You don’t have to be an IT pro to understand the following maxim: Automate or get automated. We’ve all seen the effects of automation over the years. IT pros are long past the days of writing only batch and shell scripts to automate tasks. With the advent of sophisticated data centers and cloud implementations, workers in nearly every job role need to know how to automate sophisticated tasks.
It doesn’t matter if you are a technical support specialist, cloud DevOps engineer, or security analyst. You need skills in automated configuration management. We have so many devices and systems. Even the best command line hotshot can’t manage every instance. You need to automate.
Automated configuration management tools
So many configuration management platforms exist to help automate tasks, including those listed in the table below. The goal behind these tools is to conduct sophisticated tasks on multiple remote systems with as little human involvement as possible.
Common IT Automation Tools
|
Tool |
Description and Characteristics |
|
Uses the YAML language to create sophisticated scripts, which are called playbooks, and relies upon Secure Shell (SSH), rather than a separately installed agent, to connect to remote systems. |
|
|
The term “recipe” is used to describe resources you wish to manage, and the term “cookbook” is used to describe how to automate the process of managing resources; Ruby language is used to create scripts. |
|
|
Uses the term “manifest” to describe each resource (a server or an Internet of Things (IoT) device) and then uses the term “module” to describe the tasks you wish to automatically manage; scripts are created using the PuppetDSL language. |
|
|
It uses either HashiCorp Configuration Language (HCL) or JSON to create modules that describe the tasks you wish to automate. |
The tools listed above are either open-source or have open-source versions. There are many more configuration management tools available, but I’ve been hearing about these lately. Let’s take a closer look at Ansible.
Setting the foundations for Ansible
Because Ansible doesn’t use its own installed agents to help you automate tasks, it relies upon the following underlying services to run properly:
- Secure Shell (SSH): The de facto standard for managing remote systems. You will want to configure SSH for public key authentication before using Ansible.
- Domain Name System (DNS): While not absolutely necessary, it’s always a good idea to have a solid, working DNS implementation in your network.
One complaint IT hiring managers have is that workers don’t have a good understanding of fundamentals and fundamental skills. When pressed for more information, they’ve named using SSH, DNS, and Ansible as three of those fundamental skills.
To get started with Ansible, you’ll need to meet the following conditions:
- Ansible is installed on all systems you wish to manage
- Sufficient permissions to issue commands on remote systems
- A valid Ansible playbook
Running a playbook with Ansible
If you want to use Ansible to automate the configuration of remote servers, you’ll need to create a playbook.
In this example, I’m cleaning up a single remote Ubuntu Linux system by first removing older files from its apt-get cache. The apt-get utility is used in Linux systems to install, remove, and manage applications and services, much like the Windows Add/Remove utility from Control Panel. Using the auto-remove command in apt-get is sometimes necessary to free up disk space.
I then tell Ansible to remove the openvpn utility from that system in this playbook. There’s nothing wrong with openvpn; I use it all of the time to create Virtual Private Network (VPN) connections. But, for the Linux server I’m configuring, I don’t need openvpn installed.
I then told Ansible to create a remote directory that I would use to store some backup files. Notice that I can even set permissions exactly the way I want them on that directory; granular control is possible using Ansible or any similar tool.
Normally, I would have to issue several different commands to accomplish these tasks. But now that I’ve configured this Ansible playbook, I can get each of these tasks done with just one command:
$ ansible-playbook ubuntu_linux_system_maintenance.yaml --extra-vars "ansible_sudo_pass=ubuntu123"
Figure 1 below shows the results of the successful playbook.
Figure 1: Ansible completing its tasks
You’ve now seen a simple example of how you can use Ansible to configure a remote system. Imagine if I had 20 more Ubuntu Linux systems that needed the same attention. Instead of running multiple commands on each system manually, all I need to do is specify the IP addresses or DNS names of those additional systems in my playbook. With one command, I can manage all of those remote systems in a matter of seconds.
Pretty cool, huh? And that’s just a simple example of the sophisticated tasks you can automate and eventually orchestrate using a tool like Anisble.
I talk regularly with IT pros who use Ansible to remotely administer hundreds of remote systems, both in data centers and in the cloud. They say they couldn’t do their jobs without it.
Getting hands-on practice
You don’t have to use Ansible, of course. Many other tools exist. If you’re learning, I highly recommend that you get a good underlying IT infrastructure going and then delve into one or more of the automation tools I’ve listed above. As you move from simple “hello world” types of scripts into more sophisticated playbooks, recipes, and cookbooks, you’ll find yourself in high demand, both in the cloud and the data center.
CompTIA Server+ and CompTIA Cloud+ cover the skills needed for data center and cloud automation. If you know which certification is right for you, download the exam objective for free to start studying.