Configuration management is often referred as version control in software development parlance but the scope of configuration management is much broader and version control is just one part of it.
Traditionally, configuration management involved recording the status and changes to configuration items in Configuration Management Databases and ticketing systems. Latest configuration management tools automatically produces desired state configuration in addition to recording the configuration data. This capability is referred as "infrastructure as code".
Configuration management software such as Chef, Puppet and Ansible are popular in the market. While Ansible is based on agentless architecture and pushes the configuration changes to the nodes, Chef and puppet are agent based architecture and pulls the configuration updates from the server.
Infrastructure as code
Traditional approach: Binaries which are produced by the development team needs to be deployed on the environment for testing and quality check. Once certified, it gets moved to the production environment. Different stakeholders are involved to prepare the test bed environments, provisioning the Operating systems, installing and configuring the data base, application servers and its dependent components.
Automated Approach: Configuration management tools help in automating these deployments. Advancement in these tools help the team to automate almost all the deployment jobs which are done manually so far. Starting from installing the OS, Data base, application servers, network components, configuring / tuning them to deploy the application and running sanity test to check and ensure the software got deployed properly.
Infrastructure as code: Teams start developing the code for infrastructure provisioning and management during product/application development itself and thus automate the deployments at the time of delivery.
Ansible Architecture
Ansible is radically simple IT automation engine that automates cloud/OS provisioning, configuration management, application deployment, intra-service orchestration, and many other IT needs.
Ansible is an open source software developed using Python language. Ansible modules are grouped based on the operations they perform: Cloud modules, Command modules, Database modules, network modules etc.
- Ansible management node has the modules to perform different operations on the target node
- No agent or software package required in the target system
- SSH connectivity to the target machines is used to perform the operations and collect the results back
- Target machines need access to OS / application packages for installation
- Uses a very simple language (YAML in Playbooks) that is almost like plain English.
Inventory
Inventory provides list of hosts on which Ansible will execute the tasks. It can also be used to group the hosts and configure variables for hosts and groups as below.
Inventory can be configured as a flat file (/etc/ansible/hosts) or configured from dynamic sources such as Vmware vCenter or cloud providers.
Ansible Ad-Hoc Commands
Ansible Ad-Hoc commands are used to quickly check the operation and not required to be saved for later use. For instance, if a sudden reboot is required on hundreds of servers or if there is a need to check the availability of the servers on the network, Ansible ad hoc commands can be used.
Ansible concepts and operations can be learnt using ad-hoc commands and moved to Ansible-playbook later.
Ansible Playbook
Playbook is Ansible’s configuration language used to perform set of IT steps or to enforce the policy on the remote nodes. Ansible modules are used in the playbook to perform the operation.
Playbook uses simple YAML language, human-readable and developed in a basic English like text language. Playbooks are more likely to be kept in version control system and used to push out your configuration or assure the configurations of your remote systems are as in spec.
Playbooks are used from simple configuration and management of remote nodes to advanced multi-tier rollout involving rolling updates, monitoring the servers, load balancing etc.
Ansible task can be simply represented as a call to the Ansible module and Ansible Play contains group of hosts and set of tasks. Playbook can contain one or more plays.
Ansible Tower
Ansible tower is the easy-to-use comprehensive web based UI for Ansible. It contains most important Ansible features. Centralises infrastructure with role based access control, Job scheduling, graphical inventory management. Tower’s REST API and CLI make it is easy to embed into existing tools.
Ansible tower comes in three editions, Basic, Enterprise and Premium. 10 nodes basic tower license is free. For Enterprise environments that want to evaluate more than 10 nodes, Trial license for enterprise edition can be obtained.
Pros | Cons | |
---|---|---|
Ansible |
|
|
Author
Sathiyaraj Periyannan is a Solution Architect working in DevOps Centre of Excellence in Technology Office (in the Engineering and R & D Services division of HCL Technologies Ltd) . He is also a Certified Scrum Master practicing Agile for more than five years. His previous roles include Engineering Manager and Scrum Master.