DevOps Series – VII – Configuration Management with Ansible
August 5, 2022
What is Configuration Management?
Configuration Management (CM) establishes and maintains consistency of the product’s characteristics, performance, and functionality, with its design, requirements, and operational data, across the product lifecycle. CM is an IT management system that falls under the category of systems engineering processes.
CM monitors individual assets of an IT system (IT assets may vary from software, or server to a cluster of servers) and identifies whether there is a need to patch, update, or reconfigure the system for maintaining the desired state.
How to implement Configuration Management?
CM implementation is a 4-step process that involves:
- The first stage involves information gathering and compiling to further establish configuration. Point of identification includes test cases, code modules, specification requirements, as well as necessary resources, tools, files, documents, and other aspects required for a successful product cycle.
- The second stage involves establishing the baseline configuration. Baseline configuration enables successful operation of the dependent IT assets, without causing any error.
- Version control ensures the integrity of the product by identifying accepted versions of IT assets. It also controls changes to be levied on the product cycle.
- Auditing is crucial to product cycles. The audit team makes sure that the project is successful and competent as per the roadmap of a product cycle.
The Advantages of Configuration Management
- Well-established configuration and control enhance visibility and enable tracking across the product life cycle. The outcome is better efficiency.
- CM begins with information gathering. As information regarding all the IT elements is gathered and compiled, there is no scope for unnecessary duplication.
- Profound agility enables quick problem solutions and faster releases.
- Rapid fault detections in the configuration and rapid corrections eliminate detrimental effects on the product cycle.
- Easy and fast service restorations in case of process failure encourage system reliability.
- CM enhances customer satisfaction and helps in cost optimization.
Some well-known CM tools
Configuration Management with Ansible
Now, let us understand how to leverage Configuration Management with Ansible.
What is Ansible?
Ansible is an utterly simple open-source automation & orchestration tool that handles Configuration Management (CM), application deployment, cloud provisioning, cloud services as well as other IT tools.
Furthermore, Ansible can:
- easily configures IT systems to provide infrastructure as code.
- use the playbook to describe automation jobs written in YAML syntax.
- enable multi-tier deployments.
- interrelate all the IT systems and prototype the IT infrastructure.
- work by multi-node orchestration and needs no agent
- push and pull ansible modules (small programs) on the nodes
- manage inventory in host files (simple text files)
- control the actions of a specific group in the playbook.
Some advantages of Ansible
- It is an open-source FREE-to-use tool.
- It is easy to operate and does not require any specialized administrative skill set.
- It can seamlessly orchestrate large IT ecosystems without an agent.
- It is completely safe and secure.
- Being lightweight and consistent, there are no constraints on its compatibility with different Operating Systems and Hardware.
Let us get familiar with some common terms in Ansible
- Control Node: A control node is a system that hosts Ansible installations as well as sets up its connectivity to the server. There can be multiple control nodes, in fact, any system can be set up as a control node.
- Managed Nodes: A control node manages remote nodes. These remote notes are known as Managed Nodes. Ansible entails managed nodes to be accessible through SSH.
- Inventory is a file that contains data regarding Ansible client servers. It is also known as a host file as it contains a list of hosts managed by Ansible.
- Task: Every action to be performed is a task. In Ansible, a unit of work that is to be executed on a managed node is a task.
- Playbook: Ansible playbooks are the way of sending commands to remote systems via scripts. It designates tasks and roles to the target hosts, thereby orchestrating multiple servers from diverse setups in one play.
- Roles: It is a way to automatically organize tasks, files and handlers in a predefined structure known to Ansible.
- Handleris a task that triggers changes in the service status. It is activated by receiving a notification from the notifier.
- Notifier:A notifier is a segment assigned with the task to notify the handler if the output is changed.
How does Ansible Works?
The flowchart given below explains the working of Ansible.
What is YAML?
YAML syntax is a data-serialization language which is very easy for humans to read and write. Also, YAML is much simpler as compared to data formats like JSON and XML. YAML is a powerful syntax to automate IT requirements. Henceforth Ansible uses YAML for creating playbooks.
Every YAML file starts with a list of items. Each item represents a list of key pairs/value pairs known as a dictionary or hash.
Optionally all the files in YAML begin with ‘—’ and end with ‘…’. This indicates the start and end of a document. Also, all the members of the list begin at the same indentation level starting with “- “.
What is an Ansible Inventory?
An Ansible inventory file contains a list of hosts (or a group of hosts) on which commands, tasks, and modules are operated in a playbook. The format of these files depends on the Ansible ecosystem and its plugins.
An inventory file contains a list of managed nodes called host files. It organizes these host files to create a nesting group for scaling.
For an inventory, the default location is a file defined by: /etc/ansible/hosts
An inventory file at the command line is defined by: -i option
INI format of an inventory file:
mail.example.com [webservers] foo.example.com Bar.example.com [dbservers] One[1:50].example.com two.example.com three.example.com
Types of Ansible Modules
Ansible has a large library of modules to offer its users. Some frequently used Ansible modules are
It is important to note that
- All the Ansible modules return JSON format data
- Ansible modules must be idempotent
- Ansible modules can trigger changes in the output by using handlers to run extra tasks.
Example of a Playbook
Below is an example of a playbook verifying-apache.yml that contains only one play.
- hosts: webservers vars: http_port: 80 max_clients: 200 remote_user: root tasks: - name: ensure apache is at the latest version yum: name: httpd state: latest - name: write the apache config file template: src: /srv/httpd.j2 dest: /etc/httpd.conf notify: - restart apache - name: ensure apache is running service: name: httpd state: started handlers: - name: restart apache service: name: httpd state: restarted
Conclusion
Ansible is a minimalist IT automation tool that has a gentle learning curve. The reason is its part to its use of YAML for its provisioning scripts. It consists a great number of built-in modules used to abstract tasks such as installing packages and working with templates.