Ansible: Infrastructure as code

“Infrastructure as code” has become an important key term in the world of system administration for the development and provision of IT systems – also in a data science context, test and production systems can be set up quickly and easily. The term “as code” refers to the fact that systems are no longer set up and configured manually but are developed using a scripting language. In our article we will show you how configuration processes can be automated by using Ansible.

Why configuring an infrastructure with Ansible?

Ansible is, along with Puppet, one of the best-known tools for infrastructure automation. It is developed by RedHat as an open source management solution and, in contrast to comparable programs, does not need agents on the target systems. Only SSH and Python are required. The scripts are written in the markup language YAML.

What sets Ansible apart from other tools is the concept of idempotence. Actions are only performed when necessary, which means that even if a process is repeated several times – e.g. during recovery after a failure – the system is always set to the same state and the repeated processes do not have any side effects.

By using Ansible, configuration procedures can be automated on several systems using scripts, eliminating the need for manual intervention. This saves time and is less prone to errors. The scripts are started remotely and then start a sequence of processes, for example to install software, on one or more target systems. In this case, it is not necessary to install the tools on the remote machines.

The processes are combined in a Playbook, which is divided into roles where the individual processes are organized as tasks. Scripts are written like in movies – they are occupied with different roles and execute the actions on the selected servers. These scripts can be used repeatedly for different environments and customized if necessary. The inventory can be used to define which scripts are to be executed on which systems. The target systems are defined granularly or as a group, which are then addressed together as a database and web server.

Common processes that can be automated are, for example, system configuration, software installation, the creation of backups or even the complete setup of an entire system. If the Playbooks are additionally managed with version control software such as Git, any scenarios can be reproduced through the individual configurability of roles and tasks.

Other tools besides Ansible

Chef

Unlike Ansible, the tool from the same producer, needs a client software on the target systems. The scripting language used by the program is Ruby, a programming language that is well known in the field of web development.   

Chef logo.svg

Puppet

Developed by Puppet Labs, this program also requires agent software on the environment to be configured by Puppet. The company developed its own language based on Ruby for programming the scripts.

Bildergebnis für puppet programm

Extensions for Ansible

For all three presented tools there are additional web interfaces to control the processes. These are completely optional and only serve to simplify operation in contrast to working in the console.

In the case of Ansible, these are Ansible AWX (open source) and the commercial Ansible Tower, which offers more features and support for businesses. With Ansible Galaxy you get access to thousands of scripts provided by the community for all imaginable tasks, which can be used with little adaptation directly for your own needs.

Example with Ansible 

The following Playbook demonstrates the installation of the Python interpreter version 3.7 on all hosts that are listed in the “server” list:

– namePython  

  hostsServer  

  vars 

    PYTHON_VERSION“3.7” # alternatively “3” for the most recent version  

  tasks 

  – nameInstall Python package 

    package 

      name: python{{ PYTHON_VERSION }}”  

      stateinstalled  

The ansible-playbook command can now be used to start the YAML script: 

user@host:~$ ansible-playbook skript.yml 

We have a high transparency when running the Playbook and see live which tasks are executed where and finally a PLAY RECAP, a summary of the executed tasks. If the task does not modify anything, we get ok=1 and changed=0, in our case we made two changes and get ok=1 and changed=1 for every server where Python 3.7 was installed:

user@host:~$ ansible-playbook skript.yml  

PLAY [Python] ******************************************************************  

TASK [Install Python package] ************************************************  

changed: [172.16.2.101]  

changed: [172.16.2.102]  

PLAY RECAP *********************************************************************  

172.16.2.101 : ok=1 changed=1 unreachable=0 failed=0  

172.16.2.102 : ok=1 changed=1 unreachable=0 failed=0  

Conclusion

We recommend Ansible, since it provides excellent automated infrastructure configuration capabilities and, at the same time, has minimal requirements compared to the competition, so that the user does not have to write anything but the Playbook scripts in advance and no further manual work is required. With RedHat, a large and innovative company stands behind the tool and, together with a strong community, guarantees the sustainability of the project.

Would you also like to configure an automated IT infrastructure in your company? The system engineers of eoda | analytic infrastructure consulting will be happy to support you in the implementation! Talk to us.