The word automation strikes fear into many and has become nearly synonymous with the idea of lost jobs. For a sysadmin, however, automation can be a wonderful thing. It can mean the difference between getting a single task completed or many tasks completed with little effort in the same amount of time.
One of the most important concepts in automation is that of changing your pets into cattle. Take those machines that you wouldn’t dare breathe on—let alone make changes to—and turn them into something that can be easily rebuilt at a moment’s notice. Automation is equally important when building new machines. Ensuring that your machines are built and running in an identical way can remove many of the stresses of administration. Building efficiency allows sysadmins to do more with less, which has become the de facto direction of IT.
First on your to-do list should be a type of version control. Creating or changing configurations, like those in orchestration tools, network equipment, etc., needs to be version-controlled for automation to be successful. Your configurations will always evolve, and tracking changes is a crucial part of troubleshooting when things inevitably go wrong. It is also important to have version control in place for the sake of new development, as this feature enables testing without disrupting production.
The most ubiquitous version control tool is Git. There are numerous tools that use Git as the underlying engine while providing a friendly interface to the user. You may choose to host this tool on-premise, in the cloud, or both. Whichever you choose, be sure to commit your work early and commit often.
Let’s continue on with building your machine’s base image. You may already be familiar with the Preboot eXecution Environment (PXE) as a way to pass images to selected machines, but by combining PXE with a Kickstart or preseed file you can pass configurations as simple as user information or as complex as mdadm without any interaction. This feature is a strong combination that works for both physical and virtual machines.
In cloud environments with supported cloud images, similar tasks can be completed with cloud-init. Cloud-init is similar to Kickstart and preseed configurations in that it passes configurations to a machine on first boot. Where cloud-init is different from other installation automation tools is that this service is pre-installed on a generic image, and runs as the system boots for the first time. The great part is that these configurations can also be automated to some extent. That’s where an orchestration engine comes into play.
There are several popular orchestration tools, such as Ansible, Chef, and Puppet. Terms like orchestration and configuration management can be complex topics, and you will sometimes see them interchanged. The primary goal of these tools is to make installation, administration, and configuration tasks as streamlined and scalable as needed. It’s also much easier to troubleshoot a single or group of machines when they are uniform.
As a sysadmin, your orchestration tool decision will need great consideration. When choosing automation tools, it’s crucial to keep in mind not only the needs of the infrastructure, but also the usability of the tool from a personal or team perspective. One of the choices involved in this process is the language or format that is dictated by the tool. For example, Ansible uses YAML for its playbook formatting, while Chef uses Ruby for its cookbooks.
Another primary deciding factor would be how you prefer interacting with the servers. Using Ansible and Chef as examples again, Ansible is agentless, which means it configures servers by reaching out via SSH, while Chef needs a client to be installed on the remote machine before it can be managed. With agent-based systems like Chef, the client calls back to the central server for configurations. I would encourage anyone facing this decision to try each option out in a lab environment before coming to a conclusion.
At this point, you may be thinking: "OK. I get it. Fewer repeated actions, scaled deployments, and I should save my work. Where’s the automation?"
Here’s a piece of the pipeline that makes things a little safer and much more automated. Tools like Jenkins or Bamboo create a workflow of continuous integration and continuous deployment, or CI/CD for short. Let’s say you just got done writing that orchestration file and it took forever. You go ahead and push those changes to your Git repository and watch the magic happen. Your CI/CD software sees you made changes, checks your code for errors, and (if it passes) can deploy directly to production. Of course, this is an oversimplified explanation of the process, but it makes it no less amazing when patching a zero-day vulnerability to hundreds of running instances with idempotent precision.
Wrapping it all up, automation simply makes the sysadmin’s life easier. Having the capability to look at orchestration configurations and quickly see what is happening on a given machine can save future headaches and time. Once you have the core pieces in place, ancillary tools become more instrumental. More tools like logging, metrics, or dashboards can be added for better visibility into the infrastructure. There’s no wrong place to start in your automation adventure, so as long as you’re moving forward you’ll find success.