Cisco NX-OS and Ansible
Another IaC platform is Ansible. Created by Michael DeHaan and acquired by Red Hat in 2015, Ansible is an open source, agentless tool for software provisioning, configuration management, and application deployment. The operation of Ansible is interesting and different from tools like Puppet, which require agents. With Ansible, there are no agents on the managed devices. Instead, the Ansible control node connects to the managed device via SSH and then installs and runs modules to execute the needed tasks temporarily. At the end, the processes are terminated, and no processes are left running. This approach makes it a lighter option for the end devices and does not consume resources before and after.
Ansible uses a declarative approach by defining the desired state of the managed device. The tasks are organized in playbooks, which are executed against the managed nodes. When it comes to the nodes, the control node(s) have the task of managing the target nodes. The control nodes are only supported on Linux at this time. The managed nodes, or the target nodes, are described in inventory files in order for the control node to know how to connect. One requirement for the managed nodes is to have Python installed. The control nodes use a push model, which means they initiate the communication with the target nodes.
Regarding the logical components of Ansible, we have the following:
- Playbooks: Lists of tasks to be performed on the target nodes, written in YAML.
- Inventory files: Define the target nodes, as we can organize them hierarchically using groups.
- Templates: Generate configurations using the information from the inventory files. This helps with generating faster configuration for larger environments.
- Roles: Allow specific, commonly used tasks with properties to be organized into a role and then reused.
There is support for Ansible in Cisco NX-OS, which makes it a very convenient tool for network automation, configuration management, orchestration, and deployment for the Cisco Nexus switches and the Cisco UCS.
Red Hat Ansible Automation Platform, with the automation controller (formerly Ansible Tower), allows the IT and DevOps teams to define, operate, manage, and control access to the automation tasks at a centralized place. For up to 10 users, Ansible is free to use and test, and it offers a web UI and REST API.