We recently released the Ansible Galaxy Collection for Gcore Edge Cloud. This is a set of modules and plugins to automate the management of our Edge Cloud services using Ansible. In this article, weāll look closer at Ansible, its use cases, IaC capabilities and benefits, and how it compares to another popular IaC tool, Terraform. Weāll also explore how to use Ansible to manage Gcore Edge Cloud resources by running some test modules.
What Is Ansible?
Ansible is free, open-source software that offers excellent IaC capabilities. It enables you to automate various regularly performed IT tasks, such as infrastructure provisioning, application deployment, and configuration management. Itās one of the most popular IaC tools among DevOps engineers, system administrators, and developersāmainly because it is free, flexible, and easy to learn.
Ansible is a primarily declarative IaC tool:
- You write an instruction called a playbook that describes the desired state of your infrastructure or application.
- You run a command to inform Ansible of the new instruction.
- Ansible reads it and changes the current state to the desired state.
This is a simplified description of the process; youāll see it in more detail later.
The Ansible architecture includes four key components:
- A control node is a Linux host on which you install the Ansible package. A control node manages all your infrastructure components and connects to them over a network using SSH.
- Managed nodes are remote hosts or network devices that a control node manages.
- An inventory is a list of managed nodes that Ansible should know, such as a list of your remote servers.
- A playbook is a collection of tasks written in YAML, like creating virtual machines, updating software, or configuring network devices. A playbook activates small programs called modules, which run on managed nodes to perform the tasks. After completing the tasks, Ansible removes these modules from the managed nodes. For example, Gcoreās Ansible Collection is a set of modules for different tasks to perform with the Gcore Edge Cloud resources.
Here is an example of an Ansible playbook from Gcoreās Ansible Collection for creating a Virtual Machine in Gcore Edge Cloud:
---
- name: Using gcore collection
hosts: localhost
tasks:
- gcore.cloud.instance:
names: ["my_new_vm"]
flavor: "g1-standard-1-2"
volumes: [{
'source': 'image',
'size': 10,
'type_name': 'standard',
'boot_index': 0,
'image_id': '9c440e4d-a157-4389-bb10-c53a72755356',
'delete_on_termination': False
}]
interfaces: [{"type": "external"}]
api_key: ...
api_host: ...
project_id: 111
region_id: 76
command: create
This playbook contains all the required characteristics of the VM, from its volume size to the region in which it should be created.
The most common way to manage Ansible is via the command line. But there is an alternative: the free, open-source web interface AWX. This option is helpful for managing complex, multi-tier Ansible deployments.
Ansible Use Cases
There are five common use cases for Ansible: infrastructure provisioning, configuration management, app deployment, managing Docker containers, and managing IoT devices. Letās explore each of them in turn.
- Infrastructure provisioning: Create infrastructure components, like virtual machines in a providerās cloud, on-premises servers, or network devices. For example, if you want to run a fleet of virtual machines (VMs) in the cloud using Ansible, simply create a playbook with required VM configurations and perform one command to run them all. This is much faster than the traditional approach of defining the configuration for each VM and manually running them one at a time.
- Configuration management: Configure and update infrastructure components and applications. It also ensures consistent configurations across different environments, which is helpful if you have a multi-cloud or hybrid infrastructure that combines cloud and on-premises components.
- Application deployment: Deploy and update a wide range of software, whether for engineers or regular users. In other words, everything you need to install on a VM or a server you can install with Ansible. Another advantage of Ansible is that you can customize it for any deployment by simply writing your own modules.
- Managing Docker containers: Manage the lifecycle of Docker containers when running them on any host, including your local desktop, VMs, or bare metal servers. Ansible can pull images from public or private registries to run containers.
- Managing IoT devices: Automate the process of setting up and configuring various components of an IoT infrastructure, including edge IoT devices. Ansible simplifies tasks such as deploying IoT software, configuring networks, and managing cloud-based IoT infrastructure. It can also be integrated with the Tasmota open-source firmware to streamline the management of ESP devices used in smart home solutions.
Key Ansible IaC Benefits
Ansible offers several benefits:
- Time-saving via the automation of routine, repetitive tasks such as infrastructure provisioning and configuration, reducing the effort required for manual setup. As a result, you can improve productivity and reduce labor costs.
- Consistency and reliability by defining and enforcing best practices for writing playbooks to manage your IT environment. For example, you can use version control and roles to keep playbooks well-organized or assign unique and meaningful names to variables. Ansible also ensures idempotently, meaning it only performs unique tasks and doesnāt repeat them if the system state hasnāt changed. All of this minimizes the risk of human error and increases infrastructure management efficiency.
- Scalability by enabling management of large infrastructures with hundreds of nodes. However, managing larger infrastructures consisting of thousands of nodes with Ansible can be challenging due to the lack of built-in state tracking and the inherent overhead of SSH connections.
- Orchestration capabilities since Ansible serves as a workflow engine that can orchestrate disparate systems to organize and automate tasks across applications, platforms, and providers. Ansible also allows for the precise ordering of tasks in playbooks, ensuring that tasks are executed in the correct order to achieve desired results.
- Ease of learning and use thanks to a minimalist and consistent design that poses a low learning curve for administrators, developers, and IT managers.
How Ansible Compares to Terraform, and Which to Choose
While Ansible and Terraform are both open-source tools for infrastructure automation and have overlapping IaC capabilities, they are designed to address different aspects of infrastructure management.
Terraform is primarily used for infrastructure provisioning and managing cloud resources, such as virtual machines, bare metal servers, and Kubernetes clusters. Many cloud providers, including Gcore, offer customers the ability to manage their cloud infrastructure with Terraform. Unlike Ansible, it has a built-in state management feature that tracks the state of cloud resources and automatically adjusts them to the state described in a configuration file. If you want to try Terraform to manage Gcore Edge Cloud resources, read our documentation.
Ansible is a multi-purpose IaC tool, helpful for both setup and ongoing infrastructure maintenance. You can use it for various automation tasks, also including infrastructure management. Itās widely used for automating configuration management, server provisioning, software updates, and other repetitive sysadmin tasks. Importantly, Ansible will only perform tasks after you ask it to do so. It lacks Terraformās autonomous execution capacity.
The question of which tool to choose depends on factors including your use case and infrastructure management needs. Terraform is frequently the top choice for provisioning and managing new cloud infrastructure from the ground up. On the other hand, Ansible is good at managing configurations and automating everyday administrative operations. You can even combine both tools to leverage their individual strengths.
How to Use Ansible to Manage the Gcore Edge Cloud
Letās see how to use Ansible in practice. Weāll install Ansible and run playbooks based on modules from Gcoreās Ansible Collection to manage cloud resources. Please note that Gcoreās Ansible Collection does not yet support some of the Ansible features mentioned above, such as container and IoT automation.
As an example setup, letās use two virtual machines running Ubuntu:
- A control node on a local machine
- A managed node in Gcore Edge Cloud
Install Ansible on the Control Node
Ansible runs on Python, so you must first install Python on your control node if you havenāt yet. Run the following command using Terminal on the control node:
apt install python3-pip
Install Ansible:
pip install ansible
To be sure that all the necessary Ansible functions are available, run:
sudo apt install ansible-core
Create the project folder and name it as you wish:
mkdir ansible && cd ansible
Create a file inventory.ini and add to it the IP address of the managed node:
[myhosts] 45.82.160.243
Verify the inventory:
ansible-inventory -i inventory.ini --list
If everything is set up correctly, the result should look like this:
{
"_meta": {
"hostvars": {}
},
"all": {
"children": [
"ungrouped",
"myhosts"
]
},
"myhosts": {
"hosts": [
"45.82.160.243"
]
}
}
Note: You may see an output like this:
Traceback (most recent call last):
File "/usr/bin/ansible-inventory", line 66, in <module>
from ansible.utils.display import Display, initialize_locale
ImportError: cannot import name 'initialize_locale' from 'ansible.utils.display' (/home/ubuntu/.local/lib/python3.10/site-packages/ansible/utils/display.py)
In such a situation, use the following solution:
sudo pacman -R ansible export PATH="$HOME/.local/bin/:$PATH" pip install ansible ansible --version
Then, verify the inventory again:
ansible-inventory -i inventory.ini --list
Next, to manage your remote VM, you must establish an SSH connection with it using your private SSH key. It can be an existing SSH key pair or you can generate a new one, following our instructions. If itās a new SSH pair, donāt forget to add the necessary permissions for your private key:
chmod 600 ~/.ssh/gcore.pem
Note that you must use your private key instead of gcore.pem.
Add the private key path to the inventory file so that Ansible wonāt ask it each time you communicate with your managed node:
[myhosts] 45.82.160.243 ansible_ssh_private_key_file=/home/ubuntu/.ssh/gcore.pem
Ping the managed node:
ansible myhosts -m ping -i inventory.ini
45.82.160.243 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
The Ansible setup is ready!
Install Gcoreās Ansible Collection
To install Gcoreās Ansible Collection, run the command:
ansible-galaxy collection install gcore.cloud
The Ansible Galaxy documentation contains multiple modules for managing different Gcore Edge Cloud resources. For example, there are modules to manage Virtual Instances, Load Balancers, and Volumes. Letās perform four simple tests to understand how these modules work:
- Reboot the managed node
- Extend the volume of the managed node
- Create a snapshot of the managed node volume
- Create a new instance from the snapshot
Reboot the Managed Node
Hereās how the template to reboot an instance looks:
- name: Reboot instance
gcore.cloud.instance:
api_key: "{{ api_key }}"
region_id: "{{ region_id }}"
project_id: "{{ project_id }}"
command: reboot
instance_id: "{{ instance_id }}"
Instead of {{<...>}}, enter your actual values:
api_keyis similar to an API token you can create in a few clicks in the Gcore Customer Portal.region_idis the ID of the location where your managed node is running; you can find it using an API request or via the Gcore Customer Portal. Instead of region ID, you can use a region name in the string format:region_name: "Luxembourg-2".project_idis the ID of your project; find it in the Gcore Customer Portal near the project name.Instance_idis the instance ID; find it in your VM settings in the Gcore Customer Portal or via API.
So, in our case, the playbook looks as follows:
---
- name: Using gcore collection
hosts: myhosts
tasks:
- name: Reboot instance
gcore.cloud.instance:
api_key: "10776$1c4899765fd8811a01a34207<...>"
region_id: "76"
project_id: "344528"
command: reboot
instance_id: "86024ff4-e7d3-43e2-9e2e-5e47f96a02cb"
Letās run it:
ansible-playbook -i inventory.ini rebootinstance.yml PLAY [Using gcore collection] ***************************************************************************************** TASK [Gathering Facts] ************************************************************************************************ ok: [45.82.160.243] TASK [Reboot instance] ************************************************************************************************ ok: [45.82.160.243] PLAY RECAP ************************************************************************************************************ 45.82.160.243 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Success.
We can also check if the instance is rebooting in real time with the ping running in another terminal window:
The Request timeout <ā¦> series shows the period of time when the VM was rebooting.
Extend the Volume of the Managed Node
Now, letās extend the volume of our VM, which is currently 5 GB:
Here is the playbook extendvolume.yml, where we define the new size of the volume, 10 GB:
---
- name: Using gcore collection
hosts: myhosts
tasks:
- name: Extend existing volume
gcore.cloud.volume:
api_key: "10776$1c4899765fd8811a01a34207<...>"
region_id: "76"
project_id: "344528"
command: extend
volume_id: "e7cdc7bb-8703-4627-bc95-bcfeb0bae34e"
size: 10
Run the playbook:
ansible-playbook -i inventory.ini extendvolume.yml PLAY [Using gcore collection] ***************************************************************************************** TASK [Gathering Facts] ************************************************************************************************ ok: [45.82.160.243] TASK [Extend existing volume] ***************************************************************************************** ok: [45.82.160.243] PLAY RECAP ************************************************************************************************************ 45.82.160.243 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Done!
In a few seconds, youāll see the changes applied in the Gcore Customer Portal:
Create a Snapshot of the Managed Node Volume
Letās prepare a playbook for our snapshot:
---
- name: Using gcore collection
hosts: myhosts
tasks:
- name: Create new snapshot
gcore.cloud.volume_snapshot:
api_key: "10776$1c4899765fd8811a01a34207<...>"
region_id: "76"
project_id: "344528"
command: create
volume_id: "e7cdc7bb-8703-4627-bc95-bcfeb0bae34e"
name: "test-snap"
description: "after boot"
Run it:
ansible-playbook -i inventory.ini newsnapshot.yml PLAY [Using gcore collection] ********************************************************************************* TASK [Gathering Facts] **************************************************************************************** ok: [45.82.160.243] TASK [Create new snapshot] ************************************************************************************ ok: [45.82.160.243] PLAY RECAP **************************************************************************************************** 45.82.160.243 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Done!
We can check that the new snapshot has appeared in the snapshots list in the Gcore Customer Portal:
Create a New Instance from the Snapshot
Finally, letās use this snapshot to create a new VM:
---
- name: Using gcore collection
hosts: localhost
tasks:
- name: Create instance from snapshot
gcore.cloud.instance:
api_key: "10776$1c4899765fd8811a01a34207<...>"
region_id: "76"
project_id: "344528"
command: create
names: []
flavor: g1-standard-1-2
volumes: [{
'source': 'snapshot',
'snapshot_id': '190f8f18-e1bc-4c03-838e-fdc8708b4e44',
'size': 10,
'boot_index': 0,
}]
interfaces: [{
'type': 'external'
}]
Run it:
ansible-playbook -i inventory.ini createinstance.yml PLAY [Using gcore collection] ********************************************************************************* TASK [Gathering Facts] **************************************************************************************** ok: [localhost] TASK [Create instance from snapshot] ************************************************************************** ok: [localhost] PLAY RECAP **************************************************************************************************** localhost : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Success.
In a few seconds, the new instance will appear in the Gcore Customer Portal:
Add this instance to your inventory, establish an SSH connection, and get a new managed node.
Conclusion
Ansible is a convenient and simple tool with powerful IaC capabilities to automate routine engineering tasks, such as infrastructure provisioning and configuration management. Now, you can use Ansible to automate these tasks when managing Gcore Edge Cloud.
The Ansible integration expands our cloud management tools suite, which also includes the Gcore Customer Portal, API, and Terraform. This new integration reinforces our goals of managing your cloud resources more easily and ensuring you have a great experience using Gcore services.
