Manage Gcore Edge Cloud Services with Ansible: IaC Capabilities

We recently released the Ansible Galaxy Collection for Gcore Edge Cloud. This is a set of modules and plugins to automate the management of our Edge Cloud services using Ansible. In this article, we’ll look closer at Ansible, its use cases, IaC capabilities and benefits, and how it compares to another popular IaC tool, Terraform. We’ll also explore how to use Ansible to manage Gcore Edge Cloud resources by running some test modules.

What Is Ansible?

Ansible is free, open-source software that offers excellent IaC capabilities. It enables you to automate various regularly performed IT tasks, such as infrastructure provisioning, application deployment, and configuration management. It’s one of the most popular IaC tools among DevOps engineers, system administrators, and developers—mainly because it is free, flexible, and easy to learn.

Ansible is a primarily declarative IaC tool:

1. You write an instruction called a playbook that describes the desired state of your infrastructure or application.
2. You run a command to inform Ansible of the new instruction.
3. Ansible reads it and changes the current state to the desired state.

This is a simplified description of the process; you’ll see it in more detail later.

The Ansible architecture includes four key components:

• A control node is a Linux host on which you install the Ansible package. A control node manages all your infrastructure components and connects to them over a network using SSH.
• Managed nodes are remote hosts or network devices that a control node manages.
• An inventory is a list of managed nodes that Ansible should know, such as a list of your remote servers.
• A playbook is a collection of tasks written in YAML, like creating virtual machines, updating software, or configuring network devices. A playbook activates small programs called modules, which run on managed nodes to perform the tasks. After completing the tasks, Ansible removes these modules from the managed nodes. For example, Gcore’s Ansible Collection is a set of modules for different tasks to perform with the Gcore Edge Cloud resources.

Here is an example of an Ansible playbook from Gcore’s Ansible Collection for creating a Virtual Machine in Gcore Edge Cloud:

---- name: Using gcore collection  hosts: localhost  tasks:    - gcore.cloud.instance:        names: ["my_new_vm"]        flavor: "g1-standard-1-2"        volumes: [{          'source': 'image',          'size': 10,          'type_name': 'standard',          'boot_index': 0,          'image_id': '9c440e4d-a157-4389-bb10-c53a72755356',          'delete_on_termination': False        }]        interfaces: [{"type": "external"}]        api_key: ...        api_host: ...        project_id: 111        region_id: 76        command: create

This playbook contains all the required characteristics of the VM, from its volume size to the region in which it should be created.

The most common way to manage Ansible is via the command line. But there is an alternative: the free, open-source web interface AWX. This option is helpful for managing complex, multi-tier Ansible deployments.

Ansible Use Cases

There are five common use cases for Ansible: infrastructure provisioning, configuration management, app deployment, managing Docker containers, and managing IoT devices. Let’s explore each of them in turn.

• Infrastructure provisioning: Create infrastructure components, like virtual machines in a provider’s cloud, on-premises servers, or network devices. For example, if you want to run a fleet of virtual machines (VMs) in the cloud using Ansible, simply create a playbook with required VM configurations and perform one command to run them all. This is much faster than the traditional approach of defining the configuration for each VM and manually running them one at a time.
• Configuration management: Configure and update infrastructure components and applications. It also ensures consistent configurations across different environments, which is helpful if you have a multi-cloud or hybrid infrastructure that combines cloud and on-premises components.
• Application deployment: Deploy and update a wide range of software, whether for engineers or regular users. In other words, everything you need to install on a VM or a server you can install with Ansible. Another advantage of Ansible is that you can customize it for any deployment by simply writing your own modules.
• Managing Docker containers: Manage the lifecycle of Docker containers when running them on any host, including your local desktop, VMs, or bare metal servers. Ansible can pull images from public or private registries to run containers.
• Managing IoT devices: Automate the process of setting up and configuring various components of an IoT infrastructure, including edge IoT devices. Ansible simplifies tasks such as deploying IoT software, configuring networks, and managing cloud-based IoT infrastructure. It can also be integrated with the Tasmota open-source firmware to streamline the management of ESP devices used in smart home solutions.

Key Ansible IaC Benefits

Ansible offers several benefits:

• Time-saving via the automation of routine, repetitive tasks such as infrastructure provisioning and configuration, reducing the effort required for manual setup. As a result, you can improve productivity and reduce labor costs.
• Consistency and reliability by defining and enforcing best practices for writing playbooks to manage your IT environment. For example, you can use version control and roles to keep playbooks well-organized or assign unique and meaningful names to variables. Ansible also ensures idempotently, meaning it only performs unique tasks and doesn’t repeat them if the system state hasn’t changed. All of this minimizes the risk of human error and increases infrastructure management efficiency.
• Scalability by enabling management of large infrastructures with hundreds of nodes. However, managing larger infrastructures consisting of thousands of nodes with Ansible can be challenging due to the lack of built-in state tracking and the inherent overhead of SSH connections.
• Orchestration capabilities since Ansible serves as a workflow engine that can orchestrate disparate systems to organize and automate tasks across applications, platforms, and providers. Ansible also allows for the precise ordering of tasks in playbooks, ensuring that tasks are executed in the correct order to achieve desired results.
• Ease of learning and use thanks to a minimalist and consistent design that poses a low learning curve for administrators, developers, and IT managers.

How Ansible Compares to Terraform, and Which to Choose

While Ansible and Terraform are both open-source tools for infrastructure automation and have overlapping IaC capabilities, they are designed to address different aspects of infrastructure management.

Terraform is primarily used for infrastructure provisioning and managing cloud resources, such as virtual machines, bare metal servers, and Kubernetes clusters. Many cloud providers, including Gcore, offer customers the ability to manage their cloud infrastructure with Terraform. Unlike Ansible, it has a built-in state management feature that tracks the state of cloud resources and automatically adjusts them to the state described in a configuration file. If you want to try Terraform to manage Gcore Edge Cloud resources, read our documentation.

Ansible is a multi-purpose IaC tool, helpful for both setup and ongoing infrastructure maintenance. You can use it for various automation tasks, also including infrastructure management. It’s widely used for automating configuration management, server provisioning, software updates, and other repetitive sysadmin tasks. Importantly, Ansible will only perform tasks after you ask it to do so. It lacks Terraform’s autonomous execution capacity.

The question of which tool to choose depends on factors including your use case and infrastructure management needs. Terraform is frequently the top choice for provisioning and managing new cloud infrastructure from the ground up. On the other hand, Ansible is good at managing configurations and automating everyday administrative operations. You can even combine both tools to leverage their individual strengths.

How to Use Ansible to Manage the Gcore Edge Cloud

Let’s see how to use Ansible in practice. We’ll install Ansible and run playbooks based on modules from Gcore’s Ansible Collection to manage cloud resources. Please note that Gcore’s Ansible Collection does not yet support some of the Ansible features mentioned above, such as container and IoT automation.

As an example setup, let’s use two virtual machines running Ubuntu:

• A control node on a local machine
• A managed node in Gcore Edge Cloud

Install Ansible on the Control Node

Ansible runs on Python, so you must first install Python on your control node if you haven’t yet. Run the following command using Terminal on the control node:

apt install python3-pip

Install Ansible:

pip install ansible

To be sure that all the necessary Ansible functions are available, run:

sudo apt install ansible-core

Create the project folder and name it as you wish:

mkdir ansible && cd ansible

Create a file inventory.ini and add to it the IP address of the managed node:

[myhosts]45.82.160.243

Verify the inventory:

ansible-inventory -i inventory.ini --list

If everything is set up correctly, the result should look like this:

{    "_meta": {        "hostvars": {}    },    "all": {        "children": [            "ungrouped",            "myhosts"        ]    },    "myhosts": {        "hosts": [            "45.82.160.243"        ]    }}

Note: You may see an output like this:

Traceback (most recent call last):  File "/usr/bin/ansible-inventory", line 66, in <module>    from ansible.utils.display import Display, initialize_localeImportError: cannot import name 'initialize_locale' from 'ansible.utils.display' (/home/ubuntu/.local/lib/python3.10/site-packages/ansible/utils/display.py)

In such a situation, use the following solution:

sudo pacman -R ansibleexport PATH="$HOME/.local/bin/:$PATH"pip install ansibleansible --version

Then, verify the inventory again:

ansible-inventory -i inventory.ini --list

Next, to manage your remote VM, you must establish an SSH connection with it using your private SSH key. It can be an existing SSH key pair or you can generate a new one, following our instructions. If it’s a new SSH pair, don’t forget to add the necessary permissions for your private key:

chmod 600 ~/.ssh/gcore.pem

Note that you must use your private key instead of gcore.pem.

Add the private key path to the inventory file so that Ansible won’t ask it each time you communicate with your managed node:

[myhosts]45.82.160.243 ansible_ssh_private_key_file=/home/ubuntu/.ssh/gcore.pem

Ping the managed node:

ansible myhosts -m ping -i inventory.ini45.82.160.243 | SUCCESS => {    "ansible_facts": {        "discovered_interpreter_python": "/usr/bin/python3"    },    "changed": false,    "ping": "pong"}

The Ansible setup is ready!

Install Gcore’s Ansible Collection

To install Gcore’s Ansible Collection, run the command:

ansible-galaxy collection install gcore.cloud

The Ansible Galaxy documentation contains multiple modules for managing different Gcore Edge Cloud resources. For example, there are modules to manage Virtual Instances, Load Balancers, and Volumes. Let’s perform four simple tests to understand how these modules work:

• Reboot the managed node
• Extend the volume of the managed node
• Create a snapshot of the managed node volume
• Create a new instance from the snapshot

Reboot the Managed Node

Here’s how the template to reboot an instance looks:

- name: Reboot instance  gcore.cloud.instance:    api_key: "{{ api_key }}"    region_id: "{{ region_id }}"    project_id: "{{ project_id }}"    command: reboot    instance_id: "{{ instance_id }}"

Instead of {{<...>}}, enter your actual values:

• api_key is similar to an API token you can create in a few clicks in the Gcore Customer Portal.
• region_id is the ID of the location where your managed node is running; you can find it using an API request or via the Gcore Customer Portal. Instead of region ID, you can use a region name in the string format: region_name: "Luxembourg-2".
• project_id is the ID of your project; find it in the Gcore Customer Portal near the project name.
• Instance_id is the instance ID; find it in your VM settings in the Gcore Customer Portal or via API.

So, in our case, the playbook looks as follows:

---- name: Using gcore collection  hosts: myhosts  tasks:   - name: Reboot instance     gcore.cloud.instance:       api_key: "10776$1c4899765fd8811a01a34207<...>"       region_id: "76"       project_id: "344528"       command: reboot       instance_id: "86024ff4-e7d3-43e2-9e2e-5e47f96a02cb"

Let’s run it:

ansible-playbook -i inventory.ini rebootinstance.ymlPLAY [Using gcore collection] *****************************************************************************************TASK [Gathering Facts] ************************************************************************************************ok: [45.82.160.243]TASK [Reboot instance] ************************************************************************************************ok: [45.82.160.243]PLAY RECAP ************************************************************************************************************45.82.160.243              : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Success.

We can also check if the instance is rebooting in real time with the ping running in another terminal window:

The Request timeout <…> series shows the period of time when the VM was rebooting.

Extend the Volume of the Managed Node

Now, let’s extend the volume of our VM, which is currently 5 GB:

Here is the playbook extendvolume.yml, where we define the new size of the volume, 10 GB:

---- name: Using gcore collection  hosts: myhosts  tasks:   - name: Extend existing volume     gcore.cloud.volume:       api_key: "10776$1c4899765fd8811a01a34207<...>"       region_id: "76"       project_id: "344528"       command: extend       volume_id: "e7cdc7bb-8703-4627-bc95-bcfeb0bae34e"       size: 10

Run the playbook:

ansible-playbook -i inventory.ini extendvolume.ymlPLAY [Using gcore collection] *****************************************************************************************TASK [Gathering Facts] ************************************************************************************************ok: [45.82.160.243]TASK [Extend existing volume] *****************************************************************************************ok: [45.82.160.243]PLAY RECAP ************************************************************************************************************45.82.160.243              : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Done!

In a few seconds, you’ll see the changes applied in the Gcore Customer Portal:

Create a Snapshot of the Managed Node Volume

Let’s prepare a playbook for our snapshot:

---- name: Using gcore collection  hosts: myhosts  tasks:   - name: Create new snapshot     gcore.cloud.volume_snapshot:       api_key: "10776$1c4899765fd8811a01a34207<...>"       region_id: "76"       project_id: "344528"       command: create       volume_id: "e7cdc7bb-8703-4627-bc95-bcfeb0bae34e"       name: "test-snap"       description: "after boot"

Run it:

ansible-playbook -i inventory.ini newsnapshot.ymlPLAY [Using gcore collection] *********************************************************************************TASK [Gathering Facts] ****************************************************************************************ok: [45.82.160.243]TASK [Create new snapshot] ************************************************************************************ok: [45.82.160.243]PLAY RECAP ****************************************************************************************************45.82.160.243              : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Done!

We can check that the new snapshot has appeared in the snapshots list in the Gcore Customer Portal:

Create a New Instance from the Snapshot

Finally, let’s use this snapshot to create a new VM:

---- name: Using gcore collection  hosts: localhost  tasks:   - name: Create instance from snapshot     gcore.cloud.instance:       api_key: "10776$1c4899765fd8811a01a34207<...>"       region_id: "76"       project_id: "344528"       command: create       names: []       flavor: g1-standard-1-2       volumes: [{           'source': 'snapshot',           'snapshot_id': '190f8f18-e1bc-4c03-838e-fdc8708b4e44',           'size': 10,           'boot_index': 0,       }]       interfaces: [{           'type': 'external'       }]

Run it:

ansible-playbook -i inventory.ini createinstance.ymlPLAY [Using gcore collection] *********************************************************************************TASK [Gathering Facts] ****************************************************************************************ok: [localhost]TASK [Create instance from snapshot] **************************************************************************ok: [localhost]PLAY RECAP ****************************************************************************************************localhost                  : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Success.

In a few seconds, the new instance will appear in the Gcore Customer Portal:

Add this instance to your inventory, establish an SSH connection, and get a new managed node.

Conclusion

Ansible is a convenient and simple tool with powerful IaC capabilities to automate routine engineering tasks, such as infrastructure provisioning and configuration management. Now, you can use Ansible to automate these tasks when managing Gcore Edge Cloud.

The Ansible integration expands our cloud management tools suite, which also includes the Gcore Customer Portal, API, and Terraform. This new integration reinforces our goals of managing your cloud resources more easily and ensuring you have a great experience using Gcore services.

Try Gcore Edge Cloud