Top Three Reasons Why We Like Ansible
Top Three Reasons Why We Like Ansible
Ansible automates cloud provisioning, configuration management, deployment, and more IT needs, adding efficiency, security, and scalability to your operations.
Join the DZone community and get the full member experience.Join For Free
Discover how quick and easy it is to secure secrets, so you can get back to doing what you love. Try Conjur, a free open source security service for developers.
Ansible is an open source IT tool for managing and deploying servers and configurations. According to www.ansible.com, "Ansible is a radically simple IT automation engine that automates cloud provisioning, configuration management, application deployment, intra-service orchestration, and many other IT needs."
It models your IT infrastructure so that it doesn’t manage only one system at a time. Instead, it knows how your systems are inter-related, therefore making multi-tier deployments simpler. Because it uses no agents and there is no additional security infrastructure you need to customize, it is easy to deploy. Ansible uses a simple language called YAML that allows you to easily portray your automation jobs.
We like Ansible a lot because Ansible has big advantages over other tools. Our top three reasons why we like Ansible are 1) creates efficiencies, 2) ensures security, and 3) provides scalability with its features. In this article, we discuss how it does these three things.
Ansible is loaded up with features that provide many time and resource efficiencies for an IT organization. Some of these features - resource utilization, less management, firewall focus, and no bootstrapping required add up to major efficiencies.
When Ansible is not managing remote nodes, it is not doing anything on those nodes; therefore, there is no consumption of memory or CPU. You can choose when you run the management and all of the performance-critical operations get to use all the CPU. This utilization of resources results in you having a greater ability to manage the resources because there is no chance of memory leak or agents that may crash.
As is commonly said when talking about Ansible, you don’t need to spend time “managing the management.” Many other configuration management tools do require a lot of hands-on. Ansible eliminates having agents on remote servers. By not having to update agents when updating the management software, you eliminate compatibility problems between server and agent versions. Additionally, by not requiring agents on remote servers, Ansible gets rid of any possibility of an agent crash that can harm the ability to manage the system.
Ansible does not need to hold connections open between the management machine and the central node. In this way, Ansible avoids messing around with firewalls that may not like lengthy connections, which can be a problem in production scenarios. Ansible also receives a deterministic response from nodes that are down. Instead of only seeing the nodes that are operating and getting no information from those that are down, you see a failure message. Knowing which nodes you can’t contact is critical during performing updates to a system.
No Bootstrapping Required
Ansible has the ability to start managing remote servers immediately because there is no need to install agent software. It can start communicating to all servers without a long and involved setup process, greatly reducing time and effort.
Because Ansible does not require remote server agents, it has tremendously reduced areas that can be attacked, thus making it very secure. Ansible uses the OpenSSH daemon and certificate system, which is the most secure remote management system that is available. OpenSSH can be used for a wide variety of distributions. When OpenSSH has security issues, patches are made quickly.
Also, Ansible limits the transfer of potentially sensitive data because it transfers the bare minimum to the machines it manages. With Ansible, it is impossible for a managed host to request files or templates meant for another machine and to access sensitive data not meant for it. Ansible pushes out only what remote nodes need to see.
Additionally, because Ansible does not contain custom file server implementation, it is impossible for a managed host to request files or templates meant for another machine. This makes Ansible ideal for environments where data is extremely sensitive, including when working with social science workloads, healthcare, and government applications.
By being push-oriented, Ansible has handled the potential of overwhelming a server due to management agents continually checking. Ansible pushes out changes to remote servers. With many other tools, the management server has to do expensive computations for the remote nodes. But, Ansible has to talk to only a defined number of nodes at one time. Because it offloads a maximum amount of remote computing to remote nodes, the workload is shared among computer systems; even a laptop is a sufficient platform for a control server with Ansible.
Ansible unifies configuration, deployment, and complex IT process balance while providing a strong and easily managed architecture. It does not create additional demands and it is transparent and maximizes productivity gains. There are many more features and benefits of Ansible than this article discusses. But, our top three reasons we like it so much are the efficiencies for your organization, the security you can rely on, and the scalability. Just with these three reasons, we hope you can see that Ansible is a top-notch management tool and may fit the needs of your organization.
Published at DZone with permission of Catherine Perry , DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.