Using automation to get the most from your public cloud

Public cloud provides significant advantages for organizations of almost any size. Its power and flexibility makes it a vital part of any enterprise infrastructure.

Those infrastructures do not come without challenges. Managing resources across the global reach of the public cloud can be complex, especially when activity responses are needed at different times or in different regions. Cost soon becomes an important issue for many companies, as they end up spending more than they need to—and often more than they budgeted—for cloud resources.

The answer to these challenges is IT automation. Almost every public cloud user employs some form of automation, usually to assist with provisioning and retirement of resources. However, automation can provide far more benefits to an organization using a public cloud. It can provide greater control over the environment, leading to improved governance and compliance; it can ease the cloud management burden; and it can help reduce spending on the cloud significantly.

But most organizations fail to take full advantage of automation in their public cloud environments. Some are unaware of the benefits that an automated approach can provide, while others are concerned about the cost or impact of implementing automation.

Using Red Hat® Ansible® Automation Platform, organizations can implement an automation approach and take advantage of important opportunities with less difficulty.

The benefits of automation go beyond provisioning and retirement when using an automation platform:

• Better information. Control what is happening in your environment with a better understanding of what you are spending on cloud usage, and uncover opportunities to save by identifying orphan instances, unused storage, etc.
• Time savings. Eliminate the need for many manual processes, while minimizing the possibility of user error.
• Improved governance. Ensure instances are created and run according to compliance requirements and restrictions.
• Strategic advantages. Automate consistently across your environment–multiple clouds, multiple in-cloud components, and components outside the cloud environment.

Automation does not have to be completed all at once nor does it need to take over your business. As you chart your path to automation, consider staying small and identifying opportunities as you go. This paves the way for bigger automation projects down the road. 

The typical path to implementing automation evolves through three major phases: opportunistic, systematic, and institutionalized.

Opportunistic: Start small for rapid success

One of the biggest hurdles that organizations need to clear when they consider automation is fearing that the challenge is too big to undertake. The prospect of addressing a new set of complex tasks, adding new skill sets to a team, and making major infrastructure changes can be overwhelming for many organizations to consider.

Automation does not require an all-or-nothing approach, and it is possible to start small, with quick wins that have an immediate return on investment. Typically, this involves information retrieval tasks, which are read-only—meaning that they do not change your system or have a direct impact on the functioning of your environment, but provide vital data to increase visibility in your systems.

Infrastructure visibility is one of the most straightforward automation tasks to introduce in your public cloud.  Collecting information about your environment and periodically reporting on it can effectively improve your operations. Simple tasks like reporting on instances that have been running for too long, or virtual machines that are not being used, can help to efficiently streamline your cloud operations.

Visibility can also extend to support security and compliance, ensuring that your cloud instances are working with the correct security and patches. It can also improve business continuity by immediately alerting the appropriate personnel if instances go down or by scheduling periodic backups to protect against data loss.

Even without automating any functionality in your cloud environment, these minor opportunistic tasks can have a significant effect on your operations.

Once automation has  provided visibility into your environment, the next step is to operationalize your automation. Begin by taking the information that you are collecting and use it to automate operations tasks.

Some of these tasks remain very simple. Operations such as configuration management can be implemented fluidly and notably reduce the operational burden for your team.

Building on the infrastructure visibility you have already obtained, you can also start to use Red Hat Ansible Automation Platform and similar tools to automate the deployment and retirement of instances. Instances can be restarted if they go down unexpectedly, supporting business continuity.

In addition, automation can be an important tool to support migrations. Whether you are migrating components or workloads between clouds or between private and public clouds, you can automate key tasks to ensure the migration works correctly and consistently.

Automating any of these tasks can significantly reduce the operational workload of your team. In addition, automation reduces the possibility of human error being introduced in these common management tasks. But the most important benefit of operationalizing your public cloud environment is that you are creating, over time, a series of automation assets that are tested and proven in your infrastructure, and are shared across your teams, providing a foundation for building even more automation in the future. The increased automation means technical personnel can spend their time on high-value activities instead of operational tasks.

Institutionalize: Think big

As your organization continues to find automation opportunities for your public cloud environment, you can develop an automation-centric approach to make certain that you maximize the value of your public cloud environment.

More opportunities for automation can emerge when your profile of automated processes increases, leading to significantly greater efficiency. You can build on your improved infrastructure visibility to right-size instances that are in use, as well as to recover orphan instances. The danger of “cloud sprawl”, where so many instances are active that it is nearly impossible to tell what is and is not needed, can be eliminated permanently.

Increased automation can also help your organization respond more promptly to incidents and outages. By setting limits and policies, and better enforcing role-based access controls, your systems can run more efficiently. And in the future, this can lead to a full event-driven architecture, where your automation can respond with agility to state changes across the enterprise.

Automation can also help to coordinate the efforts of teams across your enterprise. Too often, security, IT orchestration, and other groups do not act in concert. As larger automation workflows are implemented, and integrate across these teams, there is a basis for them to work together more closely. 

When IT budgets are flat or even diminishing and technical resources are stretched beyond their limits, an automation strategy can be a key means of achieving high operational efficiency. 

Gain the benefits of automation in your public cloud infrastructure with Ansible Automation Platform.

How to complement provisioning tools—or move beyond them

Ansible Automation Platform can enhance your automation, even if you are already using other automation tools.

While provisioning tools perform deployment and retirement well, they do not perform many other necessary tasks for the instances they create, such as security configuration and maintenance. They also do not control the instances throughout their life cycles, which can lead to “configuration drift”, where instances become more and more noncompliant.

You may already have an automation tool in place—whether a public cloud native tool like Resource Manager in Microsoft Azure or CloudFormation in Amazon Web Services (AWS), or a third-party tool like HashiCorp Terraform. Ansible Automation Platform acts as the orchestrator for these other tools, making it the primary automation platform across public, private, and on-premise environments. For many organizations, Ansible Automation Platform becomes the single point of management for a wide range of automated tasks, from orchestration to security to governance, establishing standardization and consistency across your environments.

Red Hat Ansible Automation Platform is IT automation—for everyone

Ansible Automation Platform can be implemented without specialized skills—its low-code graphical user interface makes automating even complex tasks straightforward. 

Ansible Automation Platform’s interface also makes it easy for users to implement use cases without prior scripting or programming knowledge requirements.

The power and flexibility of Ansible Automation Platform provides a number of use cases for automation in a public cloud environment. These implementations have been achieved by a wide variety of organizations and show some of the possibilities of automation.

Infrastructure orchestration

One primary reason organizations prefer to run their workloads in a public cloud environment is simplicity. Much of the underlying infrastructure is abstracted or accessible through application programming interfaces (APIs), simplifying operations.

However, if your organization is not running solely on a public cloud environment, then resource coordination can be a major hassle. Coordinating resources, for example, across traditional and cloud infrastructure or even across multiple public cloud environments, is a complex task.

Automation can drastically streamline this orchestration work. Setting automated processes to coordinate firewalls, on-premise and private cloud infrastructure, load balancers, DNS, and many other components can ensure that these components work together continuously and with little-to-no administration.

A wide range of components can also be automated through Ansible Automation Platform. One common integration is with IT service management (ITSM) consoles. When an automation script identifies an incident, it can automatically open an ITSM ticket and add all the details about the instance into the ticket.

Infrastructure optimization

The ability to spin up infrastructure efficiently and in less time is one of the principal advantages of cloud computing. However, this often leads to organizations deploying resources in their cloud environments, and then not thinking about it any longer. Because no one knows the instance is there or if deprovisioning has failed, the cloud instance is never turned off and the costs continue to accrue—whether the instance is used or not (see figure 4).

In fact, there is little incentive for cloud providers to help identify the unused infrastructure. It is the responsibility of the consumer to optimize their cloud usage, and minimize their cloud spend. Ansible Automation Platform’s interface makes it simple to create a process that can handle instances running for longer than a predefined number of hours, larger than a certain size, and with a certain list of tags associated with them.

Ansible Automation Platform can report on the instances actively in use in each region. With this information, an organization can audit which resources are running, and where each resource is running. Discovering resources that are not being used and decommissioning them can be an important tool for managing cloud costs.

Cloud operations

One of the most important advantages of automation in the public cloud is how it further simplifies operations. It can be extremely difficult to manage all the resources in a public cloud environment when instances are active in multiple regions, running for different lengths of time, and running different software.

One area that is commonly simplified by automation is Day 2 operations—that means establishing that everything running in the cloud environment is maintained as needed, and continues to be coherent with their intended purpose. Automating the operations that ensure all instances are working as intended and compliant with their requirements minimizes the burden on technical staff.

Automation can also help you respond more flexibly to changing configuration requirements on running infrastructure. For example, if a resource runs out of storage space, an administrator might need to identify the issue, and potentially tear down and redeploy the instance. An automated process can detect the need and provision more storage with no manual intervention.

DevOps and CI/CD pipelines

Automating your organization’s continuous integration and continuous delivery (CI/CD) can have a significant impact on your organization. Using Red Hat Ansible Automation Platform as part of your CI/CD pipeline can increase the speed of delivery for releases and minimize errors and inconsistency, while reducing the development team’s administration burden.

Ansible Automation Platform can integrate readily into any DevOps pipeline or workflow. It provides access to certified Ansible content for a range of applications, with collections for infrastructure, hybrid cloud, Windows and Linux® configuration management, application deployment, and security automation.

Many of the operations’ public cloud responsibilities can be anticipated and addressed through automated processes. Not only does this make the cloud infrastructure work more efficiently, it also frees up your technical staff to work on more important issues.

Automated troubleshooting

Identifying and responding to problems is perhaps the most important task for operations staff. However, many of the problems that appear can be identified or solved swiftly using automation, and resolved with minimal human intervention.

Automating your troubleshooting with Red Hat Ansible Automation Platform is a matter of identifying and responding to clearly identifiable issues that arise. Then, when the problem appears in the future, the activities that need to be taken to resolve it can be automated (see figure 6). In the future, this can be an important move towards creating an event-driven architecture. 

When an instance suddenly becomes unreachable, your team does not need to rely on second-hand reports or performance reports to identify the cause. For example, if the problem is a software failure, or an access control list rule that was applied erroneously, that is blocking traffic. The troubleshooting process can automatically test the instance to identify the problem, and then adjust the instance to resolve the problem, or alert support personnel to look into the issue further. These processes can be built into event driven workflows to maximize the speed of your troubleshooting response.

Supplementing your support staff with automated troubleshooting processes safeguards their valuable time is spent dealing with real problems, making them—and your infrastructure—more effective and efficient.

Compliance

A major challenge in a cloud infrastructure is ensuring that every instance meets all the standards set for the environment. Making sure servers are updated and patched is only part of this need. As instances are spun up and torn down, ensuring they remain in compliance with the various rules, such as user account controls like two-factor authentication, can be a complex task. When a system spans multiple clouds, compliance can be almost impossible to control. The following diagram illustrates an example of how Ansible Automation Platform can be used for compliance to manage security groups on instances created on a cloud environment.

Ansible Automation Platform can control and enforce compliance in these complex environments. It can provide detailed reporting to help identify noncompliance throughout your cloud infrastructure and make updates if necessary. And it is flexible enough not only to control infrastructure, but virtually every part of your environment, including user rules.

Business continuity

Ensuring your business’ processes continue running is key to your organization’s success. But the activities that provide business continuity can be time-consuming and complex, especially with a vast number of instances running in multiple regions in different public clouds. These activities can often become neglected, meaning your business cannot recover efficiently or in less time when an outage occurs.

Business continuity combines and further expands automated troubleshooting and resource automation tasks you have already built, responding to the business outcome of a set of workloads. When issues appear, business continuity tasks ensure these processes keep running as expected, solving issues, adding resources as needed, and even deploying new instances if required. 

Making sure that backups or snapshots are stored automatically for every instance for its entire life cycle ensures outages can be overcome with minimal loss and in extremely short times. With automation, you can respond to outages by promptly shifting workloads to other availability zones within the same public cloud or shifting them to a different cloud environment altogether. The following diagram illustrates how you can use Ansible Automation Platform to architect your cloud environments for business resiliency with automation.

Once you have determined that increasing your public cloud automation is the right path for you, the next concern is how to get started.

Red Hat offers extensive resources to assist organizations in implementing Ansible Automation Platform, greatly enhancing your automation profile. These resources provide what you need to implement and enhance your public cloud automation.

• Self-paced labs. Red Hat offers self-paced labs where you can try Ansible for yourself.
• Visit the hybrid cloud automation website. Explore in more detail the value hybrid cloud automation can deliver.
• Read our blogs. Stay up to date on the latest Ansible hybrid cloud automation news.
• Try Red Hat Ansible Automation Platform. Try a 60 day trial of Red Hat Ansible Automation platform.
• Ansible Webinars and training. Register for live training sessions and webinars and visit the on-demand catalog to view prerecorded training sessions and webinar videos. 

The most important step to automating your public cloud is to get started. You do not need to automate everything at once. Even small steps can lead to a significant reduction in cloud spend.

Talk to a Red Hatter today about how you can introduce Red Hat Ansible Automation Platform into your environment and take advantage of automation in a public cloud environment.