There are several Open Source technologies that will help you manage constant task or large environments on a simple and painless way, saving you time, money and , efforts and helping DevOps. We found out that Ansible may be your best friend on those situations.
As a Linux Systems Administrator, I came up with the point where I needed a configuration management tool for doing a constant task on an easy and simple way.
I tested some other Ansible’s competitors, like Chef or Puppet. I selected Ansible for some of these reasons:
So based on the above point I decided Ansible will be the best and less time consuming option, and actually I was in the correct path. Today Ansible helped me solve numerous of tasks that need to be done several times for multiple environments or every certain time.
You are probably wondering; how can I implement Ansible on your infrastructure? Here are some of the cases you will love to have Ansible as your friend:.
Immutable Server Architecture
Do you need to create a same architecture multiple times for different environments with Amazon Web Services (AWS)?
Ansible it’s a great option for creating AWS Load Balancers, RDS and functional EC2 servers, running the latest version of your code with just 1 click. Sounds amazing right?
Another great example is using Ansible to patch security holes on our architecture. Imagine having 100+ servers and all of them have the same security issue. Like Heartbleed SSH issue.
Example #1: Shellshock
The following playbook was run against 100+ servers and patched the bash vulnerability in less than 10 minutes. The below example updates both Debian and Red Hat Linux variants. It will first run on half of all the hosts that are defined in an inventory file.
hosts: all gather_facts: yes remote_user: craun serial: "50%" sudo: yes tasks: - name: Update Shellshock (Debian apt: name=bash state=latest update_cache=yes when: ansible_os_family == "Debian" - name: Update Shellshock (RedHat) yum: name=bash state=latest update_cache=yes when: ansible_os_family == "RedHat"
Example #2: Heartbleed and SSH
The following playbook was run against 100+ servers patching the HeartBleed vulnerability. At the time, I also noticed that the servers needed an updated version of OpenSSH. The below example updates both Debian and RedHat linux variants. It will patch and reboot 25% of the servers at a time until all of the hosts defined in the inventory file are updated.
hosts: all gather_facts: yes remote_user: craun serial: "25%" sudo: yes tasks: - name: Update OpenSSL and OpenSSH (Debian) apt: name={{ item }} state=latest update_cache=yes with_items: - openssl - openssh-client - openssh-server when: ansible_os_family == "Debian" - name: Update OpenSSL and OpenSSH (RedHat) yum: name={{ item }} state=latest update_cache=yes with_items: - openssl - openssh-client - openssh-server when: ansible_os_family == "RedHat" post_tasks: - name: Reboot servers command: reboot
Have predefined ansible roles and playbook for common situations
Are you constantly installing a software or configuring something over and over again? Why not use Ansible to solve your problem?
Playbooks are simple to write and maintain. Most users become productive with Ansible after only a few hours. Ansible uses the same tools you likely already use on a daily basis and playbooks are written in a natural language so they are very easy to evolve and edit.
You can create predefined roles, for example, Nginx installation and configuration according your need and it’s just matter of executing the role and that’s it! Simple, right?
Let’s imagine you need to update PHP version in a environment. If in the environment there are just 2 servers using PHP, it’s really simple.. but imagine the environment has 100 servers. This can take a long time and will be a headache.
Ansible is the simplest solution for configuration management available. It’s designed to be minimal in nature, consistent, secure, and highly reliable, with an extremely low learning curve for administrators, developers, and IT managers.
The configurations are simple data descriptions of your infrastructure; ensuring everyone on your team will be able to understand the meaning of each configuration task.
With Ansible you could create a role that updates the PHP version and then just execute the role in all the server. Here at ClickIT, we are experts providing Managed services with DevOps solutions such as Ansible, Chef and AWS Opswork”.
You may have considered hiring a nearshore software development company or services, but you still have doubts…
End-to-end project management goes as far back as you can remember. Every project in history, even…
AWS DevOps has recently become a trending topic in IT circles as it offers companies…
When understanding AI vs Machine Learning, it’s essential to grasp how these innovations shape the…
If you are involved in the IT industry by any means, it is your job…
A Fintech company was dealing with outdated infrastructure, incurring additional costs due to the deprecation…