.shock - Fotolia

Ansible automation heralds move beyond DevOps niche

Ansible configuration management's roadmap points to more automation in more areas of the enterprise IT infrastructure.

SAN FRANCISCO -- Enterprise IT shops tend to hold on to old technologies, but many are finding ways to standardize, automate and orchestrate them alongside the hot new things.

IT teams -- from 50-year-old companies migrating apps off the mainframe to stateless cloud-native DevOps adherents -- are investigating infrastructure automation via Ansible.

One such company is ATPCO, an airline tariff publishing company based in Dulles, Va, which has proprietary legacy apps written for the mainframe that could benefit from Ansible, said Michel Ya-Lu, senior systems engineer. Ya-Lu is porting apps to a distributed, scalable Linux server deployment.

Ansible's simple programming language suits the majority of systems administrators who "really only have shell scripting to work with ... especially on a really gnarly enterprise IT deployment," said Tim Cramer, senior director of engineering at Red Hat Inc., based in Raleigh, N.C. Ansible automation is well-established for tasks such as server and cloud provisioning, and new releases will take the tool deeper into networks and business-critical, complex applications.

"Ansible's simplicity and dynamic inventory directory are appealing," said Joaquin Menchaca, DevOps engineer at goBalto Inc., based in San Francisco.

The software provider for clinical trials in the pharmaceutical industry runs workloads on Amazon Web Services and Ubuntu, using Docker containers and Ansible for orchestration, provisioning and deployment, as well as configuration. Ansible suits goBalto's "immutable production style of operations," which avoids state management, he said. State brings complexity, drift and layers of variation, a complex automation task. Menchaca said he sees configuration locks as suiting more robust tools, such as Chef or Puppet.

Forming the cloud

Ansible is part of Red Hat's four-piece systems management tool set for enterprise IT, alongside Satellite, CloudForms and the Red Hat Insights service. CloudForms 4.1, released in beta this week, includes built-in integration with Ansible Tower -- a first since Red Hat acquired Ansible in late 2015, enabling complex app automation based on Ansible playbooks, rather than Ruby scripting. Users also can combine playbooks with the native CloudForms service catalog support.

Locked up in the Tower

"There's been a lot of clamoring about when Tower will become open source," goBalto's Menchaca said. At the same time, Red Hat has a good model for bringing products to maturity, and he noted it won't be easy to figure out how to open-source the access management and scheduling component of Ansible.

"We know that we're going to open-source Tower at some point," Red Hat's Cramer said, but the company is still considering the best way to do it.

ATPCO is evaluating Ansible for its configuration management and automation tasks, potentially replacing Puppet-based Red Hat Satellite. Ya-Lu noted the tool's applicability to cloud infrastructures as one benefit.

On private or hybrid cloud, the average IT operations team deals with increased workload complexity as they scale up, said Alessandro Perilli, general manager of management strategy at Red Hat, in a presentation here at Red Hat Summit. Even a moderately complex app needs descriptions of all the components and how all those components relate to and interact with each other to work.

Insights and Satellite enable troubleshooting and ops improvements. As complexity increases with multi-tier apps and apps not designed for cloud infrastructure onboarding, Ansible comes in to automate the infrastructure and speed up deployment.

To combine the private cloud with a bunch of pre-existing IT environments, including virtualization, public cloud and internet of things, IT organizations can use CloudForms with Ansible playbooks, which are declarative configuration and orchestration templates. Ansible's growing container provisioning and management features enable containers to flow from developer laptops to production scale.

Some users question Red Hat's roadmap for these complementary products. Ansible automation helps glue together Red Hat's management stack, rather than displacing existing tools, said Justin Nemmers, head of product for Ansible, and it works in concert with configuration management from Chef and Puppet, if needed.

Talk to the network

Ansible overhauled its back end early in 2016 to enable more rapid updates and releases, such as Network Automation, which came out of tech preview and into general availability in release 2.1 last month.

"Network [teams] in general have been the most isolated of teams within corporate IT," Nemmers said. While the server, application and IT ops groups delve into DevOps, cloud platforms, continuous integration and delivery, and other trends, the network engineers manually configure physical infrastructure and virtual local area networks (VLANs) repetitively.

Ansible automation aims to let network administrators better scale resources, check compliance, stand up test environments and standardize tasks without giving up control. For example, a network engineer can create an Ansible playbook for provisioning a VLAN that sys admins and application teams can access via Ansible Tower. The VLAN is standardized with access control and auditability.

Easy YAML coding in Ansible creates a low barrier to entry for network admins that "speak their own language," Nemmers said. And it's a way to automate network provisioning and maintenance without the proprietary limitations of networking vendors' services.

"Ops in general has been suffering," he said. While there are business-value dashboards for executives to keep an eye on IT, and a plethora of tools to help development, he said, "It's been a long time since we had a set of tools to make ops easier."

Meredith Courtemanche is a senior site editor in TechTarget's Data Center and Virtualization group, with sites including SearchITOperations, SearchWindowsServer and SearchExchange. Find her work @DataCenterTT or email her at [email protected].

Next Steps

Why IT admins struggle to code infrastructure

Docker moves to increase container portability

The DIY containerization approach from Windows admins

A primer on Chef automation for networks

Dig Deeper on Configuration Management and DevOps