IT organizations are responsible for an ever-increasing number of applications, infrastructure providers, operating system versions, network devices, platforms, monitoring, ticket systems, and more. The challenges that go along with managing it can range anywhere from time-consuming to downright Sisyphean. The rising adoption of cloud services adds a financial component, a new challenge for many organizations starting their cloud journey. It’s more important than ever for organizations to know as much as possible about their infrastructure, how it’s configured, and how it’s all integrated.
There are many enterprise organizations that have long-standing legacy technology which can’t be containerized or launched in the cloud. The idea that servers should be cattle and not pets is a fantastic goal, but sometimes that livestock gets a name and special treatment turning it into a big pet. There’s a constellation of IoT devices out there that might fall under one regulatory agency’s OT security guidelines or another. IT Engineers need to be able to keep their systems and applications flowing with changing business needs, security updates, and regulatory controls. If you’re looking for a solution to all these problems that’s where Ansible comes in.
At its heart, Ansible is a configuration management and automation tool written in Python. That doesn’t mean Ansible developers need to know anything about the Python language to use it (although it is extensible with plugins and custom modules); instead, automation definitions are written in YAML. Sorry, there’s no escaping YAML in today’s IT landscape. Like it or not, it’s the language of configuration for now at least.
Teams using Ansible can define and execute desired states for devices, automate the installation of tools to support an application, and even deploy and configure the application itself using the same tool. Need to update a ServiceNow ticket after modifying a config file on a prod instance? Or add a Jira task if something that wasn’t accounted for pops up? Ansible has modules for that.
Think of a traditional IT application deployment on new infrastructure – let’s say a web server running a simple Flask app in the DMZ VLAN feeding off a PostgreSQL database on the internal VLAN. The Dev team has tested their code and hands it off to the operations team to deploy it on the prod servers with some step-by-step instructions as to what goes where, what required services need to be in place, required versions, and so on. Operations needs to prepare those servers in accordance with their own guidelines, install the Dev team’s prerequisites, then deploy the application. Meanwhile, network engineers need to ensure that the servers have valid IP addresses and that the firewalls on both sides of the DMZ are allowing the correct traffic though so that users can get to the app, and the web server can talk to the database.
What if instead of step-by-step instructions, it was a simple Ansible role that could be called from a playbook along with the network team’s IP and firewall roles and operations server-compliance configuration? Now everything needed to build that application is defined in code, packaged together, and tracked in source control. Ansible enables teams to do just that. When done carefully, Ansible playbooks and roles can be self-documenting. Ansible has a shallow learning curve, fantastic documentation, and a no-cost barrier to entry if using ansible-core to get started.
Ansible core can take a small team a long way. Larger teams and teams who might be outgrowing the command-line-only Ansible tools will want to look at Red Hat’s Ansible Automation Platform. Ansible Automation Platform (AAP for short) is a full suite of tools that expands on the capabilities of Ansible core. Some of the highlights of what AAP provides are:
- Role-based access control (RBAC) with multiple authentication sources (Active Directory, OAuth2, SAML, and more)
- SCM project integration supporting Git and Subversion
- Secure secrets management
- Job scheduling
- Job templates to execute playbooks
- Workflow Jobs can combine job templates from multiple projects and teams with pass/fail paths for workflow actions.
- Useful web UI for the Automation Controller and Private Automation Hub.
- Prebuilt inventory plugins for many third party CMDBs
- Full-featured REST API
- Access to the Red Hat supported content catalog full of partner resources by way of collections.
- A Private Automation Hub to host the execution environments, Red Hat Certified Automation Content as well as community and even custom collections to support an organization’s automation requirements.
Perficient + Red Hat
Red Hat provides open-source technologies that enable strategic cloud-native development, DevOps, and enterprise integration solutions to make it easier for enterprises to work across platforms and environments. As a Red Hat Premier Partner and a Red Hat Apex Partner, we help drive strategic initiatives around cloud-native development, DevOps, and enterprise integration to ensure successful application modernization and cloud implementations and migrations.