Introduction to Ansible
Explore how Ansible simplifies automation by using YAML playbooks for configuration management across servers and cloud environments. Understand its agentless approach and how it integrates with Azure for seamless infrastructure and container automation.
We'll cover the following...
Creating infrastructure is fun when you automate it, but it sure can be cumbersome when you have to configure it manually. That is, until now. Welcome to Ansible!
You have already learned how to build infrastructure using Terraform through a concept called Infrastructure as Code. Tools like Terraform use the Infrastructure as Code approach to create virtual machines, virtual networks, some serverless features, and so on. But what about the configuration needed to then apply to those infrastructures? You need a way to automate the configuration of the resource.
Ansible
Ansible is an open-source configuration management tool owned by RedHat. Ansible can configure any resource on a server through its idempotent playbooks and even run ad-hoc scripts. Ansible takes complex or cumbersome manual tasks and orchestrates them by automating the process.
Tasks done wrong are typically repetitive in nature. Why? Because our brains get used to the process, get bored, and start making mistakes. Creating automation solutions using a programmable tool like Ansible takes away the manual repetitive tasks. The manual task becomes code that is stored in source control, so others can review the work that will be done as well.
What makes Ansible different?
Many configuration management tools exist from Chef, Puppet, Salt, CFEngine, and so on. What makes Ansible so different? The answer is simplicity. Tools like Chef and Puppet use actual programming languages to write automation instructions like Ruby. Ansible, on the other hand, doesn’t use a programming language but a much simpler markup language called YAML.
YAML is known for its simplicity and human-readable language style. Even if you’ve never seen YAML before, IT pros and DevOps personnel can pick up quickly on what’s going on in the “code.”
Ansible can reach many targets
People typically think of configuration management in terms of moving files around, installing software, or maybe creating a database. But Ansible can do so much more.
- Container Automation: To deploy and manage containers with Ansible
- Infrastructure Automation: To manage, create, and deploy infrastructure
- Cloud Automation: To automate resource creation and service management in many clouds including Azure
- Application Management: To install, update, and manage applications on a server
- Software-Defined Networking: To define what a network looks like both on-prem and in the cloud with code…
In this chapter, you’re going to learn about the infrastructure/container automation abilities of Ansible, but you should know this tool is capable of so much more.
Ansible authentication and its agentless approach
Ansible works in a different way than many other configuration management systems. Rather than having an agent running on target systems, Ansible connects to systems with no agent. Instead, you install Ansible on any Linux server or workstation, and that server or workstation communicates with all of the nodes.
Ansible connects to Linux nodes via Secure Shell (SSH) with private/public key authentication or Windows Remote Management for Windows. For SSH, the private key is stored on the Ansible control server and the public key is on a node Ansible is managing.
Private key/public key authentication has made several people uncertain of using Ansible because it appeared insecure. The idea of an SSH private/public key managing all of the authentication for servers sometimes makes people steer clear of Ansible. However, in my opinion, SSH private/public keys are the authentication methods that pretty much everyone uses to log into a Linux server.
To manage Azure resources, Ansible will use the Azure CLI’s profile to authenticate.