Red Hat Ansible Automation Platform Reviews

We use Ansible for infrastructure code. We also use CloudFormation. 

Ansible provides a central solution for automation for our customers.

We deploy this solution on AWS. We are a cloud company so that is why we don't have anything on-premises. We prefer a cloud approach, and we have almost everything in GCP or in AWS. The solution hasn't required us to change our existing infrastructure. We are using the server version 17. We use Ansible plus Ansible Tower, which is Ansible AWS.

The solution is user-friendly for our staff, although some activities are unique and are not being repeated several times, so we need to do those things manually.

We have around 25 people doing this same job. Before using this solution, we had more than 100 people for the same amount of work. This solution has definitely helped us to reduce and optimize our efforts.

One of the most valuable features is automation. We are doing automation infrastructure, which allows us to automate regular tasks. This solution provides us with a service catalog, like building new services and automating daily tasks.

The language is very intuitive. The solution is easy to learn. The solution enables us to deliver incrementally. We are able to expand this facility by implementing more templates and using them digitally.

We are an international company, so we use this solution with a collaborative approach internationally. 

The solution enables us to enforce the same security settings, so it's quite easy to maintain. There can be human mistakes, which can make security unreliable, so that is why we prefer this security policy.

We would like support for the post-integration of this product before cloud frameworks because right now their approach is to avoid using on-premises activities and move everything to the cloud. This is why we choose Ansible, but we would like Ansible to stay as close as possible to recent trends coming through AWS, for instance. We have a chance to automate those processes by using Ansible, so there is interoperability of those products.

I have been using this solution since 2015.

The solution is stable.

The solution has reduced the amount of downtime for users. It can automate some maintenance activities, which are out of operating time. If those activities can be automated, that can dramatically reduce downtime. If those activities can't be re-automated, then it's semi-automated, which would mean human effort plus automation together. In general, yes, we can automate maintenance or downtime activities, but that depends on the input for this. If there is some sort of disaster, then there would be a different approach.

Technical support is very good, especially from Red Hat.

We have used Red Hat Satellite and Red Hat CloudFormation.

CloudFormation is like a showcase of our service catalogs. We provide that to our customers. It's tightly integrated with Ansible and frameworks. The customer can choose from the service catalog, and if it's automated, the customer can see how much it was from a cost point of view. CloudFormation reduces work activities on the ground.

Initial setup was complex.

To deploy everything from the Red Hat portfolio took one week per customer.

Our strategy combines very closely with cloud, which is why our approach is complex. We are trying to persuade and migrate customers to the cloud, AWS, or GCP, and as an additional value, we can automate and more or less migrate it to an environment to bring new approaches and make this cloud solution beneficial to customers.

Yes. We saw ROI three or four years after implementing the solution.

You don't need to buy agents on servers or deploy expense management when using the solution, which affected our decision to go with it.

We also bought this solution because it was better than some competitors, like Puppet and Chef, and because of the automation.

It has helped our organization save time when it comes to service deployment, moves, and updates. We used to have 120 employees, and now we have just 25 for the same amount of activities.

I would give this solution 10 out of 10. 

The lesson I've learned is that automation is the way because without automation, it's quite impossible right now to maintain a very large environment, especially in public clouds like AWS or GCP.

We're quite unique because we use the public cloud environment together with one product.

We use it for patching and configuration management.

We are a healthcare institution. We have less than 500 hosts. Ansible is used between the infrastructure and applications, and primarily has Red Hat as the OS.

It has improved our organization through provisioning and security hardening. When we do get a new VM, we have been able to bring on a provisioned machine in less than a day. This morning alone, I provisioned two machines within an hour. I am talking about hardening, installing antivirus software on it, and creating user accounts because the Playbooks were predesigned. From the time we got the servers to the actual hand-off, it takes less than an hour. We are talking about having the servers actually authenticate Red Hat Satellites and run the yum updates. All of that can be done within an hour.

• Ad-hoc commands
• Playbooks
• Setting up and deleting users
• Patching
• Using it for quick and dirty deployment of scripts.
  

The YAML syntax is easy to use, but it takes some getting used to. I feel like Microsoft Visual Studio helps with the YAML syntax, lining it up correctly. However, if you're doing it from the command line without actual spacing, that could be a little problematic. The new version of Visual Studio is quite helpful because Git is integrated with it. The YAML markdowns are also in place. My staff doesn't need special coding skills to use it.

We have multiple Playbooks to configure a server. We can break it up or make one main YAML script to push out all the individual dependencies.

When you set up Playbooks, I may have one version of the Playbook, but another member of the team may have a different vision, and we will not know which version is correct. We want to have one central repository for managing the different versions of Playbooks, so we can have better collaboration among team members. This is our use case for using Git version control.

Collaboration across teams is a great goal to accomplish, but that would necessitate more visibility to other teams of what Ansible is capable of with the database teams and other individual applications. Because we have so many applications, I don't know if they are aware of how Ansible could be beneficial to them. That would necessitate a broader conversation within the IT infrastructure application teams.

While it saves time with fewer moves, there could be still room for improvement because we do not actually manage the VMs. Instead, this is managed by the Windows team, who spins up the VM. Then, once the VM is handed off, we do the security hardening. If we received the request from the application owner to spin up the VM to hand it off, then we could take that entire process and get it streamlined. Whereas, it is handled by a different team right now.

It would be great if we could leverage Ansible Tower and Red Hat Satellites more. 

API integration would help because right now our security team uses Splunk, and they are independent of my team, which is the Unix team. Therefore, if we could tie in Splunk with products, like Ansible, Cylance, and Rubrik for backup, then we could get all that information in a central console. We have not previously raised this suggestion because our Ansible Engine needs to be upgraded so we can get support for the Ansible product.

We have been using Ansible for at least four years.

We have not had any issues with Ansible. One of the projects that we have allocated for this year is to migrate our control station from RHEL 6 to RHEL 7.

We really don't have anyone maintaining it. It was a plug and play solution. We downloaded Ansible and ran it, because everyone knows how to use Ansible on the team at this point. Right now, I am trying to get to the next phase of using Git to set up more version control.

The scalability is excellent.

Four guys use it on the Unix team.

We were previously using Bash scripting. 

We did try BigFix for two years. However, because of costs, Ansible proved to be better cost-wise. The licensing fee was a big issue with using BigFix. Control from the BigFix perspective was a concern, because you were locked into the GUI. With Ansible, we were able to do everything from the command line and touch the entire environment from the command line. Once you use BigFix and an issue, you then have to log out or go into the box from one of the servers, but you were locked into the GUI in BigFix.

It is agentless. All we had to do is set up the control station, then Python was installed on all our Linux hosts. So, it was easy. The deployment took less than an hour.

The SSH keys were already in place. We already had the account, where we tested it out beforehand. Therefore, we knew exactly what we needed to do to deploy it. The keys were the hardest thing to set up and that was already in place (prior to Ansible).

The entire Linux group of four guys was involved in the deployment. We never had to use Red Hat resources to set up Ansible.

Ansible is primarily used for provisioning or hardening our servers. The realization of getting a server from testing to actual production is very short in our environment because the processes have been streamlined. Before Ansible, the processes were a lot more unwieldy. We went from a week to less than a day where you can get your server hardened, provisioned, and handed off to the application owner.

Costs are negligible when using Ansible. The costs are just learning to use the solution's various options. We save time and efficiency versus other solutions.

We have tested out Ansible Tower, but there is a budget issue, so that is in our next phase.

Red Hat's open source approach was a factor when choosing Ansible, since the solution is free as of right now.

We have Red Hat Satellites and looked into Red Hat Insights, which we are still not fully deployed on yet. The integration between Red Hat solutions is seamless.

We looked into BigFix. I also looked at SaltStack and Puppet, but didn't get anywhere with that. I wanted something that had ease from a management perspective. Other solutions besides Ansible needed us to use agents, and I felt that would cause too many problems. Management didn't want a disruption of servers or downtime. I couldn't give them the assurance that installing something with an agent would not cause issues. So, this affected our decision to go with Ansible.

I don't think any product that we looked into could compare to Ansible.

Test the environment because it is easy to use. Once you are proficient with Unix and Linux, it is extremely easy to use it: Setting up the inventory system, YAML files, and SSH keys.

I have no complaints about Ansible. I just wish I had more time to really delve into it.

I think we not using Ansible to its fullest potential, because of:

1. Training.
2. Time.
3. Not knowing all the options available.

I haven't been exposed to Ansible Tower much. I have only tested it out three times. Right now, I am a little rusty on it, so it will take some getting used to again. It is more GUI-based, so it is pretty user-friendly.

The biggest lesson learnt: There are multiple ways of doing the same thing.

I would rate this solution as a nine (out of 10) because of the configuration management for all our servers in the environment. It can be used within the networking field for all devices, such as Cisco switches. The solution speaks to Windows hosts as well. It just takes time to use all the functionality and get it visible across the organization.

We use it for the bot. It helps to keep tracking all the automation processes that are ongoing in your ecosystem

It helps with patching and keeping everything compliant.

Automation tracking is the most valuable feature. 

The SSM connection access needs improvement because right now, they do everything through SSH.

I have been Red Hat Ansible Automation Platform for a few years. 

The solution is very stable. 

If there's some cloud add ons, we would increase the usage. Only admins use the solution. 

We just create a server, and then we use that server to on-premesis.

Ansible has good performance. Overall, I rate the solution an eight out of ten. 

We use it mostly for remote execution.

The most valuable feature of Ansible is repeatability because when you're working at the DoD, you want things to be cookie-cutter and replicable.

Red Hat Ansible Automation Platform helps us achieve our mission because it's easy to write.

The Red Hat solutions fit together pretty well and work in conjunction with one another.

Networking needs to be improved.

I've been using Ansible for at least a year.

As long as it can communicate with the target, there's usually no problem with the stability.

We used Puppet and switched to Ansible because it's an agentless solution.

On a scale from one to ten, I would rate this solution at nine.

We use the solution for Linux patching automation. Currently, we are using the solution for patching normal configuration-related work. However, we also plan to use it for the provisioning of the servers.

The most valuable features of the solution are automation and patching.

The solution is slightly expensive, and its pricing could be improved.

I rate the solution ten out of ten for stability.

Red Hat Ansible Automation Platform is a scalable solution. Around 300 to 400 users are using the solution in our organization.

The solution’s technical support is very good.

The solution’s initial setup is very easy.

The solution can be deployed within a day if you have all the resources. To deploy the solution, you need to check if you have a proper infrastructure and everything in place.

Users with the right environment, like Linux, should go for Red Hat Ansible Automation Platform. With the Red Hat Ansible Automation Platform, we don't have to do manual things, increasing our efficiency. The solution helps us complete our complex work very easily, increasing efficiency.

Overall, I rate Red Hat Ansible Automation Platform ten out of ten.

We use the Red Hat Ansible Automation Platform for infrastructure provisioning as well as application deployment on Kubernetes and virtual machines.

We don't use Tower very often. We are currently primarily using the Ansible Playbook.

There are new modules available, which help to simplify the workflow. That is what we like about it.

When compared to Terraform, the execution speed of Ansible is very slow due to the way it executes things.

Improvements should be made in terms of execution speed, which is, I believe, the most lacking feature. Aside from that, re-triggering a failed task is another useful feature.

I have been working with the Red Hat Ansible Automation Platform for approximately one year.

I don't remember the exact version we're working with, but it's N-1.

Red Hat Ansible Automation Platform is a stable solution.

I've had no issues with the scalability of the Red Hat Ansible Automation Platform.

Our organization has four to five administrators who use this solution.

We have contacted technical support. I would rate them a four out of five.

Positive

We are also using Terraform.

The initial setup is quite straightforward.

This solution does not require specific maintenance.

The deployment was done in-house.

The cost is determined by the number of endpoints.

A license is required, if you are using Tower, we don't use it very often.

It is slower than other solutions.

Terraform is better for infrastructure provisioning. However, once the infrastructure is provisioned, we don't see any alternatives to Ansible.

I have a partnership with Red Hat.

It's clear and simple, and there's plenty of help available.

I would rate the Red Hat Ansible Automation Platform an eight out of ten.

Server configuration management: This is Ansible's forte as it has multiple modules to interact with servers either to orchestrate or configure them. This can take multiple forms like pushing a script and executing it, sending commands to restart services...

Network configuration management: Ansible coupled with Jinja2 allows to push parametered configurations in a reliable way. Support for network gear isn't as common as server/development use cases. But, with some hacking, it can be managed

The tool can also be used for CI/CD software deployment, But, we didn't explore this topic with it that much, yet.

Ansible provides great reliability when coupled with a versioning system (git). It helps to provide predictability to the network by knowing exactly what's being pushed after validating it in production.

It is very hard to manage more than a hundred servers with redundant configurations manually. It is too prone to error and troubleshooting can easily become a nightmare. This is why it is very beneficial to use an automation platform like Ansible coupled with configuration management/versioning (Gtilab, Gogs) and some best practices around that.

• Reliability & reproducibility: Being able to design playbooks that can be validated in the development environment, QA, then production is very valuable. This helps reducing configuration errors and provides faster deployments.
• Extensibility, versatility. Using its wide range of modules, Ansible can be used with different OSes and systems. In fact, using Ansible modules, one can interface with network gear using NAPALM, for example, or push remotely scripts for local execution on automated platforms.
• Facts gathering: Ansible is able to extract configuration items either to be used later for reporting or to be used as conditions for playbook actions
• Agentless: Ansible does not require to install a local agent on automated devices. It goes through communication protocols like SSH, Telnet, SQL (multiple DBS).
• Dry runs! Better safe than sorry!

• Accessibility. Ansible uses a CLI by default. Those accustomed to it can find their way and adopt the YAML files easily over time. But, some users are more comfortable using UIs.
• Ansible Tower's upstream project, Ansible AWX provides a web UI. But, it can be improved to make it more user-friendly.
• Overall, the learning curve could benefit from an easy to use UI.
• Network gear support is still not that great but evolving. We definitely would like to see a general direction towards those. Especially since there are so many vendors and managing them all from the same platform is a rare plus.
• For Windows, support is getting better, too. 

We've been using it for three years for various automation tasks from local user management (backup & monitoring) to orchestrated configuration updates

It has been very stable till know. As long as you test correctly your playbooks on dev/qa environments, you reduce the major source of concerns

We previously were using custom-made Python scripts for automation. It can weirdly scale well when multi-threading is leveraged correctly. But, it definitely cannot replace an extensible framework like Ansible. 

The community behind Ansible and its important number of modules make it a lot more relevant.

We were also using Puppet at some point. But, it's a bit different than Ansible, it was not a competing usage for

The initial setup is quite easy. Creating your first playbook and inventory can be challenging if you're not used to the underlying technologies.

It's opensource so it's free. But, not free as in beer.

The most important cost here is the learning curve. Small targets like local user management (backup/monitoring) or monitoring configuration management (Syslog/SNMP) are some of the easiest and low-risk ones can learn from. The OPEX gain is high, though. So, the ROI is definitely there.

For the UI, you might want to pay for Ansible Tower. But, there's also the opensource upstream project, AWX.

Chef, Puppet, Saltstack. Ansible proved to have the most traction and its orchestration use-case was a bit different than the configuration management one.

It is used to support WAN network equipment.

Saved time as well as helped support compliance and standards.

The countless modules and products supported.

Error codes are not very descriptive.