4 November 2019 | Nieuws
Ansible – Infrastructure as code
We used to configure everything manually, every command and every click was entered manually. Today, many managers still work that way. In the meantime, fortunately, more and more is being automated. Infrastructure as code is the new buzzword.
Infrastructure-as-code, or programmable infrastructure means defining infrastructure through code. The infrastructure is described as objects with properties. This has a number of advantages:
- Fast provisioning.
- Consistent, prevent Configuration Drift.
- Changes in IT configurations are clearly visible over a period.
- Software Development Best Practices are applicable to infrastructure.
Because manual actions are no longer required, making infrastructure or applications available is much faster. This allows the IT department to deliver IT services to the business faster and has time for other activities. The result is a short time-to-market. To implement infrastructure as code we need configuration management software.
What is configuration management?
Configuration management is a configuration method where you manage your installation and configuration of your IT environment in an automated way. If something is inadvertently changed, you can easily reverse that change.
Why do we use Insign.it configuration management?
Insign.it has chosen Ansible as the standard configuration management tool. It is open source and partly because of this has a lot of ready-made modules to easily communicate with a large diversity of infrastructure components, so that the dream of a completed infrastructure as code can come true. Nice to know that Microsoft is strongly committed to Ansible and that, for example, the entire network layout of Azure is managed with Ansible.
What are the benefits of using Ansible?
As mentioned above, consistency in delivering your IT infrastructure. In addition, management becomes simpler and clearer since a blueprint is made of your environment. The deployment process of new environments is also a lot faster by using Ansible i.c.m. with an optimized basic image you can deploy Windows and Linux servers in no time.
You can also achieve great benefits in day-to-day management, such as the automated creation of user accounts, configuring mailboxes or other user or server related issues. The sky is the limit.
Why has Insign.it started working with Ansible?
Insign.it was originally a Windows house with a strong focus on Front-end Automation in Citrix XenApp, VDI and RDSH environments. Due to the strong focus on automation, we have customers in various segments, healthcare, logistics, government and various SMEs. However, we notice that the backend automation is lagging behind, especially the patch management and configuration management of backend environments is often a big manual job that takes many hours.
This could be better, so we started looking for a modular tool with a focus on back-end automation and not specifically on 1 product. This is found in the form of Ansible. The integration in all kinds of areas (servers, networking, firewalls, storage and cloud) is so great that this enables us to automate the entire back-end infrastructure. In addition, the agentless infrastructure appeals to us very strongly, since we then have no dependencies on the endpoints.
During the experiments we became super enthusiastic about the power of the product. We have been able to reduce the lead time of the patch management process at a customer by more than 75%.
Playbooks and Roles
Ansible uses playbook. A playbook is a text file in YAML format in which the desired configuration is described. In addition, there are roles. A role is used for recurring configuration and can be used universally through variables. An example of a role is the configuration of a web server.
How will I work with Ansible?
Start with small steps. Make an inventory of your manual actions and investigate what you can automate. Structure and naming is very important here. In addition, the use of a version control management system such as Git is virtually a must. This allows changes to be registered. This way, your colleagues are aware of who, what, when has changed and you can easily roll back changes if necessary. Version management is an important part of automation in infrastructure as code.
In addition, delve into working with a good editor such as VScode. Insign.it can fully support you in both the inventory process and training or support.
What added value can Insign.it offer?
We have already developed various roles. A good example of this is our Windows update role. Here are, in addition to the standard Windows update features that are already in Ansible, a number of extras and extra error handling which ensures that patch management on the Windows platform runs more smoothly. We have incorporated issues that we regularly encounter as engineers in our update role. In this way you benefit from our expertise in the field.
Via automated image management you can gain monthly access to a currently updated basic image with security fixes and updates with which a new server is up and running in no time within your environment and you no longer have to worry about the basic configuration. In combination with our InPackage software service, rolling out software becomes a piece of cake. These basic images will become available for various virtualization platforms.
In our own infrastructure, we actively use Ansible to manage our Linux and Docker environments.
Ansible will be integrated with our Oversight monitoring system in the coming months. Actions can then be executed based on reports. Think of the automated clearing of a flooded disk, or additional information can be collected that can be linked to a ticket. Network automation also receives the necessary attention. Our managed firewall service will be linked to Ansible in order to be able to inform customers more effectively about potential potential risks.
If you want to know what else Ansible can do for you as a customer, do not hesitate to contact Insign.it.Back to news