Industry Use Case on Automation Using Ansible-Demo
Our speakers:
▪️Also heading the designing and delivering high-quality content on integrated solutions and trusted partners across APAC, ANZ, and APJ.
▪️Connected with RedHat for around 12+ years.
▪️He was a Speaker in DevConf.in 2018 where he had discussed Linux Container Internals.
▪️ Specialist :- Linux and Security
▪️The First RHC*(RHCA, RHCSS, RHCDS, RHCVA) in India.
▪️Founding member of the Free Software Foundation India.
▪️Being in open source software for more than 24 years.
Use Cases Presented:
ANSIBLE TOWER X AWS:
Creating VPC, Subnet, and the complete architecture with Ansible and provisioning an EC2 instance on top of that using Ansible Playbook.
We use the playbook as a template in Ansible Tower and provide credential authentication to AWS, once the parameters are satisfied we can launch the template.
On successful launch we would have the complete VPC-Subnet Architecture on AWS with our EC2 instance provisioned.
Ansible Tower Workflow:
Workflows allow you to configure a sequence of disparate job templates (or workflow templates) that may or may not share inventory, playbooks, or permissions. However, workflows have ‘admin’ and ‘execute’ permissions, similar to job templates. A workflow accomplishes the task of tracking the full set of jobs that were part of the release process as a single unit.
Job or workflow templates are linked together using a graph-like structure called nodes. These nodes can be jobs, project syncs, or inventory syncs. A template can be part of different workflows or used multiple times in the same workflow. A copy of the graph structure is saved to a workflow job when you launch the workflow.
Ansible Tower X Slack:
Creating Slack notification in Ansible Tower using Slack Tokens and integrating them with Ansible Tower Workflows.
Ansible Tower X Oracle Cloud X Python Venv:
Creating a python virtual environment and activating the environment.
Installing Oracle Cloud Infrastructure (oci module) using pip.
Provisioning a CentOs7 Instance on top of Custom Architecture on OCI created with the help of Ansible Playbook.
Automation is the creation and application of technologies to produce and deliver goods and services with minimal human intervention. The implementation of automation technologies, techniques and processes improve the efficiency, reliability, and/or speed of many tasks that were previously performed.
What is Ansible?
Ansible is a configuration management tool but we can do provisioning also.
Ansible is a software tool that provides simple but powerful automation for cross-platform computer support. It is primarily intended for IT professionals, who use it for application deployment, updates on workstations and servers, cloud provisioning, configuration management, and nearly anything a systems administrator does on a weekly or daily basis. Ansible doesn’t depend on agent software and has no additional security infrastructure, so it’s easy to deploy. Ansible is completely agentless. There are no agents/software or additional firewall ports that you need to install on the client systems or hosts which you want to automate. You do not have to separately set up a management infrastructure which includes managing your entire systems, network and storage.
Automation with Ansible helps us to adopt a language for automation that is easier to write, adapt, and troubleshoot than the original development code.
How Ansible works
Ansible uses its own declarative language, based on YAML (Yet Another Markup Language), to describe system configurations. The main functionality that differs Ansible from other configuration management software is it’s agent-less architecture.
a. Controller node — system where you write the Ansible code and run it.
b. Managed node — System to where we would be performing the tasks using Ansible.
c. Inventory — Inventory is the database having information of Managed Nodes/hosts.
d. Idempotence-
For Ansible it means after 1 run of a playbook to set things to a desired state, further runs of the same playbook should result in 0 changes. In simplest terms, idempotency means you can be sure of a consistent state in your environment. Ansible works on “idempotence”.
e. Ansible uses “SSH” protocol for maintaining connection between controller node and managed node only by default.
f. Ansible’s intelligence comes from its module. There are many module available for Ansible for different different use case.
g. For automation through Ansible-
a. Command
Write the ansible commands one by one. These command are known as Ad hoc commands.
b. Script
Write all the command in a program file /script. This file is known as Playbook.
Important Terms
Ansible server: The machine where Ansible is installed and from which all tasks and playbooks will be ran
Module: Basically, a module is a command or set of similar commands meant to be executed on the client-side
Task: A task is a section that consists of a single procedure to be completed
Role: A way of organizing tasks and related files to be later called in a playbook
Fact: Information fetched from the client system from the global variables with the gather-facts operation
Inventory: File containing data about the ansible client servers. Defined in later examples as hosts file
Play: Execution of a playbook
Handler: Task which is called only if a notifier is present
Notifier: Section attributed to a task which calls a handler if the output is changed
Tag: Name set to a task which can be used later on to issue just that specific task or group of tasks.
What is Ansible Tower?
Ansible Tower is Ansible at a more enterprise level. It is a web-based solution for managing your organization with a very easy user interface that provides a dashboard with all of the state summaries of all the hosts, allows quick deployments, and monitors all configurations.
The tower allows you to share the SSH credentials without exposing them, logs all the jobs, manage inventories graphically and syncs them with a wide variety of cloud providers.
One of the major gripes from Ansible users is that it didn’t have a proper GUI. And that’s putting it mildly — the GUI was so bad that in the early days it wasn’t even properly synced to the CLI, meaning that the CLI and GUI could give you 2 different query results about the state of a certain node. This was an especially critical issue because good UI is important for occasional and new users to get comfortable and familiar with an application, before diving into the complexities of the CLI and playbook creation. Ansible itself was (and still is) rather new, so most of its users were by definition new users.
Ansible Tower, previously called the AWX project, is the fix to this problem. It is a comprehensive web-based UI for Ansible, containing the most important Ansible features, especially those that render better as graphical rather than text-based output, such as real-time node monitoring.
Ansible Tower is the easy-to-use UI and dashboard and REST API for Ansible. Centralize your Ansible infrastructure from a modern UI, featuring role-based access control, job scheduling, and graphical inventory management. Tower’s REST API and CLI make it easy to embed Tower into existing tools and processes. Tower now includes real-time output of playbook runs, an all-new dashboard and expanded out-of-the-box cloud support.
Template
Template is a terminology in Ansible to discover the playbook. The credentials of the AWS account can be added in the Template section in the credentials option. In Normal Ansible, we need to add the Access key and the secret key in the Playbook itself, but in Ansible tower we can create one.
Note: We can add some level of verbosity also, to get some extra insights of the process that is working behind the scene.
After adding the playbook, we just need to click the launch button to start the processing of our Ansible playbook.
Orchestration
Orchestration is a step-by-step automation in which if one automation fails then alternate steps can be used to save that failed Automation.
Beside this, we have worked on Continuous integration/Continuous Delivery inside the Ansible tower only.
Ansible Collections
Collections are a distributed format for Ansible content that can include playbooks, roles, modules and plugin.
Some of the important features of Ansible Tower are listed below.
1. Ansible Tower Dashboard: It displays everything which is going on in your Ansible environment, such as the inventory status, the recent job activity, the hosts, and so on.
2. Multi-Playbook Workflows: It allows to chain any numbers of playbooks, any way of the usage of different inventories, runs different users, or utilizes various credentials.
3. Real-Time Job Updates: Ansible can automate the complete infrastructure. Also, you can see real-time job updates such as plays and tasks broken down by each machine either been successful or failure. Therefore you can see the status of your automation and know what’s next in the queue.
4. Scale Capacity with Cluster: You can connect multiple Ansible Tower nodes into an Ansible Tower cluster as the clusters add redundancy and capacity, which allows scaling Ansible automation across the enterprise.
5. Self-Service: You can launch playbooks with just a single click through this feature.
6. Remote Command Execution: With this command, you can run simple tasks such as restart any malfunctioning service, add users, reset passwords on any host or group of hosts in the inventory.
7. Manage and Track Inventory: It manages your entire infrastructure by pulling inventory from public cloud providers such as Microsoft Azure, amazon web services, etc.
8. Integrated Notification: This notifies you when a job succeeds or fails across the entire organization at once, or customize on a pre-job basis.
9. Schedule Ansible Jobs: It schedule different kinds of jobs such as playbook runs, cloud inventory updates, and source control updates to run according to the need.
10. REST API and Tower CLI Tool: Every feature present in Ansible Tower is available through the Ansible Tower’s REST API, which provides the ideal API for the systems management infrastructure. The Ansible Tower’s CLI tool is available for launching jobs from CI systems such as Jenkins, or when you need to integrate with other command-line tools.
In short, Ansible Tower is a remarkably useful add-on to Ansible, able to do much of what can be done on the CLI. It will complement, not replace, the main application by automating and presenting some of the main tasks graphically — especially the monitoring-dashboard types of tasks. As a major bonus, it also greatly helps to reduce the intimidation factor for those new to Ansible by presenting a much easier to understand visual tool. But for playbook creation, Ansible’s CLI is still your best option.
