Ansible Case Study: Cisco

What is Ansible?

Ansible is an open source IT Configuration Management, Deployment & Orchestration tool. It aims to provide large productivity gains to a wide variety of automation challenges. This tool is very simple to use yet powerful enough to automate complex multi-tier IT application environments.It will also dramatically improve the scalability, consistency, and reliability of your IT environment.

How does Ansible works?

Ansible is a small application written in Python, that can connect to one or thousands target hosts without the need to have any agent installed on the target hosts and without the need of a central server. Therefore it greatly simplifies its usage and minimizes the global footprint in your VMs.

The target hosts are managed by Ansible with the help of various communication protocols such as SSH for Unix-like systems and WinRM2 for Windows system

Ansible Terms:

• Controller Machine: The machine where Ansible is installed, responsible for running the provisioning on the servers you are managing.
• Inventory: An initialization file that contains information about the servers you are managing.
• Playbook: The entry point for Ansible provisioning, where the automation is defined through tasks using YAML format.
• Task: A block that defines a single procedure to be executed, e.g. Install a package.
• Module: A module typically abstracts a system task, like dealing with packages or creating and changing files. Ansible has a multitude of built-in modules, but you can also create custom ones.
• Role: A pre-defined way for organizing playbooks and other files in order to facilitate sharing and reusing portions of a provisioning.
• Play: A provisioning executed from start to finish is called a play. In simple words, execution of a playbook is called a play.
• Facts: Global variables containing information about the system, like network interfaces or operating system.
• Handlers: Used to trigger service status changes, like restarting or stopping a service.

Ansible’s Features and Capabilities:

1. Configuration Management

Ansible is designed to be very simple, reliable, and consistent for configuration management. If you’re already in IT, you can get up and running with it very quickly. Ansible configurations are simple data descriptions of infrastructure and are both readable by humans and parsable by machines. All you need to start managing systems is a password or an SSH (Secure Socket Shell, a network protocol) key. An example of how easy Ansible makes configuration management: If you want to install an updated version of a specific type of software on all the machines in your enterprise, all you have to do is write out all the IP addresses of the nodes (also called remote hosts) and write an Ansible playbook to install it on all the nodes, then run the playbook from your control machine.

2. Application Deployment

Ansible lets you quickly and easily deploy multitier apps. You won’t need to write custom code to automate your systems; you list the tasks required to be done by writing a playbook, and Ansible will figure out how to get your systems to the state you want them to be in. In other words, you won’t have to configure the applications on every machine manually. When you run a playbook from your control machine, Ansible uses SSH to communicate with the remote hosts and run all the commands (tasks).

3. Orchestration

As the name suggests, orchestration involves bringing different elements into a beautifully run whole operation—similar to the way a musical conductor brings the notes produced by all the different instruments into a cohesive artistic work. For example, with application deployment, you need to manage not just the front-end and backend services but the databases, networks, storage, and so on. You also need to make sure that all the tasks are handled in the proper order. Ansible uses automated workflows, provisioning, and more to make orchestrating tasks easy. And once you’ve defined your infrastructure using the Ansible playbooks, you can use that same orchestration wherever you need to, thanks to the portability of Ansible playbooks.

4. Security and Compliance

As with application deployment, sitewide security policies (such as firewall rules or locking down users) can be implemented along with other automated processes. If you configure the security details on the control machine and run the associated playbook, all the remote hosts will automatically be updated with those details. That means you won’t need to monitor each machine for security compliance continually manually. And for extra security, an admin’s user ID and password aren’t retrievable in plain text on Ansible.

5. Cloud Provisioning

The first step in automating your applications’ life cycle is automating the provisioning of your infrastructure. With Ansible, you can provision cloud platforms, virtualized hosts, network devices, and bare-metal servers.

How Cisco Uses Ansible to Modernize Workloads:

CISCO ENABLES DEVOPS

As customers embrace the DevOps model to accelerate application deployment and achieve higher efficiency in operating their data centers, the infrastructure needs to change and respond faster than ever to business needs. These changes can help you achieve an agile operational model by improving on automation, innovation, and consistency.

The Cisco Nexus platform allows you to easily:

• Integrate your applications into your customer's existing DevOps tools chain
• Improve flexibility in installing and deploying whatever protocol package or custom applications you need on the switch
• Get open and full access to switch resources and data

Integrated Solution

The feature richness in Cisco Nexus NX-OS combined with the scaling and performance capabilities enable customers to build efficient data centers.

The Ansible integration with Cisco Nexus platforms enables customers to take advantage of programming and automating the infrastructure at scale with speed.

Ansible accelerates Day 0, 1 and 2 operations in the following ways:

• Day 0 – Automates device bring up
• Day 1 – Push network configurations to maintain consistency across the infrastructure
• Day 2 – Optimizes network compliance and operation

Solution Benefits

The combined Ansible and Cisco solution provides:

• Speed IT Transformation
• Leverage Open Ecosystem
• Efficient Operational Model
• Faster Adoption
• Improve Speed and Agility

CONCLUSION:

This very simple lab shows a basic overview of an Ansible project with its directory structure and a playbook to install Nginx. The next steps would be to explore the creation of roles and modules, and dive deeper in the inventory usage with the use of dynamic inventories on cloud resources for example. If we have to remember some keypoint among many it would be :

• Simplicity, human readable playbook in a comprehensive format (YAML), low learning curve
• Agentless, no need to install any agent on the target hosts with the burden of updating them
• No Central Server, simplify infrastructure and remove single point of failure
• Infrastructure as Code and Configuration as Code with versionning in Source Control
• Reproducible environments