Are you interested in finding a new configuration management system? Here are some thoughts from one system administrator’s two years of experience with Ansible.
- The Search for Easy Configuration
- Why Ansible over Chef, Puppet & SaltStack?
- A Few Tips from Experience
- Cloud from Infrastructure Experts
The Search for Easy Configuration
If you are trying to figure out which configuration management system would work best for you, you may have SaltStack, Puppet, or Chef on your list. We all develop our comfort zones with certain tools, and it can sometimes be a little confusing to figure out which of a variety of environments is best.
Linux systems administrator Corban Raun was looking for a solution that was high-quality but also intuitive. While Raun was weighing various options, he had a friend advise him to look at a less widely known application, Ansible.
Raun proceeded to use Ansible up through the present, a span of two years. He used the system for a variety of platforms and stacks such as web applications, user management, secure cloud hosting configurations, and tracking.
He also used Ansible to access cloud services and for any projects needing repetition on a stable foundation.
Why Ansible over Chef, Puppet & SaltStack?
Raun said a primary factor in selecting Ansible over its competition was that it is capable of delivering 100% immutable server design and architecture. He explained the term: “[H]aving an Immutable server architecture means that we have the ability to create, destroy, and replace servers at any time without causing service disruptions.”
For instance, if you need to patch or update machines, instead of working on one that’s online, it makes more sense to create a clone with the upgrades applied. Then you can just replace the unpatched machine with the patched one.
By building a machine that is identical to the live system with the upgrades complete, it’s clear that the updates can work properly and that there isn’t a danger of an outage. You want to basically make sure that the configuration is in Ansible and that source control is correct. That way you can make sure the architecture is in fact immutable, which allows you to keep the machines free of corruption from unauthorized third parties.
Raun said that he likes Ansible because it allows him to keep everything tightly managed. “One often unrealized benefit of this is that our Ansible configuration can be looked at as a type of documentation and disaster recovery solution,” he said. “This idea of Immutable architecture also helps us to … write or easily modify an Ansible playbook which can be used across different providers.”
You can use this tool for security patching, tracking, accessing cloud VMs, setting code in motion, controlling SSH keys, setting up databases, and configuring webservers.
Raun also recommends an open source project that uses Ansible, Streisand. Streisand allows you to co-manage various cloud infrastructures and platforms. It becomes very simple to do something like deploy a VPN system-wide, smoothly and efficiently.
A Few Tips from Experience
Here are a few of the lessons learned by Raun since he started using Ansible for configuration.
#1. Actually try out the various features.
You may find yourself veering toward the shell and command modules when you first start in with Ansible. Try the other ones. You will likely find real value in them, said Raun.
#2. Reuse your roles.
Initially, Raun had different folders for each new project. He would always find himself copying things between projects with small adjustments. Basically, it was a tedious task. Then Raun learned from his coworkers that you can set up your roles so that they are modular and repeatable.
#3. Keep testing.
Raun advised frequent testing. Everyone knows that’s good practice, but it may “become difficult to test modifications when both sysadmins and developers are making changes to different parts of the same architecture,” he said. “One of the reasons I chose Ansible is its ability to be used and understood by both traditional systems administrators and developers.” In others words, it’s a DevOps app.
One way that becomes obvious is how easily it integrates with a main development control panel like Vagrant, said Raun. By using both of the systems, you can be sure that what’s in operation is replicable in a local setting. That’s important when you are talking about something like configuration. Once you test changes, you should feel reasonably certain that nothing should go wrong.
Of course, Ansible is not the only option for configuration management. In fact, some of the strengths discussed above are available through other systems too.
Raun concluded with a glowing review of Ansible from a general perspective. “Ansible can help you maintain and manage any server architecture you can imagine, and it’s a great place to get started in the world of automation.”
Cloud from Infrastructure Experts
Do you need hosting for Ansible or other projects? At Atlantic.Net, we offer the best-in-class cloud servers backed by 100% enterprise SSD storage – up in 30 seconds.