aniediogo's blog

Infrastructure as Code: Configuration Management with Ansible

Angela Chidiogo's photo
Angela Chidiogo
·

5 min read

Table of contents

Ansible is an open-source configuration Management tool written in Python. It is very easy to install using package managers or python package manager - pip, configure and very powerful for automation.

Ansible as a tool is used by DevOps engineers to automate IT tasks, manage the configuration of servers or systems, deployment of complete applications, daily task automation, infrastructure orchestration and more. Such infrastructure can be a server or a cloud infrastructure.

In a complex IT environment where there exist tens to hundreds or even thousands of servers, maintaining these servers will be so much work if done manually.

Imagine updating server A, server B, etc, installing software, deploying applications, collecting and analysing logs, performing backups, server cleanups, etc. These exercises can involve a lot of steps for each activity if done one by one on all the servers, infrastructure or environment.

Ansible makes carrying out these tasks easy and highly efficient through remote execution from one central machine to all the servers or environments instead of doing them manually from one server after another.

Ansible is written in YAML(Yet Another Markup Language) to make configuration, installation, and deployment tasks possible in a single YAML file other than manually or using creating rigorous scripts.

Ansible files are reusable. In a situation where it is needed to replicate an activity across multiple systems, Ansible files can come in handy.

Ansible configurations are reliable because their configurations are all-encompassing removing chances of human errors and configuration oversights.

Ansible supports all Cloud infrastructures, servers, and operating systems and can be used across several IT platforms to automate similar or unique IT tasks.

Ansible is agentless. What this means is that, unlike its alternative tools, you don't need to install Ansible agents across the systems, one installation only on one machine which will serve as the control machine and from there, manage the rest of the servers.

Ansible Components

Ansible architecture is broken down into several components and each of these components is engaging in a particular function that is powerful in its way.

  • Control machine

This is the server where an ansible client is installed. The actual physical or virtual machine where ansible configurations and commands are created for remote execution and automation.

  • Ansible inventory files

This is a file that contains facts(information) usually the IP address, hostnames or DNS information and credentials(username, password or ssh key) of the Ansible client servers. The "host" means the managed servers and its default location is in /etc/ansible/hosts.

With the Ansible inventory file, you can target individual servers, a group of servers and all the servers through a single configuration and command.

  • Ansible Playbooks

Ansible playbooks are where the commands and scripts used to define tasks in Ansible are written. It is a file where users can define an ordered list of tasks to be executed in ansible. The Ansible playbook is written in YAML - Yet Another Markup Language.

Ansible works with modules and each module in Ansible is grouped and lined task by task to be executed with certain arguments, and a description of the tasks using the name.

The play is a group of related tasks defined together. A file that contains one or multiple plays is called a playbook. Simply put, a playbook is a collection of plays.

Every play begins with:

  • Name that describes the configurations typically described with the individual hostname or the group name.

  • Hosts - the host attribute defines the servers predefined in the inventory where the configuration is to be run.

  • Tasks: This is a list of commands or the actual configurations to be deployed on the infrastructure. Every task has its name to describe the actual job the command does and a module

A playbook describes the Configuration and how it is made, the order, the time, the machines and what tasks should be executed. A playbook can have multiple plays.

  • Ansible tower

A User Interface from Red Hat that provides a way to centrally store automation tasks across teams, configure user permissions and manage the inventory of tasks and their health checks.

How Ansible works

Ansible works with modules, modules are programs that do the actual tasks. These modules are created in the control machine, stored and sent from the control machine to the target servers, the modules then perform the actual tasks they were pushed to do and get removed.

Modules are granular - one module is designated to perform a specific task. Ansible has tons of modules for each task.
When there is a need to automate larger tasks, these specific modules are grouped in a sequence to represent a holistic configuration.

Advantages of using Ansible against other configuration management tools

  • Ansible is open source which means that it is accessible, free and available for public use.

  • Ansible is easy to install, set up, and configure.

  • Ansible does not require special technologies to connect the Ansible Engine with the target servers.

  • Ansible is agentless. It does not require any software to be installed or configured on the remote servers before it can run.

  • Ansible is written in Python and uses a simple configuration pattern YAML which makes it easy to learn and use against other configuration Management tools that are written in like Chef.

  • Ansible is flexible and the code files are reusable.

  • Ansible configuration codes are beginner-friendly with easy syntaxes.

  • Ansible has tons of already-made modules designated to perform several tasks.

Infrastructure as code: Examples, Best practices and Tools - https://spacelift.io/blog/infrastructure-as-code

#IaCansible