your123 - stock.adobe.com
Ansible overhaul promotes IT automation expansion
Ansible Automation Platform 2 makes it easier to centrally manage IT automation at scale, but enterprises must also contend with technical debt as they grow.
A major update to Red Hat's Ansible Automation Platform is aimed at helping enterprises coordinate IT automation throughout large, distributed organizations, but such projects come with significant challenges.
Ansible is among the tools commonly used by IT ops pros for IT infrastructure automation tasks such as configuration management and infrastructure as code to support DevOps deployments and pipelines. Depending on the environment in which it's used, it competes with tools such as Progress Chef, Puppet, Pulumi, VMware's SaltStack and HashiCorp's Terraform.
The use of such tools has become ubiquitous alongside DevOps, microservices apps and Kubernetes container infrastructure; Ansible has typically appealed to IT pros who wanted to avoid Chef's Ruby-based recipes and domain-specific languages from HashiCorp and Puppet and are already familiar with YAML and Python.
Such tools are also increasingly becoming part of broader DevOps platforms that centralized IT ops teams offer to developers on a self-service basis. Vendors such as Red Hat have been adjusting their products accordingly to appeal to IT buyers in such environments, which now includes the introduction of Ansible Automation Platform 2.0 this week.
"Part of what [Red Has has] done is add a more distributed approach that should allow those organizations to move faster without a lot of Ansible knowledge," said Jim Mercer, an analyst at IDC. "What they're trying to do is present Ansible as an automation platform that makes it easy to consume and reuse content without reliance on an automation team."
Reps from large Ansible customers such as JPMorgan Chase and Discover Financial Services said in presentations at the AnsibleFest virtual conference this week that this kind of self-service access matches the ways they've begun to spread IT automation throughout global organizations.
"A lot of automation teams that run Ansible, you put a request in to their queue to build you a playbook and then you get a playbook that you run, or they build your automation for you," said Beth Boy, executive director of global technology at New York-based JPMorgan Chase, a financial services company, in an AnsibleFest presentation. "[Instead,] we provide a framework for our customers to be able to create playbooks and execute those playbooks ... with the proper controls and auditability necessary for our industry."
Ansible Automation Platform 2.0 brushes up container support
Ansible Automation Platform 2.0, released in early access this week with general availability expected in November, reworks the fundamental architecture of the tool to improve support for deployment on Kubernetes and containers, including a new OpenShift Operator that can perform automatic installation and upgrades.
With this update, the Ansible Tower management server is now called an automation controller, which communicates through automation mesh network overlay with a set of distributed automation execution environments, a setup more in keeping with the way cloud-native distributed applications are built to run flexibly as demand scales. The update also adds a content navigator to coordinate management of Ansible content collections such as playbooks and libraries among the execution environments.
"Historically, with Ansible Tower, you have had to manage the environment that Ansible runs in using virtual environments ... [and] log in to each of your execution nodes on Ansible Tower to manage the dependencies in the software," said Matthew Jones, chief architect of Ansible Automation at Red Hat, in a keynote presentation at AnsibleFest. "This gets tricky as your environment scales."
Some customers already using Ansible for IT automation found ways to reduce that manual labor, including GitOps-style deployments for playbook updates along with virtual machine-based autoscaling to accommodate increases in traffic load.
Ansible also previously supported container-based deployments, though it required more bespoke effort to do this than the new version will, said Michael McCarthy, a delivery architect for Gamesys Group, an online casino company based in London.
"Up until now, Ansible has always made available a container-based run ... but it's quite vanilla compared to a VM that has virtual apps installed on it, so every time someone wants a new virtual environment, we'd have to build a new container," McCarthy said in an interview. "We were thinking maybe we should sort of suck it up and come up with our own way to do that, but execution environments basically solve that problem."
Gamesys uses Red Hat OpenShift, where the new Operator will help to manage and elastically scale IT automation resources. It will also mean McCarthy's team can use the monitoring and workflow tools they've grown comfortable with under OpenShift to manage Ansible.
IT automation domination comes at a price
Large companies such as Discover Financial Services that have coordinated large-scale IT automation rollouts say such efforts have been worthwhile but have also required major organizational changes to get right.
At Discover, standardized IT automation required top-down mandates from the company's CEO and CIO, a realignment of employees into "communities of practice" around automation, and extensive use of data analytics and metrics to measure progress.
Joe MillsDirector of process engineering, Discover Financial Services
"This transformation has been extremely successful, but that does not come without hiccups and constraints," said Joe Mills, director of process engineering, consulting and automation at Discover, in an AnsibleFest presentation.
For companies that have been around for a while, this won't be the first such organization-wide initiative employees have seen launched -- and in some cases, fail, added Kelly Fitzpatrick, a RedMonk analyst, in an AnsibleFest talk. IT teams introducing new automation initiatives must also deal with the apathy that can result from such experiences.
"In most organizations, there is a mix of developer experience levels ranging from early career developers to folks who are on their eighth or ninth round of modernization and the ennui that goes with that," Fitzpatrick said. "Many of these folks have learned to wait and see if this newest technology initiative is going to actually follow through on the promises that it makes."
Even among companies that have bought into IT automation extensively, technical debt can arise when automation tools change significantly, as Ansible Automation Platform will with version 2. At a company like Gamesys that has already scaled IT automation practices well beyond the average organization, moving to the new Ansible controller and mesh will take significant time and effort.
However, manual IT operations also incur their own technical debt, which may be more difficult to manage, McCarthy said.
"A lot of the manual tech debt that I've come across has been invisible," he said. "At least when it's in code, you can read it and it's a problem that can be tackled, which is better than 'How did this get here?' If I have to pick, I'll take the visible stuff."
Beth Pariseau, senior news writer at TechTarget, is an award-winning veteran of IT journalism. She can be reached at [email protected] or on Twitter @PariseauTT.