Orchestrate and Automate Your Microsoft Azure
Category: Articles On 27-03-2018
Easy Automation of the Microsoft Azure
Many organizations today are deploying their workloads on a public cloud. Also, the new applications have been developed directly for the cloud, so the companies need to provide a persistent customer experience and proper management approach for both cloud and on premise applications. There is a tool on the market – Ansible, which enables software automation and configuration, so the companies can apply its descriptions in order to automate their workloads in Microsoft Azure.
Azure supports clients’ efforts to apply hybrid cloud in the areas of infrastructure, user identity and management. By applying Ansible to automate their Azure services – the companies will get ability to run workloads where they fit best.
One Automation – Multiple Deployment
Ansible provides set of Azure modules in order to easier management of instances, networks, and other Azure infrastructure for all organizations and all regions. The company can apply playbook language for application deployment and on premise automation, but it can also define the Azure infrastructure, applying the right configuration.
If a company applies Ansible to define its application locally, it can deploy the same application multiple times. Re-deploying application in a different infrastructure will be easy as defining an Azure environment and then applying application’s Playbook. Ansible can provide features and flexibility, ensuring company’s Azure deployments to work seamlessly in a hybrid cloud configuration – easy as building a single system.
Services, Platforms and Applications
Azure hosts different platforms (not only Windows), and Ansible can automate all of them. Ansible’s purpose is inherently for the cloud deployments, and it can provide the companies to provision different sets of Azure cloud services. No matter of the type of the application: simple 3-tier application, or a complex set of virtual private clouds, services, and applications; the Azure environments can be described in Ansible Playbooks, and then scaled out in multiple locations.
Ansible provides modules for different Azure capabilities, as for – storages, resource groups, security groups, virtual machines and networks, resource templated deployments etc. It also provides large number of additional modules that enable companies to manage all aspects of their Linux, Windows, UNIX, network infrastructure, and applications – regardless of the location.
When the infrastructure and the teams are growing, the company should restrict users’ ability to modify certain environments. In this case they can use Red Hat Ansible Tower which provides enterprise framework for control, securing and managing Ansible automation, using an UI and RESTful API.
Ansible Tower provides large set of role-based access controls that ensures users will only have access to the Azure resources (networks, systems, security groups, etc.) that are needed for their job. Also, Ansible Tower encrypts certificates – e.g. Azure and SSH keys so users can delegate simple automation jobs to junior employees without giving the ‘main keys’.
Configuration management – Ansible simply describes the company’s infrastructure (in text format and machine-parsable) – ensuring that all team members understand the meaning of each configuration task. New team members will be able to understand the doc and get involved. Ansible provides state-driven resource model that describes the desired state of computer systems and services, not the paths to get them to this state. Regardless of the state a system is in, Ansible understands how to transform it to the desired state (and also supports a ‘dry run’ mode to display needed changes). This enables reliable and repeatable IT infrastructure configuration, avoiding the potential failures from scripting and script-based solutions that describe explicit and often irreversible actions – instead of desired goal. Finally, Ansible uses Open SSH secure protocol for all platforms, without usage of remote agents.
Provisioning – regardless of the tool for datacenter management (Red Hat Satellite, Cobbler etc.) – the companies can integrate Ansible in a simple way, by adding just few lines of code in OS boot sequence. Ansible offers big library of built-in modules, and its extensibility enable users to use the same simple playbook language not just for configuring the servers, but also for all networks, firewalls, etc. No matter the type of virtualization – e.g. VMware, private cloud like OpenStack, or public cloud infrastructure like Amazon AWS or Microsoft Azure, Ansible ‘s cloud support makes it easy to provision instances, networks, and other services. Users can apply Playbook language in provision their infrastructure, and then apply configuration to it. So – they can deploy easily their infrastructure across public, private, or hybrid cloud.
Continuous delivery – automation is key factor in continuous delivery – but it can be complex. The teams will need tools that enable quick turnaround, requiring low human involvement. Here comes Ansible that provides easy path to continuous delivery in the industry. Ansible’s push architecture enables detailed control over operations, ability to orchestrate configuration of servers in batches, all while working with load balancers, monitoring systems, and cloud or web services. Also, companies can migrate a database schema and flush the caching servers prior to updating application servers by running one simple play. Ansible can be used for networks, load balancers, monitoring systems, web services and other devices that might need touching during a rolling update. For example, users can add or remove servers from their load balancing pool and disable monitoring alerts for each machine that is being updated.
App deployment – Ansible provides simple way for application deployment. It allows companies to deploy multi-tier applications reliably and consistently, all from one common framework. The needed services and push application artifacts – can be configured from one common point. Ansible uses Playbooks that are descriptions of the desired state of the systems, which are usually kept in source control. Ansible also does the hard work of getting the systems to that state regardless what state they are currently in. Playbooks will do the installations, upgrades and day-to-day management repeatable and reliable. Ansible offers agentless design, so it can be introduced into all environments without any bootstrapping of remote systems or opening up additional ports. And it is cloud ready – by injecting SSH keys.
Orchestration – Modern companies have complex deployments and many problems. They possess clustered applications, several datacenters, public, private and hybrid clouds and applications with complex dependencies. That’s why they need Ansible – as a tool that can orchestrate all complex tasks simply. An orchestration tool is needed that will ensure all these tasks happen in the proper order – that the database is up before the backend server, that the frontend server is removed from the load balancer before it’s upgraded, that networks have their proper VLANs configured. Ansible offers easy syntax and task-based nature makes orchestrating these tasks easy. Ansible is applied to orchestrate OpenStack rollouts and big players like Rackspace, CSC, HP, Cisco and IBM rely on Ansible to keep their OpenStack clouds available simply and securely.
Security and Compliance – In today’s global environment – the security issue is a top priority. Ansible as an automation tools can enable the security you need in a simple, consistent, manner, allowing users to concentrate on other things. Ansible uses easy Playbook syntax in order to secure any part of the system, such as setting firewall rules, locking down users and groups, or applying custom security policies. Ansible provides batch of over 750 included automation modules, allowing users to perform tasks without complex scripting. To provide compliance – Ansible can apply automation procedures once and use them across the entire infrastructure. After defining the security configuration, the users should be able to verify it, and enable it on a consistent basis. Ansible inherent nature is to provide users to repeatedly apply the same configuration (automation of tasks).
Cxrus Solutions is the leading end-to-end Enterprise IT Solutions Provider in Asia Pacific. Our core services include Digital Transformation, Flexible (Cloud) Infrastructure Solutions and Open Source Solutions. As Red Hat Advanced partner since 2006 – we have proven track record in deploying automation and DevOps tools for telecoms and enterprises. Our solutions provide reliability and high quality; they are based on the latest business technology, implementation, support, maintenance, and permanent monitoring and upgrade.
In October 2017 Cxrus Solutions has announced it has won the 2017 Microsoft Open Source on Azure Partner of the Year Award. The company was honored among a global field of top Microsoft partners for demonstrating excellence in innovation and implementation of customer solutions based on Microsoft technology. The Microsoft Partner of the Year Awards recognize Microsoft partners that have developed and delivered exceptional Microsoft-based solutions during the past year.
3 months ago / No Comments