After being bought by Red Hat, Ansible continued to offer a free open source platform, which is currently called the Ansible Project. Red Hat has created proprietary management add-ons that offer an advanced control and centralization of the infrastructure, called Ansible Tower. Red Hat runs the Ansible Automation platform, which is composed of the Ansible Engine and Ansible Tower. This product is fully supported by Red Hat as one of its lead projects.
Ansible project and Ansible Tower
Ansible project
The Ansible project is a build-up of functionalities that come from the original company, AnsibleWorks. It is a community-built automation engine. It is free, open source, and available for anyone to download or install on any Linux OS, using the package manager, source compiling, or Python PyPI. It is very simple, powerful, and agentless.
To use the Ansible automation engine, users do not need any third-party applications or interfaces. They can simply send a command or write a playbook and execute it directly to the engine. This allows the user to access a variety of predefined modules, plugins, and APIs working as building blocks for managing all kinds of IT tasks and network objects. As it is agentless, Ansible relies on SSH to manage the Linux hosts, and WinRM for the Windows hosts. The SSH protocol is also used to control some of the network devices. Some more unsual devices or cloud and virtualization services require the use of Ansible pre-defined APIs to help manage or access them.
Nodes can be defined by their IP addresses or hostname; for the latter, we will have to rely on a DNS server or the local DNS file. APIs are used to communicate with third-party services, such as public or private clouds. Modules, which constitute Ansible's biggest pre-defined function library, allow the users to simplify long and complex tasks into a few lines in a playbook. They cover a large number of tasks, systems, packages, files, datastores, API calls, network device configurations, and so on. Finally, Ansible plugins are used to improve Ansible's core functionality, such as fast host caching, to avoid facts gathering on the network.
Ansible Tower
Ansible Tower is the Red Hat proprietary layer that sits on top of the Ansible project engine. It is made up of a number of add-ons and modules, composed of REST APIs and web services, that work together to create a friendly web interface that acts as an automation hub from which the IT administrator can select a number of tasks or playbooks to be executed on a number of machines. It still relies on the Ansible Engine to send commands and collect the reports. Ansible Tower cleverly collects the status of tasks and the reports that come back from hosts. All of this data is presented in the Ansible dashboard, showing hosts, the status of the inventory, and the recent jobs, activities, and snapshots:
Ansible Tower scales as the environment grows, and acts accordingly by showing in real-time all the statuses of the hosts, tasks, and playbooks. It highlights the successful playbook jobs, as well as those that failed to run, in order to troubleshoot any issues. In its multi-playbook workflows, the user can create pipelines of playbooks to be executed in sequence on any type of inventory, using one or more users' credentials and on a personalized timescale. With pipelining enabled, an IT administrator can automate complex operations (application provisioning, continuous deployment with containers, running test workflows) by breaking them down into smaller tasks using pipelines and, depending on the output (success or failure), run a specific play.
Ansible Tower offers a smart inventory platform that enables you to pull the host's inventory from any source, including a public or private cloud, or a local CMDB. The smart inventory builds hosts caching, which allows the user to run playbooks based on the facts of the hosts, which are pieces of information and properties related to them and gathered by Ansible. It also allows you to set up built-in notifications about the status of tasks, workflows, and playbooks via email, SMS, and push notifications on third-party platforms, such as Slack or Hipchat. Ansible Tower also allows task scheduling for routine updates, device patching, and custom backup schedule options. The following diagram shows the layers of the full Ansible Engine provided by Red Hat:
In this book, we will mainly focus on the open source Ansible Engine, as it is free and accessible to everyone. We believe that learning Ansible has to be started with the basic no-UI version to better understand the inner mechanics of the tool. The reader can migrate easily to Ansible Tower with the engine skills that they have already acquired.