yogesh

Ansible Industry Use Cases

Ansible Industry Use Cases

Yogesh Surapaneni's photo
Yogesh Surapaneni
·

6 min read

What Is Ansible?

Ansible is an open-source IT Configuration Management, Deployment & Orchestration tool. It tries to so solve a variety of automation challenges. It is very simple to learn and use and also so powerful to solve challenges faced by complex environments.

Advantages

  • Simple: The first goal of Ansible is to make Simplicity a requirement. Ansible uses a simple syntax of key pair values which is written in YAML format (Similar to JSON). So, no coding is required and any IT guy can understand what's going on when they see a playbook.

  • Agentless: Ansible is completely agentless.

  • Powerful and Flexible: Ansible allows one to even solve the most complex IT workflows.

Applications

  • Provisioning: Ansible helps in streamlining PXE booting, starting bare metal servers/VMs and creating virtual/cloud instances from templates.

  • Application Deployment: Companies are able to easily and effectively manage the entire application life cycle by defining the application and managing the deployment with Ansible.

  • Security and Compliance: We just need to configure the security details once in the control machine and it will be automatically embedded into all other nodes. Most importantly all the credentials that are stored within Ansible are not retrievable in plain-text by any user, and this is achieved using Ansible Vaults.

  • Orchestration: Along with defining the configurations in an environment one also needs to define how these multiple configurations interact and ensure these can be maintained as a single entity. So Ansible provides orchestration to align the business requirements with the applications, data, and infrastructure the infrastructure as a whole. It defines the policies and service levels through automated workflows, provisioning, and change management. This creates an application-aligned infrastructure that can be scaled up or down based on the needs of each application.

NASA Case Study

NASA needed to migrate sixty-five applications from its data center to AWS cloud for better agility and cost savings. And due to the lack of time, many applications were migrated as it is. This resulted in an environment which spanned multiple VPCs and even multiple AWS accounts which were difficult to manage. Even with that amount of manpower, the simplest of things were very difficult to achieve.

To solve this issue they used Ansible Tower to manage and schedule the cloud environment in an organized way.

What NASA did:

By leveraging Ansible they divided the tasks among their teams by assigning various roles. It managed the clean up of old job history, activity streams, data marked for deletion and system tracking information.

Ansible Tower's dashboard provided the status summary of all hosts and jobs which allowed NASA to group all contents and manage access permissions across different departments. It also helped to split up the organization by associating content and control permission for groups as well.

Result:

  • NASA web app servers were patched routinely and automatically through Ansible Tower with a very simple 10-line Ansible playbook.

  • It also re-mediated security issues and was leveraged to re-mediate OpenSSL issues. This not only saved time but allowed to quickly re-mediate a very daunting security issue.

  • Every week both the full and mobile versions of NASA were updated via Ansible and only took about 5 minutes to do.

  • NASA also integrated Ansible facts into their CMDB, CloudAware, for better management visibility of entire AWS inventory. As a result, it became possible to organize the inventory of AWS resources in a very granular way that was not possible before.

  • Ansible was also used to ensure that the environment is compliant with necessary Federal security standards as outlined by FedRAMP and other regulatory requirements.

  • Achieved near real-time RAM and disk monitoring (accomplished without agents)

  • Provisioned OS Accounts across the entire environment in under 10 minutes

  • Baselining standard AMIs (Amazon Machine Images) went from 1 hour of manual configuration to becoming an invisible and seamless background process

  • Application stacks set up time reduced from 1-2 hours to under 10 minutes per stack.

Thank You!

ansible