What is our primary use case?
My use cases with Ansible include configuring network devices. That is what I used it for when I was first learning Ansible. I then automated PKI (public key infrastructure) compliance. That particular domain has different servers and I developed an automation solution, using Ansible, to automate the configuration of the PKI servers. And for the last eight or nine months, I have been working on automating cloud solutions, such as deploying services or upgrading or migrating to a specific version of a product.
I am working on a client network, and that client also has clients who are hiring our client for hosted services, such as websites or internal applications for their employees or for their end-users. All the database-related activities and operations are being handled by our client. What I am doing, in that context, has to do with patches. There are patch releases, or bundles, or package upgrades, but the developers of those packages can't go and directly upgrade the particular sites of every customer. So we have developed an automation solution for them, using Ansible, that can directly trigger these processes. They can point out that "this is the package," and our automation in the backend, using Ansible, takes care of it.
It's a tool to automate different domains and Ansible can reduce human efforts for two domains in particular. One is DevOps and the other is network automation.
How has it helped my organization?
It's a total automation tool. Where you might need 100 employees to do a certain type of work manually, by developing Ansible modules, that type of work can be done by one employee. It just requires a simple SSH to the target nodes and then you can do whatever you want.
We had a scenario, the public key infrastructure project, in which there were multiple components. Some of my colleagues had automated some domains, such as a firewall domain. We then needed to integrate components, the firewall servers and the PKI servers, so that they could communicate with each other, and for security purposes. Ansible helped with that.
When you compare a process done by Ansible with human effort, there is a large time-reduction ratio. In a scenario involving networking, if it is done manually, the human effort will involve logging in to the system, entering user credentials, installing software, and configuring it to make the system ready. If there are 100 such systems, we would need to do the same process to all 100 systems, one by one. Whereas with Ansible, you just need to configure the IP addresses of those systems and, with one click, your job is done.
And when we integrate Ansible with a CI/CD tool, like Jenkins or Bitbucket, that reduces service deployment time by more than one hour. Also, we have site deployment where we require multiple servers. For example, when we have a database server, it needs many other components as well. When we deploy all those services manually, using a UI or a console in the cloud, it takes more than 10 hours to deploy one site. With Ansible, we automate that task once and it can do it in an hour, and the site will be provisioned successfully.
What is most valuable?
One of the most valuable features is that Ansible is agentless. It does not have dependencies, other than Python, which is very generic in terms of dependencies for all systems and for any environment. Being agentless, Ansible is very convenient for everything.
If you are good at Python and willing to customize Ansible modules, you can develop Ansible modules and, at one go, you can automate whatever you want.
When I started learning Ansible, I didn't know Python or any other programming language. But even so, I was easily able to understand what Ansible is doing and how I should write a playbook so that Ansible executes its tasks properly and the results are met, per my requirements. It's a simple English language and YAML script. Even folks with a non-IT background can write Ansible playbooks.
I have also been using Ansible Tower for about six months. It is nothing but a GUI version of, or experience with, Ansible. Ansible itself is a simple CLI tool, but with Ansible Tower there is a GUI, similar to Windows and Linux. There are a number of Ansible Tower servers, so if you want to run playbooks on multiple systems or you want to run multiple playbooks at the same time, you can do so using Ansible Tower. It is very dynamic. It's very easy to use. Even a non-IT employee or a non-IT student can understand Ansible Tower. The UI is very simple. Moreover, it has LDAP, Active Directory, and many other integrations, by default.
Suppose you have set something up, that you have pushed some code to the repo. Even your colleagues can test it using Ansible Tower. Or suppose I have run an Ansible Tower job and I am facing an issue with it. I can give a colleague the job ID and ask them to have a look and help me resolve it. That type of process is very easy, as Ansible Tower is like a common infra for employees to work together.
Ansible Tower provides a central solution for automation. For example, in the previous project I worked on, we were automating some domains. Then we provided the sandbox URLs to the client for them to test whether the code the vendor had provided was working properly. They were able to run it in different ways with Ansible Tower. They used the Ansible Tower jobs with which we tested things for reference. Ansible Tower is a kind of UI dashboard for Ansible end-users. That is an added advantage of Ansible Tower: Whatever Tower jobs you have run are saved in Ansible Tower.
What needs improvement?
The area which I feel can be improved is the custom modules. For example, there are something like 106 official modules available in the Ansible library. A year ago, that number was somewhere around 58. While Ansible is improving day by day, this can be improved more. For instance, when you need to configure in the cloud, you need to write up a module for that.
For how long have I used the solution?
I have been using Ansible for approximately one and a half years.
What do I think about the stability of the solution?
I believe no other tool can match the stability of Ansible. It is an agentless tool; it is SSH. Other comparable tools, like Puppet, Salt, and Chef, all require some kind of agent on the target node. Ansible only requires a Python dependency, which is very common in any operating system.
What do I think about the scalability of the solution?
It's very scalable. If there were a graph showing scalability, Ansible would be at the peak on that graph.
How are customer service and support?
I have not used Red Hat's technical support specifically for Ansible, but when learning Ansible I used their partner program and I felt it was the best.
Which solution did I use previously and why did I switch?
When I started in automation, Ansible was the first tool I used.
How was the initial setup?
The initial setup of Ansible is very straightforward. There are no dependencies. You just run a simple, single line command and your Ansible is ready. It hardly takes two minutes.
What's my experience with pricing, setup cost, and licensing?
If you only need to use Ansible, it's free for any end-user, but when you require Ansible Tower, you need to pay per Ansible Tower server.
Which other solutions did I evaluate?
Apart from the fact that Ansible is agentless and open source, it's the best because you only require an IP and the credentials of any target server, and half of your work is done.
What other advice do I have?
Ansible is an open-source tool, so it can be integrated with any of the cloud services, including AWS, Google Cloud Platform, Azure, very easily.
Based on my experience, I would suggest that anyone starting out with Ansible be familiar with SSH commands and Linux administration. That should be more than enough for Ansible beginners.
Which deployment model are you using for this solution?
Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.