). SSH: Very simple password-less network authentication protocol which is secure. So, your responsibility is to copy this key to the client.
9). Free: Ansible is an open-source tool.
The popular alternatives to Ansible includes:
- Puppet
- Chef
- SaltStack
- Terraform
If you have anything to add or a resource to share please leave it in the comments below.
Connect With me on twitter: https://twitter.com/HarunMbaabu
Top comments (10)
No extra software needs to be installed for most Linux distributions. Some cutdown Linux distributions (eg Tiny Core Linux), Windows, macOS, and *BSDs need Python3 installed and root/admin SSH login allowed in the configuration using a password or keys which is the more secure option.
It has taken me a while to work out how to quieten Ansible when it can’t find Python in Linux standard locations on FreeBSD where non-core binaries are found in /usr/local/bin
The FreeBSD section in Ansible docs is helpful but needs improvement.
Thank you for adding this Geoff, these are important points that i left out.
Ansible is so much more than just a configuration management system to manage devices over ssh. It can be used to manage networking equipment, kubernetes clusters, freebsd jails, vmware, and essentially anything that can be contacted over an api (or any network protocol). See the main module list: docs.ansible.com/ansible/latest/co.... There are many community driven module groups as well.
🚀🚀🚀 Thank you for the +
I like ansible, but there's one thing I never understood, it's how to upgrade an installed dependency. Lets say i installed python 3.8, and now i would like to install 3.9... there is no way directly to install 3.9 and cleaning 3.8 installation ?
Hello Stunaz, have you read this 👉🏻 docs.ansible.com/ansible/2.5/modul...
Super appreciate your article. I have Ansible on my list of things to learn. Thank you for your time on this.
Welcome Bree, i will be writing more about it in the near future.
nice job Mwenda
Thank You Logan Land