Infrastructure Automation with Ansible

Hi, guys! In this and some future articles we will briefly get away from the familiar theme of project management and development methodologies to talk about infrastructure automation and monitoring. No matter how successful your project is, the lack of a reliable environment configuration tool can disrupt it at any stage of deployment. Of course, you can use the embedded operating system means to set up the project environment, that may be the simplest, but, in the same time, not the most efficient way. Direct editing of configuration files, writing bash scripts are no longer able to provide any serious systems with stable work, not to mention the complexity of their support.

Fortunately, solutions exist, and they are not manual scripts, but complex configuration management systems. Nowadays, there are many tools available for infrastructure automation. Chef, Puppet, Salt, Juju... Which one is the most suitable depends on the architecture and needs of your infrastructure. In our case, such a tool is Ansible - a popular way for automating the configuration and deployment of IT infrastructure. The main tasks which it solves are the following:

  • Configuration management - fast and accurate settings of your servers with the configuration described.

  • Application deployment - installation and continuous integration of your applications without downtime and additional actions.

  • Cloud provisioning - managing the deployment of new cloud servers (for example, via the API, using Docker or LXC).

  • Complex orchestration - coordination of your infrastructure components for the deployment (for instance, checking that the web server is disconnected from the load balancer, before upgrading the software).

  • Continuous delivery - the ability to provide your users with frequent and timely products with minimal effort on the part of developers and administrators.

  • Infrastructure monitoring - centralized gathering of logs, a system of notifications and more others.

Why Ansible? We had learnt a lot of solutions before we stopped on this tool. Ansible is focuses on optimization and speed, and does not require the installation of agents on managed nodes - all functions are performed remotely via SSH. Configuration files support the single YAML-syntax and don't require programming knowledge. Nevertheless, separate modules can be written in almost any language. While Puppet or Chef are developer-oriented, Ansible is more suited to the needs of system administrators. Simple interface, usability and low entry barrier make it a good solution in companies with a large number of Unix and Linux systems (however, Windows support is somewhat limited). Important, that Ansible is an open source solution with a huge community, a wide range of ready modules and a rich documentation. It is easily configured and launched "out of the box".

Ansible allows us to automate the infrastructure as much as possible. With its help, we can configure required number of machines from a single one, performing scenarios of any complexity remotely on all our hosts. Application deployment, installation of necessary software, setting up databases, management of access rights and a lot of other operations become easier with existing Ansible modules or writing our own ones. Concepts of playbooks as sets of roles, tasks, hosts, variables and handlers provide flexible ways of infrastructure settings. To manage our applications, we have developed a number of own roles that are available to the public. They allow us to manage users and groups within the projects, configure PostgreSQL, firewall, nginx, deploy applications and much more. We hope, our experience will be useful to you in automating your work space. We'll talk more about the roles and scenarios used in the following articles. And what tools do you use to automate and configure the infrastructure? Feel free to share your solutions and ideas on this subject!

Riter development team