Log in / Register Account

Automation

Learning Ansible basics

Ansible is an open source IT automation engine that automates provisioning, configuration management, application deployment, orchestration, and many other IT processes.

Use Ansible automation to install software, automate daily tasks, provision infrastructure, improve security and compliance, patch systems, and share automation across your organization.

 

How does Ansible work?

Ansible works by connecting to your nodes and pushing out small programs, called modules to them. Modules are used to accomplish automation tasks in Ansible.

These programs are written to be resource models of the desired state of the system. Ansible then executes these modules and removes them when finished.

Without modules, you’d have to rely on ad-hoc commands and scripting to accomplish tasks. 

Learn how to install Ansible with this guide

Ansible is agentless, which means the nodes it manages do not require any software to be installed on them.

Ansible reads information about which machines you want to manage from your inventory. Ansible has a default inventory file, but you can create your own and define which servers you want Ansible to manage. 

Ansible uses SSH protocol to connect to servers and run tasks. By default, Ansible uses 

SSH keys with ssh-agent and connects to remote machines using your current user name. Root logins are not required. You can login as any user, and then su or sudo to any user.

Read how SSH establishes secure communication

Once it has connected, Ansible transfers the modules required by your command or playbook to the remote machine(s) for execution.

Ansible uses human-readable YAML templates so users can program repetitive tasks to happen automatically without having to learn an advanced programming language.

Ansible contains built-in modules that you can use to automate tasks, or you can write your own. Ansible modules can be written in any language that can return JSON, such as Ruby, Python, or bash. Windows automation modules are even written in Powershell. 

 

Using Ansible for ad-hoc commands

You can use Ansible to run ad-hoc commands. To do this, you will need to run a command or call a module directly from the command line. No playbook is used. 

This is fine for a one time task, but anything more complex will require the use of an Ansible Playbook.

Ansible Playbooks

Ansible Playbooks are used to orchestrate IT processes. A playbook is a YAML file containing 1 or more plays, and is used to define the desired state of a system. This differs from an Ansible module, which is a standalone script that can be used inside an Ansible Playbook. 

Understanding YAML for Ansible

Plays consist of an ordered set of tasks to execute against host selections from your Ansible inventory file. 

Tasks are the pieces that make up a play, and call Ansible modules. In a play, tasks are executed in the order in which they are written.  

When Ansible runs, it is able to keep track of the state of the system. If Ansible scans a system and finds the playbook description of a system and the actual system state don't agree, then Ansible will make whatever changes are necessary for the system to match the playbook. 

Ansible includes a "check mode" which allows you to validate playbooks and ad-hoc commands before making any state changes on a system. This shows you what Ansible would do, without actually making any changes. 

Handlers in Ansible are used to run a specific task only after a change has been made to the system. They are triggered by tasks and run once, at the end of all of the other plays in the playbook. 

Variables are a concept in Ansible that enable you to alter how playbooks run. Variables are used to account for differences between systems, such as package versions or file paths. With Ansible, you can execute playbooks across different systems. 

Ansible variables should be defined in relation to what your playbook is actually doing. 

Variables follow variable precedence, which defines the order in which variables will override each other. It’s important to understand this when including variables in your playbook.

When working with Ansible you will also need to understand collections. Collections are a distribution format for Ansible content that can include playbooks, roles, modules, and plugins.

Ansible roles are a special kind of playbook that is fully self-contained and portable with the tasks, variables, configuration templates, and other supporting files that are needed to complete a complex orchestration. 

Multiple roles can exist inside a collection allowing easy sharing of content via Automation Hub and Ansible Galaxy

 

Configuration management with Ansible

Configuration management is a process for maintaining computer systems, servers, and software in a desired, consistent state. It’s a way to make sure that a system performs as it’s expected to as changes are made over time. 

Traditionally, this was handled manually or with custom scripting by system administrators. 

5 ways to harden a new system with Ansible

Red Hat® Ansible® Automation Platform, when used as a configuration management tool, is used to store the current state of your systems and help you to maintain that state. 

Configuration management tools make changes and deployments faster, remove the potential for human error, while making system management predictable and scalable.

They also help you to keep track of the state of your resources, and keep you from repeating tasks, like installing the same package twice. 

Improve system recovery after a critical event with automated configuration management with Ansible. If a server goes down for an unknown reason, you can deploy a new one quickly and have a record of any changes or updates that occurred so you can identify the source of the problem. 

 

Provisioning with Ansible

Infrastructure is now often defined in software, and virtualization and containers have sped up the provisioning process while eliminating the need for frequent hardware provisioning and management.

It’s difficult to track changes and control versions, and avoid errors and inconsistencies when provisioning is managed manually for each deployment.

Automating the provisioning of any infrastructure is the first step in automating the operational life cycle of your applications. 

Ansible can be used to provision the underlying infrastructure of your environment, virtualized hosts and hypervisors, network devices, and bare metal servers. It can also install services, add compute hosts, and provision resources, services, and applications inside of your cloud.

You can use an Ansible Playbook to describe the desired state of your infrastructure and then have Ansible provision it. Codifying your infrastructure through the use of a playbook ensures that you provision the same environment every time. 

 

Deployment automation

Deployment automation provides the ability to move your software between testing and production environments by using automated processes. This leads to repeatable and reliable deployments across the software delivery cycle.

Deployment automation is an important piece of enabling DevOps practices and managing a CI/CD pipeline.

Deployment automation doesn’t work when the development team deploys applications or configures environments one way and the operations teams deploys and configures another way. 

In order for the environment to be automated it needs to be consistent. The same deployment process should be used for every environment, including your production environment. 

A deployment pipeline typically follows 3 main steps (though you may also have more): build, test, deploy. This is the pipeline that supports your ability to automate the deployment process and ensures that code moves from being committed to deployment quickly.

Ansible allows you to deploy multi-tier applications reliably and consistently, all from one common framework. You can configure needed services as well as push application artifacts using playbooks.

 

Orchestration with Ansible

In general, automation refers to automating a single task. This is different from orchestration, which is how you can automate a process or workflow that involves many steps across multiple disparate systems. 

Cloud orchestration can be used to provision or deploy servers, assign storage capacity, create virtual machines, and manage networking, among other tasks. There are many different orchestration tools that can help you with cloud orchestration. Ansible is one option.

Server configuration and management and application deployments can also be orchestrated with a tool like Ansible. 

Learn how to explain orchestration in plain English

With application deployments you’ve got frontend and backend services, databases, monitoring, networks, and storage each with their own role to play and their own configuration and deployment. Orchestration ensures that each step happens the way you need it to.

Ansible enables orchestration by executing the tasks in your playbook in the order in which they are written, so you know that your application deployment processes will happen in the correct order. 

 

Network automation

Network automation uses programmable logic to manage network resources and services. Network automation allows network operations (NetOps) teams to configure, scale, protect, and integrate network infrastructure and application services more quickly than when performed manually by users.

Even as underlying technologies have evolved, network management has remained largely the same for decades. Networks are typically built, operated, and maintained by hand. 

However, traditional, manual approaches to network configuration and updates are too slow and error-prone to effectively support the needs of rapidly shifting workload requirements. 

Automating network resource and service management allows network operations teams to become more agile and flexible and effectively support modern business demands.

 

Security automation 

Security automation uses automation technology to perform tasks with reduced human assistance in order to integrate security processes, applications, and infrastructure.

Automation can help you streamline daily operations as well as integrate security into processes, applications, and infrastructure from the start. Fully deploying security automation can even reduce the average cost of a breach by 95%.

Applying automation to your security processes can help you identify, validate, and escalate threats faster without manual intervention. 

If a security incident should occur, security teams can use Ansible to rapidly apply remediation to affected systems across your environment concurrently and respond to incidents faster.

3 ways to get started with IT security automation

Using Ansible, security teams can configure a sequence of jobs that share inventory, playbooks, or permissions to fully automate investigations or remediations.

Red Hat Ansible Automation Platform integrates with third-party external log aggregation services, which helps security teams identify trends, analyze infrastructure events, monitor anomalies, and correlate disparate events.

 

Get trained in Ansible

Automation with Ansible

This course is designed for Linux® system administrators and developers who need to automate provisioning, configuration, application deployment, and orchestration. You will learn how to install and configure Ansible on a management workstation and prepare managed hosts for automation.

 

Ansible Essentials: Simplicity in Automation Technical Overview

This series of on-demand, online videos introduces you to Ansible automation and configuration management, provisioning, deploying, and managing compute infrastructure across cloud, virtual, and physical environments with Ansible.

 

Ansible 101: An introduction to automating everything

This webinar highlights the benefits of using Ansible to automate tasks across a variety of Red Hat Enterprise Linux, Windows, cloud, and networking devices. It covers ways to automate administrative tasks, as well as how to use advanced features of Red Hat Ansible Automation Platform to perform more complex tasks. 

 

Case study: How Microsoft built a culture of IT automation

Microsoft is focused on building a culture of success and collaboration across teams, supported by automation technology.

Using Red Hat Ansible Automation Platform and working closely with Red Hat Consulting, Microsoft created a standardized, centralized network automation environment that reduces routine, repeatable tasks and complexity, while also allowing for production code to be verified and reused. 

By establishing a DevOps culture, teams across the company can now focus on sharing knowledge, building skills, and creating innovative technology solutions.

Read the complete case study to learn more about Microsoft’s success.

 

Why choose Red Hat for automation?

Red Hat works with the greater open source community on automation technologies. Our engineers help improve features, reliability, and security to make sure your business and IT performs and remains stable and secure. 

Red Hat Ansible Automation Platform includes all the tools needed to implement enterprise-wide automation, including playbooks and analytics. It allows users to centralize and control their IT infrastructure with a visual dashboard, role-based access control, and more to reduce operational complexity.

Red Hat Ansible Automation Platform also includes Automation Analytics, which enables operations team members to analyze usage, uptime, and execution patterns across different teams running Ansible Automation Platform.

The Ansible Automation Hub is a location to discover and understand precomposed, Red Hat-supported Ansible content and Ansible Certified Partner content to help users get started faster.

Additionally, Red Hat Ansible Automation Platform was named a Leader by Forrester Research in the Forrester Wave™: Infrastructure Automation Platforms, Q3 2020.

Organizations not only need the ability to easily create automation, but they also need to be able to share and reuse automation across projects and teams with the right level of governance and control. 

With the right automation solution in place, you can deploy new applications and services faster, manage IT infrastructure more efficiently, and see an increase in app development productivity.

The platform you need for automation

Red Hat Ansible Automation Platform

A simple, agentless platform for building IT automation at scale. Centralize and control your IT infrastructure with a visual dashboard, role-based access control, and more.

There's a lot more to do with Ansible