image-openlogic-blog-ansible-architectures-ansible-orchestrations
December 11, 2019

An Overview of Ansible Architectures and Ansible Orchestrations

Containers
Development

Time to read: 10 minutes.

Why You Should Read This Blog

Blogging 1,000 words about seamless orchestrations with Ansible is a daunting task. Just the Ansible Galaxy directory has 18,259 publicly accessible roles in 71,610 files with over 317,757 tasks using around 2,500 Ansible modules! I hope these figures interest casual blog readers to learn more about Ansible orchestration and Ansible architectures.  However, if you are an advanced Ansible user, I encourage you to read on to the Explorer section near the end of this blog to whet your appetite!

Warning : This blog is not about Ansible-related concepts, inventories, Galaxy, constructs as playbooks — or advanced topics in containers, virtualization — or network automation. 

What Is Ansible? 

Ansible is a “radically simple IT automation engine” that automates cloud provisioning, configuration management, application deployment, intra-service orchestration, and many other IT needs.

Why Do You Need Orchestration?

Organizations seeking holy-grail methods to improve business agility have realized that just having a virtual cloud infrastructure is not good enough to meet today’s requirements.

Being able to continually improve metrics around application deployment timeframes, infrastructure downtime, and the elimination of daily manual tasks can ONLY be accomplished through seamless orchestrations. And they are needed to implement modern microservices architectures.That’s because orchestrations provide the instructions needed for automated workflows, including which steps need to be taken, by which services, and when. 

Ansible: The Leading Open Source Orchestration Engine 

Real-world app-deployment stacks involve lots of different classes of systems and environments, all working in concert. To really deliver seamless orchestration, you need an outstanding workflow engine that also provides tools for managing application configuration and deployments. 

Ansible is the leading open source automation and orchestration engine. At a very high level, here’s how it works:

  • You use the simple YAML language to write a playbook, which maps out the steps in your orchestration.
  • The Ansible open source orchestration engine automates your playbook.

Your playbooks, which are managed by the Ansible orchestration engine, can:

  • Specify the inventory or the machines involved in your orchestrations.
  • Use APIs written in Python to enable additional connection types, callbacks, and server behaviors.
  • Include ready-to-go modules for integrating with hundreds of technologies and services, as well as those that you write in any language that can return JSON.
  • Use plugins to enable automation steps such as actions, tests, and connections with caches and inventories.

And as it orchestrates playbooks, Ansible connects with networks and hosts.

An Ansible Architecture Visualized

Here’s a high-level illustration of an Ansible architecture: 

image-openlogic-blog-ansible-architecture-overview

Integrating Testing with Rolling Upgrades

The key to learning how to use ‘Ansible’ properly is to study the requirements of its design-principle needs for seamless orchestration. One of the key design goals of a seamless orchestration is ensuring rolling upgrades with zero downtime. And to do this, you’re going to need to integrate testing with your rolling upgrades.

As we see in the following code-snippet sample, it is possible to define pre_tasks and post_tasks for testing checks for managing LB pool entries.

---

- hosts: webservers
  serial: 5

  pre_tasks:
    - name: take out of load balancer pool
      command: /usr/bin/take_out_of_pool {{ inventory_hostname }}
      delegate_to: 127.0.0.1

  roles:
     - common
     - webserver

  tasks:
     - script: /srv/qa_team/app_testing_script.sh --server {{ inventory_hostname }}
       delegate_to: testing_server

  post_tasks:
    - name: add back to load balancer pool
      command: /usr/bin/add_back_to_pool {{ inventory_hostname }}
      delegate_to: 127.0.0.1


Dynamic Inventory at Scale

You can use Ansible to maintain control over dynamic inventories with an open source cloud platform. Here is an example of inventory orchestration with Openstack:

https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/openstack_inventory.py

wget
https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/openstack_inventory.
py
chmod +x openstack_inventory.py

--verify near real-time with 

ansible -i openstack_inventory.py all -m ping
sudo cp openstack_inventory.py /etc/ansible/hosts

Download the sample configuration file, modify it to suit your needs and copy it to

/etc/ansible/openstack.yml

wget https://raw.githubusercontent.com/ansible/ansible/devel/contrib/inventory/openstack.yml
vi openstack.yml
sudo cp openstack.yml /etc/ansible/
--test

/etc/ansible/hosts --list
--refresh the inventory or clear cache to minimize repeated REST/api calls 

./openstack_inventory.py --refresh --list

 

Hybrid-Cloud Orchestration

With Ansible, you can create hybrid-cloud orchestrations that function seamlessly! That’s because Ansible can use multiple inventory sources from multiple cloud providers at the same time. And you can mix both dynamic and statically managed inventory sources in the same Ansible run.

Notifications

So how do you know whether your orchestrations are working? Take advantage of Ansible’s automated notification options. You can configure  real-time notifications that alert you about the success and failure of tasks via Slack, email, and even IoT devices. 

For example, here is a sample of how simple the code is to set up notifications via Slack:

- name: Send notification message via Slack all options
  slack:
    token: thetoken/generatedby/slack
    msg: '{{ inventory_hostname }} completed'
    channel: '#ansible'
    thread_id: 1539917263.000100
    username: 'Ansible on {{ inventory_hostname }}'
    icon_url: http://www.example.com/some-image-file.png
    link_names: 0
    parse: 'none'
  delegate_to: localhost

Here is sample code that sets up notifications using old-fashioned emails:

- name: Sending an e-mail using Legacy SSL to the remote machine
  mail:
    host: localhost
    port: 25
    to: John Smith <[email protected]>
    subject: Ansible-report
    body: System {{ ansible_hostname }} has been successfully provisioned.
    secure: always

This code sends alerts via IoT devices:

- mqtt:
    topic: 'service/ansible/{{ ansible_hostname }}'
    payload: 'Perforce it at {{ ansible_date_time.iso8601 }}'
    qos: 0
    retain: False
    client_id: ans001
  delegate_to: localhost

Ansible and Continuous Integration

Now that you have an automated way to deploy updates to your application, how do you tie it all together? A lot of organizations use a continuous integration tool like Jenkins or Atlassian Bamboo to connect development, test, release, and deploy steps. You may also want to use a tool like Gerrit to add a code review step to commits to either the application code itself, or to your Ansible playbooks, or both.

Create Your Own Ansible Module and Command Set 

Once you have mastered the key Ansible concepts, you might feel encouraged to create your own module and command set. Just be sure to check the new Ansible module repository on GitHub first, because your idea might already exist.

And remember to have the proper include within your module, as shown!

import ansible.module_utils.basic 

and execute!

run_command(args, check_rc=False, close_fds=True, executable=None, 
data=None, binary_data=False, path_prefix=None, cwd=None, 
use_unsafe_shell=False, prompt_regex=None, environ_update=None, 
umask=None, encoding='utf-8', errors='surrogate_or_strict', 
expand_user_and_vars=True, pass_fds=None, before_communicate_callback=None)

Explorer Section — Depending on Your Perspective! 

Blogs without any type of exercise is probably boring. So, here are some terms worth exploring:

  • agnostic_become_prompt 
  • cow_whitelist 
  • pipelining 
  • become_allow_same_user 
  • allow_unsafe_lookups 
  • callable_whitelist 
  • gathering 
  • libvirt_lxc_noseclabel 
  • null_representation 
  • squash_actions 
  • role_skeleton_ignore 
  • inject_facts_as_vars 
  • old_plugin_cache_clear 
  • python_module_rlimit_nofile 
  • precedence string_conversion_action

Kubernetes for Container Orchestrations

Want to learn more about orchestration? Read my blog about Kubernetes called, How to Get Up and Running With Kubernetes Using MicroK8s.