Ansible Tower | Why you should use it
Ansible has made Infrastructure as Code popular with businesses of all sizes. While its simplicity helps getting into it very quickly it does not scale very well. Even within a small team we can quickly run into limitations.
Getting started with Ansible is extremely simple. Install the package, write a short playbook and use ansible-playbook
to run it. That takes just a couple of minutes and is useful even for a single machine at home.
When I started working with Ansible about 5 years ago we used a centralized Ansible server where we created and ran our playbooks. The team in charge of it was just another colleague and me. Nevertheless we quickly noticed that our simple approach got us a lot of disadvantages. Whenever we checked out our dev branch we were no longer able to run playbooks on our production servers anymore. Code reviews had to happen on a peer to peer basis. We were not able to write code independently from each other. But the most important thing was that other colleagues were hesitant using Ansible as they were afraid of “doing something wrong on the commandline”. Our automation was regarded as some kind of private project even though the customer had paid for it. We knew that Ansible Tower would have been very beneficial but obviously no one was willing to buy a license. As far as I know this company still manages the rest of their infrastructure manually.
Fortunately nowadays there is a free version of Ansible Tower available called AWX. License costs are no longer an excuse not to try it. While Ansible is a great piece of software Tower/AWX takes the whole thing to a new level.
Ansible Tower privodes visibility
When skimming through the feature list of Tower it often looks like it is useful within large organizations only. Things like RBAC, compliance and multi tiered responsibilities are not common among small and mid sized companies. As RedHat puts the focus solely on those features with their marketing they completely may miss out one of main selling points which is visibility. Let me explain that further.
Visual
I am an advocate for IT Automation for over a decade now. What I experienced over the years over and over again is that most people know that they should automate their businesses yet few of them really do. Their knowing does not get them going. Why is that? Most often the alternative to automation is a short term opportunity to make money. Of course this is far more emotional than knowing they should do IT Automation. Knowing is purely unemotional, it only happens within our heads. In order to understand we have to be willing to open our heart. Understanding means that there are feelings attached to it.
Have you ever watched the opening ceremony of a new factory? Some VIP gets the whole thing going by the press of a single button. The very moment he presses the button he triggers emotions within everyone witnessing the ceremony. Out of a sudden everyone understands what he was working for all the time. This is why this moment is so important.
Think about a ceremony where your CEO launches a template in AWX that sets up an entire cloud infrastructure with Ansible and Terraform. Think about how that changes what everyone in that organization feels about automation. The CEO will buy a Tower license as soon as he gets back to his desk.
People who are at home on the command line understand the power of Automation immediately when they run their first playbook. But let’s face it, most people even in the IT Business are non technical people. Even a lot of developers hesitate to open a terminal if they don’t have to.
Tower/AWX makes IT Automation accessible to everyone in your organization. And that is essential to help them to understand the power of automation rather than just knowing it.
Technical
Besides the visual/emotional part there is another important aspect that is often neglected. Once we got our organization to understand the importance of automation we must go on and automate even the provisioning of our infrastructure. In order to that we need technical visibility. What I mean by technical visibility is that one system is able to communicate with another one. Only that allows us to unleash the real power of automation. Ansible Tower/AWX provides both a REST APIs and webhooks that can trigger templates automatically from a CI pipeline. How does that change the experience of a web developer if a git push does not only trigger a pipeline that does deploys the application but also sets up the necessary infrastructure.
Oh, and by the way: As we went over the difference between knowing and understanding. Reading this article can only help to know those things. But it does not help with understanding. If you are willing to understand Tower/AWX you have to go try it. Either go to https://www.ansible.com/products/tower or https://github.com/ansible/awx.
Thank you for your understanding!