Sunday, May 29, 2016

Ansible role terminology towards IT operations

Change Management:-

Change management is fundamental function and all the rest are build around it as core idea. it defines what the system needs to look like and make sure what it is, if its not that state you enforce it. For e.g. A webserver should have apache installed and wanted to installed at version 2.4 and should have started state and anything which deviates from this defined state you dictate a change state and mark that system as changed. System marked changed makes sense more in production system because production system shouldn't be changed like that and you might want to find the cause for the same.

In case of ansible if a system state is same even after change ansible wouldn't even try to change its state and this is called idempotent.


It is built on the change management but it is focussed on a role you are trying to establish. The most basic definition of provisioning is you are transitioning from one system state to another system state expected.

In case of ansible provisioning you can compare same to machine cloning or images in Cloud with  only change is that ansible actually installs and configure everytime instead of creating images from the machine. This can better be understood as lets say you want to configure the ntp server or database server or just want a server to test your code and than want to terminate the same.

The steps for provisioning are very simple like lets say we want to provision a web server. So you first installa Basic OS such as linux or windows. Than you go on installed the webserver software like apache or nginx. copy you configuration and your web files and install your security updates and start web service those are the steps which ansible  will send to the server and provision it for you.


Ansible is an automation tool. Ansible uses ordered tasks or logic controls to determine what to run and when. Using ansible you can update file , change network configurations and even fix the heartbleed type of security vulnerabilities introduced few years ago and all these you could have done with ease. For  e.g. consider a situation where you have fix a security hole on 100s of webservers and that too within an hour. This can easily be achieved by ansible by running the playbooks for the same and it will generate a output log where you can analyze that everything executed properly and if some webserver fails you can go on removing it from the load balancer and analyze the cause for the same.


Automation is used on single system while orchestration runs on multiple system such as a system dependent on another system output to perform a tasks. You cannot have a orchestration without automation. For e.g. Ansible can make sure your database servers are up and  running before the provisioning of the application servers since application servers require database to run applications and a webserver needs the firewall port opens so it can handle the web requests. This includes multiple systems interacting with each other and comes under orchestration. 


Post a Comment